Sujet Précédent Sujet Suivant

Trojan !

KEROZ3N -  
 Utilisateur anonyme -
Bonjour,

Je me suit fait hacker mon compte steam il y a 2heures maintenant , ceci je m'en fiche il coute que 20€ mais j'ai peur pour mon pc j'ai donc fait un rapport HijackThis que je vous poste ici , merci de votre compréhension de de votre futur aide :)

Rapport :

http://www.bitdefender.fr/scan_fr/scan8/ie.htmlLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:48:40, on 30/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\nvscv32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Program Files\Mumble\mumble.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\ritchi\Bureau\HiJackThis.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.shareware.pro/misc/search.htm/fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ask.com/?o=13166&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.shareware.pro/misc/search.htm/fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shareware.pro/misc/search.htm/fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray (User 'Default user')
O4 - Startup: AutoClick.lnk = C:\Program Files\AutoClick\AutoClick.exe
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
A voir également:

55 réponses

Précédent
Réponse 21 / 55
KEROZ3N Messages postés 53 Statut Membre
 
Bah , si je n'ai pas cet option la vu qu'elle est juste sur Vista ...
0
Réponse 22 / 55
KEROZ3N Messages postés 53 Statut Membre
 
Tu t'es endormi sur le clavier ? x)
0
Réponse 23 / 55
KEROZ3N Messages postés 53 Statut Membre
 
Upp ! personne d'autre pour prendre la reléve de Gen-hackman ? Merci
0
Réponse 24 / 55
Utilisateur anonyme
 
qu'elle est juste sur Vista .= Faux !

elle existe aussi sur XP si tu n as ps de compte administtrateur
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 55
KEROZ3N Messages postés 53 Statut Membre
 
D'accord je ne savais pas , mais hier je t'ai dit que j'été sur la session Administrateur donc je n'ai pas cet fonction ? Que dois-je faire ?

Merci
0
Réponse 26 / 55
Utilisateur anonyme
 
Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau :

ou :ZHPDiag

!! déconnecte toi et ferme toutes tes applications en cours !!

* Clique droit sur le .zip que tu viens de télécharger et choisis " extraire tout " sur ton bureau ...

* Double-clique sur "ZHPDiag.exe" pour lancer l'outil :

> Clique sur le bouton " Tous " ( important ).

> puis clique sur le bouton de "la loupe" pour lancer le scan .

Laisses travailler l'outil ...

> Une fois terminé , le rapport s'affiche : clique sur bouton "appareil photo" pour sauvegarder le rapport obtenu ...

Enregistres bien ZHPDiag.txt de façon à le retrouver facilement ( sur le bureau par exemple ).

Puis ferme le programme ...

Enfin , fais un copier/coller du contenu du rapport sauvegardé dans ta prochaine réponse pour analyse ...
0
Réponse 27 / 55
KEROZ3N
 
Voila j'ai fait ce que tu m'a dit , voici le rapport :

Rapport de ZHPDiag v1.21 par Nicolas Coolman
Enregistré le 30/06/2009 18:35:48
Platform : Microsoft Windows XP (5.1.2600) Service Pack 2
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.10)

---\\ Processus lancés
nwiz.exe
C:\WINDOWS\system32\winsys2.exe
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Microsoft LifeCam\LifeExp.exe
C:\WINDOWS\vVX1000.exe
rundll32.exe
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\PROGRA~1\Wanadoo\GestMaj.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\Shell.exe
c:\program files\orange\media player\Media Player.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\MsPMSPSv.exe

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: Shell=explorer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ask.com/?o=13166&l=dis
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shareware.pro/misc/search.htm/fr

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.shareware.pro/misc/search.htm/fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.shareware.pro/misc/search.htm/fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\media player\Media Player.exe /systray
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\policies\Explorer: [NoRemoteRecursiveEvents] Data="1"
O4 - HKLM\..\policies\Explorer: [NoLowDiskSpaceChecks] Data="1"
O4 - HKLM\..\policies\Explorer: [NoSimpleStartMenu] Data="0"
O4 - HKLM\..\policies\Explorer: []
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun]
O4 - HKLM\..\policies\Explorer: [NoCDBurning] Data="0"

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access (Creative Service for CDROM Access) - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: MSCamSvc (MSCamSvc) - C:\Program Files\Microsoft LifeCam\MSCamS32.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing (ProtexisLicensing) - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: WMDM PMSP Service (WMDM PMSP Service) - C:\WINDOWS\system32\MsPMSPSv.exe

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Security Update for Microsoft .NET Framework 2.0 (KB922770) - {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Adobe Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll
O40 - ASIC: Adobe Shockwave Director 10.1 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Java (Sun) - {4707EBD1-A060-1F8E-6879-4E3071E926FC} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Web Folders - {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB886903) - {8EFA4753-7169-4CC3-A28B-0A1643B8A39B} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Security Update for Microsoft .NET Framework 2.0 (KB917283) - {967B098A-042D-4367-BAC9-8BC11684174F} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: (no name) - {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Pilote de bloc de demande Bluetooth (BthEnum) - C:\WINDOWS\system32\DRIVERS\BthEnum.sys
O41 - Driver: Périphérique Bluetooth (réseau personnel) (BthPan) - C:\WINDOWS\system32\DRIVERS\bthpan.sys
O41 - Driver: Pilote de port Bluetooth (BTHPORT) - C:\WINDOWS\System32\Drivers\BTHport.sys
O41 - Driver: Pilote USB radio Bluetooth (BTHUSB) - C:\WINDOWS\System32\Drivers\BTHUSB.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: Creative AC3 Software Decoder (ctac32k) - C:\WINDOWS\System32\drivers\ctac32k.sys
O41 - Driver: Creative Audio Driver (WDM) (ctaud2k) - C:\WINDOWS\system32\drivers\ctaud2k.sys
O41 - Driver: Creative SBLive! Port de jeux (ctljystk) - C:\WINDOWS\system32\DRIVERS\ctljystk.sys
O41 - Driver: Creative Proxy Driver (ctprxy2k) - C:\WINDOWS\System32\drivers\ctprxy2k.sys
O41 - Driver: Creative SoundFont Management Device Driver (ctsfm2k) - C:\WINDOWS\System32\drivers\ctsfm2k.sys
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: Pilote de Gestionnaire de disque logique (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: E-mu Plug-in Architecture Driver (emupia) - C:\WINDOWS\System32\drivers\emupia2k.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\DRIVERS\fltMgr.sys
O41 - Driver: Énumérateur de port jeu (gameenum) - C:\WINDOWS\system32\DRIVERS\gameenum.sys
O41 - Driver: GEAR ASPI Filter Driver (GEARAspiWDM) - C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
O41 - Driver: GMSIPCI (GMSIPCI) - D:\INSTALL\GMSIPCI.SYS
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Creative Hardware Abstract Layer Driver (ha10kx2k) - C:\WINDOWS\system32\drivers\ha10kx2k.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: IVI ASPI Shell (Iviaspi) - C:\WINDOWS\system32\drivers\iviaspi.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: MSICPL (MSICPL) - D:\install4\MSICPL.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: ATK0110 ACPI UTILITY (MTsensor) - C:\WINDOWS\system32\DRIVERS\ASACPI.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: NTACCESS (NTACCESS) - D:\NTACCESS.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Creative OS Services Driver (ossrv) - C:\WINDOWS\system32\drivers\ctoss2k.sys
O41 - Driver: PCAMPR5 NDIS Protocol Driver (PCAMPR5) - C:\WINDOWS\system32\PCAMPR5.SYS
O41 - Driver: PCANDIS5 NDIS Protocol Driver (PCANDIS5) - C:\WINDOWS\system32\PCANDIS5.SYS
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de redirecteur de périphérique Terminal Server (rdpdr) - C:\WINDOWS\system32\DRIVERS\rdpdr.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Périphérique Bluetooth (TDI protocole RFCOMM) (RFCOMM) - C:\WINDOWS\system32\DRIVERS\rfcomm.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver (RTLE8023xp) - C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
O41 - Driver: Screaming Bee Audio (SCREAMINGBDRIVER) - C:\WINDOWS\system32\drivers\ScreamingBAudio.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: SetupNTGLM7X (SetupNTGLM7X) - D:\NTGLM7X.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Apple Mobile USB Driver (USBAAPL) - C:\WINDOWS\System32\Drivers\usbaapl.sys
O41 - Driver: Pilote USB audio (WDM) (usbaudio) - C:\WINDOWS\system32\drivers\usbaudio.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Concentrateur USB2 (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\system32\DRIVERS\usbuhci.sys
O41 - Driver: VX-1000 (VX1000) - C:\WINDOWS\system32\DRIVERS\VX1000.sys
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Anchor Service CS3
O42 - Logiciel: Adobe Asset Services CS3
O42 - Logiciel: Adobe Bridge CS3
O42 - Logiciel: Adobe Bridge Start Meeting
O42 - Logiciel: Adobe CMaps
O42 - Logiciel: Adobe Camera Raw 4.0
O42 - Logiciel: Adobe Color - Photoshop Specific
O42 - Logiciel: Adobe Color Common Settings
O42 - Logiciel: Adobe Color EU Recommended Settings
O42 - Logiciel: Adobe Color JA Extra Settings
O42 - Logiciel: Adobe Color NA Extra Settings
O42 - Logiciel: Adobe Default Language CS3
O42 - Logiciel: Adobe Device Central CS3
O42 - Logiciel: Adobe ExtendScript Toolkit 2
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Fonts All
O42 - Logiciel: Adobe Help Viewer CS3
O42 - Logiciel: Adobe Linguistics CS3
O42 - Logiciel: Adobe PDF Library Files
O42 - Logiciel: Adobe Photoshop CS3
O42 - Logiciel: Adobe Reader 9.1.1 - Français
O42 - Logiciel: Adobe Setup
O42 - Logiciel: Adobe Shockwave Player
O42 - Logiciel: Adobe Stock Photos CS3
O42 - Logiciel: Adobe Type Support
O42 - Logiciel: Adobe Update Manager CS3
O42 - Logiciel: Adobe Version Cue CS3 Client
O42 - Logiciel: Adobe WinSoft Linguistics Plugin
O42 - Logiciel: Adobe XMP Panels CS3
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: AviSynth 2.5
O42 - Logiciel: Bonjour
O42 - Logiciel: C-Steam
O42 - Logiciel: Canon MP Navigator EX 1.0
O42 - Logiciel: Canon MP210 series
O42 - Logiciel: Canon My Printer
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities Solution Menu
O42 - Logiciel: Choice Guard
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Corel Snapfire DVD Maker
O42 - Logiciel: Corel Snapfire Plus
O42 - Logiciel: Counter-Strike: Source
O42 - Logiciel: DiMAGE Viewer
O42 - Logiciel: Dofus 1.26.0
O42 - Logiciel: DofusBeta 1.27.0
O42 - Logiciel: Enregistrement utilisateur de Canon MP210 series
O42 - Logiciel: Fraps
O42 - Logiciel: Free YouTube to iPod Converter version 3.1
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Gestionnaire Internet
O42 - Logiciel: HLSW v1.3.0.6
O42 - Logiciel: HOTZIC CD Burner V1.1
O42 - Logiciel: HOTZIC CD Burner V1.1 (C:\Program Files\HotzicBurner\)
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: InterVideo DVDCopy5
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: Java(TM) SE Runtime Environment 6
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: K-Lite Codec Pack 4.1.4 (Full)
O42 - Logiciel: Kaspersky Online Scanner
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB927978)
O42 - Logiciel: MSXML 6.0 Parser (KB927977)
O42 - Logiciel: Macromedia Flash Player 8
O42 - Logiciel: Media Player
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: MessengerDiscovery 1.5
O42 - Logiciel: MessengerDiscovery 2.0.44
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft LifeCam
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2003
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Windows Media Video 9 VCM
O42 - Logiciel: MobileMe Control Panel
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
O42 - Logiciel: MorphVOX Pro
O42 - Logiciel: Movies2iPhone .74b
O42 - Logiciel: Mozilla Firefox (3.0.10)
O42 - Logiciel: Mumble and Murmur
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: Navigateur Orange
O42 - Logiciel: OpenOffice.org 3.0
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PDF Settings
O42 - Logiciel: PIXMA Extended Survey Program
O42 - Logiciel: Prassi PrimoCD Plus 2.0 (French)
O42 - Logiciel: QuickTime
O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver
O42 - Logiciel: Replay Converter 3
O42 - Logiciel: Safari
O42 - Logiciel: ScanSoft OmniPage SE 4
O42 - Logiciel: Security Update for Microsoft .NET Framework 2.0 (KB917283)
O42 - Logiciel: Security Update pour Microsoft .NET Framework 2.0 (KB922770)
O42 - Logiciel: Segoe UI
O42 - Logiciel: Skype™ 4.0
O42 - Logiciel: Sound Blaster Live!
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: Steam
O42 - Logiciel: TI-Graph Link 82 - Français
O42 - Logiciel: TeamSpeak 2 RC2
O42 - Logiciel: TightVNC 1.3.10
O42 - Logiciel: TmNationsForever
O42 - Logiciel: Uninstall 1.0.0.1
O42 - Logiciel: UsbFix
O42 - Logiciel: VLC media player 0.9.9
O42 - Logiciel: Veoh Web Player
O42 - Logiciel: Videora iPod touch Converter 4.07
O42 - Logiciel: WinSCP 4.1.9
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Sync
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Yahoo! Toolbar
O42 - Logiciel: YouTube Downloader App 1.02
O42 - Logiciel: iTunes
O42 - Logiciel: mIRC

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\CANON
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Corel
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Designer
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Macrovision Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ScanSoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Skype
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Vbox
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Windows Live

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->08/05/2009 - 20:25:21
O44 - LFC:Last File Created - C:\WINDOWS\System32\E3EB214800.sys -->23/04/2009 - 09:00:16
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->22/06/2009 - 19:56:31
O44 - LFC:Last File Created - C:\WINDOWS\System32\jupdate-1.6.0_13-b03.log -->02/05/2009 - 11:10:07
O44 - LFC:Last File Created - C:\WINDOWS\System32\KGyGaAvL.sys -->23/04/2009 - 09:00:16
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->16/05/2009 - 20:43:31
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->16/05/2009 - 20:43:31
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->16/05/2009 - 20:43:31
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->16/05/2009 - 20:43:31
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->16/05/2009 - 20:43:31
O44 - LFC:Last File Created - C:\WINDOWS\System32\QuickTime.qts -->26/05/2009 - 16:18:34
O44 - LFC:Last File Created - C:\WINDOWS\System32\QuickTimeVR.qtx -->26/05/2009 - 16:18:34
O44 - LFC:Last File Created - C:\WINDOWS\System32\usbaaplrc.dll -->29/05/2009 - 12:36:16
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\usbaapl.sys -->29/05/2009 - 12:36:16

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSC.EXE-01730C27.pf -->30/06/2009 - 17:35:32
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-2329DCD5.pf -->30/06/2009 - 17:35:32
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->30/06/2009 - 16:47:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-2E1F6C49.pf -->30/06/2009 - 17:11:12
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->30/06/2009 - 16:39:14
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-24AE4A36.pf -->30/06/2009 - 16:47:00
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MESSENGERDISCOVERY 2.EXE-09D0FA90.pf -->30/06/2009 - 16:38:55
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf -->30/06/2009 - 16:38:54
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->30/06/2009 - 17:11:14
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OTL.EXE-0949DAE0.pf -->30/06/2009 - 16:49:40
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-12E27DD0.pf -->30/06/2009 - 16:37:51
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-22E35C38.pf -->30/06/2009 - 17:28:25
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\STEAM.EXE-15609EA3.pf -->30/06/2009 - 16:57:05
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WLCOMM.EXE-04AE9009.pf -->30/06/2009 - 16:39:09
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->30/06/2009 - 17:28:26
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WOOBROWSER.EXE-2D710CF8.pf -->30/06/2009 - 16:40:29
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\YTBB.EXE-36089050.pf -->30/06/2009 - 16:39:20

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
O47 - AAKE:Key Export - "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
O47 - AAKE:Key Export - "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
O47 - AAKE:Key Export - "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
O47 - AAKE:Key Export - "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
O47 - AAKE:Key Export - "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
O47 - AAKE:Key Export - "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
O47 - AAKE:Key Export - "C:\Windows\system32\nvscv32.exe"="C:\Windows\system32\nvscv32.exe:*:Enabled:Windows Boot Device"
O47 - AAKE:Key Export - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.WMV3"="wmv9vcm.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.ctmp3"="C:\WINDOWS\system32\ctmp3.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.lhacm"="lhacm.acm"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.FPS1"="frapsvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.DIVX"="divx.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YV12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.ac3acm"="ac3acm.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.lameacm"="lameACM.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.FFDS"="ff_vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "SynchronousMachineGroupPolicy"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SynchronousUserGroupPolicy"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegedit"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoStrCmpLogical"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSaveSettings"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoTrayItemsDisplay"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoToolbarsOnTaskbar"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "LockTaskbar"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoResolveTrack"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoResolveSearch"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoNetworkConnections"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSMHelp"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoRecentDocsMenu"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoFind"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSMMyPictures"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoRecentDocsHistory"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoStartMenuMFUprogramsList"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoUserNameInStartMenu"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoStartMenuMorePrograms"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "ClearRecentDocsOnExit"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "MaxRecentDocs"=15
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoInstrumentation"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoCDBurning"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "MemCheckBoxInRunDlg"=1
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSMBalloonTip"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoRemoteRecursiveEvents"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoSimpleStartMenu"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoCDBurning"=0

---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ASACPI.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ASPI32.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aswmon.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\BthEnum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bthpan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bthport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\BTHUSB.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\CCDECODE.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdr4_xp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdralw2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ctac32k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ctaud2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ctljystk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ctoss2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ctprxy2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ctsfm2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\DMusic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\emupia2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fltMgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\gameenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ha10kx2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSPQM.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSTEE.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NABTSFEC.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NdisIP.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nv4_mini.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwrdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciide.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\dri
0
Réponse 28 / 55
Utilisateur anonyme
 
tu peux le poster ici et donner le lien obrenu en echange stp ?

http://www.cijoint.fr/
0
Réponse 29 / 55
KEROZ3N Messages postés 53 Statut Membre
 
J'ai poster le rapport ici meme il a réussi a s'envoyer , mais qu'est qu'un lien Obrenu ? Merci
0
Réponse 30 / 55
Utilisateur anonyme
 
Tu peux le poster ici : http://www.cijoint.fr/

et donner le lien obtenu en echange stp ?
0
Réponse 31 / 55
KEROZ3N Messages postés 53 Statut Membre
 
Voila le lien obtenu =)

http://www.cijoint.fr/cjlink.php?file=cj200906/cijfH2trHp.txt

La suite ?
0
Réponse 32 / 55
Utilisateur anonyme
 
♦ Télécharge Ad-remover ( de C_XX ) sur ton bureau :

♦ Déconnecte toi et ferme toutes applications en cours !

