Sujet Précédent Sujet Suivant

Paramétre du moteur de recherche corompu...

Résolu/Fermé
Charly - 18 mars 2011 à 19:19
 Utilisateur anonyme - 21 mars 2011 à 07:32
Bonjour,
à l'ouverture des programmes, le message suivant apparait :

* un programme de votre ordinateur a corrompu le paramétre de votre moteur de recherche par défaut internet explorer.
InternetExporer a initialiser le paramétre de votre moteur de recherche d'origine Google(www.google.com.) Internet explorer ouvrira désormais les paramétres de recherche .

* Aucuns de mes mots de passe et identifiants ne sont pas conservés après fermeture de mon PC sur messagerie, forum, etc...

J'ai essayé de restaurer : rien d'inchangé !!!

Pouvez vous me donner une solution pour remédier à ces problèmes ?

Merci de votre réponse

A voir également:

47 réponses

Réponse 1 / 47
Utilisateur anonyme
18 mars 2011 à 19:57
bonsoir,

on va tenter de voir ce que c'est déjà !


* Télécharge ZHPDiag sur ton bureau :


https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr/getfile.pl?file=/doYgUQ3V
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/

0
Charly
18 mars 2011 à 21:04
je viens de t'envoyer un fichier j'espère que..... c'est le bon !!!
0
Charly
18 mars 2011 à 21:08
je comprends pas ce que tu me demandes est ce ça ???
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Administrateur at 18/03/2011 21:01:39
Use the desktop link 'MBRCheck' to have full report
Dump file Name : C:\PhysicalDisk0_MBR.bin



---\\ Infection Rogue/FakeAlert (Possible)
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (.not file.)
O4 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (.not file.)
O42 - Logiciel: EoRezo 1.0 - (.EoRezo.) [HKLM] -- EoRezo_is1
O42 - Logiciel: SoftwareUpdate 1.0 - (.eoRezo.) [HKLM] -- SoftwareUpdate_is1
[HKCU\Software\EoRezo]
[HKCU\Software\RegistryDoktorFrNE]
O43 - CFD: 19/03/2010 - 18:50:26 - [1193045] ----D- C:\Program Files\EoRezo
O43 - CFD: 12/03/2010 - 12:18:16 - [2624664] ----D- C:\Documents and Settings\Administrateur\Application Data\eoRezo
O43 - CFD: 12/03/2010 - 12:17:42 - [940486] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\EoRezo



End of the scan (1621 lines in 00mn 19s)(0)
0
Charly
18 mars 2011 à 21:55
j'ai trouvé :

===== RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [3]) -> Lancé à 21:52:15 le 18/03/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Administrateur@NOM-FB9B15D2723 ( )

============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}


============== SCAN ADDITIONNEL ==============

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\e3y0ws64.default --
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15

-- C:\Documents and Settings\colette\Application Data\Mozilla\FireFox\Profiles\5gwrqeye.default --
Prefs.js - browser.search.defaultenginename, Google
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.15
Prefs.js - keyword.URL, hxxp://www.google.com/search?sourceid=navclient&hl=fr&q=

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{a65e491f-a436-4952-b49a-b24ed99a0f67} - "Tom's Guide France Toolbar" (C:\Program Files\Tom's_Guide_France\prxtbTom0.dll)
HKCU_Toolbar\ShellBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKCU_Toolbar\WebBrowser|{D3028143-6145-4318-99D3-3EDCE54A95A9} (x)
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
HKCU_Toolbar\WebBrowser|{A65E491F-A436-4952-B49A-B24ED99A0F67} (C:\Program Files\Tom's_Guide_France\prxtbTom0.dll)
HKLM_Toolbar|{381FFDE8-2394-4f90-B10D-FC6124A40F8C} (C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll)
HKLM_Toolbar|{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} (C:\Program Files\facemoods.com\facemoods\1.4.17.4\facemoodsTlbr.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKLM_Toolbar|{a65e491f-a436-4952-b49a-b24ed99a0f67} (C:\Program Files\Tom's_Guide_France\prxtbTom0.dll)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\072c8d26-fa5f-4320-9c3d-cbeb72d047c9 - C:\Program Files\interdescargas-FR\interdescargas-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\9609375e-fbdb-4c01-99f2-b72b8d9e5e1d - C:\Program Files\interdescargas-FR\interdescargas-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\b9580232-61da-4fb8-95c6-f7b107d2bea0 - C:\Program Files\interdescargas-FR\interdescargas-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\d1aa6507-2ca5-4a76-a5fc-e5fbecd27d9f - C:\Program Files\interdescargas-FR\interdescargas-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\{1B3170DF-B0CD-4341-A21D-8C0C5CC54B01} - C:\Program Files\Tom's_Guide_France\Tom's_Guide_FranceToolbarHelper1.exe (?)
HKLM_ElevationPolicy\{66022739-4145-42F8-AC6F-FA9D03180EC6} - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Conduit\CT2583879\Tom's_Guide_FranceAutoUpdaterHelper.exe (x)
HKLM_ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197BE6} - C:\Program Files\BitDefender\BitDefender 2010\about.exe\about.ex (x)
HKLM_ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197BE7} - WindowsFolder\hh.exe (x)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{BFAF93A6-D81A-450F-8979-491BC4337228} - C:\Program Files\Orange\ToolbarFR\ToolbarHelper.exe (x)
HKLM_ElevationPolicy\{FFDF9EF3-3C3A-4f05-9A6E-5D3B778EC567} - C:\Program Files\facemoods.com\facemoods\1.4.17.4\facemoodssrv.exe (facemoods.com)
HKLM_Extensions\{E2D4D26B-0180-43a4-B05F-462D6D54C789} - "Aide à la connexion" (C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{64182481-4F71-486b-A045-B233BD0DA8FC} - "CescrtHlpr Object" (C:\Program Files\facemoods.com\facemoods\1.4.17.4\bh\facemoods.dll)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{a65e491f-a436-4952-b49a-b24ed99a0f67} - "Tom's Guide France Toolbar" (C:\Program Files\Tom's_Guide_France\prxtbTom0.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 305 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 18/03/2011 21:20:41 (14012 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 18/03/2011 21:35:09 (5977 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 18/03/2011 21:52:21 (3790 Octet(s))

Fin à: 21:53:15, 18/03/2011

============== E.O.F ==============
0
Réponse 2 / 47
Utilisateur anonyme
18 mars 2011 à 21:05
copie/colle le lien fourni dans ta prochaine réponse sur le forum
0
Réponse 3 / 47
Utilisateur anonyme
18 mars 2011 à 21:10
ce n'est pas le bon rapport, mais j'ai vu ce que je cherchais !


* Télécharge de AD-Remover sur ton Bureau. (Merci à l'équipe TeamXscript)
http://www.teamxscript.org/adremoverTelechargement.html
( Lien officiel )

https://www.androidworld.fr/
( Miroir )
/!\ Ferme toutes applications en cours /!\

- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « Nettoyer »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
0
Charly
18 mars 2011 à 21:45
excuse moi : mais je ne sais quelle manip pour trouver le rapport!!!(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)
0
Réponse 4 / 47
Utilisateur anonyme
18 mars 2011 à 21:59
relance ADR, clique sur désinstaller,


relance zhpdiag,

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr/getfile.pl?file=/doYgUQ3V
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
0
Charly
Modifié par Charly le 18/03/2011 à 22:27
c'est bon : je te l'ai envoyé !!
0
Charly
18 mars 2011 à 22:51
c'est quoi le lien et où je le trouve ?? c'est ça???

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 16/10/2010 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Demand 19/10/2009 183880 | (Arrakis3) . (.BitDefender S.R.L. http://www.bitdefender.c.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
SS - | Auto 03/08/2005 58880 | (ARSVC) . (.Microsoft.) - C:\WINDOWS\arservice.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 04/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/08/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Auto 02/02/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SS - | Auto 21/06/2006 49152 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
SR - | Auto 08/03/2011 310856 | (LIVESRV) . (.BitDefender S.R.L..) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
SS - | Auto 09/05/2006 131139 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SS - | Auto 09/08/2007 73728 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SS - | Demand 19/10/2009 183880 | (Update Server) . (.BitDefender S.R.L. http://www.bitdefender.c.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
SR - | Auto 26/04/2010 1615688 | (VSSERV) . (.BitDefender S.R.L..) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Run by Administrateur at 18/03/2011 22:10:24

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x8A23AAB8]
3 CLASSPNP[0xBA108FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\00000071[0x8A2FAF18]
5 ACPI[0xB9F7E620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP2T0L0-5[0x8A2F9D98]
kernel: MBR read successfully
user & kernel MBR OK



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Administrateur at 18/03/2011 22:10:26
Use the desktop link 'MBRCheck' to have full report
Dump file Name : C:\PhysicalDisk0_MBR.bin



---\\ Infection Rogue/FakeAlert (Possible)
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (.not file.)
O4 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (.not file.)
[HKCU\Software\RegistryDoktorFrNE]



End of the scan (1548 lines in 00mn 15s)(0)
0
Charly
19 mars 2011 à 00:58
pas d'icone sur mon bureau sinon celle du contenu que je t'ai envoyé !!!
Comment faire pour voir le contenu du disque " C"
merci encor'
0
Charly
Modifié par Charly le 19/03/2011 à 09:50
Bonjour, et merci encor'!!


le téléchargement de ZHPDIAG m'a donné une icone en forme de parchemin et le rapport est en forme document . désolée mais pas d'icone disquette


http://dl.free.fr/pdoYgUQ3V
ou :
http://www.cijoint.fr/
ou :
http://www.toofiles.com/fr/documents-upload.html
ou :
http://www.terafiles.net/


tuto zhpdiag :

http://www.premiumorange.com/zeb-help-process/zhpdiag.html
0
Charly
19 mars 2011 à 10:04
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Administrateur at 19/03/2011 09:53:00
Use the desktop link 'MBRCheck' to have full report
Dump file Name : C:\PhysicalDisk0_MBR.bin



---\\ Infection Rogue/FakeAlert (Possible)
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (.not file.)
O4 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (.not file.)
[HKCU\Software\RegistryDoktorFrNE]



End of the scan (1589 lines in 01mn 49s)(0)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 47
Utilisateur anonyme
18 mars 2011 à 22:29
ok,

mais tu as encore oublié de copier et coller le lien du rapport ici !!!


0
Réponse 6 / 47
Utilisateur anonyme
18 mars 2011 à 22:54
trouve le rapport qui s'appelle zhpdiag, normalement, il est ou sur ton bureau ou sur C:


héberge le sur cijoint et copie et colle son lien sur ton prochain message :-)


0
Réponse 7 / 47
Utilisateur anonyme
19 mars 2011 à 08:38
bonjour,

dans un premier temps, je te demande de cliquer sur le carré vert en bas de mon poste pour répondre, ceci facilité le suivi de file de discussion.

Merci :-)



pour la suite, il n'y a qu'à lire :


* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr/getfile.pl?file=/doYgUQ3V
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/


tuto zhpdiag :

http://www.premiumorange.com/zeb-help-process/zhpdiag.html


0
Réponse 8 / 47
Utilisateur anonyme
19 mars 2011 à 10:00
clique sur l'icone enforme de parchemin,

clique sur la loupe, laisse faire le scan, à la fin , il y a un rapport qui s'ouvre, en haut de la fenêtre, à côté la loupe, il y a la disquette, clique dessus pour enregister le rapport sur ton bureau, une fois le rapport enregistré, héberge le sur Cijoint ou Free, ou ....

copie et colle le lien sur ton prochain message :-)





je te demande de cliquer sur le carré vert en bas de mon poste pour répondre, ceci facilité le suivi de file de discussion.




Merci

0
Utilisateur anonyme
19 mars 2011 à 10:08
tu me mets des bouts de rapports !

si tu as besoin d'aide, il me faut le rapport entièrement !

donc, il faut suivre les instructions que je t'ai noté sur mon message ci dessus :-)
0
Réponse 9 / 47
Utilisateur anonyme
19 mars 2011 à 10:20
normal, tu es sur le point de créer un nouveau poste,

clique sur le carré vert en bas de mon poste pour envoyer le rapport !!!

0
Réponse 10 / 47
Utilisateur anonyme
19 mars 2011 à 10:38
clique sur ce lien pour voir ce que je te demande :

http://www.cijoint.fr/cj201103/cij6IkPKSw.jpg

sans rapport, je ne pourrais pas bien t'aider !!!