♦ Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

♦ Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

♦ Au menu principal choisis l'option "L" et tape sur [entrée] .

♦ Laisse travailler l'outil et ne touche à rien ...

♦ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

♦ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Aides en images (Installation)
Aides en images (Recherche)
0
Réponse 33 / 55
KEROZ3N Messages postés 53 Statut Membre
 
Voici le rapport ,

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:10:24, 30/06/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: RITCHI-61EB85B8 | Utilisateur actuel: ritchi
.
Administrateur: Administrateur
N'est pas administrateur: ASPNET
N'est pas administrateur: HelpAssistant *Desactive*
N'est pas administrateur: Invité *Desactive*
Administrateur: ritchi
N'est pas administrateur: SUPPORT_388945a0 *Desactive*
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCR\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKCR\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCR\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
.

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.

* Mozilla FireFox Version 3.0.10 *

Nom du profil: auiiio2c.default (ritchi)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Yahoo! Search");
(Prefs.js) user_pref("browser.search.selectedEngine", "Yahoo! Search");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.10");
.
.

* Internet Explorer Version 7.0.5730.11 *

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.shareware.pro/misc/search.htm/fr
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

============== Suspect (Cracks, Serials ... ) ==============

.
C:\Documents and Settings\ritchi\Bureau\iPhone\keygen photoshop cs2\Adobe_Photoshop_and_ImageReady_CS2_v9.0_KeyGen-PARADOX.nfo
C:\Documents and Settings\ritchi\Bureau\iPhone\keygen photoshop cs2\keygen.exe
C:\Documents and Settings\ritchi\Mes documents\Coccinelle\Windows.XP.Pro.Coccinelle.Edition.M‚tamorphose v3.0 - [Fran‡ais] 2007 ---Prodjbmx\Windows.XP.Pro.Coccinelle.Edition.M‚tamorphose[v3.0].PATCHER.exe
.
===================================
.
3117 Octet(s) - C:\Ad-Report-CLEAN.log
.
13 Fichier(s) - C:\DOCUME~1\ritchi\LOCALS~1\Temp
1 Fichier(s) - C:\WINDOWS\Temp
.
18 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 19:16:16 | 30/06/2009
.
============== E.O.F ==============
.

Merci , KEROZ3N
0
Réponse 34 / 55
KEROZ3N Messages postés 53 Statut Membre
 
Upp ! =(
0
Réponse 35 / 55
Utilisateur anonyme
 
supprime OTL , et reesaie de l utiliser comme indiqué plus haut
0
Réponse 36 / 55
KEROZ3N Messages postés 53 Statut Membre
 
Il me remarque a chaque fois la meme chose et il m'ajoute ce rapport :

OTL logfile created on: 30/06/2009 20:50:36 - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\Documents and Settings\ritchi\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 65,25% Memory free
3,85 Gb Paging File | 3,30 Gb Available in Paging File | 85,83% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 205,65 Gb Free Space | 68,99% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RITCHI-61EB85B8
Current User Name: ritchi
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2007/02/04 13:02:14 | 00,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
PRC - [2006/12/06 01:38:57 | 00,707,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2007/04/03 18:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
PRC - [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2004/10/05 17:00:12 | 00,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\TaskBarIcon.exe
PRC - [2009/06/05 13:39:22 | 00,292,136 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/05/02 20:45:17 | 00,321,344 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2006/08/06 12:54:52 | 00,112,128 | ---- | M] (Pierre TORRIS) -- C:\WINDOWS\System32\IcoSauve.exe
PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe
PRC - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe
PRC - [2007/04/13 08:49:00 | 00,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2007/01/05 00:13:54 | 00,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2008/05/16 20:31:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2006/11/02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\System32\PSIService.exe
PRC - [2000/06/26 08:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MsPMSPSv.exe
PRC - [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/02/24 00:09:34 | 00,141,960 | ---- | M] () -- C:\Program Files\Mumble\dbus-daemon.exe
PRC - [2006/11/19 00:59:06 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/12/06 14:53:30 | 00,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\GestionnaireInternet.exe
PRC - [2005/11/28 16:41:40 | 00,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\ComComp.exe
PRC - [2004/11/02 15:31:20 | 00,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\Wanadoo\Toaster.exe
PRC - [2004/10/27 11:30:44 | 00,032,768 | ---- | M] () -- C:\Program Files\Wanadoo\Inactivity.exe
PRC - [2004/10/27 11:07:06 | 00,069,632 | ---- | M] () -- C:\Program Files\Wanadoo\PollingModule.exe
PRC - [2004/10/21 08:50:52 | 00,045,056 | ---- | M] () -- C:\WINDOWS\System32\AlertModule\AlertModule.exe
PRC - [2004/08/23 14:49:56 | 00,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\Wanadoo\Watch.exe
PRC - [2009/04/29 16:24:20 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/05/14 22:39:56 | 00,580,608 | ---- | M] (Matt Holwood) -- C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
PRC - [2009/03/22 17:16:26 | 02,569,912 | ---- | M] (Thorvald Natvig) -- C:\Program Files\Mumble\mumble.exe
PRC - [2009/02/06 18:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2006/11/19 00:59:06 | 01,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/06/30 20:50:21 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ritchi\Bureau\OTL.exe

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/05/14 22:09:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Disabled | Stopped])
SRV - [2009/05/14 22:09:07 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Disabled | Stopped])
SRV - [2009/05/14 22:09:07 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [Disabled | Stopped])
SRV - [2009/05/14 22:09:08 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [Disabled | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTsvcCDA.exe -- (Creative Service for CDROM Access [Auto | Running])
SRV - [2009/06/22 21:44:23 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2004/08/23 14:49:56 | 00,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\System32\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
SRV - [2004/08/19 18:09:37 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/04/13 08:49:00 | 00,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC [Auto | Running])
SRV - [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2007/01/05 00:13:54 | 00,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc [Auto | Running])
SRV - [2008/05/16 20:31:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2006/11/02 21:40:12 | 00,174,656 | ---- | M] () -- C:\WINDOWS\System32\PSIService.exe -- (ProtexisLicensing [Auto | Running])
SRV - [2000/06/26 08:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MsPMSPSv.exe -- (WMDM PMSP Service [Auto | Running])
SRV - [2006/11/03 10:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [1999/09/10 13:06:00 | 00,025,244 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32 [Auto | Running])
DRV - [2002/07/19 04:46:28 | 00,127,948 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Running])
DRV - [2002/07/19 04:47:52 | 00,837,548 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Running])
DRV - [2001/08/17 22:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\DRIVERS\ctljystk.sys -- (ctljystk [On_Demand | Stopped])
DRV - [2002/07/19 04:48:08 | 00,011,068 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Running])
DRV - [2002/07/19 04:48:22 | 00,213,860 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])
DRV - [2002/07/19 04:48:32 | 00,156,604 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\emupia2k.sys -- (emupia [On_Demand | Running])
DRV - [2004/08/04 00:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2002/07/24 07:52:26 | 00,998,004 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ha10kx2k.sys -- (ha10kx2k [On_Demand | Running])
DRV - [2005/09/20 03:27:20 | 00,010,368 | ---- | M] (InterVideo, Inc.) -- C:\WINDOWS\System32\drivers\iviaspi.sys -- (Iviaspi [On_Demand | Running])
DRV - [2008/07/03 06:12:12 | 01,777,664 | R--- | M] (MSI) -- C:\WINDOWS\System32\msicpl.dll -- (MSICPL [On_Demand | Stopped])
DRV - [2004/08/12 10:00:00 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2008/05/16 20:31:00 | 06,557,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2002/07/19 04:48:04 | 00,195,432 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Running])
DRV - [2003/08/04 15:22:44 | 00,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Running])
DRV - [2002/09/06 21:59:59 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2007/01/29 04:00:00 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004/08/04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
DRV - [2008/05/19 05:46:04 | 00,108,032 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running])
DRV - [2009/03/27 14:23:12 | 00,023,064 | ---- | M] (Screaming Bee LLC) -- C:\WINDOWS\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER [On_Demand | Running])
DRV - [2004/07/17 13:36:37 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2009/05/29 13:36:16 | 00,039,424 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Running])
DRV - [2004/08/04 00:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV - [2006/12/06 01:39:11 | 01,963,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\VX1000.sys -- (VX1000 [On_Demand | Stopped])

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.shareware.pro/misc/search.htm/fr
IE - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://badoo.com/ [binary data]
IE - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-790525478-220523388-839522115-1003\S-1-5-21-790525478-220523388-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://start.mozilla.org/fr/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.4
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/12 00:39:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/03 13:20:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/06/03 13:20:44 | 00,000,000 | ---D | M]

[2009/02/28 13:27:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\mozilla\Extensions
[2009/02/28 13:27:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008/06/30 00:29:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\mozilla\Firefox\Profiles\auiiio2c.default\extensions
[2009/05/05 07:43:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\mozilla\Firefox\Profiles\auiiio2c.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2009/05/12 22:51:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\mozilla\Firefox\Profiles\auiiio2c.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/06/30 00:29:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 16:24:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/02 18:21:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/12 00:40:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/05/02 12:10:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/29 16:24:20 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 16:24:20 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/03/09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/04/29 16:24:21 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/06/03 13:20:44 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/03 13:20:44 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/03 13:20:44 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/03 13:20:44 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/03 13:20:44 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/03 13:20:44 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/03 13:20:44 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2006/09/10 13:35:08 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2008/06/30 00:29:15 | 00,001,489 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2008/09/28 09:10:26 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2008/04/16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2006/09/10 13:35:08 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2008/03/29 15:59:44 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2006/09/12 20:49:04 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-790525478-220523388-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-220523388-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-220523388-839522115-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-220523388-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe File not found
O4 - HKU\.DEFAULT..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-18..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-19..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-20..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-21-790525478-220523388-839522115-1003..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-790525478-220523388-839522115-1003..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-21-790525478-220523388-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-790525478-220523388-839522115-1003..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKU\S-1-5-21-790525478-220523388-839522115-1003..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [nltide1] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [nltide2] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [nltide2] C:\WINDOWS\System32\advpack.DLL (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\ritchi\Menu Démarrer\Programmes\Démarrage\AutoClick.lnk = C:\Program Files\AutoClick\AutoClick.exe File not found
O4 - Startup: C:\Documents and Settings\ritchi\Menu Démarrer\Programmes\Démarrage\IcoSauve.lnk = C:\WINDOWS\System32\IcoSauve.exe (Pierre TORRIS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LockTaskbar = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMFUprogramsList = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 15
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = Polices
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr (CKAVWebScan Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/30 02:48:37 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[1 C:\WINDOWS\*.tmp files]
[2009/06/30 20:50:21 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ritchi\Bureau\OTL.exe
[2009/06/30 19:10:12 | 00,000,000 | ---D | C] -- C:\Program Files\Ad-remover
[2009/06/26 21:37:23 | 00,000,000 | ---D | C] -- C:\Program Files\mIRC
[2009/06/26 04:13:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ritchi\Application Data\Screaming Bee
[2009/06/26 04:12:47 | 00,000,000 | ---D | C] -- C:\Program Files\Screaming Bee
[2009/06/26 04:12:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2009/06/23 16:12:32 | 00,000,000 | ---D | C] -- C:\Program Files\C0nw0nk_C-Steam
[2009/06/22 21:44:23 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Macrovision Shared
[2009/06/22 19:47:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ritchi\Mes documents\Updater
[2009/06/22 10:49:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF
[2009/06/22 10:48:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems
[2009/06/21 18:21:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/06/21 18:21:16 | 00,000,488 | ---- | C] () -- C:\Documents and Settings\ritchi\Bureau\Fraps.lnk
[2009/06/21 18:21:16 | 00,000,000 | ---D | C] -- C:\Fraps
[2009/06/20 19:45:18 | 00,000,726 | ---- | C] () -- C:\Documents and Settings\ritchi\Menu Démarrer\Programmes\Démarrage\AutoClick.lnk
[2009/06/20 16:06:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/06/18 23:34:47 | 00,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2009/06/18 23:34:33 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/06/18 23:34:31 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/06/17 22:52:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ritchi\Mes documents\Mes enregistrements de webcam
[2009/06/17 12:27:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ritchi\Bureau\__MACOSX
[2009/06/10 18:06:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\Replay Converter 3
[2009/06/10 18:06:20 | 00,000,000 | ---D | C] -- C:\Program Files\Replay Converter 3
[2009/06/04 20:27:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ritchi\Application Data\mIRC
[2009/06/03 13:20:56 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/06/03 13:20:39 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2009/06/03 13:20:22 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/05/14 21:52:01 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/14 21:52:01 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/05/14 21:52:00 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/14 21:52:00 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/05/14 21:51:59 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/05/14 21:51:59 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/14 21:51:59 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/03/29 18:44:16 | 00,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/26 19:47:09 | 00,000,332 | ---- | C] () -- C:\WINDOWS\Wlink82.ini
[2009/03/01 19:56:51 | 00,005,330 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/03/01 19:56:51 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\E3EB214800.sys
[2009/02/28 19:24:23 | 00,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2009/02/28 08:47:00 | 00,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2009/02/28 00:04:18 | 00,010,530 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009/02/27 23:56:58 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/02/27 23:56:54 | 00,010,345 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/02/27 23:56:48 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/02/27 23:53:06 | 00,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/02/27 23:47:51 | 00,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009/02/27 23:47:32 | 00,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2009/02/27 23:47:32 | 00,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/02/27 23:47:19 | 00,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2009/02/27 23:47:14 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2009/02/27 23:46:59 | 00,000,307 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2009/02/27 23:37:13 | 00,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2009/02/27 23:37:10 | 00,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2009/02/27 23:37:10 | 00,258,048 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2009/02/27 23:37:10 | 00,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2009/02/27 23:17:50 | 02,111,096 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/02/27 23:08:56 | 00,002,844 | ---- | C] () -- C:\WINDOWS\System32\faview_lng.ini
[2009/02/27 23:08:56 | 00,002,588 | ---- | C] () -- C:\WINDOWS\System32\shman_lng.ini
[2009/02/27 23:08:56 | 00,002,323 | ---- | C] () -- C:\WINDOWS\System32\Starter.ini
[2009/02/27 23:08:56 | 00,001,723 | ---- | C] () -- C:\WINDOWS\System32\WinAudit.ini
[2009/02/27 23:08:56 | 00,001,239 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/02/27 23:08:56 | 00,000,047 | ---- | C] () -- C:\WINDOWS\System32\TransBar.ini
[2008/05/16 20:31:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/16 20:31:00 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/16 20:31:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/16 20:31:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/16 20:31:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004/07/17 13:36:37 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2002/09/06 21:59:59 | 00,000,564 | ---- | C] () -- C:\WINDOWS\win.ini
[2002/09/06 21:59:59 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/06/30 20:50:21 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ritchi\Bureau\OTL.exe
[2009/06/30 19:30:14 | 00,025,296 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000000-00001102-00000002-80651102}.rfx
[2009/06/30 19:30:14 | 00,025,296 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000000-00001102-00000002-80651102}.rfx
[2009/06/30 19:30:14 | 00,016,516 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000000-00001102-00000002-80651102}.rfx
[2009/06/30 19:30:14 | 00,016,516 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000000-00001102-00000002-80651102}.rfx
[2009/06/30 19:30:14 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/06/30 19:30:14 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/06/30 19:30:14 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000004-00000000-00000000-00001102-00000002-80651102}.dat
[2009/06/30 19:30:14 | 00,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000000-00001102-00000002-80651102}.dat
[2009/06/30 19:03:54 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2009/06/26 00:32:26 | 00,001,596 | ---- | M] () -- C:\Documents and Settings\ritchi\Bureau\Counter-Strike Source.lnk
[2009/06/22 21:00:33 | 00,043,688 | ---- | M] () -- C:\Documents and Settings\ritchi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/06/22 20:56:31 | 01,516,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/22 20:13:09 | 00,000,564 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/06/22 18:21:41 | 00,039,936 | ---- | M] () -- C:\Documents and Settings\ritchi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/21 18:21:16 | 00,000,488 | ---- | M] () -- C:\Documents and Settings\ritchi\Bureau\Fraps.lnk
[2009/06/20 21:19:35 | 00,000,726 | ---- | M] () -- C:\Documents and Settings\ritchi\Menu Démarrer\Programmes\Démarrage\AutoClick.lnk
[2009/06/20 16:56:13 | 00,000,612 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\os264931.bin
[2009/06/18 23:42:40 | 00,000,920 | ---- | M] () -- C:\Documents and Settings\ritchi\Bureau\DVDVideoSoft Free Studio.lnk
[2009/06/16 12:13:46 | 11,782,384 | -H-- | M] () -- C:\Documents and Settings\ritchi\Local Settings\Application Data\IconCache.db
[2009/06/10 18:01:26 | 00,006,525 | ---- | M] () -- C:\grab00000.jpg
[2009/06/03 13:20:39 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2009/06/03 13:16:00 | 00,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Safari.lnk
[2009/06/03 13:14:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[color=#E56717]========== LOP Check ==========[/color]

[2008/06/30 16:02:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/03/25 16:52:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/04/08 13:52:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/02/27 23:50:30 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/06/07 18:13:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2009/02/27 23:57:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2009/06/20 16:06:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/04/05 11:23:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2009/04/17 00:35:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/02/27 23:53:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/06/26 04:13:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2009/06/21 19:25:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/06/09 18:58:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2009/02/27 22:38:58 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data
[2009/02/27 23:07:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data
[2009/02/27 21:54:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data
[2008/06/30 00:23:35 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\ritchi\Application Data
[2009/04/25 15:34:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\ActiveState
[2009/02/27 23:32:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\aignes
[2009/03/16 11:30:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\Canon
[2009/04/23 10:05:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\Corel
[2009/06/30 20:49:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\DNA
[2009/05/04 20:42:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\dvdcss
[2009/02/27 23:32:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\gtopala
[2008/06/29 23:03:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\HLSW
[2009/04/03 17:12:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\Media Player
[2009/06/30 17:40:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\MessengerDiscovery 2
[2008/06/29 17:54:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\mIRC
[2008/06/29 21:18:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\Mumble
[2009/03/06 13:57:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\OpenOffice.org
[2009/04/04 02:32:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\Red Kawa
[2009/02/27 23:53:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\ScanSoft
[2009/06/26 04:13:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\Screaming Bee
[2008/06/27 23:53:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ritchi\Application Data\teamspeak2
[2009/06/03 13:14:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2002/09/06 21:59:59 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2008/06/30 16:03:09 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 507 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
< End of report >
0
Réponse 37 / 55
Utilisateur anonyme
 
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.

N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

* Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :

C:\Program Files\Mumble\mumble.exe
C:\WINDOWS\System32\winsys2.exe

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.

ensuite :

Double clic sur OTL.exe pour le lancer.

Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans la zone sous Customs Scans/Fixes

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe

:services

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-220523388-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-220523388-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-220523388-839522115-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-790525478-220523388-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found.
O4 - HKU\.DEFAULT..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-18..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-19..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-20..\Run: [OrangePlayer] File not found
O4 - HKU\S-1-5-21-790525478-220523388-839522115-1003..\Run: [OrangePlayer] File not found
O7 - HKU\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = Polices
@Alternate Data Stream - 507 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"iTunesHelper"=-
"nwiz"=-
"QuickTime Task"=-
"SSBkgdUpdate"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoRemoteRecursiveEvents"=0
"NoLowDiskSpaceChecks"=0
[HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"DisallowCpl"=0
"NoCDBurning"=0

:files
C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

:commands
[emptytemp]
[start explorer]
[reboot]


Clique sur RunFix pour lancer la suppression.

Poste le rapport.

ensuite :

Télécharge TOOLBAR S&D ( de Eric_71/Team IDN ) sur ton bureau :

!! Déconnecte toi,desactive tes protections résidentes, et ferme toutes tes applications en cours le temps de la manip. !!

* Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...

--> Tapes ( option " recherche " ) puis tape sur [Entrée].

Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse

( le rapport est en outre sauvegardé ici -> C:\TB.txt )

Tutoriel

ensuite :

♦ Passer de Avast à AntiVir :

♦ Télécharge Désinstalleur d'Avast!.

♦ redemarre en mode sans echec :

Comment aller en Mode sans échec
1) Redémarres ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)

♦ Désinstalle via Ajout/Suppression de Programmes (si présents) :

* Avast!

♦ ensuite execute le desinstaller

Ceci effacera la majorité des traces du produit Avast! d'Alwil Software.

♦ redemarre

♦ Télécharge Ccleaner sur ton Bureau. :

♦ Clique sur "download the latest version"
♦ Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

♦ Lance le Nettoyage
♦ Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

plus de precision sur la configuration de ccleaner te seront donnees plus tard

tuto Comment utiliser CCleaner.
***************

♦ Télécharge Antivir en Francais ou Antivir en Francais sur ton Bureau.:

♦ Double clique sur l'exécutable téléchargé pour lancer l'installation.
♦ À la fin de l'installation, clique sur Finish.
♦ Ouvre Antivir, assure-toi qu’il soit bien à jour !
♦ Dans l'onglet Protection Locale, choisis Contrôler.
♦ Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
♦ Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
♦ Poste moi le rapport généré : Pour cela, clique sur l'onglet Aperçu, puis choisis Rapports, tu trouveras son rapport..
♦ Sélectionne le rapport et clique sur l'icône "Afficher le fichier de rapport du rapport sélectionné.

♦ Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

Pourquoi changer ? :Avast Vs Antivir

Tuto Antivir: Comment installer et utiliser AntiVir.

***************************************
Une fois AntiVir ouvert, clique sur "configuration" et coche la case " mode expert " :

♦ mets toi sur "scanner"/"recherche" (à gauche) -> dans "fichiers", coche tous les fichiers et en dessous dans priorité scanner= élevé .

coche aussi : autorisé l'arrêt , comme cela tu peux faire une pause pendant le scan si tu le desir.

♦ toujours dans "recherche" -> " Autres réglages ", coche les cases suivantes :

♦ secteur d'amorçage lecteurs de rech.

♦ Contrôler secteurs d'amorçage maître

♦ Suivre les liens symboliques

♦ Rech.Rootkit au dém. de la recherche

et décoche :

ignorer les fichiers hors ligne

♦ mets toi sur "scanner"/"recherche"/ "heuristique" -> Heuristique macrovirus= coché, et en dessous coche activer AHeAD et coche la case degré d'identification moyen ...

---> clique sur "OK" pour valider le réglage ...
0
Réponse 38 / 55
KEROZ3N
 
Bonjour , voici l'analyse Virus total pour mumble.exe :