0
Réponse 11 / 47
Charly
19 mars 2011 à 10:44
oot mode: Normal (Normal boot)
Total RAM: 1470 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 116 GB (81%) free of 142 GB

---\\ Logged in mode
Computer Name: NOM-FB9B15D2723
User Name: Administrateur
All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HelpAssistant, colette, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
0
Réponse 12 / 47
Charly
19 mars 2011 à 10:45
---\\ Environnement Variables
%AppData%=C:\Documents and Settings\Administrateur\Application Data
%LocalAppData%=C:\Documents and Settings\Administrateur\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\Administrateur\Menu Démarrer

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 116 Go of 142 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 7 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Hard drive, Flash drive, Thumb drive (Free 141 Go of 149 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]
[MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\Windows\System32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:53.) -- C:\Windows\System32\drivers\ntfs.sys [574976]



---\\ Processus lancés
[MD5.D727571BD79E5812ADBEB687DB595360] - (.BitDefender S.R.L. - BitDefender Update Service.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [310856]
[MD5.B715ABF90831A37918EB4CAD2CF9DF69] - (.BitDefender S.R.L. - BitDefender Security Service.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [1615688]
[MD5.018857EAD9A077A56AEDFC0E5EF7A24A] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664]
[MD5.9F9AA480BAAF48695B920C425FFE5425] - (.Microsoft - ARSVC Application.) -- C:\WINDOWS\arservice.exe [58880]
[MD5.5D1347AA5AE6E2F77D7F4F8372D95AC9] - (.Microsoft Corporation - Media Center Receiver Service.) -- C:\WINDOWS\eHome\ehRecvr.exe [237568]
[MD5.980EEEA91776357518892C5544768E2B] - (.Microsoft Corporation - Service de planification Media Center.) -- C:\WINDOWS\eHome\ehSched.exe [103424]
[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.5D4B38A8D8525356798F5E560C3A3090] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [49152]
[MD5.B29EF836368AE9873A6F8F8E021CD148] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [240408]
[MD5.B0903C021BFCD6055C053A569EF98AEF] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 82.08.) -- C:\WINDOWS\system32\nvsvc32.exe [131139]
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120]
[MD5.9C69E6A25F5500501B14AF43311F8D8B] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [64512]
[MD5.9282601AA39B82197384FD51CB42F279] - (.Microsoft - ARPowerMessage Application.) -- C:\WINDOWS\ARPWRMSG.EXE [77312]
[MD5.AC116F16A7716A720A45D7EA47CFD983] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152]
[MD5.2FF606066A3C42C599B6764F6B143C97] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\WINDOWS\vVX1000.exe [757248]
[MD5.DAEFB050AC8FEE4F1097FCF7CB97220E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\WINDOWS\eHome\ehmsas.exe [46592]
[MD5.CC64BB2D200031B11A16FF69DF3E3907] - (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [1123360]
[MD5.10B0722C7203181B0C50C6CB974D2F2A] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16261632]
[MD5.166B6630CE180A861BD7C9110FF339D1] - (.BitDefender S.R.L. - BitDefender Security Center.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe [1091984]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]
[MD5.763DAB43BDAB27316DBF3373192823D7] - (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\issch.exe [81920]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]
[MD5.C7D472D1F14E0C51F048C49FAFB42F90] - (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files\e-Carte Bleue Société Générale\ecbl-sg.exe [278528]
[MD5.5597D0075861CB0A6E6087752D205C0D] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [282624]
[MD5.7825066A5828679F819D1217F115BB3B] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [344064]
[MD5.785BB72FC82FF635136D95247AC07B44] - (.Microsoft® Corporation - Microsoft® Works Calendar Reminder Service.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [15360]
[MD5.569E547273C25B019054A12A40400ECE] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [11318784]
[MD5.4B723F33D7331F20E06F3A2FD76EC1D5] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [11312128]
[MD5.2DB4D4386AC0F8CC367E1AA8AB1004EF] - (.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [204800]
[MD5.C81BE1B951C36E97D3DA90DA745DA5F7] - (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.EXE [61440]
[MD5.06A1ECB63DF139EC639E084D4AB3C9D7] - (.Hewlett-Packard Company - hpsysdrv.) -- c:\windows\system\hpsysdrv.exe [52736]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE [638816]
[MD5.FF8EA20CFA47CD134B3EABA59C6689F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [640512]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\fcmdSrch.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@google.com/npPicasa2,version=2.0.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Picasa2\npPicasa2.dll (.not file.)
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/Photosynth,version=2.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Photosynth\npPhotosynthMozilla.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
M2 - MFEP: prefs.js [Administrateur - e3y0ws64.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files\Tom's_Guide_France\prxtbTom0.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} . (.facemoods.com BHO - Pas de description.) -- C:\Program Files\facemoods.com\facemoods\1.4.17.4\bh\facemoods.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Tom's Guide France - {a65e491f-a436-4952-b49a-b24ed99a0f67} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Tom's_Guide_France\prxtbTom0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} . (.facemoods.com - Pas de description.) -- C:\Program Files\facemoods.com\facemoods\1.4.17.4\facemoodsTlbr.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} . (.Babylon Ltd. - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O3 - Toolbar: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Tom's_Guide_France\prxtbTom0.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [ehTray] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] ftutil2.dll
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] . (.Microsoft - ARPowerMessage Application.) -- C:\Windows\ARPWRMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe
O4 - HKLM\..\Run: [Recguard] . (.Pas de propriétaire - Recguard Application.) -- C:\WINDOWS\SMINST\RECGUARD.exe
O4 - HKLM\..\Run: [PCDrProfiler] Clé orpheline
O4 - HKLM\..\Run: [HPBootOp] . (.Hewlett-Packard Company - HP Boot Optimizer.) -- C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VX1000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (.not file.)
O4 - HKLM\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
O4 - HKLM\..\Run: [BDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [ExtraFilmManager] C:\Program Files\ExtraFilm Designer FR\ExtraFilmManager.exe (.not file.)
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\Windows\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\Windows\ALCMTR.exe
O4 - HKLM\..\Run: [facemoods] . (.facemoods.com - Pas de description.) -- C:\Program Files\facemoods.com\facemoods\1.4.17.4\facemoodssrv.exe
O4 - HKLM\..\Run: [BabylonToolbar] . (.Babylon Ltd. - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Synchronization Manager] . (.Microsoft Corporation - Gestionnaire de synchronisation Microsoft.) -- C:\WINDOWS\system32\mobsync.exe
O4 - HKLM\..\Run: [ISUSScheduler] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\issch.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (.not file.)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe (.not file.)
O4 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-14679421-2895026145-1805101795-500\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\e-Carte Bleue Société Générale.lnk . (.Orbiscom Ltd. All rights reserved..) -- C:\Program Files\e-Carte Bleue Société Générale\ecbl-sg.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk . (...) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Outil de détection de support Picture Motion Browser.lnk . (.Sony Corporation.) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\WkCalRem.LNK . (.Microsoft® Corporation.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\eBay.lnk . (...) -- C:\Program Files\Services en ligne\eBay\WizLink.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Media Center.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\ehome\ehshell.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Excel Viewer 2003.lnk . (...) -- C:\WINDOWS\Installer\{9084040C-6000-11D3-8CFE-0150048383C9}\xlvicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll



---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/...
O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} () - http://logicielsgratuits.orange.fr/download_service/Install/OrangeInstaller.cab
O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/nordnet/orange/so-4.1/resources/fslauncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\..\{B9E9A753-47B0-4EFF-897D-CB66AD24B7C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CS1\Services\Tcpip\..\{B9E9A753-47B0-4EFF-897D-CB66AD24B7C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CS2\Services\Tcpip\..\{B9E9A753-47B0-4EFF-897D-CB66AD24B7C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpDomain = americas.hpqcorp.net
O17 - HKLM\System\CS1\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpDomain = americas.hpqcorp.net
O17 - HKLM\System\CS2\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpDomain = americas.hpqcorp.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
0
Réponse 13 / 47
Charly
19 mars 2011 à 10:46
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Arrakis3) . (.BitDefender S.R.L. http://www.bitdefender.c - Arrakis Web Server.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: (ARSVC) . (.Microsoft - ARSVC Application.) - C:\WINDOWS\arservice.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: (LIVESRV) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 82.08.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: (Update Server) . (.BitDefender S.R.L. http://www.bitdefender.c - Arrakis Web Server.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PCFix.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Registry Reviver-Administrateur-Startup.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SLOW-PCfighter-Administrateur-Startup.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{608B8DC4-2FDA-4FCE-95F1-53974F4FAA16}.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{BB91AA94-906C-4F55-A610-2E7DBA585C91}.job
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (.Pas de propriétaire.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Pas de propriétaire.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (.Pas de propriétaire.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Pas de propriétaire.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [PCFix] (.Pas de propriétaire.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Registry Reviver-Administrateur-Startup] (.Pas de propriétaire.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [SLOW-PCfighter-Administrateur-Startup] (.Pas de propriétaire.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [User_Feed_Synchronization-{608B8DC4-2FDA-4FCE-95F1-53974F4FAA16}] (.Pas de propriétaire.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [User_Feed_Synchronization-{BB91AA94-906C-4F55-A610-2E7DBA585C91}] (.Pas de propriétaire.) -- (.not file.)