Fichier mumble.exe reçu le 2009.04.02 18:32:39 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.04.02 -
AhnLab-V3 5.0.0.2 2009.04.02 -
AntiVir 7.9.0.129 2009.04.02 -
Antiy-AVL 2.0.3.1 2009.04.02 -
Authentium 5.1.2.4 2009.04.02 -
Avast 4.8.1335.0 2009.04.02 -
AVG 8.5.0.285 2009.04.02 -
BitDefender 7.2 2009.04.02 -
CAT-QuickHeal 10.00 2009.04.01 -
ClamAV 0.94.1 2009.04.02 -
Comodo 1093 2009.04.01 -
DrWeb 4.44.0.09170 2009.04.02 -
eSafe 7.0.17.0 2009.04.02 -
eTrust-Vet 31.6.6432 2009.04.02 -
F-Prot 4.4.4.56 2009.04.02 -
F-Secure 8.0.14470.0 2009.04.02 -
Fortinet 3.117.0.0 2009.04.02 -
GData 19 2009.04.02 -
Ikarus T3.1.1.49.0 2009.04.02 -
K7AntiVirus 7.10.690 2009.04.01 -
Kaspersky 7.0.0.125 2009.04.02 -
McAfee 5572 2009.04.02 -
McAfee+Artemis 5572 2009.04.02 -
McAfee-GW-Edition 6.7.6 2009.04.01 -
Microsoft 1.4502 2009.04.02 -
NOD32 3984 2009.04.02 -
Norman 6.00.06 2009.04.02 -
nProtect 2009.1.8.0 2009.04.02 -
Panda 10.0.0.14 2009.04.02 -
PCTools 4.4.2.0 2009.04.02 -
Prevx1 V2 2009.04.02 -
Rising 21.23.32.00 2009.04.02 -
Sophos 4.40.0 2009.04.02 -
Sunbelt 3.2.1858.2 2009.04.02 -
Symantec 1.4.4.12 2009.04.02 -
TheHacker 6.3.4.0.298 2009.04.01 -
TrendMicro 8.700.0.1004 2009.04.02 -
VBA32 3.12.10.2 2009.04.02 -
ViRobot 2009.4.2.1673 2009.04.02 -
VirusBuster 4.6.5.0 2009.04.02 -
Information additionnelle
File size: 2569912 bytes
MD5   : 67dae79e0ecc4efcc519536d9336035d
SHA1  : ad1d26f34cd317e373920210f604273c322a9f5f
SHA256: b3a71e715b83709e56b2aff18b31dbcd3eb084087927b85a7e3ee9b6e87a1242
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0xC25D5<br> timedatestamp.....: 0x49C655A0 (Sun Mar 22 16:13:36 2009)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 6 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0xC42FE 0xC4400 6.11 977eaa3368b14c1dfc99610f98ae1251<br>.text1 0xC6000 0xAC70 0xAE00 4.93 4f1978aa6e5d2594c4ed3e5e26d07b4f<br>.rdata 0xD1000 0x1788C8 0x178A00 7.16 68999ed268aff20035cc07ef744b04db<br>.data 0x24A000 0x99CC 0x8400 3.86 809ebb080c94f1db2266301fa308cc4d<br>.data1 0x254000 0x1F4E8 0x1F600 3.31 82c5ac003b3c2644a531afcfa00d8065<br>.rsrc 0x274000 0x2C6C 0x2E00 3.94 53aac82bf7f26b7f5fc4b4a07e4c2be7<br> <br> ( 18 imports )<br> <br>> advapi32.dll: RegCloseKey, OpenThreadToken, AdjustTokenPrivileges, LookupPrivilegeValueW, RegOpenKeyExW, RegEnumKeyExW, RegQueryValueExW, ImpersonateSelf<br>> dinput8.dll: DirectInput8Create<br>> dsound.dll: -, -, -, -<br>> kernel32.dll: GetCommandLineA, GetCommandLineW, LocalAlloc, ReleaseMutex, WaitForSingleObject, CreateMutexW, GetTickCount, GetProcAddress, GetCurrentProcessId, CreateToolhelp32Snapshot, LoadLibraryA, Module32FirstW, Module32NextW, OutputDebugStringA, SetPriorityClass, SetUnhandledExceptionFilter, SleepEx, GetModuleHandleW, GetModuleHandleExW, GetVersionExW, GetCurrentProcess, IsWow64Process, QueryPerformanceFrequency, QueryPerformanceCounter, GetCurrentThread, GetLastError, CloseHandle, LoadLibraryW, FreeLibrary, ReadProcessMemory, RaiseException, IsDebuggerPresent, UnhandledExceptionFilter, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentThreadId, GetStartupInfoA, InterlockedCompareExchange, Sleep, InterlockedExchange, CreateEventW<br>> libeay32.dll: -, -, -, -<br>> libmmd.dll: sin, pow, log, atan, acos, exp, cos, floor, cosf, sinf, log10f, floorf, powf, lroundf, lround, ceilf<br>> msvcr90.dll: memset, memcpy, __CxxFrameHandler, __2@YAPAXI@Z, _wassert, ___V@YAXPAX@Z, _CxxThrowException, _purecall, __RTDynamicCast, _wputenv_s, _wgetenv_s, rand, free, calloc, _crt_debugger_hook, _controlfp_s, _invoke_watson, _except_handler4_common, __type_info_dtor_internal_method@type_info@@QAEXXZ, _terminate@@YAXXZ, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _configthreadlocale, _initterm_e, _initterm, _acmdln, _ismbblead, _XcptFilter, _exit, _cexit, __getmainargs, _amsg_exit, _decode_pointer, _onexit, _lock, _encode_pointer, __dllonexit, _unlock, malloc, memchr, memmove, realloc, __iob_func, wcscat_s, _wfopen_s, fprintf, fflush, exit, __3@YAXPAX@Z<br>> ole32.dll: CoTaskMemFree, CoInitialize, PropVariantClear, CLSIDFromString, CoCreateInstance<br>> opengl32.dll: glMatrixMode, glViewport, glColor3f, glEnd, glVertex2f, glBegin, glEnable, glShadeModel, glClearColor, glDisable, glLoadIdentity, glOrtho<br>> qtcore4.dll: _mid@QString@@QBE_AV1@HH@Z, _qWinMain@@YAXPAUHINSTANCE__@@0PADHAAHAAV_$QVector@PAD@@@Z, _shared_null@QByteArray@@0UData@1@A, __4QByteArray@@QAEAAV0@PBD@Z, _windowsVersion@QSysInfo@@SA_AW4WinVersion@1@XZ, __0QFileInfo@@QAE@ABV0@@Z, __0QLibrary@@QAE@PAVQObject@@@Z, _unload@QLibrary@@QAE_NXZ, __0QDir@@QAE@ABVQString@@0V_$QFlags@W4SortFlag@QDir@@@@V_$QFlags@W4Filter@QDir@@@@@Z, _entryInfoList@QDir@@QBE_AV_$QList@VQFileInfo@@@@V_$QFlags@W4Filter@QDir@@@@V_$QFlags@W4SortFlag@QDir@@@@@Z, _absoluteFilePath@QFileInfo@@QBE_AVQString@@XZ, _isLibrary@QLibrary@@SA_NABVQString@@@Z, _setFileName@QLibrary@@QAEXABVQString@@@Z, _load@QLibrary@@QAE_NXZ, _errorString@QLibrary@@QBE_AVQString@@XZ, _resolve@QLibrary@@QAEPAXPBD@Z, __1QLibrary@@UAE@XZ, _isValid@QRect@@QBE_NXZ, _rwidth@QSize@@QAEAAHXZ, _rheight@QSize@@QAEAAHXZ, _width@QSize@@QBEHXZ, _height@QSize@@QBEHXZ, _disconnect@QObject@@QAE_NPBDPBV1@0@Z, _elapsed@QTime@@QBEHXZ, _restart@QTime@@QAEHXZ, __0QTime@@QAE@XZ, _start@QTime@@QAEXXZ, _retrieveData@QMimeData@@MBE_AVQVariant@@ABVQString@@W4Type@2@@Z, _qRegisterResourceData@@YA_NHPBE00@Z, _qUnregisterResourceData@@YA_NHPBE00@Z, _qt_metacast@QAbstractItemModel@@UAEPAXPBD@Z, _qt_metacall@QAbstractItemModel@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _staticMetaObject@QAbstractItemModel@@2UQMetaObject@@B, _qt_metacast@QThread@@UAEPAXPBD@Z, _activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z, _qt_metacall@QThread@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _staticMetaObject@QThread@@2UQMetaObject@@B, _formats@QMimeData@@UBE_AVQStringList@@XZ, _hasFormat@QMimeData@@UBE_NABVQString@@@Z, _qt_metacall@QMimeData@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QMimeData@@UAEPAXPBD@Z, _metaObject@QMimeData@@UBEPBUQMetaObject@@XZ, _revert@QAbstractItemModel@@UAEXXZ, _submit@QAbstractItemModel@@UAE_NXZ, _sort@QAbstractItemModel@@UAEXHW4SortOrder@Qt@@@Z, _canFetchMore@QAbstractItemModel@@UBE_NABVQModelIndex@@@Z, _fetchMore@QAbstractItemModel@@UAEXABVQModelIndex@@@Z, _removeColumns@QAbstractItemModel@@UAE_NHHABVQModelIndex@@@Z, _removeRows@QAbstractItemModel@@UAE_NHHABVQModelIndex@@@Z, _insertColumns@QAbstractItemModel@@UAE_NHHABVQModelIndex@@@Z, _insertRows@QAbstractItemModel@@UAE_NHHABVQModelIndex@@@Z, _setHeaderData@QAbstractItemModel@@UAE_NHW4Orientation@Qt@@ABVQVariant@@H@Z, _setData@QAbstractItemModel@@UAE_NABVQModelIndex@@ABVQVariant@@H@Z, _hasChildren@QAbstractItemModel@@UBE_NABVQModelIndex@@@Z, __0QAbstractItemModel@@QAE@PAVQObject@@@Z, _insert@QListData@@QAEPAPAXH@Z, _data_ptr@QString@@QAEAAPAUData@1@XZ, __0QPersistentModelIndex@@QAE@XZ, __8QModelIndex@@QBE_NABV0@@Z, __4QPersistentModelIndex@@QAEAAV0@ABVQModelIndex@@@Z, _beginInsertRows@QAbstractItemModel@@IAEXABVQModelIndex@@HH@Z, _endInsertRows@QAbstractItemModel@@IAEXXZ, _changePersistentIndexList@QAbstractItemModel@@IAEXABV_$QList@VQModelIndex@@@@0@Z, _isValid@QPersistentModelIndex@@QBE_NXZ, __BQPersistentModelIndex@@QBEABVQModelIndex@@XZ, __1QPersistentModelIndex@@QAE@XZ, _dataChanged@QAbstractItemModel@@IAEXABVQModelIndex@@0@Z, __1QMimeData@@UAE@XZ, _shared_null@QVectorData@@2U1@A, _qMalloc@@YAPAXI@Z, _qRealloc@@YAPAXPAXI@Z, _malloc@QVectorData@@SAPAU1@HHHPAU1@@Z, __4QBasicAtomicInt@@QAEAAV0@H@Z, _qMemSet@@YAPAXPAXHI@Z, _grow@QVectorData@@SAHHHH_N@Z, _data@QMimeData@@QBE_AVQByteArray@@ABVQString@@@Z, __5QDataStream@@QAEAAV0@AA_N@Z, __5QDataStream@@QAEAAV0@AAI@Z, __5QDataStream@@QAEAAV0@AAH@Z, __6QDataStream@@QAEAAV0@_N@Z, __6QDataStream@@QAEAAV0@H@Z, __6QDataStream@@QAEAAV0@I@Z, __0QMimeData@@QAE@XZ, _setData@QMimeData@@QAEXABVQString@@ABVQByteArray@@@Z, _isValid@QVariant@@QBE_NXZ, _internalPointer@QModelIndex@@QBEPAXXZ, _createIndex@QAbstractItemModel@@IBE_AVQModelIndex@@HHPAX@Z, __0QModelIndex@@QAE@ABV0@@Z, _beginRemoveRows@QAbstractItemModel@@IAEXABVQModelIndex@@HH@Z, _endRemoveRows@QAbstractItemModel@@IAEXXZ, __1QAbstractItemModel@@UAE@XZ, _column@QModelIndex@@QBEHXZ, _model@QModelIndex@@QBEPBVQAbstractItemModel@@XZ, _toList@QVariant@@QBE_AV_$QList@VQVariant@@@@XZ, _setSize@QRect@@QAEXABVQSize@@@Z, _translate@QRect@@QAEXHH@Z, _topLeft@QRect@@QBE_AVQPoint@@XZ, _isEmpty@QByteArray@@QBE_NXZ, _toPercentEncoding@QUrl@@SA_AVQByteArray@@ABVQString@@ABV2@1@Z, _addQueryItem@QUrl@@QAEXABVQString@@0@Z, _applicationFilePath@QCoreApplication@@SA_AVQString@@XZ, __0QCryptographicHash@@QAE@W4Algorithm@0@@Z, _addData@QCryptographicHash@@QAEXABVQByteArray@@@Z, _result@QCryptographicHash@@QBE_AVQByteArray@@XZ, __1QCryptographicHash@@QAE@XZ, _fileName@QSettings@@QBE_AVQString@@XZ, _endsWith@QString@@QBE_NABVQLatin1String@@W4CaseSensitivity@Qt@@@Z, _fromNativeSeparators@QDir@@SA_AVQString@@ABV2@@Z, __0QDir@@QAE@ABVQString@@@Z, _absolutePath@QDir@@QBE_AVQString@@XZ, __1QDir@@QAE@XZ, _homePath@QDir@@SA_AVQString@@XZ, _currentPath@QDir@@SA_AVQString@@XZ, _root@QDir@@SA_AV1@XZ, _mkpath@QDir@@QBE_NABVQString@@@Z, _handler@QVariant@@1PBUHandler@1@B, _userType@QVariant@@QBEHXZ, _constData@QVariant@@QBEPBXXZ, _value@QSettings@@QBE_AVQVariant@@ABVQString@@ABV2@@Z, _beginReadArray@QSettings@@QAEHABVQString@@@Z, _childKeys@QSettings@@QBE_AVQStringList@@XZ, _toBool@QVariant@@QBE_NXZ, __8QVariant@@QBE_NABV0@@Z, _remove@QSettings@@QAEXABVQString@@@Z, __0QVariant@@QAE@_N@Z, _setValue@QSettings@@QAEXABVQString@@ABVQVariant@@@Z, __0QVariant@@QAE@_K@Z, __0QVariant@@QAE@N@Z, __9QString@@QBE_NABV0@@Z, __0QVariant@@QAE@ABV_$QList@VQVariant@@@@@Z, _beginWriteArray@QSettings@@QAEXABVQString@@H@Z, _setArrayIndex@QSettings@@QAEXH@Z, _endArray@QSettings@@QAEXXZ, _beginGroup@QSettings@@QAEXABVQString@@@Z, _endGroup@QSettings@@QAEXXZ, _span@QAbstractItemModel@@UBE_AVQSize@@ABVQModelIndex@@@Z, _match@QAbstractItemModel@@UBE_AV_$QList@VQModelIndex@@@@ABVQModelIndex@@HABVQVariant@@HV_$QFlags@W4MatchFlag@Qt@@@@@Z, _buddy@QAbstractItemModel@@UBE_AVQModelIndex@@ABV2@@Z, _supportedDropActions@QAbstractItemModel@@UBE_AV_$QFlags@W4DropAction@Qt@@@@XZ, _dropMimeData@QAbstractTableModel@@UAE_NPBVQMimeData@@W4DropAction@Qt@@HHABVQModelIndex@@@Z, _mimeData@QAbstractItemModel@@UBEPAVQMimeData@@ABV_$QList@VQModelIndex@@@@@Z, _mimeTypes@QAbstractItemModel@@UBE_AVQStringList@@XZ, _setItemData@QAbstractItemModel@@UAE_NABVQModelIndex@@ABV_$QMap@HVQVariant@@@@@Z, _itemData@QAbstractItemModel@@UBE_AV_$QMap@HVQVariant@@@@ABVQModelIndex@@@Z, _hasChildren@QAbstractTableModel@@EBE_NABVQModelIndex@@@Z, _parent@QAbstractTableModel@@EBE_AVQModelIndex@@ABV2@@Z, _index@QAbstractTableModel@@UBE_AVQModelIndex@@HHABV2@@Z, _qUncompress@@YA_AVQByteArray@@PBEH@Z, __4QUrl@@QAEAAV0@ABVQString@@@Z, __0QUrl@@QAE@ABVQString@@@Z, __0QUrl@@QAE@ABV0@@Z, _arg@QString@@QBE_AV1@GHHABVQChar@@@Z, __9QVariant@@QBE_NABV0@@Z, _remove@QString@@QAEAAV1@ABVQRegExp@@@Z, _toUShort@QString@@QBEGPA_NH@Z, _row@QModelIndex@@QBEHXZ, _split@QString@@QBE_AVQStringList@@ABVQChar@@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z, _reset@QIODevice@@UAE_NXZ, _seek@QIODevice@@UAE_N_J@Z, _size@QIODevice@@UBE_JXZ, _pos@QIODevice@@UBE_JXZ, _open@QIODevice@@UAE_NV_$QFlags@W4OpenModeFlag@QIODevice@@@@@Z, _exec@QThread@@IAEHXZ, _exit@QThread@@QAEXH@Z, _isValid@QModelIndex@@QBE_NXZ, _arg@QString@@QBE_AV1@IHHABVQChar@@@Z, __0QRect@@QAE@XZ, _QStringList_join@QtPrivate@@YA_AVQString@@PBVQStringList@@ABV2@@Z, _rehash@QHashData@@QAEXH@Z, _start@QTimer@@QAEXXZ, _toHex@QByteArray@@QBE_AV1@XZ, _erase@QListData@@QAEPAPAXPAPAX@Z, _split@QString@@QBE_AVQStringList@@ABV1@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z, _isNull@QString@@QBE_NXZ, _host@QUrl@@QBE_AVQString@@XZ, _port@QUrl@@QBEHH@Z, _userName@QUrl@@QBE_AVQString@@XZ, _password@QUrl@@QBE_AVQString@@XZ, _path@QUrl@@QBE_AVQString@@XZ, _toString@QVariant@@QBE_AVQString@@XZ, __0QRect@@QAE@HHHH@Z, _width@QRect@@QBEHXZ, _height@QRect@@QBEHXZ, _x@QRect@@QBEHXZ, _y@QRect@@QBEHXZ, _qt_qFindChildren_helper@@YAXPBVQObject@@ABVQString@@PBVQRegExp@@ABUQMetaObject@@PAV_$QList@PAX@@@Z, __0QModelIndex@@QAE@XZ, __1QModelIndex@@QAE@XZ, _installEventFilter@QObject@@QAEXPAV1@@Z, _isNull@QByteArray@@QBE_NXZ, __0QSize@@QAE@XZ, _setInterval@QTimer@@QAEXH@Z, _setSingleShot@QTimer@@QAEX_N@Z, __1QEvent@@UAE@XZ, __0QEvent@@QAE@W4Type@0@@Z, _postEvent@QCoreApplication@@SAXPAVQObject@@PAVQEvent@@@Z, _accept@QEvent@@QAEXXZ, _quit@QCoreApplication@@SAXXZ, _type@QEvent@@QBE_AW4Type@1@XZ, _x@QPoint@@QBEHXZ, _y@QPoint@@QBEHXZ, _isActive@QTimer@@QBE_NXZ, _event@QSettings@@MAE_NPAVQEvent@@@Z, _qt_metacall@QSettings@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QSettings@@UAEPAXPBD@Z, _metaObject@QSettings@@UBEPBUQMetaObject@@XZ, _winEventFilter@QCoreApplication@@UAE_NPAUtagMSG@@PAJ@Z, __1QSettings@@UAE@XZ, __YQString@@QAEAAV0@ABV0@@Z, _qVersion@@YAPBDXZ, _fromLatin1@QChar@@SA_AV1@D@Z, _section@QString@@QBE_AV1@VQChar@@HHV_$QFlags@W4SectionFlag@QString@@@@@Z, _toInt@QString@@QBEHPA_NH@Z, _instance@QCoreApplication@@SAPAV1@XZ, _qAppName@@YA_AVQString@@XZ, _toLatin1@QString@@QBE_AVQByteArray@@XZ, _qFatal@@YAXPBDZZ, _setApplicationName@QCoreApplication@@SAXABVQString@@@Z, _setOrganizationName@QCoreApplication@@SAXABVQString@@@Z, _setOrganizationDomain@QCoreApplication@@SAXABVQString@@@Z, _arguments@QCoreApplication@@SA_AVQStringList@@XZ, _fromEncoded@QUrl@@SA_AV1@ABVQByteArray@@@Z, __8QString@@QBE_NABVQLatin1String@@@Z, __4QUrl@@QAEAAV0@ABV0@@Z, _applicationDirPath@QCoreApplication@@SA_AVQString@@XZ, _toNativeSeparators@QDir@@SA_AVQString@@ABV2@@Z, _fromWCharArray@QString@@SA_AV1@PBGH@Z, _toWCharArray@QString@@QBEHPAG@Z, _toEncoded@QUrl@@QBE_AVQByteArray@@V_$QFlags@W4FormattingOption@QUrl@@@@@Z, __BQByteArray@@QBEPBDXZ, _exists@QFile@@QBE_NXZ, _permissions@QFile@@QBE_AV_$QFlags@W4Permission@QFile@@@@XZ, __0QSettings@@QAE@PAVQObject@@@Z, _fileName@QFile@@QBE_AVQString@@XZ, __0QSettings@@QAE@ABVQString@@W4Format@0@PAVQObject@@@Z, __0QFileInfo@@QAE@ABVQString@@@Z, _path@QFileInfo@@QBE_AVQString@@XZ, _addSearchPath@QDir@@SAXABVQString@@0@Z, __1QFileInfo@@QAE@XZ, _system@QLocale@@SA_AV1@XZ, _name@QLocale@@QBE_AVQString@@XZ, __0QTranslator@@QAE@PAVQObject@@@Z, _load@QTranslator@@QAE_NABVQString@@000@Z, _installTranslator@QCoreApplication@@SAXPAVQTranslator@@@Z, _location@QLibraryInfo@@SA_AVQString@@W4LibraryLocation@1@@Z, _moveToThread@QObject@@QAEXPAVQThread@@@Z, _processEvents@QCoreApplication@@SAXV_$QFlags@W4ProcessEventsFlag@QEventLoop@@@@@Z, _start@QThread@@QAEXW4Priority@1@@Z, __1QTranslator@@UAE@XZ, __0QReadWriteLock@@QAE@XZ, _at@QByteArray@@QBE_BDH@Z, _lockForRead@QReadWriteLock@@QAEXXZ, __0QFile@@QAE@ABVQString@@@Z, _open@QFile@@UAE_NV_$QFlags@W4OpenModeFlag@QIODevice@@@@@Z, _close@QFile@@UAEXXZ, _toUtf8@QString@@QBE_AVQByteArray@@XZ, _startsWith@QByteArray@@QBE_NABV1@@Z, _toLocal8Bit@QString@@QBE_AVQByteArray@@XZ, __0QByteArray@@QAE@PBDH@Z, __1QFile@@UAE@XZ, _isRunning@QThread@@QBE_NXZ, _lockForWrite@QReadWriteLock@@QAEXXZ, _unlock@QReadWriteLock@@QAEXXZ, __0QDataStream@@QAE@ABVQByteArray@@@Z, __5QDataStream@@QAEAAV0@AAM@Z, __0QWriteLocker@@QAE@PAVQReadWriteLock@@@Z, __1QWriteLocker@@QAE@XZ, __1QReadWriteLock@@QAE@XZ, __0QByteArray@@QAE@ABV0@@Z, _constData@QByteArray@@QBEPBDXZ, _length@QByteArray@@QBEHXZ, __0QByteArray@@QAE@HD@Z, __AQByteArray@@QAE_AVQByteRef@@H@Z, __4QByteRef@@QAEAAV0@D@Z, __4QByteArray@@QAEAAV0@ABV0@@Z, __0QMutexLocker@@QAE@PAVQMutex@@@Z, _qWarning@@YAXPBDZZ, __1QMutexLocker@@QAE@XZ, __0QByteArray@@QAE@XZ, __0QDataStream@@QAE@PAVQByteArray@@V_$QFlags@W4OpenModeFlag@QIODevice@@@@@Z, __6QDataStream@@QAEAAV0@M@Z, _size@QByteArray@@QBEHXZ, _data@QByteArray@@QAEPADXZ, __1QDataStream@@UAE@XZ, __0QThread@@QAE@PAVQObject@@@Z, __0QMutex@@QAE@W4RecursionMode@0@@Z, _node_delete@QMapData@@QAEXQAPAUNode@1@HPAU21@@Z, _wait@QThread@@QAE_NK@Z, __1QMutex@@QAE@XZ, __1QThread@@UAE@XZ, _sprintf@QString@@QAAAAV1@PBDZZ, __0QPointF@@QAE@NN@Z, __6_$QVector@VQPointF@@@@QAEAAV0@ABVQPointF@@@Z, _clear@_$QVector@VQPointF@@@@QAEXXZ, _lock@QMutex@@QAEXXZ, _unlock@QMutex@@QAEXXZ, _timerEvent@QTimer@@MAEXPAVQTimerEvent@@@Z, _qt_metacall@QTimer@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QTimer@@UAEPAXPBD@Z, _metaObject@QTimer@@UBEPBUQMetaObject@@XZ, __0QTimer@@QAE@PAVQObject@@@Z, __0QSize@@QAE@HH@Z, _number@QString@@SA_AV1@HH@Z, _arg@QString@@QBE_AV1@NHDHABVQChar@@@Z, __1QTimer@@UAE@XZ, _stop@QTimer@@QAEXXZ, _start@QTimer@@QAEXH@Z, __0QUrl@@QAE@XZ, _readAll@QIODevice@@QAE_AVQByteArray@@XZ, __0QVariant@@QAE@ABVQByteArray@@@Z, _deleteLater@QObject@@QAEXXZ, __0QObject@@QAE@PAV0@@Z, __MQString@@QBE_NABV0@@Z, __4QVariant@@QAEAAV0@ABV0@@Z, _shared_null@QMapData@@2U1@A, _currentTime@QTime@@SA_AV1@XZ, _contains@QString@@QBE_AVQBool@@ABVQRegExp@@@Z, _toString@QTime@@QBE_AVQString@@W4DateFormat@Qt@@@Z, __0QVariant@@QAE@I@Z, __0QVariant@@QAE@ABVQString@@@Z, __0QVariant@@QAE@ABVQStringList@@@Z, __0QVariant@@QAE@ABV_$QMap@VQString@@VQVariant@@@@@Z, __0QVariant@@QAE@H@Z, _toUInt@QVariant@@QBEIPA_N@Z, _length@QString@@QBEHXZ, __1QByteArray@@QAE@XZ, __0QVariant@@QAE@ABVQLatin1String@@@Z, _isValid@QUrl@@QBE_NXZ, _isRelative@QUrl@@QBE_NXZ, __0QVariant@@QAE@ABV0@@Z, _scheme@QUrl@@QBE_AVQString@@XZ, __9QString@@QBE_NABVQLatin1String@@@Z, _qWarning@@YA_AVQDebug@@XZ, __6QDebug@@QAEAAV0@PBD@Z, _toString@QUrl@@QBE_AVQString@@V_$QFlags@W4FormattingOption@QUrl@@@@@Z, __6QDebug@@QAEAAV0@ABVQString@@@Z, __1QDebug@@QAE@XZ, __1QUrl@@QAE@XZ, __1QObject@@UAE@XZ, _continueFreeData@QMapData@@QAEXH@Z, _node_create@QMapData@@QAEPAUNode@1@QAPAU21@H@Z, _createData@QMapData@@SAPAU1@XZ, _toInt@QVariant@@QBEHPA_N@Z, _tr@QMetaObject@@QBE_AVQString@@PBD0@Z, __4QString@@QAEAAV0@ABVQLatin1String@@@Z, __BQFlag@@QBEHXZ, _sender@QObject@@IBEPAV1@XZ, __0QFlag@@QAE@H@Z, _qHash@@YAIABVQString@@@Z, _previousNode@QHashData@@SAPAUNode@1@PAU21@@Z, _QStringList_sort@QtPrivate@@YAXPAVQStringList@@@Z, _allocateNode@QHashData@@QAEPAXXZ, _willGrow@QHashData@@QAE_NXZ, _hasShrunk@QHashData@@QAEXXZ, _firstNode@QHashData@@QAEPAUNode@1@XZ, _nextNode@QHashData@@SAPAUNode@1@PAU21@@Z, _toLower@QString@@QBE_AV1@XZ, __8QString@@QBE_NABV0@@Z, _shared_null@QHashData@@2U1@A, _detach_helper@QHashData@@QAEPAU1@P6AXPAUNode@1@PAX@ZH@Z, __4QString@@QAEAAV0@ABV0@@Z, __0QString@@QAE@ABV0@@Z, _cast@QMetaObject@@QBEPAVQObject@@PAV2@@Z, __0QString@@QAE@XZ, __0QVariant@@QAE@XZ, __1QVariant@@QAE@XZ, _freeNode@QHashData@@QAEXPAX@Z, _destroyAndFree@QHashData@@QAEXXZ, _childEvent@QObject@@MAEXPAVQChildEvent@@@Z, _disconnectNotify@QObject@@MAEXPBD@Z, _connectNotify@QObject@@MAEXPBD@Z, _customEvent@QObject@@MAEXPAVQEvent@@@Z, _timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z, _eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z, _event@QObject@@UAE_NPAVQEvent@@@Z, _translate@QCoreApplication@@SA_AVQString@@PBD00W4Encoding@1@@Z, _objectName@QObject@@QBE_AVQString@@XZ, _isEmpty@QString@@QBE_NXZ, _fromUtf8@QString@@SA_AV1@PBDH@Z, _setObjectName@QObject@@QAEXABVQString@@@Z, _connect@QObject@@SA_NPBV1@PBD01W4ConnectionType@Qt@@@Z, _connectSlotsByName@QMetaObject@@SAXPAVQObject@@@Z, __0QLatin1String@@QAE@PBD@Z, __0QString@@QAE@ABVQLatin1String@@@Z, __0QRegExp@@QAE@ABVQString@@W4CaseSensitivity@Qt@@W4PatternSyntax@0@@Z, __1QRegExp@@QAE@XZ, _append@QListData@@QAEPAPAXXZ, _isEmpty@QListData@@QBE_NXZ, _fromLatin1@QString@@SA_AV1@PBDH@Z, __0QChar@@QAE@UQLatin1Char@@@Z, _arg@QString@@QBE_AV1@ABV1@HABVQChar@@@Z, _arg@QString@@QBE_AV1@HHHABVQChar@@@Z, __1QString@@QAE@XZ, __9QBasicAtomicInt@@QBE_NH@Z, _size@QListData@@QBEHXZ, _at@QListData@@QBEPAPAXH@Z, _remove@QListData@@QAEXH@Z, _begin@QListData@@QBEPAPAXXZ, _detach2@QListData@@QAEPAUData@1@XZ, _end@QListData@@QBEPAPAXXZ, _shared_null@QListData@@2UData@1@A, _ref@QBasicAtomicInt@@QAE_NXZ, __8QBasicAtomicInt@@QBE_NH@Z, _qFree@@YAXPAX@Z, _deref@QBasicAtomicInt@@QAE_NXZ, _entryList@QDir@@QBE_AVQStringList@@V_$QFlags@W4Filter@QDir@@@@V_$QFlags@W4SortFlag@QDir@@@@@Z, _top@QRectF@@QBENXZ, _height@QRectF@@QBENXZ, __0QRectF@@QAE@XZ, _left@QString@@QBE_AV1@H@Z, _width@QRectF@@QBENXZ, _metaObject@QLibrary@@UBEPBUQMetaObject@@XZ, _qt_metacast@QLibrary@@UAEPAXPBD@Z, _qt_metacall@QLibrary@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _y@QPointF@@QBENXZ, _x@QPointF@@QBENXZ, __0QRectF@@QAE@NNNN@Z, __1QDateTime@@QAE@XZ, _toString@QDateTime@@QBE_AVQString@@W4DateFormat@Qt@@@Z, _replace@QString@@QAEAAV1@HHABV1@@Z, _matchedLength@QRegExp@@QBEHXZ, _capturedTexts@QRegExp@@QAE_AVQStringList@@XZ, _indexIn@QRegExp@@QBEHABVQString@@HW4CaretMode@1@@Z, _replace@QString@@QAEAAV1@ABVQRegExp@@ABV1@@Z, _setPattern@QRegExp@@QAEXABVQString@@@Z, _setCaseSensitivity@QRegExp@@QAEXW4CaseSensitivity@Qt@@@Z, _setPatternSyntax@QRegExp@@QAEXW4PatternSyntax@1@@Z, _setMinimal@QRegExp@@QAEX_N@Z, __0QRegExp@@QAE@XZ, _removeEventFilter@QObject@@QAEXPAV1@@Z, _disconnect@QObject@@SA_NPBV1@PBD01@Z, _type@QVariant@@QBE_AW4Type@1@XZ, __0QByteArray@@QAE@PBD@Z, _name@QMetaProperty@@QBEPBDXZ, _userProperty@QMetaObject@@QBE_AVQMetaProperty@@XZ, _setNum@QString@@QAEAAV1@GH@Z, __1QBuffer@@UAE@XZ, _setParent@QObject@@QAEXPAV1@@Z, _setData@QBuffer@@QAEXABVQByteArray@@@Z, __0QBuffer@@QAE@PAVQObject@@@Z, _singleShot@QTimer@@SAXHPAVQObject@@PBD@Z, _metaObject@QBuffer@@UBEPBUQMetaObject@@XZ, _qt_metacast@QBuffer@@UAEPAXPBD@Z, _qt_metacall@QBuffer@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _connectNotify@QBuffer@@MAEXPBD@Z, _disconnectNotify@QBuffer@@MAEXPBD@Z, _isSequential@QIODevice@@UBE_NXZ, _open@QBuffer@@UAE_NV_$QFlags@W4OpenModeFlag@QIODevice@@@@@Z, _close@QBuffer@@UAEXXZ, _pos@QBuffer@@UBE_JXZ, _size@QBuffer@@UBE_JXZ, _seek@QBuffer@@UAE_N_J@Z, _atEnd@QBuffer@@UBE_NXZ, _bytesAvailable@QIODevice@@UBE_JXZ, _bytesToWrite@QIODevice@@UBE_JXZ, _canReadLine@QBuffer@@UBE_NXZ, _waitForReadyRead@QIODevice@@UAE_NH@Z, _waitForBytesWritten@QIODevice@@UAE_NH@Z, _readData@QBuffer@@MAE_JPAD_J@Z, _readLineData@QIODevice@@MAE_JPAD_J@Z, _writeData@QBuffer@@MAE_JPBD_J@Z, _prepend@QListData@@QAEPAPAXXZ, __1QReadLocker@@QAE@XZ, __0QReadLocker@@QAE@PAVQReadWriteLock@@@Z, _write@QIODevice@@QAE_JPBD_J@Z, _read@QIODevice@@QAE_AVQByteArray@@_J@Z, _read@QIODevice@@QAE_JPAD_J@Z, _errorString@QIODevice@@QBE_AVQString@@XZ, __OQString@@QBE_NABV0@@Z, _fromAscii@QString@@SA_AV1@PBDH@Z, _hash@QCryptographicHash@@SA_AVQByteArray@@ABV2@W4Algorithm@1@@Z, _toAscii@QString@@QBE_AVQByteArray@@XZ, _quit@QThread@@QAEXXZ, _setPriority@QThread@@QAEXW4Priority@1@@Z, _msleep@QThread@@KAXK@Z, __8QUuid@@QBE_NABU_GUID@@@Z, __BQUuid@@QBE_AU_GUID@@XZ, _toString@QUuid@@QBE_AVQString@@XZ, _isNull@QUuid@@QBE_NXZ, __0QUuid@@QAE@ABVQString@@@Z, __BQUuid@@QBE_AVQString@@XZ, __0QUuid@@QAE@ABU_GUID@@@Z, _fromUtf16@QString@@SA_AV1@PBGH@Z, _utf16@QString@@QBEPBGXZ, _toString@QDateTime@@QBE_AVQString@@ABV2@@Z, _currentDateTime@QDateTime@@SA_AV1@XZ, _qInstallMsgHandler@@YAP6AXW4QtMsgType@@PBD@ZP6AX01@Z@Z, __1QWaitCondition@@QAE@XZ, _wakeAll@QWaitCondition@@QAEXXZ, _wait@QWaitCondition@@QAE_NPAVQMutex@@K@Z, __0QWaitCondition@@QAE@XZ, _arg@QString@@QBE_AV1@JHHABVQChar@@@Z, _trimmed@QString@@QBE_AV1@XZ, _QStringList_contains@QtPrivate@@YA_AVQBool@@PBVQStringList@@ABVQString@@W4CaseSensitivity@Qt@@@Z, _setPath@QUrl@@QAEXABVQString@@@Z, _setUserName@QUrl@@QAEXABVQString@@@Z, _setPort@QUrl@@QAEXH@Z, _setHost@QUrl@@QAEXABVQString@@@Z, _setScheme@QUrl@@QAEXABVQString@@@Z, _toByteArray@QVariant@@QBE_AVQByteArray@@XZ, _waitForStarted@QProcess@@QAE_NH@Z, _start@QProcess@@QAEXABVQString@@ABVQStringList@@V_$QFlags@W4OpenModeFlag@QIODevice@@@@@Z, _waitForFinished@QProcess@@QAE_NH@Z, _kill@QProcess@@QAEXXZ, __1QProcess@@UAE@XZ, _exitCode@QProcess@@QBEHXZ, _setWorkingDirectory@QProcess@@QAEXABVQString@@@Z, __0QProcess@@QAE@PAVQObject@@@Z, _metaObject@QProcess@@UBEPBUQMetaObject@@XZ, _qt_metacast@QProcess@@UAEPAXPBD@Z, _qt_metacall@QProcess@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _isSequential@QProcess@@UBE_NXZ, _close@QProcess@@UAEXXZ, _atEnd@QProcess@@UBE_NXZ, _bytesAvailable@QProcess@@UBE_JXZ, _bytesToWrite@QProcess@@UBE_JXZ, _canReadLine@QProcess@@UBE_NXZ, _waitForReadyRead@QProcess@@UAE_NH@Z, _waitForBytesWritten@QProcess@@UAE_NH@Z, _readData@QProcess@@MAE_JPAD_J@Z, _writeData@QProcess@@MAE_JPBD_J@Z, _setupChildProcess@QProcess@@MAEXXZ, _staticMetaObject@QObject@@2UQMetaObject@@B, _qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QObject@@UAEPAXPBD@Z, _fileName@QLibrary@@QBE_AVQString@@XZ<br>> qtdbus4.dll: _call@QDBusAbstractInterface@@QAE_AVQDBusMessage@@ABVQString@@ABVQVariant@@1111111@Z, _type@QDBusMessage@@QBE_AW4MessageType@1@XZ, __1QDBusInterface@@UAE@XZ, __1QDBusMessage@@QAE@XZ, __4QDBusMessage@@QAEAAV0@ABV0@@Z, _callWithArgumentList@QDBusAbstractInterface@@QAE_AVQDBusMessage@@W4CallMode@QDBus@@ABVQString@@ABV_$QList@VQVariant@@@@@Z, _isValid@QDBusAbstractInterface@@QBE_NXZ, __1QDBusConnection@@QAE@XZ, __0QDBusInterface@@QAE@ABVQString@@00ABVQDBusConnection@@PAVQObject@@@Z, _sessionBus@QDBusConnection@@SA_AV1@XZ, __0QDBusMessage@@QAE@XZ, _registerService@QDBusConnection@@QAE_NABVQString@@@Z, _registerObject@QDBusConnection@@QAE_NABVQString@@PAVQObject@@V_$QFlags@W4RegisterOption@QDBusConnection@@@@@Z, __1QDBusAbstractAdaptor@@UAE@XZ, _createErrorReply@QDBusMessage@@QBE_AV1@VQString@@ABV2@@Z, _send@QDBusConnection@@QBE_NABVQDBusMessage@@@Z, _createReply@QDBusMessage@@QBE_AV1@ABVQVariant@@@Z, __0QDBusAbstractAdaptor@@IAE@PAVQObject@@@Z, _staticMetaObject@QDBusAbstractAdaptor@@2UQMetaObject@@B, _qt_metacall@QDBusAbstractAdaptor@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QDBusAbstractAdaptor@@UAEPAXPBD@Z, _arguments@QDBusMessage@@QBE_AV_$QList@VQVariant@@@@XZ<br>> qtgui4.dll: _mouseReleaseEvent@QTreeView@@MAEXPAVQMouseEvent@@@Z, _mouseDoubleClickEvent@QTreeView@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QTreeView@@MAEXPAVQMouseEvent@@@Z, _keyPressEvent@QTreeView@@MAEXPAVQKeyEvent@@@Z, _paintEvent@QTreeView@@MAEXPAVQPaintEvent@@@Z, _resizeEvent@QAbstractItemView@@MAEXPAVQResizeEvent@@@Z, _dragMoveEvent@QTreeView@@MAEXPAVQDragMoveEvent@@@Z, _dragLeaveEvent@QAbstractItemView@@MAEXPAVQDragLeaveEvent@@@Z, _dropEvent@QTreeWidget@@MAEXPAVQDropEvent@@@Z, _viewportEvent@QTreeView@@MAE_NPAVQEvent@@@Z, _scrollContentsBy@QTreeView@@MAEXHH@Z, _setModel@QTreeWidget@@EAEXPAVQAbstractItemModel@@@Z, _setSelectionModel@QTreeWidget@@UAEXPAVQItemSelectionModel@@@Z, _keyboardSearch@QTreeView@@UAEXABVQString@@@Z, _visualRect@QTreeView@@UBE_AVQRect@@ABVQModelIndex@@@Z, _scrollTo@QTreeView@@UAEXABVQModelIndex@@W4ScrollHint@QAbstractItemView@@@Z, _indexAt@QTreeView@@UBE_AVQModelIndex@@ABVQPoint@@@Z, _sizeHintForColumn@QTreeView@@MBEHH@Z, _reset@QTreeView@@UAEXXZ, _setRootIndex@QTreeView@@UAEXABVQModelIndex@@@Z, _doItemsLayout@QTreeView@@UAEXXZ, _selectAll@QTreeView@@UAEXXZ, _dataChanged@QTreeView@@UAEXABVQModelIndex@@0@Z, _rowsInserted@QTreeView@@MAEXABVQModelIndex@@HH@Z, _rowsAboutToBeRemoved@QTreeView@@MAEXABVQModelIndex@@HH@Z, _selectionChanged@QTreeView@@MAEXABVQItemSelection@@0@Z, _currentChanged@QTreeView@@MAEXABVQModelIndex@@0@Z, _updateGeometries@QTreeView@@MAEXXZ, _horizontalScrollbarAction@QTreeView@@MAEXH@Z, _moveCursor@QTreeView@@MAE_AVQModelIndex@@W4CursorAction@QAbstractItemView@@V_$QFlags@W4KeyboardModifier@Qt@@@@@Z, _horizontalOffset@QTreeView@@MBEHXZ, _verticalOffset@QTreeView@@MBEHXZ, _isIndexHidden@QTreeView@@MBE_NABVQModelIndex@@@Z, _setSelection@QTreeView@@MAEXABVQRect@@V_$QFlags@W4SelectionFlag@QItemSelectionModel@@@@@Z, _visualRegionForSelection@QTreeView@@MBE_AVQRegion@@ABVQItemSelection@@@Z, _selectedIndexes@QTreeView@@MBE_AV_$QList@VQModelIndex@@@@XZ, _startDrag@QAbstractItemView@@MAEXV_$QFlags@W4DropAction@Qt@@@@@Z, _viewOptions@QAbstractItemView@@MBE_AVQStyleOptionViewItem@@XZ, _drawRow@QTreeView@@MBEXPAVQPainter@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _drawBranches@QTreeView@@MBEXPAVQPainter@@ABVQRect@@ABVQModelIndex@@@Z, _mimeTypes@QTreeWidget@@MBE_AVQStringList@@XZ, _mimeData@QTreeWidget@@MBEPAVQMimeData@@V_$QList@PAVQTreeWidgetItem@@@@@Z, _dropMimeData@QTreeWidget@@MAE_NPAVQTreeWidgetItem@@HPBVQMimeData@@W4DropAction@Qt@@@Z, _supportedDropActions@QTreeWidget@@MBE_AV_$QFlags@W4DropAction@Qt@@@@XZ, _metaObject@QSlider@@UBEPBUQMetaObject@@XZ, _qt_metacast@QSlider@@UAEPAXPBD@Z, _qt_metacall@QSlider@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QSlider@@UAE_NPAVQEvent@@@Z, _timerEvent@QAbstractSlider@@MAEXPAVQTimerEvent@@@Z, _sizeHint@QSlider@@UBE_AVQSize@@XZ, _minimumSizeHint@QSlider@@UBE_AVQSize@@XZ, _mousePressEvent@QSlider@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QSlider@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QSlider@@MAEXPAVQMouseEvent@@@Z, _wheelEvent@QAbstractSlider@@MAEXPAVQWheelEvent@@@Z, _keyPressEvent@QAbstractSlider@@MAEXPAVQKeyEvent@@@Z, _paintEvent@QSlider@@MAEXPAVQPaintEvent@@@Z, _changeEvent@QAbstractSlider@@MAEXPAVQEvent@@@Z, _sliderChange@QAbstractSlider@@MAEXW4SliderChange@1@@Z, _clear@QTextDocument@@UAEXXZ, _createObject@QTextDocument@@MAEPAVQTextObject@@ABVQTextFormat@@@Z, _clone@QTreeWidgetItem@@UBEPAV1@XZ, _data@QTreeWidgetItem@@UBE_AVQVariant@@HH@Z, _setData@QTreeWidgetItem@@UAEXHHABVQVariant@@@Z, __MQTreeWidgetItem@@UBE_NABV0@@Z, _read@QTreeWidgetItem@@UAEXAAVQDataStream@@@Z, _write@QTreeWidgetItem@@UBEXAAVQDataStream@@@Z, __1QStackedWidget@@UAE@XZ, __1QRadioButton@@UAE@XZ, _itemData@QComboBox@@QBE_AVQVariant@@HH@Z, _setItemData@QComboBox@@QAEXHABVQVariant@@H@Z, _setCurrentWidget@QStackedWidget@@QAEXPAVQWidget@@@Z, __1QPalette@@QAE@XZ, _setPalette@QWidget@@QAEXABVQPalette@@@Z, _setColor@QPalette@@QAEXW4ColorRole@1@ABVQColor@@@Z, __0QColor@@QAE@W4GlobalColor@Qt@@@Z, _foregroundRole@QWidget@@QBE_AW4ColorRole@QPalette@@XZ, __0QPalette@@QAE@XZ, _setValue@QAbstractSlider@@QAEXH@Z, _setTextElideMode@QAbstractItemView@@QAEXW4TextElideMode@Qt@@@Z, _view@QComboBox@@QBEPAVQAbstractItemView@@XZ, _count@QComboBox@@QBEHXZ, _setMinimumSize@QWidget@@QAEXABVQSize@@@Z, _setMinimum@QAbstractSlider@@QAEXH@Z, _setMinimumContentsLength@QComboBox@@QAEXH@Z, _setSizeAdjustPolicy@QComboBox@@QAEXW4SizeAdjustPolicy@1@@Z, _setSizePolicy@QWidget@@QAEXVQSizePolicy@@@Z, _setHeightForWidth@QSizePolicy@@QAEX_N@Z, _hasHeightForWidth@QSizePolicy@@QBE_NXZ, _sizePolicy@QWidget@@QBE_AVQSizePolicy@@XZ, _setVerticalStretch@QSizePolicy@@QAEXE@Z, _setHorizontalStretch@QSizePolicy@@QAEXE@Z, __0QSizePolicy@@QAE@W4Policy@0@0@Z, _setStatusTip@QWidget@@QAEXABVQString@@@Z, __4QColor@@QAEAAV0@W4GlobalColor@Qt@@@Z, _setCurrentIndex@QStackedWidget@@QAEXH@Z, _setTabOrder@QWidget@@SAXPAV1@0@Z, _setAlignment@QLabel@@QAEXV_$QFlags@W4AlignmentFlag@Qt@@@@@Z, _setFont@QWidget@@QAEXABVQFont@@@Z, __0QFont@@QAE@XZ, _setMaximumSize@QWidget@@QAEXABVQSize@@@Z, _addLayout@QGridLayout@@QAEXPAVQLayout@@HHHHV_$QFlags@W4AlignmentFlag@Qt@@@@@Z, __0QRadioButton@@QAE@PAVQWidget@@@Z, _addWidget@QStackedWidget@@QAEHPAVQWidget@@@Z, __0QStackedWidget@@QAE@PAVQWidget@@@Z, _update@QWidget@@QAEXXZ, _metaObject@QStackedWidget@@UBEPBUQMetaObject@@XZ, _qt_metacast@QStackedWidget@@UAEPAXPBD@Z, _qt_metacall@QStackedWidget@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QStackedWidget@@MAE_NPAVQEvent@@@Z, _sizeHint@QFrame@@UBE_AVQSize@@XZ, _paintEvent@QFrame@@MAEXPAVQPaintEvent@@@Z, _metaObject@QRadioButton@@UBEPBUQMetaObject@@XZ, _qt_metacast@QRadioButton@@UAEPAXPBD@Z, _qt_metacall@QRadioButton@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QRadioButton@@MAE_NPAVQEvent@@@Z, _sizeHint@QRadioButton@@UBE_AVQSize@@XZ, _mouseMoveEvent@QRadioButton@@MAEXPAVQMouseEvent@@@Z, _paintEvent@QRadioButton@@MAEXPAVQPaintEvent@@@Z, _hitButton@QRadioButton@@MBE_NABVQPoint@@@Z, __1QPainter@@QAE@XZ, _drawLine@QPainter@@QAEXHHHH@Z, _setPen@QPainter@@QAEXABVQColor@@@Z, _lighter@QColor@@QBE_AV1@H@Z, _darker@QColor@@QBE_AV1@H@Z, _fillRect@QPainter@@QAEXHHHHABVQColor@@@Z, _height@QWidget@@QBEHXZ, _width@QWidget@@QBEHXZ, _setAlphaF@QColor@@QAEXN@Z, _isEnabled@QWidget@@QBE_NXZ, __0QPainter@@QAE@PAVQPaintDevice@@@Z, __1QPolygonF@@QAE@XZ, _drawPolyline@QPainter@@QAEXABVQPolygonF@@@Z, _drawPolygon@QPainter@@QAEXABVQPolygonF@@W4FillRule@Qt@@@Z, __1QBrush@@QAE@XZ, _setBrush@QPainter@@QAEXABVQBrush@@@Z, __0QBrush@@QAE@W4GlobalColor@Qt@@W4BrushStyle@2@@Z, __0QPolygonF@@QAE@XZ, _fillRect@QPainter@@QAEXABVQRect@@ABVQColor@@@Z, _color@QPalette@@QBEABVQColor@@W4ColorRole@1@@Z, _rect@QWidget@@QBE_AVQRect@@XZ, _setAttribute@QWidget@@QAEXW4WidgetAttribute@Qt@@_N@Z, _setMinimumSize@QWidget@@QAEXHH@Z, __0QColor@@QAE@XZ, _setBold@QFont@@QAEX_N@Z, __0QFont@@QAE@ABV0@@Z, _font@QWidget@@QBEABVQFont@@XZ, _exec@QApplication@@SAHXZ, _exec@QDialog@@QAEHXZ, _question@QMessageBox@@SA_AW4StandardButton@1@PAVQWidget@@ABVQString@@1V_$QFlags@W4StandardButton@QMessageBox@@@@W421@@Z, _show@QWidget@@QAEXXZ, _setStyleSheet@QApplication@@QAEXABVQString@@@Z, _setStyle@QApplication@@SAPAVQStyle@@ABVQString@@@Z, __1QApplication@@UAE@XZ, _setQuitOnLastWindowClosed@QApplication@@SAX_N@Z, _critical@QMessageBox@@SAHPAVQWidget@@ABVQString@@1HHH@Z, _tr@QApplication@@SA_AVQString@@PBD0@Z, __0QApplication@@QAE@AAHPAPADH@Z, _metaObject@QApplication@@UBEPBUQMetaObject@@XZ, _qt_metacast@QApplication@@UAEPAXPBD@Z, _qt_metacall@QApplication@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QApplication@@MAE_NPAVQEvent@@@Z, _notify@QApplication@@UAE_NPAVQObject@@PAVQEvent@@@Z, _compressEvent@QApplication@@MAE_NPAVQEvent@@PAVQObject@@PAVQPostEventList@@@Z, _commitData@QApplication@@UAEXAAVQSessionManager@@@Z, _saveState@QApplication@@UAEXAAVQSessionManager@@@Z, __1QAction@@UAE@XZ, __1QTreeView@@UAE@XZ, __1QMenuBar@@UAE@XZ, __1QMenu@@UAE@XZ, __1QDockWidget@@UAE@XZ, __1QTextBrowser@@UAE@XZ, _mapFromGlobal@QWidget@@QBE_AVQPoint@@ABV2@@Z, _pos@QCursor@@SA_AVQPoint@@XZ, _parentWidget@QWidget@@QBEPAV1@XZ, _staticMetaObject@QDockWidget@@2UQMetaObject@@B, _setTitleBarWidget@QDockWidget@@QAEXPAVQWidget@@@Z, __1QMainWindow@@UAE@XZ, __1QIcon@@QAE@XZ, _titleBarWidget@QDockWidget@@QBEPAVQWidget@@XZ, _hide@QWidget@@QAEXXZ, _saveState@QHeaderView@@QBE_AVQByteArray@@XZ, _saveGeometry@QWidget@@QBE_AVQByteArray@@XZ, _saveState@QMainWindow@@QBE_AVQByteArray@@H@Z, __1QMessageBox@@UAE@XZ, _clickedButton@QMessageBox@@QBEPAVQAbstractButton@@XZ, _setEscapeButton@QMessageBox@@QAEXPAVQAbstractButton@@@Z, _setDefaultButton@QMessageBox@@QAEXPAVQPushButton@@@Z, _addButton@QMessageBox@@QAEPAVQPushButton@@ABVQString@@W4ButtonRole@1@@Z, __0QMessageBox@@QAE@W4Icon@0@ABVQString@@1V_$QFlags@W4StandardButton@QMessageBox@@@@PAVQWidget@@V_$QFlags@W4WindowType@Qt@@@@@Z, __1QSystemTrayIcon@@UAE@XZ, _setShortcutContext@QAction@@QAEXW4ShortcutContext@Qt@@@Z, _setWindowIcon@QApplication@@SAXABVQIcon@@@Z, _addFile@QIcon@@QAEXABVQString@@ABVQSize@@W4Mode@1@W4State@1@@Z, __0QIcon@@QAE@XZ, __0QMainWindow@@QAE@PAVQWidget@@V_$QFlags@W4WindowType@Qt@@@@@Z, _setContextMenu@QSystemTrayIcon@@QAEXPAVQMenu@@@Z, _addSeparator@QMenu@@QAEPAVQAction@@XZ, _addAction@QWidget@@QAEXPAVQAction@@@Z, __0QMenu@@QAE@PAVQWidget@@@Z, _restoreState@QHeaderView@@QAE_NABVQByteArray@@@Z, _restoreState@QMainWindow@@QAE_NABVQByteArray@@H@Z, _restoreGeometry@QWidget@@QAE_NABVQByteArray@@@Z, _setMouseTracking@QWidget@@QAEX_N@Z, _setChecked@QAction@@QAEX_N@Z, _setShortcuts@QAction@@QAEXW4StandardKey@QKeySequence@@@Z, _setRowHidden@QTreeView@@QAEXHABVQModelIndex@@_N@Z, _setItemDelegate@QAbstractItemView@@QAEXPAVQAbstractItemDelegate@@@Z, _setDefaultStyleSheet@QTextDocument@@QAEXABVQString@@@Z, _styleSheet@QApplication@@QBE_AVQString@@XZ, _setCentralWidget@QMainWindow@@QAEXPAVQWidget@@@Z, _staticMetaObject@QWidget@@2UQMetaObject@@B, _activateWindow@QWidget@@QAEXXZ, _move@QWidget@@QAEXHH@Z, _geometry@QWidget@@QBEABVQRect@@XZ, _menuBar@QMainWindow@@QBEPAVQMenuBar@@XZ, _setWindowFlags@QWidget@@QAEXV_$QFlags@W4WindowType@Qt@@@@@Z, _frameGeometry@QWidget@@QBE_AVQRect@@XZ, _setIcon@QSystemTrayIcon@@QAEXABVQIcon@@@Z, _menuAction@QMenu@@QBEPAVQAction@@XZ, _addDockWidget@QMainWindow@@QAEXW4DockWidgetArea@Qt@@PAVQDockWidget@@@Z, _setWidget@QDockWidget@@QAEXPAVQWidget@@@Z, _setOpenLinks@QTextBrowser@@QAEX_N@Z, __0QTextBrowser@@QAE@PAVQWidget@@@Z, _setFeatures@QDockWidget@@QAEXV_$QFlags@W4DockWidgetFeature@QDockWidget@@@@@Z, __0QDockWidget@@QAE@PAVQWidget@@V_$QFlags@W4WindowType@Qt@@@@@Z, _setMenuBar@QMainWindow@@QAEXPAVQMenuBar@@@Z, _setGeometry@QWidget@@QAEXABVQRect@@@Z, __0QMenuBar@@QAE@PAVQWidget@@@Z, _setIndentation@QTreeView@@QAEXH@Z, _setDragEnabled@QAbstractItemView@@QAEX_N@Z, _setAcceptDrops@QWidget@@QAEX_N@Z, _setContextMenuPolicy@QWidget@@QAEXW4ContextMenuPolicy@Qt@@@Z, __0QTreeView@@QAE@PAVQWidget@@@Z, _setMenuRole@QAction@@QAEXW4MenuRole@1@@Z, _setCheckable@QAction@@QAEX_N@Z, _setEnabled@QAction@@QAEX_N@Z, __0QAction@@QAE@PAVQObject@@@Z, _setTitle@QMenu@@QAEXABVQString@@@Z, __1QKeySequence@@QAE@XZ, _setShortcut@QAction@@QAEXABVQKeySequence@@@Z, __0QKeySequence@@QAE@ABVQString@@@Z, _setWhatsThis@QAction@@QAEXABVQString@@@Z, _setToolTip@QAction@@QAEXABVQString@@@Z, _setText@QAction@@QAEXABVQString@@@Z, _show@QSystemTrayIcon@@QAEXXZ, _setToolTip@QSystemTrayIcon@@QAEXABVQString@@@Z, __0QSystemTrayIcon@@QAE@ABVQIcon@@PAVQObject@@@Z, _staticMetaObject@QAction@@2UQMetaObject@@B, _windowFlags@QWidget@@QBE_AV_$QFlags@W4WindowType@Qt@@@@XZ, _removeAction@QWidget@@QAEXPAVQAction@@@Z, _actions@QWidget@@QBE_AV_$QList@PAVQAction@@@@XZ, _addMenu@QMenu@@QAEPAVQAction@@PAV1@@Z, _clear@QMenu@@QAEXXZ, _currentIndex@QAbstractItemView@@QBE_AVQModelIndex@@XZ, _data@QAction@@QBE_AVQVariant@@XZ, _getText@QInputDialog@@SA_AVQString@@PAVQWidget@@ABV2@1W4EchoMode@QLineEdit@@1PA_NV_$QFlags@W4WindowType@Qt@@@@@Z, _setEscapeButton@QMessageBox@@QAEXW4StandardButton@1@@Z, _setDefaultButton@QMessageBox@@QAEXW4StandardButton@1@@Z, _showNormal@QWidget@@QAEXXZ, _hideText@QToolTip@@SAXXZ, _showText@QToolTip@@SAXABVQPoint@@ABVQString@@PAVQWidget@@ABVQRect@@@Z, _openUrl@QDesktopServices@@SA_NABVQUrl@@@Z, _exec@QMenu@@QAEPAVQAction@@ABVQPoint@@PAV2@@Z, _mapToGlobal@QWidget@@QBE_AVQPoint@@ABV2@@Z, _addAction@QMenu@@QAEPAVQAction@@ABVQString@@PBVQObject@@PBDABVQKeySequence@@@Z, __0QKeySequence@@QAE@HHHH@Z, _createStandardContextMenu@QTextEdit@@QAEPAVQMenu@@ABVQPoint@@@Z, _aboutQt@QMessageBox@@SAXPAVQWidget@@ABVQString@@@Z, _enterWhatsThisMode@QWhatsThis@@SAXXZ, _isChecked@QAction@@QBE_NXZ, _setText@QTextEdit@@QAEXABVQString@@@Z, _toHtml@QTextDocumentFragment@@QBE_AVQString@@XZ, _fromPlainText@QTextDocumentFragment@@SA_AV1@ABVQString@@@Z, _question@QMessageBox@@SAHPAVQWidget@@ABVQString@@1W4StandardButton@1@2@Z, _popup@QMenu@@QAEXABVQPoint@@PAVQAction@@@Z, _setCurrentIndex@QAbstractItemView@@QAEXABVQModelIndex@@@Z, _close@QWidget@@QAE_NXZ, _metaObject@QAction@@UBEPBUQMetaObject@@XZ, _qt_metacast@QAction@@UAEPAXPBD@Z, _qt_metacall@QAction@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QAction@@MAE_NPAVQEvent@@@Z, _metaObject@QTreeView@@UBEPBUQMetaObject@@XZ, _qt_metacast@QTreeView@@UAEPAXPBD@Z, _qt_metacall@QTreeView@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QAbstractItemView@@MAE_NPAVQEvent@@@Z, _dropEvent@QAbstractItemView@@MAEXPAVQDropEvent@@@Z, _setModel@QTreeView@@UAEXPAVQAbstractItemModel@@@Z, _setSelectionModel@QTreeView@@UAEXPAVQItemSelectionModel@@@Z, _metaObject@QMenuBar@@UBEPBUQMetaObject@@XZ, _qt_metacast@QMenuBar@@UAEPAXPBD@Z, _qt_metacall@QMenuBar@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QMenuBar@@MAE_NPAVQEvent@@@Z, _eventFilter@QMenuBar@@MAE_NPAVQObject@@PAVQEvent@@@Z, _timerEvent@QMenuBar@@MAEXPAVQTimerEvent@@@Z, _setVisible@QMenuBar@@UAEX_N@Z, _sizeHint@QMenuBar@@UBE_AVQSize@@XZ, _minimumSizeHint@QMenuBar@@UBE_AVQSize@@XZ, _heightForWidth@QMenuBar@@UBEHH@Z, _mousePressEvent@QMenuBar@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QMenuBar@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QMenuBar@@MAEXPAVQMouseEvent@@@Z, _keyPressEvent@QMenuBar@@MAEXPAVQKeyEvent@@@Z, _focusInEvent@QMenuBar@@MAEXPAVQFocusEvent@@@Z, _focusOutEvent@QMenuBar@@MAEXPAVQFocusEvent@@@Z, _leaveEvent@QMenuBar@@MAEXPAVQEvent@@@Z, _paintEvent@QMenuBar@@MAEXPAVQPaintEvent@@@Z, _resizeEvent@QMenuBar@@MAEXPAVQResizeEvent@@@Z, _actionEvent@QMenuBar@@MAEXPAVQActionEvent@@@Z, _changeEvent@QMenuBar@@MAEXPAVQEvent@@@Z, _metaObject@QMenu@@UBEPBUQMetaObject@@XZ, _qt_metacast@QMenu@@UAEPAXPBD@Z, _qt_metacall@QMenu@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QMenu@@MAE_NPAVQEvent@@@Z, _timerEvent@QMenu@@MAEXPAVQTimerEvent@@@Z, _sizeHint@QMenu@@UBE_AVQSize@@XZ, _mousePressEvent@QMenu@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QMenu@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QMenu@@MAEXPAVQMouseEvent@@@Z, _wheelEvent@QMenu@@MAEXPAVQWheelEvent@@@Z, _keyPressEvent@QMenu@@MAEXPAVQKeyEvent@@@Z, _enterEvent@QMenu@@MAEXPAVQEvent@@@Z, _leaveEvent@QMenu@@MAEXPAVQEvent@@@Z, _paintEvent@QMenu@@MAEXPAVQPaintEvent@@@Z, _actionEvent@QMenu@@MAEXPAVQActionEvent@@@Z, _hideEvent@QMenu@@MAEXPAVQHideEvent@@@Z, _changeEvent@QMenu@@MAEXPAVQEvent@@@Z, _focusNextPrevChild@QMenu@@MAE_N_N@Z, _metaObject@QDockWidget@@UBEPBUQMetaObject@@XZ, _qt_metacast@QDockWidget@@UAEPAXPBD@Z, _qt_metacall@QDockWidget@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QDockWidget@@MAE_NPAVQEvent@@@Z, _paintEvent@QDockWidget@@MAEXPAVQPaintEvent@@@Z, _closeEvent@QDockWidget@@MAEXPAVQCloseEvent@@@Z, _changeEvent@QDockWidget@@MAEXPAVQEvent@@@Z, _metaObject@QTextBrowser@@UBEPBUQMetaObject@@XZ, _qt_metacast@QTextBrowser@@UAEPAXPBD@Z, _qt_metacall@QTextBrowser@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QTextBrowser@@MAE_NPAVQEvent@@@Z, _timerEvent@QTextEdit@@MAEXPAVQTimerEvent@@@Z, _mousePressEvent@QTextBrowser@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QTextBrowser@@MAEXPAVQMouseEvent@@@Z, _mouseDoubleClickEvent@QTextEdit@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QTextBrowser@@MAEXPAVQMouseEvent@@@Z, _wheelEvent@QTextEdit@@MAEXPAVQWheelEvent@@@Z, _keyPressEvent@QTextBrowser@@MAEXPAVQKeyEvent@@@Z, _keyReleaseEvent@QTextEdit@@MAEXPAVQKeyEvent@@@Z, _focusInEvent@QTextEdit@@MAEXPAVQFocusEvent@@@Z, _focusOutEvent@QTextBrowser@@MAEXPAVQFocusEvent@@@Z, _addItem@QGridLayout@@QAEXPAVQLayoutItem@@HHHHV_$QFlags@W4AlignmentFlag@Qt@@@@@Z, _resizeEvent@QTextEdit@@MAEXPAVQResizeEvent@@@Z, _contextMenuEvent@QTextEdit@@MAEXPAVQContextMenuEvent@@@Z, _dragEnterEvent@QTextEdit@@MAEXPAVQDragEnterEvent@@@Z, _dragMoveEvent@QTextEdit@@MAEXPAVQDragMoveEvent@@@Z, _dragLeaveEvent@QTextEdit@@MAEXPAVQDragLeaveEvent@@@Z, _dropEvent@QTextEdit@@MAEXPAVQDropEvent@@@Z, _showEvent@QTextEdit@@MAEXPAVQShowEvent@@@Z, _changeEvent@QTextEdit@@MAEXPAVQEvent@@@Z, _inputMethodEvent@QTextEdit@@MAEXPAVQInputMethodEvent@@@Z, _inputMethodQuery@QTextEdit@@MBE_AVQVariant@@W4InputMethodQuery@Qt@@@Z, _focusNextPrevChild@QTextBrowser@@MAE_N_N@Z, _viewportEvent@QAbstractScrollArea@@MAE_NPAVQEvent@@@Z, _scrollContentsBy@QTextEdit@@MAEXHH@Z, _loadResource@QTextBrowser@@UAE_AVQVariant@@HABVQUrl@@@Z, _createMimeDataFromSelection@QTextEdit@@MBEPAVQMimeData@@XZ, _canInsertFromMimeData@QTextEdit@@MBE_NPBVQMimeData@@@Z, _insertFromMimeData@QTextEdit@@MAEXPBVQMimeData@@@Z, _setSource@QTextBrowser@@UAEXABVQUrl@@@Z, _backward@QTextBrowser@@UAEXXZ, _forward@QTextBrowser@@UAEXXZ, _home@QTextBrowser@@UAEXXZ, _reload@QTextBrowser@@UAEXXZ, _event@QMainWindow@@MAE_NPAVQEvent@@@Z, _contextMenuEvent@QMainWindow@@MAEXPAVQContextMenuEvent@@@Z, _createPopupMenu@QMainWindow@@UAEPAVQMenu@@XZ, _metaObject@QSystemTrayIcon@@UBEPBUQMetaObject@@XZ, _qt_metacast@QSystemTrayIcon@@UAEPAXPBD@Z, _qt_metacall@QSystemTrayIcon@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QSystemTrayIcon@@MAE_NPAVQEvent@@@Z, __1QTextEdit@@UAE@XZ, __0QPushButton@@QAE@ABVQString@@PAVQWidget@@@Z, _setOpenExternalLinks@QLabel@@QAEX_N@Z, __1QPixmap@@UAE@XZ, _setPixmap@QLabel@@QAEXABVQPixmap@@@Z, _pixmap@QIcon@@QBE_AVQPixmap@@ABVQSize@@W4Mode@1@W4State@1@@Z, _actualSize@QIcon@@QBE_AVQSize@@ABV2@W4Mode@1@W4State@1@@Z, _setPlainText@QTextEdit@@QAEXABVQString@@@Z, _setReadOnly@QTextEdit@@QAEX_N@Z, __0QTextEdit@@QAE@PAVQWidget@@@Z, _metaObject@QTextEdit@@UBEPBUQMetaObject@@XZ, _qt_metacast@QTextEdit@@UAEPAXPBD@Z, _qt_metacall@QTextEdit@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QTextEdit@@MAE_NPAVQEvent@@@Z, _mousePressEvent@QTextEdit@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QTextEdit@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QTextEdit@@MAEXPAVQMouseEvent@@@Z, _keyPressEvent@QTextEdit@@MAEXPAVQKeyEvent@@@Z, _focusOutEvent@QTextEdit@@MAEXPAVQFocusEvent@@@Z, _paintEvent@QTextEdit@@MAEXPAVQPaintEvent@@@Z, _focusNextPrevChild@QTextEdit@@MAE_N_N@Z, _loadResource@QTextEdit@@UAE_AVQVariant@@HABVQUrl@@@Z, __1QListView@@UAE@XZ, _currentItem@QTreeWidget@@QBEPAVQTreeWidgetItem@@XZ, _currentIndex@QTabWidget@@QBEHXZ, _sortColumn@QTreeWidget@@QBEHXZ, _treeWidget@QTreeWidgetItem@@QBEPAVQTreeWidget@@XZ, __1QIntValidator@@UAE@XZ, __0QIntValidator@@QAE@HHPAVQObject@@@Z, _selectionModel@QAbstractItemView@@QBEPAVQItemSelectionModel@@XZ, _header@QTreeView@@QBEPAVQHeaderView@@XZ, _sortItems@QTreeWidget@@QAEXHW4SortOrder@Qt@@@Z, _addTopLevelItems@QTreeWidget@@QAEXABV_$QList@PAVQTreeWidgetItem@@@@@Z, _clear@QTreeWidget@@QAEXXZ, __0QTreeWidgetItem@@QAE@PAVQTreeWidget@@ABVQStringList@@H@Z, _setSortingEnabled@QTreeWidget@@QAEX_N@Z, _setEchoMode@QLineEdit@@QAEXW4EchoMode@1@@Z, _setEditTriggers@QAbstractItemView@@QAEXV_$QFlags@W4EditTrigger@QAbstractItemView@@@@@Z, __0QListView@@QAE@PAVQWidget@@@Z, _warning@QMessageBox@@SA_AW4StandardButton@1@PAVQWidget@@ABVQString@@1V_$QFlags@W4StandardButton@QMessageBox@@@@W421@@Z, _metaObject@QListView@@UBEPBUQMetaObject@@XZ, _qt_metacast@QListView@@UAEPAXPBD@Z, _qt_metacall@QListView@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QListView@@MAE_NPAVQEvent@@@Z, _dropEvent@QListView@@MAEXPAVQDropEvent@@@Z, _setModel@QAbstractItemView@@UAEXPAVQAbstractItemModel@@@Z, _metaObject@QIntValidator@@UBEPBUQMetaObject@@XZ, _qt_metacast@QIntValidator@@UAEPAXPBD@Z, _qt_metacall@QIntValidator@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _validate@QIntValidator@@UBE_AW4State@QValidator@@AAVQString@@AAH@Z, _setRange@QIntValidator@@UAEXHH@Z, __BQColor@@QBE_AVQVariant@@XZ, __9QColor@@QBE_NABV0@@Z, __BQFont@@QBE_AVQVariant@@XZ, __9QFont@@QBE_NABV0@@Z, __4QColor@@QAEAAV0@ABV0@@Z, __0QColor@@QAE@HHHH@Z, __4QFont@@QAEAAV0@ABV0@@Z, __0QFont@@QAE@ABVQString@@HH_N@Z, __0QColor@@QAE@ABV0@@Z, __1QItemDelegate@@UAE@XZ, _restore@QPainter@@QAEXXZ, _drawPixmap@QPainter@@QAEXABVQPoint@@ABVQPixmap@@@Z, _alignedRect@QStyle@@SA_AVQRect@@W4LayoutDirection@Qt@@V_$QFlags@W4AlignmentFlag@Qt@@@@ABVQSize@@ABV2@@Z, _size@QPixmap@@QBE_AVQSize@@XZ, _save@QPainter@@QAEXXZ, _paint@QItemDelegate@@UBEXPAVQPainter@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, __0QIcon@@QAE@ABV0@@Z, _sizeHint@QItemDelegate@@UBE_AVQSize@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _setExpanded@QTreeView@@QAEXABVQModelIndex@@_N@Z, __BQIcon@@QBE_AVQVariant@@XZ, _bold@QFont@@QBE_NXZ, _italic@QFont@@QBE_NXZ, __0QItemDelegate@@QAE@PAVQObject@@@Z, _expand@QTreeView@@QAEXABVQModelIndex@@@Z, _isExpanded@QTreeView@@QBE_NABVQModelIndex@@@Z, _clearSelection@QAbstractItemView@@QAEXXZ, _isSelected@QItemSelectionModel@@QBE_NABVQModelIndex@@@Z, __4QIcon@@QAEAAV0@ABV0@@Z, _eventFilter@QItemDelegate@@MAE_NPAVQObject@@PAVQEvent@@@Z, _createEditor@QItemDelegate@@UBEPAVQWidget@@PAV2@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _setEditorData@QItemDelegate@@UBEXPAVQWidget@@ABVQModelIndex@@@Z, _setModelData@QItemDelegate@@UBEXPAVQWidget@@PAVQAbstractItemModel@@ABVQModelIndex@@@Z, _updateEditorGeometry@QItemDelegate@@UBEXPAVQWidget@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _editorEvent@QItemDelegate@@MAE_NPAVQEvent@@PAVQAbstractItemModel@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _drawDisplay@QItemDelegate@@MBEXPAVQPainter@@ABVQStyleOptionViewItem@@ABVQRect@@ABVQString@@@Z, _drawDecoration@QItemDelegate@@MBEXPAVQPainter@@ABVQStyleOptionViewItem@@ABVQRect@@ABVQPixmap@@@Z, _drawFocus@QItemDelegate@@MBEXPAVQPainter@@ABVQStyleOptionViewItem@@ABVQRect@@@Z, _drawCheck@QItemDelegate@@MBEXPAVQPainter@@ABVQStyleOptionViewItem@@ABVQRect@@W4CheckState@Qt@@@Z, _windowIcon@QApplication@@SA_AVQIcon@@XZ, __1QScrollArea@@UAE@XZ, _standardButton@QDialogButtonBox@@QBE_AW4StandardButton@1@PAVQAbstractButton@@@Z, _currentWidget@QTabWidget@@QBEPAVQWidget@@XZ, _button@QDialogButtonBox@@QBEPAVQPushButton@@W4StandardButton@1@@Z, _widget@QTabWidget@@QBEPAVQWidget@@H@Z, __1QDesktopWidget@@UAE@XZ, _setWidget@QScrollArea@@QAEXPAVQWidget@@@Z, _setWidgetResizable@QScrollArea@@QAEX_N@Z, __0QScrollArea@@QAE@PAVQWidget@@@Z, _setModelColumn@QListView@@QAEXH@Z, _availableGeometry@QDesktopWidget@@QBE_BVQRect@@H@Z, _numScreens@QDesktopWidget@@QBEHXZ, __0QDesktopWidget@@QAE@XZ, _setSizeGripEnabled@QDialog@@QAEX_N@Z, _setCurrentWidget@QTabWidget@@QAEXPAVQWidget@@@Z, _addTab@QTabWidget@@QAEHPAVQWidget@@ABVQIcon@@ABVQString@@@Z, _clear@QTabWidget@@QAEXXZ, _metaObject@QScrollArea@@UBEPBUQMetaObject@@XZ, _qt_metacast@QScrollArea@@UAEPAXPBD@Z, _qt_metacall@QScrollArea@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QScrollArea@@MAE_NPAVQEvent@@@Z, _eventFilter@QScrollArea@@MAE_NPAVQObject@@PAVQEvent@@@Z, _sizeHint@QScrollArea@@UBE_AVQSize@@XZ, _mousePressEvent@QAbstractScrollArea@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QAbstractScrollArea@@MAEXPAVQMouseEvent@@@Z, _mouseDoubleClickEvent@QAbstractScrollArea@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QAbstractScrollArea@@MAEXPAVQMouseEvent@@@Z, _keyPressEvent@QAbstractScrollArea@@MAEXPAVQKeyEvent@@@Z, _paintEvent@QAbstractScrollArea@@MAEXPAVQPaintEvent@@@Z, _resizeEvent@QScrollArea@@MAEXPAVQResizeEvent@@@Z, _dragEnterEvent@QAbstractScrollArea@@MAEXPAVQDragEnterEvent@@@Z, _dragMoveEvent@QAbstractScrollArea@@MAEXPAVQDragMoveEvent@@@Z, _dragLeaveEvent@QAbstractScrollArea@@MAEXPAVQDragLeaveEvent@@@Z, _dropEvent@QAbstractScrollArea@@MAEXPAVQDropEvent@@@Z, _focusNextPrevChild@QScrollArea@@UAE_N_N@Z, _scrollContentsBy@QScrollArea@@MAEXHH@Z, _winId@QWidget@@QBEPAUHWND__@@XZ, _information@QMessageBox@@SA_AW4StandardButton@1@PAVQWidget@@ABVQString@@1W421@2@Z, _itemText@QComboBox@@QBE_AVQString@@H@Z, _insertItem@QComboBox@@QAEXHABVQString@@ABVQVariant@@@Z, _keys@QStyleFactory@@SA_AVQStringList@@XZ, __1QPainterPath@@QAE@XZ, _boundingRect@QPainterPath@@QBE_AVQRectF@@XZ, _addText@QPainterPath@@QAEXNNABVQFont@@ABVQString@@@Z, __0QPainterPath@@QAE@XZ, _setPixelSize@QFont@@QAEXH@Z, _setStyleStrategy@QFont@@QAEXW4StyleStrategy@1@@Z, _rgba@QColor@@QBEIXZ, _setPen@QPainter@@QAEXW4PenStyle@Qt@@@Z, _drawPath@QPainter@@QAEXABVQPainterPath@@@Z, __1QPen@@QAE@XZ, _setPen@QPainter@@QAEXABVQPen@@@Z, __0QPen@@QAE@ABVQBrush@@NW4PenStyle@Qt@@W4PenCapStyle@3@W4PenJoinStyle@3@@Z, _setRenderHint@QPainter@@QAEXW4RenderHint@1@_N@Z, __0QImage@@QAE@PAEHHW4Format@0@@Z, _family@QFont@@QBE_AVQString@@XZ, _name@QColor@@QBE_AVQString@@XZ, _fromRgba@QColor@@SA_AV1@I@Z, _getRgba@QColorDialog@@SAIIPA_NPAVQWidget@@@Z, _pointSize@QFont@@QBEHXZ, _getFont@QFontDialog@@SA_AVQFont@@PA_NABV2@PAVQWidget@@@Z, _setPointSize@QFont@@QAEXH@Z, _numBytes@QImage@@QBEHXZ, _bits@QImage@@QAEPAEXZ, _load@QImage@@QAE_NABVQString@@PBD@Z, __0QImage@@QAE@XZ, _critical@QMessageBox@@SAHPAVQWidget@@ABVQString@@1W4StandardButton@1@2@Z, __1QWizardPage@@UAE@XZ, __1QWizard@@UAE@XZ, _mapToScene@QGraphicsView@@QBE_AVQPointF@@ABVQPoint@@@Z, _pos@QMouseEvent@@QBEABVQPoint@@XZ, _buttons@QMouseEvent@@QBE_AV_$QFlags@W4MouseButton@Qt@@@@XZ, _currentPage@QWizard@@QBEPAVQWizardPage@@XZ, _currentId@QWizard@@QBEHXZ, _nextId@QWizard@@UBEHXZ, __1QGraphicsView@@UAE@XZ, __1QGraphicsScene@@UAE@XZ, _addPage@QWizard@@QAEHPAVQWizardPage@@@Z, _setOption@QWizard@@QAEXW4WizardOption@1@_N@Z, __0QWizard@@QAE@PAVQWidget@@V_$QFlags@W4WindowType@Qt@@@@@Z, _completeChanged@QWizardPage@@IAEXXZ, __0QCheckBox@@QAE@ABVQString@@PAVQWidget@@@Z, _setWordWrap@QLabel@@QAEX_N@Z, _setSubTitle@QWizardPage@@QAEXABVQString@@@Z, _setTitle@QWizardPage@@QAEXABVQString@@@Z, __0QWizardPage@@QAE@PAVQWidget@@@Z, _viewport@QAbstractScrollArea@@QBEPAVQWidget@@XZ, _scale@QGraphicsView@@QAEXNN@Z, __0QGraphicsView@@QAE@PAVQWidget@@@Z, _setMinimumWidth@QWidget@@QAEXH@Z, _setRange@QAbstractSlider@@QAEXHH@Z, __0QSlider@@QAE@W4Orientation@Qt@@PAVQWidget@@@Z, __0QRadioButton@@QAE@ABVQString@@PAVQWidget@@@Z, __0QGroupBox@@QAE@ABVQString@@PAVQWidget@@@Z, _fitInView@QGraphicsView@@QAEXNNNNW4AspectRatioMode@Qt@@@Z, _setScene@QGraphicsView@@QAEXPAVQGraphicsScene@@@Z, _addEllipse@QGraphicsScene@@QAEPAVQGraphicsEllipseItem@@ABVQRectF@@ABVQPen@@ABVQBrush@@@Z, __0QPen@@QAE@ABVQColor@@@Z, __0QGraphicsScene@@QAE@ABVQRectF@@PAVQObject@@@Z, _setPos@QGraphicsItem@@QAEXNN@Z, _initializePage@QWizardPage@@UAEXXZ, _cleanupPage@QWizardPage@@UAEXXZ, _validatePage@QWizardPage@@UAE_NXZ, _nextId@QWizardPage@@UBEHXZ, _event@QWizard@@MAE_NPAVQEvent@@@Z, _setVisible@QWizard@@UAEX_N@Z, _sizeHint@QWizard@@UBE_AVQSize@@XZ, _paintEvent@QWizard@@MAEXPAVQPaintEvent@@@Z, _resizeEvent@QWizard@@MAEXPAVQResizeEvent@@@Z, _winEvent@QWizard@@MAE_NPAUtagMSG@@PAJ@Z, _done@QWizard@@MAEXH@Z, _initializePage@QWizard@@MAEXH@Z, _cleanupPage@QWizard@@MAEXH@Z, _metaObject@QGraphicsView@@UBEPBUQMetaObject@@XZ, _qt_metacast@QGraphicsView@@UAEPAXPBD@Z, _qt_metacall@QGraphicsView@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QGraphicsView@@MAE_NPAVQEvent@@@Z, _sizeHint@QGraphicsView@@UBE_AVQSize@@XZ, _mousePressEvent@QGraphicsView@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QGraphicsView@@MAEXPAVQMouseEvent@@@Z, _mouseDoubleClickEvent@QGraphicsView@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QGraphicsView@@MAEXPAVQMouseEvent@@@Z, _wheelEvent@QGraphicsView@@MAEXPAVQWheelEvent@@@Z, _keyPressEvent@QGraphicsView@@MAEXPAVQKeyEvent@@@Z, _keyReleaseEvent@QGraphicsView@@MAEXPAVQKeyEvent@@@Z, _focusInEvent@QGraphicsView@@MAEXPAVQFocusEvent@@@Z, _focusOutEvent@QGraphicsView@@MAEXPAVQFocusEvent@@@Z, _paintEvent@QGraphicsView@@MAEXPAVQPaintEvent@@@Z, _resizeEvent@QGraphicsView@@MAEXPAVQResizeEvent@@@Z, _contextMenuEvent@QGraphicsView@@MAEXPAVQContextMenuEvent@@@Z, _dragEnterEvent@QGraphicsView@@MAEXPAVQDragEnterEvent@@@Z, _dragMoveEvent@QGraphicsView@@MAEXPAVQDragMoveEvent@@@Z, _dragLeaveEvent@QGraphicsView@@MAEXPAVQDragLeaveEvent@@@Z, _dropEvent@QGraphicsView@@MAEXPAVQDropEvent@@@Z, _showEvent@QGraphicsView@@MAEXPAVQShowEvent@@@Z, _inputMethodEvent@QGraphicsView@@MAEXPAVQInputMethodEvent@@@Z, _inputMethodQuery@QGraphicsView@@UBE_AVQVariant@@W4InputMethodQuery@Qt@@@Z, _focusNextPrevChild@QGraphicsView@@MAE_N_N@Z, _viewportEvent@QGraphicsView@@MAE_NPAVQEvent@@@Z, _scrollContentsBy@QGraphicsView@@MAEXHH@Z, _drawBackground@QGraphicsView@@MAEXPAVQPainter@@ABVQRectF@@@Z, _drawForeground@QGraphicsView@@MAEXPAVQPainter@@ABVQRectF@@@Z, _drawItems@QGraphicsView@@MAEXPAVQPainter@@HQAPAVQGraphicsItem@@QBVQStyleOptionGraphicsItem@@@Z, _metaObject@QGraphicsScene@@UBEPBUQMetaObject@@XZ, _mousePressEvent@QTreeView@@MAEXPAVQMouseEvent@@@Z, _qt_metacall@QGraphicsScene@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QGraphicsScene@@MAE_NPAVQEvent@@@Z, _eventFilter@QGraphicsScene@@MAE_NPAVQObject@@PAVQEvent@@@Z, _inputMethodQuery@QGraphicsScene@@UBE_AVQVariant@@W4InputMethodQuery@Qt@@@Z, _contextMenuEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneContextMenuEvent@@@Z, _dragEnterEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneDragDropEvent@@@Z, _dragMoveEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneDragDropEvent@@@Z, _dragLeaveEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneDragDropEvent@@@Z, _dropEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneDragDropEvent@@@Z, _focusInEvent@QGraphicsScene@@MAEXPAVQFocusEvent@@@Z, _focusOutEvent@QGraphicsScene@@MAEXPAVQFocusEvent@@@Z, _helpEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneHelpEvent@@@Z, _keyPressEvent@QGraphicsScene@@MAEXPAVQKeyEvent@@@Z, _keyReleaseEvent@QGraphicsScene@@MAEXPAVQKeyEvent@@@Z, _mousePressEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneMouseEvent@@@Z, _mouseMoveEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneMouseEvent@@@Z, _mouseReleaseEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneMouseEvent@@@Z, _mouseDoubleClickEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneMouseEvent@@@Z, _wheelEvent@QGraphicsScene@@MAEXPAVQGraphicsSceneWheelEvent@@@Z, _inputMethodEvent@QGraphicsScene@@MAEXPAVQInputMethodEvent@@@Z, _drawBackground@QGraphicsScene@@MAEXPAVQPainter@@ABVQRectF@@@Z, _drawForeground@QGraphicsScene@@MAEXPAVQPainter@@ABVQRectF@@@Z, _drawItems@QGraphicsScene@@MAEXPAVQPainter@@HQAPAVQGraphicsItem@@QBVQStyleOptionGraphicsItem@@PAVQWidget@@@Z, __0QDialogButtonBox@@QAE@V_$QFlags@W4StandardButton@QDialogButtonBox@@@@W4Orientation@Qt@@PAVQWidget@@@Z, _addItems@QListWidget@@QAEXABVQStringList@@@Z, _setData@QAction@@QAEXABVQVariant@@@Z, __0QAction@@QAE@ABVQString@@PAVQObject@@@Z, _modifiers@QKeyEvent@@QBE_AV_$QFlags@W4KeyboardModifier@Qt@@@@XZ, _key@QKeyEvent@@QBEHXZ, _setHtml@QTextEdit@@QAEXABVQString@@@Z, _mightBeRichText@Qt@@YA_NABVQString@@@Z, _convertFromPlainText@Qt@@YA_AVQString@@ABV2@W4WhiteSpaceMode@1@@Z, _toPlainText@QTextEdit@@QBE_AVQString@@XZ, _setFocus@QWidget@@QAEXXZ, _clearFocus@QWidget@@QAEXXZ, _setForegroundRole@QWidget@@QAEXW4ColorRole@QPalette@@@Z, _dark@QColor@@QBE_AV1@H@Z, __0QPalette@@QAE@ABV0@@Z, _palette@QWidget@@QBEABVQPalette@@XZ, _reason@QFocusEvent@@QAE_AW4FocusReason@Qt@@XZ, __1QStyledItemDelegate@@UAE@XZ, _setItemEditorFactory@QStyledItemDelegate@@QAEXPAVQItemEditorFactory@@@Z, _itemEditorFactory@QStyledItemDelegate@@QBEPAVQItemEditorFactory@@XZ, _displayText@QStyledItemDelegate@@UBE_AVQString@@ABVQVariant@@ABVQLocale@@@Z, _setHidden@QTreeWidgetItem@@QAEX_N@Z, _addTopLevelItem@QTreeWidget@@QAEXPAVQTreeWidgetItem@@@Z, _setFlags@QTreeWidgetItem@@QAEXV_$QFlags@W4ItemFlag@Qt@@@@@Z, _flags@QTreeWidgetItem@@QBE_AV_$QFlags@W4ItemFlag@Qt@@@@XZ, __0QTreeWidgetItem@@QAE@H@Z, __1QItemEditorFactory@@UAE@XZ, __1QItemEditorCreatorBase@@UAE@XZ, _setReadOnly@QLineEdit@@QAEX_N@Z, _findData@QComboBox@@QBEHABVQVariant@@HV_$QFlags@W4MatchFlag@Qt@@@@@Z, _indexOfTopLevelItem@QTreeWidget@@QAEHPAVQTreeWidgetItem@@@Z, _setResizeMode@QHeaderView@@QAEXW4ResizeMode@1@@Z, _setColumnCount@QTreeWidget@@QAEXH@Z, _setMinimumSectionSize@QHeaderView@@QAEXH@Z, _setDefaultSectionSize@QHeaderView@@QAEXH@Z, _registerEditor@QItemEditorFactory@@QAEXW4Type@QVariant@@PAVQItemEditorCreatorBase@@@Z, __0QItemEditorFactory@@QAE@XZ, __0QStyledItemDelegate@@QAE@PAVQObject@@@Z, __0QItemEditorCreatorBase@@QAE@XZ, _eventFilter@QStyledItemDelegate@@MAE_NPAVQObject@@PAVQEvent@@@Z, _paint@QStyledItemDelegate@@UBEXPAVQPainter@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _sizeHint@QStyledItemDelegate@@UBE_AVQSize@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _createEditor@QStyledItemDelegate@@UBEPAVQWidget@@PAV2@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _setEditorData@QStyledItemDelegate@@UBEXPAVQWidget@@ABVQModelIndex@@@Z, _setModelData@QStyledItemDelegate@@UBEXPAVQWidget@@PAVQAbstractItemModel@@ABVQModelIndex@@@Z, _updateEditorGeometry@QStyledItemDelegate@@UBEXPAVQWidget@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _editorEvent@QStyledItemDelegate@@MAE_NPAVQEvent@@PAVQAbstractItemModel@@ABVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _initStyleOption@QStyledItemDelegate@@MBEXPAVQStyleOptionViewItem@@ABVQModelIndex@@@Z, _createEditor@QItemEditorFactory@@UBEPAVQWidget@@W4Type@QVariant@@PAV2@@Z, _valuePropertyName@QItemEditorFactory@@UBE_AVQByteArray@@W4Type@QVariant@@@Z, _setMaxLength@QLineEdit@@QAEXH@Z, _setInputMask@QLineEdit@@QAEXABVQString@@@Z, _insertItems@QComboBox@@QAEXHABVQStringList@@@Z, _drawText@QPainter@@QAEXHHABVQString@@@Z, _drawImage@QPainter@@QAEXHHABVQImage@@HHHHV_$QFlags@W4ImageConversionFlag@Qt@@@@@Z, _drawText@QPainter@@QAEXABVQRect@@HABVQString@@PAV2@@Z, _fill@QImage@@QAEXI@Z, _setFont@QPainter@@QAEXABVQFont@@@Z, _setRenderHints@QPainter@@QAEXV_$QFlags@W4RenderHint@QPainter@@@@_N@Z, __1QFontMetrics@@QAE@XZ, __4QImage@@QAEAAV0@ABV0@@Z, _convertToFormat@QImage@@QBE_AV1@W4Format@1@V_$QFlags@W4ImageConversionFlag@Qt@@@@@Z, __0QImage@@QAE@ABVQString@@PBD@Z, __0QFontMetrics@@QAE@ABVQFont@@@Z, _setWeight@QFont@@QAEXH@Z, _devType@QImage@@UBEHXZ, _paintEngine@QImage@@UBEPAVQPaintEngine@@XZ, _getDC@QPaintDevice@@UBEPAUHDC__@@XZ, _releaseDC@QPaintDevice@@UBEXPAUHDC__@@@Z, _metric@QImage@@MBEHW4PaintDeviceMetric@QPaintDevice@@@Z, _item@QListWidget@@QBEPAVQListWidgetItem@@H@Z, _warning@QMessageBox@@SAHPAVQWidget@@ABVQString@@1W4StandardButton@1@2@Z, _addItem@QListWidget@@QAEXPAVQListWidgetItem@@@Z, _takeItem@QListWidget@@QAEPAVQListWidgetItem@@H@Z, _trigger@QAction@@QAEXXZ, _raise@QWidget@@QAEXXZ, _staticMetaObject@QDialog@@2UQMetaObject@@B, _qt_metacall@QDialog@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QDialog@@UAEPAXPBD@Z, _staticMetaObject@QTextDocument@@2UQMetaObject@@B, _qt_metacall@QTextDocument@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QTextDocument@@UAEPAXPBD@Z, _staticMetaObject@QMainWindow@@2UQMetaObject@@B, _qt_metacall@QMainWindow@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QMainWindow@@UAEPAXPBD@Z, _staticMetaObject@QStyledItemDelegate@@2UQMetaObject@@B, _staticMetaObject@QComboBox@@2UQMetaObject@@B, _staticMetaObject@QLineEdit@@2UQMetaObject@@B, _qt_metacall@QStyledItemDelegate@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QStyledItemDelegate@@UAEPAXPBD@Z, _staticMetaObject@QItemDelegate@@2UQMetaObject@@B, _qt_metacall@QItemDelegate@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QItemDelegate@@UAEPAXPBD@Z, _staticMetaObject@QWizard@@2UQMetaObject@@B, _staticMetaObject@QWizardPage@@2UQMetaObject@@B, _qt_metacall@QWizardPage@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QWizardPage@@UAEPAXPBD@Z, _qt_metacall@QWizard@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QWizard@@UAEPAXPBD@Z, _setResizeMode@QHeaderView@@QAEXHW4ResizeMode@1@@Z, __0QTreeWidgetItem@@QAE@PAVQTreeWidget@@H@Z, _setToolTip@QTreeWidgetItem@@QAEXHABVQString@@@Z, _setWhatsThis@QTreeWidgetItem@@QAEXHABVQString@@@Z, __0QTextDocument@@QAE@PAVQObject@@@Z, _setDocument@QTextEdit@@QAEXPAVQTextDocument@@@Z, _fromHtml@QTextDocumentFragment@@SA_AV1@ABVQString@@@Z, _toPlainText@QTextDocumentFragment@@QBE_AVQString@@XZ, __1QTextDocumentFragment@@QAE@XZ, _textCursor@QTextEdit@@QBE_AVQTextCursor@@XZ, _movePosition@QTextCursor@@QAE_NW4MoveOperation@1@W4MoveMode@1@H@Z, _document@QTextEdit@@QBEPAVQTextDocument@@XZ, _isEmpty@QTextDocument@@QBE_NXZ, _insertBlock@QTextCursor@@QAEXXZ, __0QTextFrameFormat@@QAE@XZ, _setBorder@QTextFrameFormat@@QAEXN@Z, _setPadding@QTextFrameFormat@@QAEXN@Z, _setBorderStyle@QTextFrameFormat@@QAEXW4BorderStyle@1@@Z, _insertFrame@QTextCursor@@QAEPAVQTextFrame@@ABVQTextFrameFormat@@@Z, __1QTextFrameFormat@@QAE@XZ, _insertHtml@QTextCursor@@QAEXABVQString@@@Z, _setTextCursor@QTextEdit@@QAEXABVQTextCursor@@@Z, _ensureCursorVisible@QTextEdit@@QAEXXZ, __1QTextCursor@@QAE@XZ, _isActiveWindow@QWidget@@QBE_NXZ, _isVisible@QWidget@@QBE_NXZ, _isSystemTrayAvailable@QSystemTrayIcon@@SA_NXZ, _supportsMessages@QSystemTrayIcon@@SA_NXZ, _showMessage@QSystemTrayIcon@@QAEXABVQString@@0W4MessageIcon@1@H@Z, _isSelected@QTreeWidgetItem@@QBE_NXZ, _getOpenFileName@QFileDialog@@SA_AVQString@@PAVQWidget@@ABV2@11PAV2@V_$QFlags@W4Option@QFileDialog@@@@@Z, _critical@QMessageBox@@SA_AW4StandardButton@1@PAVQWidget@@ABVQString@@1V_$QFlags@W4StandardButton@QMessageBox@@@@W421@@Z, _selectedItems@QTreeWidget@@QBE_AV_$QList@PAVQTreeWidgetItem@@@@XZ, __1QTreeWidgetItem@@UAE@XZ, __0QImage@@QAE@HHW4Format@0@@Z, __BQImage@@QBE_AVQVariant@@XZ, _addResource@QTextDocument@@QAEXHABVQUrl@@ABVQVariant@@@Z, __1QImage@@UAE@XZ, __1QTextDocument@@UAE@XZ, _setCheckState@QTreeWidgetItem@@QAEXHW4CheckState@Qt@@@Z, _setText@QTreeWidgetItem@@QAEXHABVQString@@@Z, _findItems@QTreeWidget@@QBE_AV_$QList@PAVQTreeWidgetItem@@@@ABVQString@@V_$QFlags@W4MatchFlag@Qt@@@@H@Z, _checkState@QTreeWidgetItem@@QBE_AW4CheckState@Qt@@H@Z, _text@QTreeWidgetItem@@QBE_AVQString@@H@Z, _value@QAbstractSlider@@QBEHXZ, __0QIcon@@QAE@ABVQString@@@Z, _windowTitle@QWidget@@QBE_AVQString@@XZ, __1QSlider@@UAE@XZ, __1QTreeWidget@@UAE@XZ, _write@QListWidgetItem@@UBEXAAVQDataStream@@@Z, _read@QListWidgetItem@@UAEXAAVQDataStream@@@Z, __MQListWidgetItem@@UBE_NABV0@@Z, _setData@QListWidgetItem@@UAEXHABVQVariant@@@Z, _data@QListWidgetItem@@UBE_AVQVariant@@H@Z, _setBackgroundColor@QListWidgetItem@@UAEXABVQColor@@@Z, _clone@QListWidgetItem@@UBEPAV1@XZ, _nextCheckState@QCheckBox@@MAEXXZ, _checkStateSet@QCheckBox@@MAEXXZ, _hitButton@QCheckBox@@MBE_NABVQPoint@@@Z, _paintEvent@QCheckBox@@MAEXPAVQPaintEvent@@@Z, _focusOutEvent@QAbstractButton@@MAEXPAVQFocusEvent@@@Z, _focusInEvent@QAbstractButton@@MAEXPAVQFocusEvent@@@Z, _keyPressEvent@QAbstractButton@@MAEXPAVQKeyEvent@@@Z, _mouseMoveEvent@QCheckBox@@MAEXPAVQMouseEvent@@@Z, _sizeHint@QCheckBox@@UBE_AVQSize@@XZ, _event@QCheckBox@@MAE_NPAVQEvent@@@Z, _qt_metacall@QCheckBox@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QCheckBox@@UAEPAXPBD@Z, _metaObject@QCheckBox@@UBEPBUQMetaObject@@XZ, _changeEvent@QGroupBox@@MAEXPAVQEvent@@@Z, _resizeEvent@QGroupBox@@MAEXPAVQResizeEvent@@@Z, _paintEvent@QGroupBox@@MAEXPAVQPaintEvent@@@Z, _focusInEvent@QGroupBox@@MAEXPAVQFocusEvent@@@Z, _mouseMoveEvent@QGroupBox@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QGroupBox@@MAEXPAVQMouseEvent@@@Z, _mousePressEvent@QGroupBox@@MAEXPAVQMouseEvent@@@Z, _minimumSizeHint@QGroupBox@@UBE_AVQSize@@XZ, _childEvent@QGroupBox@@MAEXPAVQChildEvent@@@Z, _event@QGroupBox@@MAE_NPAVQEvent@@@Z, _qt_metacall@QGroupBox@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QGroupBox@@UAEPAXPBD@Z, _metaObject@QGroupBox@@UBEPBUQMetaObject@@XZ, _qt_metacall@QWidget@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QWidget@@UAEPAXPBD@Z, _metaObject@QWidget@@UBEPBUQMetaObject@@XZ, _tabRemoved@QTabWidget@@MAEXH@Z, _tabInserted@QTabWidget@@MAEXH@Z, _changeEvent@QTabWidget@@MAEXPAVQEvent@@@Z, _showEvent@QT
0
Réponse 39 / 55
KEROZ3N
 