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\Windows\System32\DRIVERS\AmdK8.sys
O41 - Driver: (bdftdif) . (.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.4.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {17424F35-8B77-4ADF-BC63-BF9B81418539}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Babylon toolbar - (.Pas de propriétaire.) [HKLM] -- BabylonToolbar
O42 - Logiciel: BitDefender Internet Security 2010 - (.BitDefender.) [HKLM] -- {0DFF6117-CBBC-4F5C-9C57-6936644F10D4}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Connexion Facile à Internet - (.Hewlett-Packard.) [HKLM] -- InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}
O42 - Logiciel: Enhanced Multimedia Keyboard Solution - (.Pas de propriétaire.) [HKLM] -- KBD
O42 - Logiciel: Facemoods Toolbar - (.Pas de propriétaire.) [HKLM] -- facemoods
O42 - Logiciel: FoxTab PDF Converter - (.FoxTab.) [HKLM] -- FoxTab PDF Converter
O42 - Logiciel: GemMaster Mystic - (.Pas de propriétaire.) [HKLM] -- 99A88D57-2C93-491B-87B8-E41A870FB6BE
O42 - Logiciel: Google Toolbar for Firefox - (.Google Inc..) [HKLM] -- {2CCBABCB-6427-4A55-B091-49864623C43F}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Boot Optimizer - (.Hewlett-Packard.) [HKLM] -- {1341D838-719C-4A05-B50F-49420CA1B4BB}
O42 - Logiciel: HP Extended Capabilities 5.3 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Image Zone Express - (.Hewlett-Packard.) [HKLM] -- {FE64AE29-0883-4C70-8388-DC026019C900}
O42 - Logiciel: HP Imaging Device Functions 7.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP PSC & OfficeJet 5.3.B - (.HP.) [HKLM] -- {5B79CFD1-6845-4158-9D7D-6BE89DF2C135}
O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC}
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows Media Player 10 (KB903157) - (.Microsoft Corporation.) [HKLM] -- KB903157
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150060}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020F0}
O42 - Logiciel: Java(TM) 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB953295) - (.Microsoft Corporation.) [HKLM] -- KB953295
O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB979904) - (.Microsoft Corporation.) [HKLM] -- KB979904
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Away Mode - (.Microsoft Corporation.) [HKLM] -- AwayMode160
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft LifeCam - (.Microsoft.) [HKLM] -- {718263DE-E612-4653-BB7D-7154BA9E31AB}
O42 - Logiciel: Microsoft Office Excel Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9084040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {06E6E30D-B498-442F-A943-07DE41D7F785}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {A059DE09-1B49-4450-B340-7AE097EC3F04}
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {266517E6-D866-439D-919C-B8B1A52E6080}
O42 - Logiciel: Otto - (.Pas de propriétaire.) [HKLM] -- 0D20D36D-A11C-444c-9AF7-70CBFED42ECF
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre
O42 - Logiciel: Photosynth 2.0109.1002.1657 - (.Microsoft.) [HKLM] -- {DF78EBF9-0C4F-43D3-BD6F-5FC3E2A0E3A8}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Picture Package Music Transfer - (.Sony Corporation.) [HKLM] -- {CE2121C6-C94D-4A73-8EA4-6943F33EE335}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Sonic RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629}
O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205}
O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E}
O42 - Logiciel: Sony Picture Utility - (.Sony Corporation.) [HKLM] -- {D5068583-D569-468B-9755-5FBF5848F46F}
O42 - Logiciel: Sony USB Driver - (.Sony Corporation.) [HKLM] -- {5C29CB8B-AC1E-4114-8D68-9CD080140D4A}
O42 - Logiciel: Tom's Guide France Toolbar - (.Tom's Guide France.) [HKLM] -- Tom's_Guide_France Toolbar
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Windows XP (KB953356) - (.Microsoft Corporation.) [HKLM] -- KB953356
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Media Center Edition 2005 KB925766 - (.Microsoft Corporation.) [HKLM] -- KB925766
O42 - Logiciel: Windows XP Media Center Edition 2005 KB973768 - (.Microsoft Corporation.) [HKLM] -- KB973768
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: e-Carte Bleue Société Générale - (.Pas de propriétaire.) [HKLM] -- {EC3CAFA6-1CDC-46D1-AD8D-B66CFDE59EE0}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\Anvsoft]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\iGraal]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Applications WinDev]
[HKCU\Software\BabylonToolbar]
[HKCU\Software\Babylon]
[HKCU\Software\BitDefender]
[HKCU\Software\Bitberry]
[HKCU\Software\CeWe Color]
[HKCU\Software\Citrix]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cyberlink]
[HKCU\Software\DEVinB]
[HKCU\Software\FIXIO PC Utilities]
[HKCU\Software\Fighters]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavasoft]
[HKCU\Software\Leadertech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LowRegistry]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Monitored]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ORL]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orange]
[HKCU\Software\PC SOFT]
[HKCU\Software\PCFix]
[HKCU\Software\ParetoLogic]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RIT]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\RegDokFR]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\RegistryDoktorFrNE]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Softthinks]
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\SweetIM]
[HKCU\Software\Symantec]
[HKCU\Software\Sysinternals]
[HKCU\Software\Textalk]
[HKCU\Software\Tom's_Guide_France]
[HKCU\Software\Trolltech]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\facemoods.com]
[HKCU\Software\pixeasy]
[HKCU\Software\settings]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BitDefender]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CUSTPDF Writer]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\CyberLink]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\Fighters]
[HKLM\Software\GEAR Software]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HPS]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lavasoft]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MicroVision]
[HKLM\Software\MidasHeurScanner]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Neuf]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Orange]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Paretologic]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Python]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SONY PVC]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Secure]
[HKLM\Software\Softwin]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\SweetIM]
[HKLM\Software\Symantec]
[HKLM\Software\Tom's_Guide_France]
[HKLM\Software\Uniblue]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\e-Carte Bleue Société Générale]
[HKLM\Software\facemoods.com]
[HKLM\Software\mozilla.org]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/03/2011 - 22:04:00 - [524459] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 04/02/2010 - 22:25:32 - [162858302] ----D- C:\Program Files\Adobe
O43 - CFD: 13/11/2010 - 20:37:06 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 13/03/2011 - 18:44:02 - [2172270] ----D- C:\Program Files\BabylonToolbar
O43 - CFD: 09/09/2010 - 14:44:42 - [161422520] ----D- C:\Program Files\BitDefender
O43 - CFD: 18/03/2011 - 14:00:14 - [3653664] ----D- C:\Program Files\CCleaner
O43 - CFD: 09/06/2010 - 17:14:02 - [0] ----D- C:\Program Files\Common Files
O43 - CFD: 12/11/2005 - 01:09:16 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 19/03/2010 - 13:57:56 - [492550] ----D- C:\Program Files\e-Carte Bleue Société Générale
O43 - CFD: 09/10/2009 - 12:47:38 - [0] ----D- C:\Program Files\eMule
O43 - CFD: 13/03/2011 - 03:22:28 - [2339766] ----D- C:\Program Files\facemoods.com
O43 - CFD: 03/02/2011 - 13:42:08 - [1153122568] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 13/03/2011 - 18:48:20 - [14513415] ----D- C:\Program Files\FoxTabPDFConverter
O43 - CFD: 19/03/2010 - 13:57:56 - [13385845] ----D- C:\Program Files\FrenchOtto
O43 - CFD: 19/03/2010 - 13:57:58 - [5079476] ----D- C:\Program Files\GemMasterFrench
O43 - CFD: 18/03/2011 - 17:03:58 - [101188429] ----D- C:\Program Files\Google
O43 - CFD: 02/02/2011 - 19:14:22 - [8075602] ----D- C:\Program Files\GPLGS
O43 - CFD: 14/09/2009 - 13:07:14 - [48578255] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 15/12/2009 - 12:55:32 - [249215277] ----D- C:\Program Files\HP
O43 - CFD: 16/06/2010 - 14:59:16 - [6000560] ----D- C:\Program Files\IncrediMail
O43 - CFD: 28/11/2010 - 15:31:24 - [50826347] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 10/02/2011 - 01:37:40 - [4802235] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 13/11/2010 - 22:27:04 - [0] ----D- C:\Program Files\iTunes
O43 - CFD: 14/03/2011 - 13:29:00 - [243644925] ----D- C:\Program Files\Java
O43 - CFD: 19/11/2010 - 16:37:48 - [16295712] ----D- C:\Program Files\JRE
O43 - CFD: 31/08/2009 - 07:27:46 - [0] ----D- C:\Program Files\Lavasoft
O43 - CFD: 19/03/2010 - 13:57:58 - [2157699] ----D- C:\Program Files\Messenger
O43 - CFD: 30/08/2009 - 12:52:58 - [1721508] ----D- C:\Program Files\Microsoft
O43 - CFD: 31/08/2009 - 00:46:00 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 15/11/2005 - 03:24:46 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 19/03/2010 - 13:57:58 - [58598902] ----D- C:\Program Files\Microsoft LifeCam
O43 - CFD: 01/08/2010 - 11:12:16 - [12078374] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 02/03/2011 - 08:43:44 - [38371963] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 22/08/2010 - 12:52:18 - [0] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 14/09/2009 - 09:07:54 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 29/09/2009 - 19:34:02 - [149666883] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 13/08/2010 - 00:11:04 - [10942897] ----D- C:\Program Files\Movie Maker
O43 - CFD: 18/03/2011 - 16:57:16 - [1606229] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 14/09/2009 - 14:17:58 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 31/08/2009 - 12:27:26 - [21471461] ----D- C:\Program Files\MSN
O43 - CFD: 15/11/2005 - 03:25:02 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 29/08/2009 - 13:00:44 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 31/08/2009 - 13:50:00 - [3285523] ----D- C:\Program Files\NetMeeting
0
Réponse 14 / 47
Utilisateur anonyme
19 mars 2011 à 10:50
il est incomplet !

envoie la suite du rapport :-)

0
Réponse 15 / 47
Charly
19 mars 2011 à 10:54
O43 - CFD: 18/03/2011 - 22:04:00 - [524459] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 04/02/2010 - 22:25:32 - [162858302] ----D- C:\Program Files\Adobe
O43 - CFD: 13/11/2010 - 20:37:06 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 13/03/2011 - 18:44:02 - [2172270] ----D- C:\Program Files\BabylonToolbar
O43 - CFD: 09/09/2010 - 14:44:42 - [161422520] ----D- C:\Program Files\BitDefender
O43 - CFD: 18/03/2011 - 14:00:14 - [3653664] ----D- C:\Program Files\CCleaner
O43 - CFD: 09/06/2010 - 17:14:02 - [0] ----D- C:\Program Files\Common Files
O43 - CFD: 12/11/2005 - 01:09:16 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 19/03/2010 - 13:57:56 - [492550] ----D- C:\Program Files\e-Carte Bleue Société Générale
O43 - CFD: 09/10/2009 - 12:47:38 - [0] ----D- C:\Program Files\eMule
O43 - CFD: 13/03/2011 - 03:22:28 - [2339766] ----D- C:\Program Files\facemoods.com
O43 - CFD: 03/02/2011 - 13:42:08 - [1153122568] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 13/03/2011 - 18:48:20 - [14513415] ----D- C:\Program Files\FoxTabPDFConverter
O43 - CFD: 19/03/2010 - 13:57:56 - [13385845] ----D- C:\Program Files\FrenchOtto
O43 - CFD: 19/03/2010 - 13:57:58 - [5079476] ----D- C:\Program Files\GemMasterFrench
O43 - CFD: 18/03/2011 - 17:03:58 - [101188429] ----D- C:\Program Files\Google
O43 - CFD: 02/02/2011 - 19:14:22 - [8075602] ----D- C:\Program Files\GPLGS
O43 - CFD: 14/09/2009 - 13:07:14 - [48578255] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 15/12/2009 - 12:55:32 - [249215277] ----D- C:\Program Files\HP
O43 - CFD: 16/06/2010 - 14:59:16 - [6000560] ----D- C:\Program Files\IncrediMail
O43 - CFD: 28/11/2010 - 15:31:24 - [50826347] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 10/02/2011 - 01:37:40 - [4802235] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 13/11/2010 - 22:27:04 - [0] ----D- C:\Program Files\iTunes
O43 - CFD: 14/03/2011 - 13:29:00 - [243644925] ----D- C:\Program Files\Java
O43 - CFD: 19/11/2010 - 16:37:48 - [16295712] ----D- C:\Program Files\JRE
O43 - CFD: 31/08/2009 - 07:27:46 - [0] ----D- C:\Program Files\Lavasoft
O43 - CFD: 19/03/2010 - 13:57:58 - [2157699] ----D- C:\Program Files\Messenger
O43 - CFD: 30/08/2009 - 12:52:58 - [1721508] ----D- C:\Program Files\Microsoft
O43 - CFD: 31/08/2009 - 00:46:00 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 15/11/2005 - 03:24:46 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 19/03/2010 - 13:57:58 - [58598902] ----D- C:\Program Files\Microsoft LifeCam
O43 - CFD: 01/08/2010 - 11:12:16 - [12078374] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 02/03/2011 - 08:43:44 - [38371963] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 22/08/2010 - 12:52:18 - [0] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 14/09/2009 - 09:07:54 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 29/09/2009 - 19:34:02 - [149666883] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 13/08/2010 - 00:11:04 - [10942897] ----D- C:\Program Files\Movie Maker
O43 - CFD: 18/03/2011 - 16:57:16 - [1606229] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 14/09/2009 - 14:17:58 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 31/08/2009 - 12:27:26 - [21471461] ----D- C:\Program Files\MSN
O43 - CFD: 15/11/2005 - 03:25:02 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 29/08/2009 - 13:00:44 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 31/08/2009 - 13:50:00 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 15/11/2005 - 03:25:12 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 19/11/2010 - 16:37:44 - [386500907] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 07/01/2011 - 22:03:56 - [1638015] ----D- C:\Program Files\Orange
O43 - CFD: 16/12/2010 - 15:01:18 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 04/09/2010 - 08:19:22 - [6699056] ----D- C:\Program Files\PCFix
O43 - CFD: 13/09/2009 - 13:04:46 - [3751792] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 28/05/2010 - 12:21:38 - [14241168] ----D- C:\Program Files\Photosynth
O43 - CFD: 18/04/2010 - 00:36:52 - [0] ----D- C:\Program Files\Pixum
O43 - CFD: 20/10/2009 - 15:40:20 - [0] ----D- C:\Program Files\QUAD Utilities
O43 - CFD: 03/01/2006 - 02:57:42 - [443429] ----D- C:\Program Files\Real
O43 - CFD: 14/09/2009 - 14:17:12 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 23/11/2009 - 20:52:50 - [160780] ----D- C:\Program Files\Registry Mechanic
O43 - CFD: 31/01/2010 - 01:11:22 - [77172757] ----D- C:\Program Files\Services en ligne
O43 - CFD: 15/03/2011 - 18:49:08 - [14873034] ----D- C:\Program Files\SFR
O43 - CFD: 27/12/2009 - 09:54:38 - [20985307] ----D- C:\Program Files\Sonic
O43 - CFD: 30/08/2009 - 13:54:18 - [58806986] ----D- C:\Program Files\Sony
O43 - CFD: 31/08/2009 - 07:34:32 - [3808600] ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 05/12/2010 - 15:33:58 - [0] ----D- C:\Program Files\SweetIM
O43 - CFD: 18/03/2011 - 16:35:12 - [11959989] ----D- C:\Program Files\Tom's_Guide_France
O43 - CFD: 12/11/2005 - 01:09:06 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 16/03/2011 - 22:51:24 - [0] ----D- C:\Program Files\VS Revo Group
O43 - CFD: 28/05/2010 - 12:29:16 - [0] -S--D- C:\Program Files\Web Album Maker
O43 - CFD: 29/08/2010 - 14:57:52 - [0] ----D- C:\Program Files\Wikikou
O43 - CFD: 23/08/2010 - 19:51:14 - [109439948] ----D- C:\Program Files\Windows Live
O43 - CFD: 30/08/2009 - 12:52:42 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 19/03/2010 - 13:57:58 - [3586190] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 23/02/2010 - 16:09:36 - [10728474] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 31/08/2009 - 13:49:54 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 15/11/2005 - 03:25:58 - [3014051] ----D- C:\Program Files\Windows Plus
O43 - CFD: 12/11/2005 - 01:09:02 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 15/11/2005 - 03:26:08 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 29/08/2010 - 11:18:02 - [0] ----D- C:\Program Files\Yahoo!
O43 - CFD: 19/03/2011 - 10:26:10 - [3611141] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 21/10/2009 - 14:13:10 - [5372538] ----D- C:\Documents and Settings\Administrateur\Application Data\Adobe
O43 - CFD: 30/08/2009 - 14:42:42 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\AdobeUM
O43 - CFD: 13/11/2010 - 22:15:02 - [183438] ----D- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
O43 - CFD: 13/03/2011 - 18:44:48 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\BabylonToolbar
O43 - CFD: 09/09/2010 - 14:44:44 - [257650] ----D- C:\Documents and Settings\Administrateur\Application Data\BitDefender
O43 - CFD: 21/05/2010 - 20:22:12 - [226] ----D- C:\Documents and Settings\Administrateur\Application Data\BitZipper
O43 - CFD: 01/11/2009 - 13:03:26 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\CyberLink
O43 - CFD: 12/01/2011 - 18:09:34 - [4464] ----D- C:\Documents and Settings\Administrateur\Application Data\ExtraFilm
O43 - CFD: 13/03/2011 - 03:23:12 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\facemoods.com
O43 - CFD: 18/03/2010 - 15:47:04 - [21163] ----D- C:\Documents and Settings\Administrateur\Application Data\Fighters
O43 - CFD: 30/08/2009 - 23:43:52 - [2212] ----D- C:\Documents and Settings\Administrateur\Application Data\Google
O43 - CFD: 12/11/2010 - 21:34:14 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Help
O43 - CFD: 30/08/2009 - 12:43:14 - [37132] ----D- C:\Documents and Settings\Administrateur\Application Data\HP
O43 - CFD: 28/09/2009 - 18:22:48 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\HPQ
O43 - CFD: 14/03/2011 - 01:06:04 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Identities
O43 - CFD: 10/11/2009 - 20:03:06 - [1307562] ----D- C:\Documents and Settings\Administrateur\Application Data\igraal
O43 - CFD: 14/03/2011 - 22:04:02 - [26318115] ----D- C:\Documents and Settings\Administrateur\Application Data\Image Zone Express
O43 - CFD: 18/11/2009 - 13:29:00 - [362] ----D- C:\Documents and Settings\Administrateur\Application Data\Leadertech
O43 - CFD: 30/08/2009 - 13:01:18 - [13067] ----D- C:\Documents and Settings\Administrateur\Application Data\Macromedia
O43 - CFD: 19/03/2010 - 18:24:38 - [4025788] ----D- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
O43 - CFD: 05/10/2010 - 17:34:42 - [12200072] -S--D- C:\Documents and Settings\Administrateur\Application Data\Microsoft
O43 - CFD: 17/03/2011 - 13:32:50 - [1118730] ----D- C:\Documents and Settings\Administrateur\Application Data\Mozilla
O43 - CFD: 31/08/2009 - 12:27:50 - [864030] ----D- C:\Documents and Settings\Administrateur\Application Data\MSNInstaller
O43 - CFD: 08/06/2010 - 16:07:56 - [2553043] ----D- C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org
O43 - CFD: 03/09/2010 - 10:08:54 - [233440] ----D- C:\Documents and Settings\Administrateur\Application Data\PCFix
O43 - CFD: 23/08/2010 - 19:51:42 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\QuickScan
O43 - CFD: 03/02/2011 - 13:41:56 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Real
O43 - CFD: 18/11/2009 - 13:30:04 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Sonic
O43 - CFD: 30/08/2009 - 14:04:28 - [1849350] ----D- C:\Documents and Settings\Administrateur\Application Data\Sony Corporation
O43 - CFD: 10/11/2009 - 14:09:40 - [45774460] ----D- C:\Documents and Settings\Administrateur\Application Data\Sun
O43 - CFD: 27/09/2009 - 23:54:10 - [8704] ----D- C:\Documents and Settings\Administrateur\Application Data\Template
O43 - CFD: 24/02/2010 - 01:33:32 - [566462] ----D- C:\Documents and Settings\Administrateur\Application Data\Uniblue
O43 - CFD: 25/10/2009 - 17:27:32 - [12] ----D- C:\Documents and Settings\Administrateur\Application Data\WinRAR
O43 - CFD: 24/02/2010 - 13:20:18 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Yahoo!
O43 - CFD: 09/10/2010 - 08:36:58 - [401270] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
O43 - CFD: 13/11/2010 - 20:37:08 - [95315752] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple
O43 - CFD: 13/11/2010 - 20:42:40 - [4354837] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple Computer
O43 - CFD: 14/03/2011 - 20:41:32 - [23143] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 13/10/2010 - 10:20:58 - [1574607] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Citrix
O43 - CFD: 30/01/2010 - 12:25:10 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Deployment
O43 - CFD: 01/11/2009 - 13:42:22 - [8397] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\DVDPlay
O43 - CFD: 18/03/2011 - 17:04:46 - [197117977] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google
O43 - CFD: 12/11/2010 - 21:34:14 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Help
O43 - CFD: 22/09/2009 - 20:30:02 - [116848] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\HP
O43 - CFD: 14/03/2011 - 01:06:04 - [7865102] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Identities
O43 - CFD: 16/06/2010 - 14:59:16 - [76847953] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\IM
O43 - CFD: 22/09/2009 - 20:30:32 - [579] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\IsolatedStorage
O43 - CFD: 14/03/2011 - 02:48:16 - [1438621740] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft
O43 - CFD: 09/12/2009 - 13:34:40 - [2483690] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla
O43 - CFD: 27/10/2009 - 06:21:28 - [49] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Orange
O43 - CFD: 18/03/2010 - 15:46:58 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\PackageAware
O43 - CFD: 15/11/2010 - 22:10:16 - [143246] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\pixeasy Air
O43 - CFD: 18/03/2011 - 16:33:18 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Temp
O43 - CFD: 18/03/2011 - 16:35:08 - [4596479] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Tom's_Guide_France
O43 - CFD: 19/03/2010 - 17:18:58 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\WMTools Downloaded Files
0
Réponse 16 / 47
Charly
19 mars 2011 à 10:54
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.68EF1300F915817C00FCFD7F3CF01300] - 19/03/2011 - 10:15:36 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1621647]
O44 - LFC:[MD5.E868CAAA68EB92C70D07B66E0F938269] - 19/03/2011 - 09:14:52 ---A- . (...) -- C:\WINDOWS\System32\nvapps.xml [43531]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/03/2011 - 09:14:45 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.68EF1300F915817C00FCFD7F3CF01300] - 19/03/2011 - 09:14:26 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.68EF1300F915817C00FCFD7F3CF01300] - 19/03/2011 - 09:14:24 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 19/03/2011 - 09:13:59 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.EDB98905A97720982611F8F4DA404973] - 19/03/2011 - 01:41:19 ---A- . (...) -- C:\WINDOWS\System32\ashttpstats.csv [52]
O44 - LFC:[MD5.68EF1300F915817C00FCFD7F3CF01300] - 19/03/2011 - 01:41:14 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32268]
O44 - LFC:[MD5.21D327C411CFC3C6999F93360BF0CBFD] - 19/03/2011 - 01:40:46 ---A- . (...) -- C:\WINDOWS\bdagent.INI [121]
O44 - LFC:[MD5.178E277C626A9C0BE4688E3392BDD651] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [13580]
O44 - LFC:[MD5.8DDC3D2CF1610CE5231ECE34C845356F] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [1438]
O44 - LFC:[MD5.F11CE867C2C166159B56A2ABC1D51FEE] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\comsetup.log [5014]
O44 - LFC:[MD5.98CE91448C6E534AA22BED850E5E2784] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\ehOCGen.log [1026]
O44 - LFC:[MD5.C31497D9FBFDDC271AF67222A85C1EF2] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\iis6.log [13278]
O44 - LFC:[MD5.A664D49E23C62A6D2C5E0B3AD06D54B3] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\imsins.log [1917]
O44 - LFC:[MD5.16628A013D98915E3A2FB899A39F42BC] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\msgsocm.log [958]
O44 - LFC:[MD5.78992B7565509CAECDF53812F724F246] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\netfxocm.log [3184]
O44 - LFC:[MD5.D5A5CE7998D36F5CE615F370A9A7ED62] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [3618]
O44 - LFC:[MD5.56A2E7054DAED8CEE75E313B01F861D9] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\ocgen.log [11632]
O44 - LFC:[MD5.DB98FA6A8F350364D7C1E3DCA33A9907] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\ocmsn.log [938]
O44 - LFC:[MD5.E431B903B2101CDC5915CA5B17033A5C] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\plusoc.log [2986]
O44 - LFC:[MD5.365E5A27CF92DFB1A20D58E946AE38AC] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\tabletoc.log [622]
O44 - LFC:[MD5.AA07E3DE294BEB45E85581C2EA6EF774] - 19/03/2011 - 00:58:46 ---A- . (...) -- C:\WINDOWS\tsoc.log [9182]
O44 - LFC:[MD5.EF69C0A08547C9A8ABC6E8086127AF4F] - 19/03/2011 - 00:58:39 ---A- . (...) -- C:\WINDOWS\msmqinst.log [3756]
O44 - LFC:[MD5.DF4C40E870DA770F7D2927B6C365FCA6] - 19/03/2011 - 00:35:48 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1917]
O44 - LFC:[MD5.A5B2A4CA2832B4512A9D994B213B5630] - 18/03/2011 - 20:38:43 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.E7A6FC656B849F387E4CBD91C025750A] - 18/03/2011 - 17:07:20 ---A- . (...) -- C:\WINDOWS\KB952011.log [27417]
O44 - LFC:[MD5.51A0F7794CEE90BB70261A34E8278766] - 18/03/2011 - 17:07:05 ---A- . (...) -- C:\WINDOWS\setupapi.log [50849]
O44 - LFC:[MD5.07876708C2CFB37B42159CDA695BC11E] - 18/03/2011 - 16:51:29 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/03/2011 - 16:31:55 ---A- . (...) -- C:\WINDOWS\setupact.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/03/2011 - 16:31:55 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.254FFD9FE6CACC8E9D9EC8547973C924] - 16/03/2011 - 23:19:44 ---A- . (...) -- C:\WINDOWS\system.ini [246]
O44 - LFC:[MD5.A12CF2B1CD5E32CB984B8E5995902E39] - 16/03/2011 - 23:19:44 ---A- . (...) -- C:\WINDOWS\win.ini [562]
O44 - LFC:[MD5.916DB7C07727B3E985A1E1A85F1160FB] - 16/03/2011 - 23:19:44 RSHA- . (...) -- C:\boot.ini [289]
O44 - LFC:[MD5.E3244B31677BDE53065C7F78E6C9CB6F] - 16/03/2011 - 21:19:33 ---A- . (...) -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT [48096]
O44 - LFC:[MD5.A6EB81EB013C3246A9F6FA12FE573B5E] - 16/03/2011 - 18:49:52 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1126060]
O44 - LFC:[MD5.6C05D35553B63B452C452F270E0C24C2] - 16/03/2011 - 18:49:52 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [72182]
O44 - LFC:[MD5.24FC30419477DDCC1445965CD6B4C09E] - 16/03/2011 - 18:49:52 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [85984]
O44 - LFC:[MD5.CA711D4381E930CEE76750D3F058E020] - 16/03/2011 - 18:49:52 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [442916]
O44 - LFC:[MD5.5D08FBD4702AB2FBD1FBD5F918EEE834] - 16/03/2011 - 18:49:52 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [512624]
O44 - LFC:[MD5.2CF127B06421ACF085BC11FA14C45218] - 16/03/2011 - 15:25:26 -SHA- . (...) -- C:\WINDOWS\Thumbs.db [8192]
O44 - LFC:[MD5.68288DA42BC798992A42CD59061B199D] - 14/03/2011 - 13:29:13 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184]
O44 - LFC:[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - 14/03/2011 - 13:29:13 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184]
O44 - LFC:[MD5.58DC5CBDC930AF070B177843810F2C85] - 14/03/2011 - 13:29:13 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [157472]
O44 - LFC:[MD5.A5D1EED554B73EA3CF7EB0B07239D818] - 14/03/2011 - 13:28:59 ---A- . (...) -- C:\WINDOWS\System32\jupdate-1.6.0_24-b07.log [3910]
O44 - LFC:[MD5.093CBCA4161BDFCF066B1DC3E1D78E60] - 14/03/2011 - 02:50:42 ---A- . (...) -- C:\WINDOWS\setupapi.log.1.old [1044562]
O44 - LFC:[MD5.118342534C31E5509CD5EB565A269730] - 08/03/2011 - 07:11:06 ---A- . (...) -- C:\bdlog.txt [344728]
O44 - LFC:[MD5.775DF49540D0D0DAF00EDB086A0ABD67] - 21/08/2007 - 13:32:44 ---A- . (...) -- C:\WINDOWS\System32\redmonnt.dll [98304]



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
0
Réponse 17 / 47
Charly
19 mars 2011 à 10:55
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0\waol.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\AOL 9.0\waol.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Hewlett-Packard Co. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Hewlett-Packard Co. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Hewlett-Packard Co. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard - HP ScanJet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Hewlett-Packard Co. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Hewlett-Packard - QHouston.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Co. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeCam.exe" [Enabled] .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [Enabled] .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\IncMail.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\IncrediMail\bin\IncMail.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImpCnt.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImApp.exe" [Disabled] .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\ImApp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\BGETMZ01\SweetImSetup[1].exe" [Enabled] .(.Pas de propriétaireC:\Documents and Settings\Administrateur\Local Settings\Temporary Inter
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\W35QH1WJ\PDFConverterSetup[1].exe" [Enabled] .(.Pas de propriétaireC:\Documents and Settings\Administrateur\Local Settings\Temporary
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\95ZCUMDE\PDFConverterSetup[1].exe" [Enabled] .(.Pas de propriétaireC:\Documents and Settings\Administrateur\Local Settings\Temporary
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
0
Réponse 18 / 47
Utilisateur anonyme
Modifié par Electricien 69 le 19/03/2011 à 10:56
il en manque jusqu'à a lignes O81 (la fin), sauf tu décides de l'héberger sur l'un des sites :

* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr/getfile.pl?file=/doYgUQ3V
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/


O.o°*??? Membre, Contributeur Sécurité CCM o°.Oø¤º°'°º¤ø

O.o°* ??? Réspire à fond, Rédige ton message en bon français et de manière claire. Une fois ton problème passé, coche ton message comme résolu.Ca va bien se passer, tu verras, enfin on essaie !!! o°.Oø¤º°'°º¤ø
0
Réponse 19 / 47
Charly
19 mars 2011 à 10:56
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
O55 - MWPS:[HKLM\...\Policies\System] - "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 09/03/2005 - 22:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008]
O58 - SDL:[MD5.B758A219E95C085405B1E356A8267610] - 28/06/2010 - 11:55:42 ---A- . (.BitDefender - Active Virus Control Kernel Filtering driver.) -- C:\WINDOWS\system32\drivers\avckf.sys [970320]
O58 - SDL:[MD5.7270D070173B20AC9487EA16BB08B45F] - 05/11/2003 - 06:45:12 ---A- . (.Promise Technology, Inc. - Promise Disk Accelerator.) -- C:\WINDOWS\system32\drivers\bb-run.sys [17408]
O58 - SDL:[MD5.67C2A47DB7190673350A3F9F5A1507CB] - 03/02/2010 - 12:57:36 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfm.sys [153448]
O58 - SDL:[MD5.D981965D8D6578D663CF53D70A03F95A] - 09/09/2010 - 15:19:20 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfndisf.sys [111312]
O58 - SDL:[MD5.A21A4A0E6BDF0C2BE0FABFA16D8C8F76] - 22/02/2010 - 13:58:40 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys [291352]
O58 - SDL:[MD5.CA54223D5A5B6A7E3559CB100A0B5E57] - 03/02/2010 - 12:56:32 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender AntiVirus Hypervisor driver.) -- C:\WINDOWS\system32\drivers\bdhv.sys [106464]
O58 - SDL:[MD5.375CD0B9F433465EC6F50D4DF44E9448] - 19/01/2010 - 18:32:40 ---A- . (.BitDefender - FileVault Disk Driver.) -- C:\WINDOWS\system32\drivers\BDVEDISK.sys [85128]
O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 28/08/2006 - 20:48:26 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys [2432]
O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 28/08/2006 - 20:48:26 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdralw2k.sys [2560]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 10/08/2004 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 10/08/2004 - 12:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.22399D3CE5840C6082844679CCA5D2FC] - 29/06/2005 - 16:03:18 ---A- . (.Promise Technology, Inc. - Promise Driver for Windows Server 2003.) -- C:\WINDOWS\system32\drivers\ftsata2.sys [175104]
O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 08/03/2005 - 05:43:25 ---A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [51120]
O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 08/03/2005 - 05:43:26 ---A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]
O58 - SDL:[MD5.CF1B7951B4EC8D13F3C93B74BB2B461B] - 08/03/2005 - 05:43:27 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21744]
O58 - SDL:[MD5.419590EBE7855215BB157EA0CF0D0531] - 30/08/2009 - 18:59:43 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\WINDOWS\system32\drivers\Lbd.sys [64160]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 10/08/2004 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.642A87877F83313EB5302749CD479024] - 09/05/2006 - 23:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 82.08.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3535680]
O58 - SDL:[MD5.22EEDB34C4D7613A25B10C347C6C4C21] - 03/03/2006 - 23:31:02 ---A- . (.NVIDIA Corporation - NVIDIA Networking Function Driver..) -- C:\WINDOWS\system32\drivers\NVENETFD.sys [34176]
O58 - SDL:[MD5.5E3F6AD5CAD0F12D3CCCD06FD964087A] - 03/03/2006 - 23:31:04 ---A- . (.NVIDIA Corporation - NVIDIA Networking Bus Driver..) -- C:\WINDOWS\system32\drivers\nvnetbus.sys [13056]
O58 - SDL:[MD5.B80EB11F6BA8596153FE7067ACDBFE43] - 03/03/2006 - 23:30:46 ---A- . (.NVIDIA Corporation - NVIDIA Network Resource Manager..) -- C:\WINDOWS\system32\drivers\nvnrm.sys [305024]
O58 - SDL:[MD5.60CA4F6F077CCC73AF7B5556BE81639A] - 03/03/2006 - 23:30:32 ---A- . (.NVIDIA Corporation - NVIDIA Networking Soft-NPU Driver..) -- C:\WINDOWS\system32\drivers\nvsnpu.sys [222592]
O58 - SDL:[MD5.C3B4DDFDDEB512790EA24DE867FCB7C3] - 03/03/2006 - 23:30:54 ---A- . (.NVIDIA Corporation - NVIDIA Networking Protocol Driver..) -- C:\WINDOWS\system32\drivers\nvtcp.sys [101888]
O58 - SDL:[MD5.07C02C892E8E1A72D6BF35004F0E9C5E] - 19/11/2005 - 02:13:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\PCASp50.sys [20096]
O58 - SDL:[MD5.263AA696D8A1D78234F17C303E89B78D] - 11/05/2006 - 06:36:40 ---A- . (.Windows (R) 2000 DDK provider - PCDR NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\drivers\pcdrndisuio.sys [13440]
O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 13/12/2005 - 01:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [19072]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 10/08/2004 - 05:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys [43872]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 10/08/2004 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 10/08/2004 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.12F4D2AA29745DC2A403FF42E75CF7FA] - 25/07/2006 - 00:15:04 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [4353024]
O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 03/08/2004 - 22:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.E78CD3BB53A208DFAB8FC826384307E0] - 30/10/2006 - 12:46:02 ---A- . (.Sony Corporation - sonyhcb.sys.) -- C:\WINDOWS\system32\drivers\sonyhcb.sys [6097]
O58 - SDL:[MD5.55E48017295F26BA266F935DA49C59A4] - 30/10/2006 - 12:46:02 ---A- . (.Sony Corporation - sonyhcc.sys.) -- C:\WINDOWS\system32\drivers\sonyhcc.sys [38739]
O58 - SDL:[MD5.610F515FCD95D37F3252E1C250EF8C61] - 30/10/2006 - 12:46:02 ---A- . (.Sony Corporation - sonyhcs.sys.) -- C:\WINDOWS\system32\drivers\sonyhcs.sys [299923]
O58 - SDL:[MD5.DFADFC2C86662F40759BF02ADD27D569] - 30/10/2006 - 12:46:02 ---A- . (.Sony Corporation - Sony Digital Imaging.) -- C:\WINDOWS\system32\drivers\sonypvs1.sys [102220]
O58 - SDL:[MD5.21D940160C67ADE7448DAD6C1D504A62] - 27/07/2010 - 11:50:00 ---A- . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\WINDOWS\system32\drivers\Trufos.sys [253072]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 10/08/2004 - 12:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.F2CE99DD9F56BAFC49234A1EFB0AFC8E] - 11/05/2006 - 06:27:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\USBkey.sys [28848]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 10/08/2004 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.048A59C97CADB1267AEAF1179B7A8A51] - 03/01/2006 - 03:06:14 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [13059]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 10/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 10/08/2004 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 10/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 10/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 10/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 10/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 10/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - (.not file.) - 0028fba9 (0028fba9) .(...) - LEGACY_0028FBA9
O64 - Services: CurCS - (.not file.) - 0119ef9e (0119ef9e) .(...) - LEGACY_0119EF9E
O64 - Services: CurCS - (.not file.) - 0165de7c (0165de7c) .(...) - LEGACY_0165DE7C
O64 - Services: CurCS - (.not file.) - 016f5061 (016f5061) .(...) - LEGACY_016F5061
O64 - Services: CurCS - (.not file.) - 018905ac (018905ac) .(...) - LEGACY_018905AC
O64 - Services: CurCS - (.not file.) - 018a828d (018a828d) .(...) - LEGACY_018A828D
O64 - Services: CurCS - (.not file.) - 01e078fc (01e078fc) .(...) - LEGACY_01E078FC
O64 - Services: CurCS - (.not file.) - 025fd757 (025fd757) .(...) - LEGACY_025FD757
O64 - Services: CurCS - (.not file.) - 033899d6 (033899d6) .(...) - LEGACY_033899D6
O64 - Services: CurCS - (.not file.) - 034101f3 (034101f3) .(...) - LEGACY_034101F3
O64 - Services: CurCS - (.not file.) - 03613dd9 (03613dd9) .(...) - LEGACY_03613DD9
O64 - Services: CurCS - (.not file.) - 03b112b7 (03b112b7) .(...) - LEGACY_03B112B7
O64 - Services: CurCS - (.not file.) - 03e49e37 (03e49e37) .(...) - LEGACY_03E49E37
O64 - Services: CurCS - (.not file.) - 03fb9c8d (03fb9c8d) .(...) - LEGACY_03FB9C8D
O64 - Services: CurCS - (.not file.) - 04eff22c (04eff22c) .(...) - LEGACY_04EFF22C
O64 - Services: CurCS - (.not file.) - 052374c2 (052374c2) .(...) - LEGACY_052374C2
O64 - Services: CurCS - (.not file.) - 0523edfb (0523edfb) .(...) - LEGACY_0523EDFB
O64 - Services: CurCS - (.not file.) - 05276a11 (05276a11) .(...) - LEGACY_05276A11
O64 - Services: CurCS - (.not file.) - 05d6e502 (05d6e502) .(...) - LEGACY_05D6E502
O64 - Services: CurCS - (.not file.) - 05d7377c (05d7377c) .(...) - LEGACY_05D7377C
O64 - Services: CurCS - (.not file.) - 05eff250 (05eff250) .(...) - LEGACY_05EFF250
O64 - Services: CurCS - (.not file.) - 06295208 (06295208) .(...) - LEGACY_06295208
O64 - Services: CurCS - (.not file.) - 0669b543 (0669b543) .(...) - LEGACY_0669B543
O64 - Services: CurCS - (.not file.) - 066ac3bb (066ac3bb) .(...) - LEGACY_066AC3BB
O64 - Services: CurCS - (.not file.) - 066e50ce (066e50ce) .(...) - LEGACY_066E50CE
O64 - Services: CurCS - (.not file.) - 06751b2d (06751b2d) .(...) - LEGACY_06751B2D
O64 - Services: CurCS - (.not file.) - 069b64f2 (069b64f2) .(...) - LEGACY_069B64F2
O64 - Services: CurCS - (.not file.) - 06decba2 (06decba2) .(...) - LEGACY_06DECBA2
O64 - Services: CurCS - (.not file.) - 06defba9 (06defba9) .(...) - LEGACY_06DEFBA9
O64 - Services: CurCS - (.not file.) - 06fb0b9c (06fb0b9c) .(...) - LEGACY_06FB0B9C
O64 - Services: CurCS - (.not file.) - 0702d3c3 (0702d3c3) .(...) - LEGACY_0702D3C3
O64 - Services: CurCS - (.not file.) - 070b7da0 (070b7da0) .(...) - LEGACY_070B7DA0
O64 - Services: CurCS - (.not file.) - 071c9dd8 (071c9dd8) .(...) - LEGACY_071C9DD8
O64 - Services: CurCS - (.not file.) - 0750bc6d (0750bc6d) .(...) - LEGACY_0750BC6D
O64 - Services: CurCS - (.not file.) - 07ac0980 (07ac0980) .(...) - LEGACY_07AC0980
O64 - Services: CurCS - (.not file.) - 07b1f66a (07b1f66a) .(...) - LEGACY_07B1F66A
O64 - Services: CurCS - (.not file.) - 0814c56d (0814c56d) .(...) - LEGACY_0814C56D
O64 - Services: CurCS - (.not file.) - 088c67ae (088c67ae) .(...) - LEGACY_088C67AE
O64 - Services: CurCS - (.not file.) - 08953558 (08953558) .(...) - LEGACY_08953558
O64 - Services: CurCS - (.not file.) - 08ae6cbb (08ae6cbb) .(...) - LEGACY_08AE6CBB
O64 - Services: CurCS - (.not file.) - 08b535f5 (08b535f5) .(...) - LEGACY_08B535F5
O64 - Services: CurCS - (.not file.) - 08c43ee1 (08c43ee1) .(...) - LEGACY_08C43EE1
O64 - Services: CurCS - (.not file.) - 08e60b93 (08e60b93) .(...) - LEGACY_08E60B93
O64 - Services: CurCS - (.not file.) - 08f6fe50 (08f6fe50) .(...) - LEGACY_08F6FE50
O64 - Services: CurCS - (.not file.) - 0901bfca (0901bfca) .(...) - LEGACY_0901BFCA
O64 - Services: CurCS - (.not file.) - 09da9ec6 (09da9ec6) .(...) - LEGACY_09DA9EC6
O64 - Services: CurCS - (.not file.) - 09de3958 (09de3958) .(...) - LEGACY_09DE3958
O64 - Services: CurCS - (.not file.) - 0a02f24f (0a02f24f) .(...) - LEGACY_0A02F24F
O64 - Services: CurCS - (.not file.) - 0a333c28 (0a333c28) .(...) - LEGACY_0A333C28
O64 - Services: CurCS - (.not file.) - 0a45be18 (0a45be18) .(...) - LEGACY_0A45BE18
O64 - Services: CurCS - (.not file.) - 0a68ec6d (0a68ec6d) .(...) - LEGACY_0A68EC6D
O64 - Services: CurCS - (.not file.) - 0b0503fb (0b0503fb) .(...) - LEGACY_0B0503FB
O64 - Services: CurCS - (.not file.) - 0b410be5 (0b410be5) .(...) - LEGACY_0B410BE5
O64 - Services: CurCS - (.not file.) - 0b68ad0c (0b68ad0c) .(...) - LEGACY_0B68AD0C
O64 - Services: CurCS - (.not file.) - 0b870cea (0b870cea) .(...) - LEGACY_0B870CEA
O64 - Services: CurCS - (.not file.) - 0bd703fb (0bd703fb) .(...) - LEGACY_0BD703FB
O64 - Services: CurCS - (.not file.) - 0bd8c3e2 (0bd8c3e2) .(...) - LEGACY_0BD8C3E2
O64 - Services: CurCS - (.not file.) - 0bfb4642 (0bfb4642) .(...) - LEGACY_0BFB4642
O64 - Services: CurCS - (.not file.) - 0c05507c (0c05507c) .(...) - LEGACY_0C05507C
O64 - Services: CurCS - (.not file.) - 0c0df4fe (0c0df4fe) .(...) - LEGACY_0C0DF4FE
O64 - Services: CurCS - (.not file.) - 0c104759 (0c104759) .(...) - LEGACY_0C104759
O64 - Services: CurCS - (.not file.) - 0c9eb3ed (0c9eb3ed) .(...) - LEGACY_0C9EB3ED
O64 - Services: CurCS - (.not file.) - 0d2e7a8e (0d2e7a8e) .(...) - LEGACY_0D2E7A8E
O64 - Services: CurCS - (.not file.) - 0d3c49f4 (0d3c49f4) .(...) - LEGACY_0D3C49F4
O64 - Services: CurCS - (.not file.) - 0db87df2 (0db87df2) .(...) - LEGACY_0DB87DF2
O64 - Services: CurCS - (.not file.) - 0dd85a4a (0dd85a4a) .(...) - LEGACY_0DD85A4A
O64 - Services: CurCS - (.not file.) - 0dd8ddcf (0dd8ddcf) .(...) - LEGACY_0DD8DDCF
O64 - Services: CurCS - (.not file.) - 0de10620 (0de10620) .(...) - LEGACY_0DE10620
O64 - Services: CurCS - (.not file.) - 0f324824 (0f324824) .(...) - LEGACY_0F324824
O64 - Services: CurCS - (.not file.) - 0f3f3a12 (0f3f3a12) .(...) - LEGACY_0F3F3A12
O64 - Services: CurCS - (.not file.) - 0fc8d6f0 (0fc8d6f0) .(...) - LEGACY_0FC8D6F0
O64 - Services: CurCS - (.not file.) - 1101fde9 (1101fde9) .(...) - LEGACY_1101FDE9
O64 - Services: CurCS - (.not file.) - 12014419 (12014419) .(...) - LEGACY_12014419
O64 - Services: CurCS - (.not file.) - 1205fbd3 (1205fbd3) .(...) - LEGACY_1205FBD3
O64 - Services: CurCS - (.not file.) - 1229e1e3 (1229e1e3) .(...) - LEGACY_1229E1E3
O64 - Services: CurCS - (.not file.) - 1289394e (1289394e) .(...) - LEGACY_1289394E
O64 - Services: CurCS - (.not file.) - 128a91e0 (128a91e0) .(...) - LEGACY_128A91E0
O64 - Services: CurCS - (.not file.) - 12a0d3b9 (12a0d3b9) .(...) - LEGACY_12A0D3B9
O64 - Services: CurCS - (.not file.) - 12b15d50 (12b15d50) .(...) - LEGACY_12B15D50
O64 - Services: CurCS - (.not file.) - 13a1de2d (13a1de2d) .(...) - LEGACY_13A1DE2D
O64 - Services: CurCS - (.not file.) - 1450410b (1450410b) .(...) - LEGACY_1450410B
O64 - Services: CurCS - (.not file.) - 14504117 (14504117) .(...) - LEGACY_14504117
O64 - Services: CurCS - (.not file.) - 149ed0c2 (149ed0c2) .(...) - LEGACY_149ED0C2
O64 - Services: CurCS - (.not file.) - 14c44ae2 (14c44ae2) .(...) - LEGACY_14C44AE2
O64 - Services: CurCS - (.not file.) - 14c44e07 (14c44e07) .(...) - LEGACY_14C44E07
O64 - Services: CurCS - (.not file.) - 152aa0ba (152aa0ba) .(...) - LEGACY_152AA0BA
O64 - Services: CurCS - (.not file.) - 15ed084c (15ed084c) .(...) - LEGACY_15ED084C
O64 - Services: CurCS - (.not file.) - 16127cf8 (16127cf8) .(...) - LEGACY_16127CF8
O64 - Services: CurCS - (.not file.) - 1621afb9 (1621afb9) .(...) - LEGACY_1621AFB9
O64 - Services: CurCS - (.not file.) - 162f5f77 (162f5f77) .(...) - LEGACY_162F5F77
O64 - Services: CurCS - (.not file.) - 163a5702 (163a5702) .(...) - LEGACY_163A5702
O64 - Services: CurCS - (.not file.) - 1668700e (1668700e) .(...) - LEGACY_1668700E
O64 - Services: CurCS - (.not file.) - 16916239 (16916239) .(...) - LEGACY_16916239
O64 - Services: CurCS - (.not file.) - 17289d22 (17289d22) .(...) - LEGACY_17289D22
O64 - Services: CurCS - (.not file.) - 1728b65e (1728b65e) .(...) - LEGACY_1728B65E
O64 - Services: CurCS - (.not file.) - 1728fb54 (1728fb54) .(...) - LEGACY_1728FB54
O64 - Services: CurCS - (.not file.) - 17460550 (17460550) .(...) - LEGACY_17460550
O64 - Services: CurCS - (.not file.) - 17466b23 (17466b23) .(...) - LEGACY_17466B23
O64 - Services: CurCS - (.not file.) - 17506740 (17506740) .(...) - LEGACY_17506740
O64 - Services: CurCS - (.not file.) - 1763e59d (1763e59d) .(...) - LEGACY_1763E59D
O64 - Services: CurCS - (.not file.) - 176efed9 (176efed9) .(...) - LEGACY_176EFED9
O64 - Services: CurCS - (.not file.) - 17822559 (17822559) .(...) - LEGACY_17822559
O64 - Services: CurCS - (.not file.) - 17a25cc1 (17a25cc1) .(...) - LEGACY_17A25CC1
O64 - Services: CurCS - (.not file.) - 17aa090b (17aa090b) .(...) - LEGACY_17AA090B
O64 - Services: CurCS - (.not file.) - 1809a81f (1809a81f) .(...) - LEGACY_1809A81F
O64 - Services: CurCS - (.not file.) - 181a377c (181a377c) .(...) - LEGACY_181A377C
O64 - Services: CurCS - (.not file.) - 182bb109 (182bb109) .(...) - LEGACY_182BB109
O64 - Services: CurCS - (.not file.) - 18408cfa (18408cfa) .(...) - LEGACY_18408CFA
O64 - Services: CurCS - (.not file.) - 18a3a971 (18a3a971) .(...) - LEGACY_18A3A971
O64 - Services: CurCS - (.not file.) - 18f3abc4 (18f3abc4) .(...) - LEGACY_18F3ABC4
O64 - Services: CurCS - (.not file.) - 19169d80 (19169d80) .(...) - LEGACY_19169D80
O64 - Services: CurCS - (.not file.) - 195436ce (195436ce) .(...) - LEGACY_195436CE
O64 - Services: CurCS - (.not file.) - 19c3fb6f (19c3fb6f) .(...) - LEGACY_19C3FB6F
O64 - Services: CurCS - (.not file.) - 19f250ac (19f250ac) .(...) - LEGACY_19F250AC
O64 - Services: CurCS - (.not file.) - 19fb336e (19fb336e) .(...) - LEGACY_19FB336E
O64 - Services: CurCS - (.not file.) - 1a19ac9d (1a19ac9d) .(...) - LEGACY_1A19AC9D
O64 - Services: CurCS - (.not file.) - 1a4ad840 (1a4ad840) .(...) - LEGACY_1A4AD840
O64 - Services: CurCS - (.not file.) - 1a94807b (1a94807b) .(...) - LEGACY_1A94807B
O64 - Services: CurCS - (.not file.) - 1af47f07 (1af47f07) .(...) - LEGACY_1AF47F07
O64 - Services: CurCS - (.not file.) - 1b1d1449 (1b1d1449) .(...) - LEGACY_1B1D1449
O64 - Services: CurCS - (.not file.) - 1b38ac91 (1b38ac91) .(...) - LEGACY_1B38AC91
O64 - Services: CurCS - (.not file.) - 1b50bc33 (1b50bc33) .(...) - LEGACY_1B50BC33
O64 - Services: CurCS - (.not file.) - 1b75dbbe (1b75dbbe) .(...) - LEGACY_1B75DBBE
O64 - Services: CurCS - (.not file.) - 1bf24799 (1bf24799) .(...) - LEGACY_1BF24799
O64 - Services: CurCS - (.not file.) - 1c177443 (1c177443) .(...) - LEGACY_1C177443
O64 - Services: CurCS - (.not file.) - 1c6e9f6a (1c6e9f6a) .(...) - LEGACY_1C6E9F6A
O64 - Services: CurCS - (.not file.) - 1c6eac1f (1c6eac1f) .(...) - LEGACY_1C6EAC1F
O64 - Services: CurCS - (.not file.) - 1c8d922e (1c8d922e) .(...) - LEGACY_1C8D922E
O64 - Services: CurCS - (.not file.) - 1c965dfc (1c965dfc) .(...) - LEGACY_1C965DFC
O64 - Services: CurCS - (.not file.) - 1ca8c514 (1ca8c514) .(...) - LEGACY_1CA8C514
O64 - Services: CurCS - (.not file.) - 1cbb4309 (1cbb4309) .(...) - LEGACY_1CBB4309
O64 - Services: CurCS - (.not file.) - 1cc98071 (1cc98071) .(...) - LEGACY_1CC98071
O64 - Services: CurCS - (.not file.) - 1cec5246 (1cec5246) .(...) - LEGACY_1CEC5246
O64 - Services: CurCS - (.not file.) - 1d0d92a1 (1d0d92a1) .(...) - LEGACY_1D0D92A1
O64 - Services: CurCS - (.not file.) - 1d43ef38 (1d43ef38) .(...) - LEGACY_1D43EF38
O64 - Services: CurCS - (.not file.) - 1d4671f2 (1d4671f2) .(...) - LEGACY_1D4671F2
O64 - Services: CurCS - (.not file.) - 1d777f21 (1d777f21) .(...) - LEGACY_1D777F21
O64 - Services: CurCS - (.not file.) - 1d91fde9 (1d91fde9) .(...) - LEGACY_1D91FDE9
O64 - Services: CurCS - (.not file.) - 1da133bb (1da133bb) .(...) - LEGACY_1DA133BB
O64 - Services: CurCS - (.not file.) - 1db11d4a (1db11d4a) .(...) - LEGACY_1DB11D4A
O64 - Services: CurCS - (.not file.) - 1dd5447b (1dd5447b) .(...) - LEGACY_1DD5447B
O64 - Services: CurCS - (.not file.) - 1de89c12 (1de89c12) .(...) - LEGACY_1DE89C12
O64 - Services: CurCS - (.not file.) - 1e10d8e7 (1e10d8e7) .(...) - LEGACY_1E10D8E7
O64 - Services: CurCS - (.not file.) - 1f8c05ef (1f8c05ef) .(...) - LEGACY_1F8C05EF
O64 - Services: CurCS - (.not file.) - 207415f3 (207415f3) .(...) - LEGACY_207415F3
O64 - Services: CurCS - (.not file.) - 2155e83e (2155e83e) .(...) - LEGACY_2155E83E
O64 - Services: CurCS - (.not file.) - 21585b6f (21585b6f) .(...) - LEGACY_21585B6F
O64 - Services: CurCS - (.not file.) - 2168cdf2 (2168cdf2) .(...) - LEGACY_2168CDF2
O64 - Services: CurCS - (.not file.) - 21b73f7f (21b73f7f) .(...) - LEGACY_21B73F7F
O64 - Services: CurCS - (.not file.) - 21b82714 (21b82714) .(...) - LEGACY_21B82714
O64 - Services: CurCS - (.not file.) - 21e258c6 (21e258c6) .(...) - LEGACY_21E258C6
O64 - Services: CurCS - (.not file.) - 222a936a (222a936a) .(...) - LEGACY_222A936A
O64 - Services: CurCS - (.not file.) - 2254d58e (2254d58e) .(...) - LEGACY_2254D58E
O64 - Services: CurCS - (.not file.) - 22be377c (22be377c) .(...) - LEGACY_22BE377C
O64 - Services: CurCS - (.not file.) - 22df9fb2 (22df9fb2) .(...) - LEGACY_22DF9FB2
O64 - Services: CurCS - (.not file.) - 2389fd58 (2389fd58) .(...) - LEGACY_2389FD58
O64 - Services: CurCS - (.not file.) - 2395f89c (2395f89c) .(...) - LEGACY_2395F89C
O64 - Services: CurCS - (.not file.) - 24adde4a (24adde4a) .(...) - LEGACY_24ADDE4A
O64 - Services: CurCS - (.not file.) - 258478c8 (258478c8) .(...) - LEGACY_258478C8
O64 - Services: CurCS - (.not file.) - 26d53a11 (26d53a11) .(...) - LEGACY_26D53A11
O64 - Services: CurCS - (.not file.) - 26f674de (26f674de) .(...) - LEGACY_26F674DE
O64 - Services: CurCS - (.not file.) - 26fb1c9d (26fb1c9d) .(...) - LEGACY_26FB1C9D
O64 - Services: CurCS - (.not file.) - 27160e33 (27160e33) .(...) - LEGACY_27160E33
O64 - Services: CurCS - (.not file.) - 27ab0bd3 (27ab0bd3) .(...) - LEGACY_27AB0BD3
O64 - Services: CurCS - (.not file.) - 286e3335 (286e3335) .(...) - LEGACY_286E3335
O64 - Services: CurCS - (.not file.) - 28793d69 (28793d69) .(...) - LEGACY_28793D69
O64 - Services: CurCS - (.not file.) - 2891437f (2891437f) .(...) - LEGACY_2891437F
O64 - Services: CurCS - (.not file.) - 28fb0bf8 (28fb0bf8) .(...) - LEGACY_28FB0BF8
O64 - Services: CurCS - (.not file.) - 28fba98c (28fba98c) .(...) - LEGACY_28FBA98C
O64 - Services: CurCS - (.not file.) - 2967eec4 (2967eec4) .(...) - LEGACY_2967EEC4
O64 - Services: CurCS - (.not file.) - 29c38873 (29c38873) .(...) - LEGACY_29C38873
O64 - Services: CurCS - (.not file.) - 2aa62e20 (2aa62e20) .(...) - LEGACY_2AA62E20
O64 - Services: CurCS - (.not file.) - 2b9f3b37 (2b9f3b37) .(...) - LEGACY_2B9F3B37
O64 - Services: CurCS - (.not file.) - 2c01bc3e (2c01bc3e) .(...) - LEGACY_2C01BC3E
O64 - Services: CurCS - (.not file.) - 2c1820c8 (2c1820c8) .(...) - LEGACY_2C1820C8
O64 - Services: CurCS - (.not file.) - 2c63905c (2c63905c) .(...) - LEGACY_2C63905C
O64 - Services: CurCS - (.not file.) - 2c7a3335 (2c7a3335) .(...) - LEGACY_2C7A3335
O64 - Services: CurCS - (.not file.) - 2c85ac5f (2c85ac5f) .(...) - LEGACY_2C85AC5F
O64 - Services: CurCS - (.not file.) - 2c85c935 (2c85c935) .(...) - LEGACY_2C85C935
O64 - Services: CurCS - (.not file.) - 2ca775c9 (2ca775c9) .(...) - LEGACY_2CA775C9
O64 - Services: CurCS - (.not file.) - 2cfe5fa7 (2cfe5fa7) .(...) - LEGACY_2CFE5FA7
O64 - Services: CurCS - (.not file.) - 2d7eb01f (2d7eb01f) .(...) - LEGACY_2D7EB01F
O64 - Services: CurCS - (.not file.) - 2dc6f849 (2dc6f849) .(...) - LEGACY_2DC6F849
O64 - Services: CurCS - (.not file.) - 2df44f5d (2df44f5d) .(...) - LEGACY_2DF44F5D
O64 - Services: CurCS - (.not file.) - 2e54bda0 (2e54bda0) .(...) - LEGACY_2E54BDA0
O64 - Services: CurCS - (.not file.) - 2f350b83 (2f350b83) .(...) - LEGACY_2F350B83
O64 - Services: CurCS - (.not file.) - 2fb48130 (2fb48130) .(...) - LEGACY_2FB48130
O64 - Services: CurCS - (.not file.) - 30c2bac5 (30c2bac5) .(...) - LEGACY_30C2BAC5
O64 - Services: CurCS - (.not file.) - 30f5d7d4 (30f5d7d4) .(...) - LEGACY_30F5D7D4
O64 - Services: CurCS - (.not file.) - 30f642ce (30f642ce) .(...) - LEGACY_30F642CE
O64 - Services: CurCS - (.not file.) - 31a75fa5 (31a75fa5) .(...) - LEGACY_31A75FA5
O64 - Services: CurCS - (.not file.) - 31b171c3 (31b171c3) .(...) - LEGACY_31B171C3
O64 - Services: CurCS - (.not file.) - 31eed089 (31eed089) .(...) - LEGACY_31EED089
O64 - Services: CurCS - (.not file.) - 32099812 (32099812) .(...) - LEGACY_32099812
O64 - Services: CurCS - (.not file.) - 32633819 (32633819) .(...) - LEGACY_32633819
O64 - Services: CurCS - (.not file.) - 32b99884 (32b99884) .(...) - LEGACY_32B99884
O64 - Services: CurCS - (.not file.) - 32d00ff4 (32d00ff4) .(...) - LEGACY_32D00FF4
O64 - Services: CurCS - (.not file.) - 32fdb02a (32fdb02a) .(...) - LEGACY_32FDB02A
O64 - Services: CurCS - (.not file.) - 333fbc1c (333fbc1c) .(...) - LEGACY_333FBC1C
O64 - Services: CurCS - (.not file.) - 333fbc38 (333fbc38) .(...) - LEGACY_333FBC38
O64 - Services: CurCS - (.not file.) - 3353426a (3353426a) .(...) - LEGACY_3353426A
O64 - Services: CurCS - (.not file.) - 33556042 (33556042) .(...) - LEGACY_33556042
O64 - Services: CurCS - (.not file.) - 337c434a (337c434a) .(...) - LEGACY_337C434A
O64 - Services: CurCS - (.not file.) - 337cbc1c (337cbc1c) .(...) - LEGACY_337CBC1C
O64 - Services: CurCS - (.not file.) - 338505b8 (338505b8) .(...) - LEGACY_338505B8
O64 - Services: CurCS - (.not file.) - 3385de56 (3385de56) .(...) - LEGACY_3385DE56
O64 - Services: CurCS - (.not file.) - 33f89cac (33f89cac) .(...) - LEGACY_33F89CAC
O64 - Services: CurCS - (.not file.) - 345b0aee (345b0aee) .(...) - LEGACY_345B0AEE
O64 - Services: CurCS - (.not file.) - 3493a8b2 (3493a8b2) .(...) - LEGACY_3493A8B2
O64 - Services: CurCS - (.not file.) - 35337ca1 (35337ca1) .(...) - LEGACY_35337CA1
O64 - Services: CurCS - (.not file.) - 3533df7b (3533df7b) .(...) - LEGACY_3533DF7B
O64 - Services: CurCS - (.not file.) - 357bb955 (357bb955) .(...) - LEGACY_357BB955
O64 - Services: CurCS - (.not file.) - 3585495f (3585495f) .(...) - LEGACY_3585495F
O64 - Services: CurCS - (.not file.) - 35a2dd7a (35a2dd7a) .(...) - LEGACY_35A2DD7A
O64 - Services: CurCS - (.not file.) - 35afb955 (35afb955) .(...) - LEGACY_35AFB955
O64 - Services: CurCS - (.not file.) - 35bb8443 (35bb8443) .(...) - LEGACY_35BB8443
O64 - Services: CurCS - (.not file.) - 35c09c7f (35c09c7f) .(...) - LEGACY_35C09C7F
O64 - Services: CurCS - (.not file.) - 35c0b9f8 (35c0b9f8) .(...) - LEGACY_35C0B9F8
O64 - Services: CurCS - (.not file.) - 36204773 (36204773) .(...) - LEGACY_36204773
O64 - Services: CurCS - (.not file.) - 366e1ac0 (366e1ac0) .(...) - LEGACY_366E1AC0
O64 - Services: CurCS - (.not file.) - 36761c85 (36761c85) .(...) - LEGACY_36761C85
O64 - Services: CurCS - (.not file.) - 36ce5033 (36ce5033) .(...) - LEGACY_36CE5033
O64 - Services: CurCS - (.not file.) - 36d65fad (36d65fad) .(...) - LEGACY_36D65FAD
O64 - Services: CurCS - (.not file.) - 36fd876b (36fd876b) .(...) - LEGACY_36FD876B
O64 - Services: CurCS - (.not file.) - 36fe50c4 (36fe50c4) .(...) - LEGACY_36FE50C4
O64 - Services: CurCS - (.not file.) - 36febe37 (36febe37) .(...) - LEGACY_36FEBE37
O64 - Services: CurCS - (.not file.) - 36fed933 (36fed933) .(...) - LEGACY_36FED933
O64 - Services: CurCS - (.not file.) - 36fed958 (36fed958) .(...) - LEGACY_36FED958
O64 - Services: CurCS - (.not file.) - 3735336d (3735336d) .(...) - LEGACY_3735336D
O64 - Services: CurCS - (.not file.) - 37365693 (37365693) .(...) - LEGACY_37365693
O64 - Services: CurCS - (.not file.) - 3736cfbe (3736cfbe) .(...) - LEGACY_3736CFBE
O64 - Services: CurCS - (.not file.) - 3739921b (3739921b) .(...) - LEGACY_3739921B
O64 - Services: CurCS - (.not file.) - 37700574 (37700574) .(...) - LEGACY_37700574
O64 - Services: CurCS - (.not file.) - 377082dd (377082dd) .(...) - LEGACY_377082DD
O64 - Services: CurCS - (.not file.) - 379cd059 (379cd059) .(...) - LEGACY_379CD059
O64 - Services: CurCS - (.not file.) - 37c87df9 (37c87df9) .(...) - LEGACY_37C87DF9
O64 - Services: CurCS - (.not file.) - 37c890df (37c890df) .(...) - LEGACY_37C890DF
O64 - Services: CurCS - (.not file.) - 37cf80d9 (37cf80d9) .(...) - LEGACY_37CF80D9
O64 - Services: CurCS - (.not file.) - 384014c5 (384014c5) .(...) - LEGACY_384014C5
O64 - Services: CurCS - (.not file.) - 3840eab5 (3840eab5) .(...) - LEGACY_3840EAB5
O64 - Services: CurCS - (.not file.) - 385afbe0 (385afbe0) .(...) - LEGACY_385AFBE0
O64 - Services: CurCS - (.not file.) - 38c350a1 (38c350a1) .(...) - LEGACY_38C350A1
O64 - Services: CurCS - (.not file.) - 38db3df2 (38db3df2) .(...) - LEGACY_38DB3DF2
O64 - Services: CurCS - (.not file.) - 38e0592e (38e0592e) .(...) - LEGACY_38E0592E
O64 - Services: CurCS - (.not file.) - 38e06a3b (38e06a3b) .(...) - LEGACY_38E06A3B
O64 - Services: CurCS - (.not file.) - 38e0d9e5 (38e0d9e5) .(...) - LEGACY_38E0D9E5
O64 - Services: CurCS - (.not file.) - 39585be9 (39585be9) .(...) - LEGACY_39585BE9
O64 - Services: CurCS - (.not file.) - 3958bfcc (3958bfcc) .(...) - LEGACY_3958BFCC
O64 - Services: CurCS - (.not file.) - 39bc6d26 (39bc6d26) .(...) - LEGACY_39BC6D26
O64 - Services: CurCS - (.not file.) - 3b30960b (3b30960b) .(...) - LEGACY_3B30960B
O64 - Services: CurCS - (.not file.) - 3b6f49b1 (3b6f49b1) .(...) - LEGACY_3B6F49B1
O64 - Services: CurCS - (.not file.) - 3b6fdecb (3b6fdecb) .(...) - LEGACY_3B6FDECB
O64 - Services: CurCS - (.not file.) - 3b9f409e (3b9f409e) .(...) - LEGACY_3B9F409E
O64 - Services: CurCS - (.not file.) - 3bd55d69 (3bd55d69) .(...) - LEGACY_3BD55D69
O64 - Services: CurCS - (.not file.) - 3be022e0 (3be022e0) .(...) - LEGACY_3BE022E0
O64 - Services: CurCS - (.not file.) - 3be080c0 (3be080c0) .(...) - LEGACY_3BE080C0
O64 - Services: CurCS - (.not file.) - 3bfb0b41 (3bfb0b41) .(...) - LEGACY_3BFB0B41
O64 - Services: CurCS - (.not file.) - 3bfb2dee (3bfb2dee) .(...) - LEGACY_3BFB2DEE
O64 - Services: CurCS - (.not file.) - 3bfba9f2 (3bfba9f2) .(...) - LEGACY_3BFBA9F2
O64 - Services: CurCS - (.not file.) - 3c3f5b7b (3c3f5b7b) .(...) - LEGACY_3C3F5B7B
O64 - Services: CurCS - (.not file.) - 3c7bf7c7 (3c7bf7c7) .(...) - LEGACY_3C7BF7C7
O64 - Services: CurCS - (.not file.) - 3ccd5940 (3ccd5940) .(...) - LEGACY_3CCD5940
O64 - Services: CurCS - (.not file.) - 3d56be1a (3d56be1a) .(...) - LEGACY_3D56BE1A
O64 - Services: CurCS - (.not file.) - 3d7b78e5 (3d7b78e5) .(...) - LEGACY_3D7B78E5
O64 - Services: CurCS - (.not file.) - 3f0da5be (3f0da5be) .(...) - LEGACY_3F0DA5BE
O64 - Services: CurCS - (.not file.) - 3f7b3551 (3f7b3551) .(...) - LEGACY_3F7B3551
O64 - Services: CurCS - (.not file.) - 3f8505e2 (3f8505e2) .(...) - LEGACY_3F8505E2
O64 - Services: CurCS - (.not file.) - 40147ff2 (40147ff2) .(...) - LEGACY_40147FF2
O64 - Services: CurCS - (.not file.) - 4014d27f (4014d27f) .(...) - LEGACY_4014D27F
O64 - Services: CurCS - (.not file.) - 4014d2c9 (4014d2c9) .(...) - LEGACY_4014D2C9
O64 - Services: CurCS - (.not file.) - 404a9306 (404a9306) .(...) - LEGACY_404A9306
O64 - Services: CurCS - (.not file.) - 40604292 (40604292) .(...) - LEGACY_40604292
O64 - Services: CurCS - (.not file.) - 406aaafb (406aaafb) .(...) - LEGACY_406AAAFB
O64 - Services: CurCS - (.not file.) - 40716828 (40716828) .(...) - LEGACY_40716828
O64 - Services: CurCS - (.not file.) - 4092a138 (4092a138) .(...) - LEGACY_4092A138
O64 - Services: CurCS - (.not file.) - 40c50453 (40c50453) .(...) - LEGACY_40C50453
O64 - Services: CurCS - (.not file.) - 40f8122d (40f8122d) .(...) - LEGACY_40F8122D
O64 - Services: CurCS - (.not file.) - 40f89c07 (40f89c07) .(...) - LEGACY_40F89C07
O64 - Services: CurCS - (.not file.) - 410b5caf (410b5caf) .(...) - LEGACY_410B5CAF
O64 - Services: CurCS - (.not file.) - 4122e017 (4122e017) .(...) - LEGACY_4122E017
O64 - Services: CurCS - (.not file.) - 413509c0 (413509c0) .(...) - LEGACY_413509C0
O64 - Services: CurCS - (.not file.) - 41777b1a (41777b1a) .(...) - LEGACY_41777B1A
O64 - Services: CurCS - (.not file.) - 41aa06f1 (41aa06f1) .(...) - LEGACY_41AA06F1
O64 - Services: CurCS - (.not file.) - 420b5833 (420b5833) .(...) - LEGACY_420B5833
O64 - Services: CurCS - (.not file.) - 420b781a (420b781a) .(...) - LEGACY_420B781A
O64 - Services: CurCS - (.not file.) - 424a0b4c (424a0b4c) .(...) - LEGACY_424A0B4C
O64 - Services: CurCS - (.not file.) - 42687305 (42687305) .(...) - LEGACY_42687305
O64 - Services: CurCS - (.not file.) - 42744f8e (42744f8e) .(...) - LEGACY_42744F8E
O64 - Services: CurCS - (.not file.) - 4299ba7b (4299ba7b) .(...) - LEGACY_4299BA7B
O64 - Services: CurCS - (.not file.) - 42b8e1a3 (42b8e1a3) .(...) - LEGACY_42B8E1A3
O64 - Services: CurCS - (.not file.) - 42ba33eb (42ba33eb) .(...) - LEGACY_42BA33EB
O64 - Services: CurCS - (.not file.) - 42dd2891 (42dd2891) .(...) - LEGACY_42DD2891
O64 - Services: CurCS - (.not file.) - 430b0539 (430b0539) .(...) - LEGACY_430B0539
O64 - Services: CurCS - (.not file.) - 431f7a9f (431f7a9f) .(...) - LEGACY_431F7A9F
O64 - Services: CurCS - (.not file.) - 434a0814 (434a0814) .(...) - LEGACY_434A0814
O64 - Services: CurCS - (.not file.) - 434a9f50 (434a9f50) .(...) - LEGACY_434A9F50
O64 - Services: CurCS - (.not file.) - 437f4014 (437f4014) .(...) - LEGACY_437F4014
O64 - Services: CurCS - (.not file.) - 437f9f16 (437f9f16) .(...) - LEGACY_437F9F16
O64 - Services: CurCS - (.not file.) - 438558b8 (438558b8) .(...) - LEGACY_438558B8
O64 - Services: CurCS - (.not file.) - 4385acbe (4385acbe) .(...) - LEGACY_4385ACBE
O64 - Services: CurCS - (.not file.) - 43871149 (43871149) .(...) - LEGACY_43871149
O64 - Services: CurCS - (.not file.) - 43a6bd60 (43a6bd60) .(...) - LEGACY_43A6BD60
O64 - Services: CurCS - (.not file.) - 43dd0629 (43dd0629) .(...) - LEGACY_43DD0629
O64 - Services: CurCS - (.not file.) - 43f250cb (43f250cb) .(...) - LEGACY_43F250CB
O64 - Services: CurCS - (.not file.) - 44bd8c2f (44bd8c2f) .(...) - LEGACY_44BD8C2F
O64 - Services: CurCS - (.not file.) - 4513c513 (4513c513) .(...) - LEGACY_4513C513
O64 - Services: CurCS - (.not file.) - 4554338c (4554338c) .(...) - LEGACY_4554338C
O64 - Services: CurCS - (.not file.) - 45a6934c (45a6934c) .(...) - LEGACY_45A6934C
O64 - Services: CurCS - (.not file.) - 45f0acb5 (45f0acb5) .(...) - LEGACY_45F0ACB5
O64 - Services: CurCS - (.not file.) - 4606c51b (4606c51b) .(...) - LEGACY_4606C51B
O64 - Services: CurCS - (.not file.) - 46123359 (46123359) .(...) - LEGACY_46123359
O64 - Services: CurCS - (.not file.) - 462a2243 (462a2243) .(...) - LEGACY_462A2243
O64 - Services: CurCS - (.not file.) - 46424afd (46424afd) .(...) - LEGACY_46424AFD
O64 - Services: CurCS - (.not file.) - 4645091d (4645091d) .(...) - LEGACY_4645091D
O64 - Services: CurCS - (.not file.) - 4649c004 (4649c004) .(...) - LEGACY_4649C004
O64 - Services: CurCS - (.not file.) - 466b0beb (466b0beb) .(...) - LEGACY_466B0BEB
O64 - Services: CurCS - (.not file.) - 475c7486 (475c7486) .(...) - LEGACY_475C7486
O64 - Services: CurCS - (.not file.) - 4779d560 (4779d560) .(...) - LEGACY_4779D560
O64 - Services: CurCS - (.not file.) - 4783b10c (4783b10c) .(...) - LEGACY_4783B10C
O64 - Services: CurCS - (.not file.) - 479090de (479090de) .(...) - LEGACY_479090DE
O64 - Services: CurCS - (.not file.) - 489dd43e (489dd43e) .(...) - LEGACY_489DD43E
O64 - Services: CurCS - (.not file.) - 48a74bc7 (48a74bc7) .(...) - LEGACY_48A74BC7
O64 - Services: CurCS - (.not file.) - 491fbfb5 (491fbfb5) .(...) - LEGACY_491FBFB5
O64 - Services: CurCS - (.not file.) - 495be9bf (495be9bf) .(...) - LEGACY_495BE9BF
O64 - Services: CurCS - (.not file.) - 49b141d6 (49b141d6) .(...) - LEGACY_49B141D6
O64 - Services: CurCS - (.not file.) - 49d933f8 (49d933f8) .(...) - LEGACY_49D933F8
O64 - Services: CurCS - (.not file.) - 49d94f75 (49d94f75) .(...) - LEGACY_49D94F75
O64 - Services: CurCS - (.not file.) - 4a0bd755 (4a0bd755) .(...) - LEGACY_4A0BD755
O64 - Services: CurCS - (.not file.) - 4a33f80b (4a33f80b) .(...) - LEGACY_4A33F80B
O64 - Services: CurCS - (.not file.) - 4a4214ef (4a4214ef) .(...) - LEGACY_4A4214EF
O64 - Services: CurCS - (.not file.) - 4a4217a2 (4a4217a2) .(...) - LEGACY_4A4217A2
O64 - Services: CurCS - (.not file.) - 4a4299ba (4a4299ba) .(...) - LEGACY_4A4299BA
O64 - Services: CurCS - (.not file.) - 4afd061b (4afd061b) .(...) - LEGACY_4AFD061B
O64 - Services: CurCS - (.not file.) - 4afd06f8 (4afd06f8) .(...) - LEGACY_4AFD06F8
O64 - Services: CurCS - (.not file.) - 4b8c3263 (4b8c3263) .(...) - LEGACY_4B8C3263
O64 - Services: CurCS - (.not file.) - 4c18fba8 (4c18fba8) .(...) - LEGACY_4C18FBA8
O64 - Services: CurCS - (.not file.) - 4c685547 (4c685547) .(...) - LEGACY_4C685547
O64 - Services: CurCS - (.not file.) - 4c6b8443 (4c6b8443) .(...) - LEGACY_4C6B8443
O64 - Services: CurCS - (.not file.) - 4c9f6182 (4c9f6182) .(...) - LEGACY_4C9F6182
O64 - Services: CurCS - (.not file.) - 4ccf02b8 (4ccf02b8) .(...) - LEGACY_4CCF02B8
O64 - Services: CurCS - (.not file.) - 4d10777c (4d10777c) .(...) - LEGACY_4D10777C
O64 - Services: CurCS - (.not file.) - 4d1e4fb6 (4d1e4fb6) .(...) - LEGACY_4D1E4FB6
O64 - Services: CurCS - (.not file.) - 4d2a3311 (4d2a3311) .(...) - LEGACY_4D2A3311
O64 - Services: CurCS - (.not file.) - 4d820be7 (4d820be7) .(...) - LEGACY_4D820BE7
O64 - Services: CurCS - (.not file.) - 4e0e468d (4e0e468d) .(...) - LEGACY_4E0E468D
O64 - Services: CurCS - (.not file.) - 4e2f7b01 (4e2f7b01) .(...) - LEGACY_4E2F7B01
O64 - Services: CurCS - (.not file.) - 4f81bf83 (4f81bf83) .(...) - LEGACY_4F81BF83
O64 - Services: CurCS