Voici le rapport de OTL :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== SERVICES/DRIVERS ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4ADFE869-0C09-4F41-AD79-A8F1CFA201E8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ADFE869-0C09-4F41-AD79-A8F1CFA201E8}\ not found.
Registry value HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3028143-6145-4318-99D3-3EDCE54A95A9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3028143-6145-4318-99D3-3EDCE54A95A9}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\OrangePlayer deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\OrangePlayer not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\OrangePlayer deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\OrangePlayer deleted successfully.
Registry value HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\OrangePlayer deleted successfully.
Registry value HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl\\1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SSBkgdUpdate deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoRemoteRecursiveEvents"|0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoLowDiskSpaceChecks"|0 /E : value set successfully!
Unable to set value : HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"DisallowCpl"|0 /E!
Unable to set value : HKEY_USERS\S-1-5-21-790525478-220523388-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoCDBurning"|0 /E!
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}\x86 moved successfully.
C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86 moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 3004089 bytes

User: ritchi
->Temp folder emptied: 698116 bytes
->Temporary Internet Files folder emptied: 19398991 bytes
->Java cache emptied: 11070127 bytes
->FireFox cache emptied: 43479092 bytes
->Google Chrome cache emptied: 7675139 bytes
->Apple Safari cache emptied: 11378511 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\NV512520.TMP folder deleted successfully.
%systemroot% .tmp files removed: 14856825 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 0 bytes

RecycleBin emptied: 513536 bytes

Total Files Cleaned = 107,01 mb

Error: Unable to interpret <[start explorer]> in the current context!

OTL by OldTimer - Version 3.0.5.3 log created on 07022009_214652

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Je fait la suite , merci KEROZ3N
0
Réponse 40 / 55
KEROZ3N
 
Voici le rapport de ToolbarS&D :

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon )
BIOS : BIOS Date: 10/28/08 11:39:00 Ver: 08.00.12
USER : ritchi ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:298 Go (Free:205 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 02/07/2009|21:52 )

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ Extensions

(ritchi) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.shareware.pro/misc/search.htm/fr"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Window Title"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr"
"Search bar"="http://www.bing.com/spresults.aspx"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\ritchi\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\Adrien\Crackulous_2009-06-12-003726_Adrien.crash
C:\DOCUME~1\ritchi\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\Adrien\Crackulous_2009-06-12-003726_Adrien.plist
C:\DOCUME~1\ritchi\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\Adrien\Crackulous_2009-06-12-003734_Adrien.crash
C:\DOCUME~1\ritchi\Application Data\Apple Computer\Logs\CrashReporter\MobileDevice\Adrien\Crackulous_2009-06-12-003734_Adrien.plist
C:\DOCUME~1\ritchi\Bureau\iPhone\Adobe Photoshop CS3 Extended v10.0 FR +crack - Windows 2000, XP & Vista}.rar
C:\DOCUME~1\ritchi\Bureau\iPhone\keygen photoshop cs2
C:\DOCUME~1\ritchi\Bureau\iPhone\keygen photoshop cs2\090416164430-fond_final.jpg
C:\DOCUME~1\ritchi\Bureau\iPhone\keygen photoshop cs2\Adobe_Photoshop_and_ImageReady_CS2_v9.0_KeyGen-PARADOX.nfo
C:\DOCUME~1\ritchi\Bureau\iPhone\keygen photoshop cs2\keygen.exe
C:\DOCUME~1\ritchi\Bureau\iPhone\keygen photoshop cs2\Leeme.txt

1 - "C:\ToolBar SD\TB_1.txt" - 02/07/2009|21:52 - Option : [1]

-----------\\ Fin du rapport a 21:52:22,64

Je fait la suite , Merci , KEROZ3N
0

Discussions similaires

Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
qu'est ce qu'un "trojan agent/gen" ? svp
Saber03 -
jacques.gache -

33 réponses
Comment enlever mon virus trojan:win32/si...
bryanoulet -
juju666 -

58 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses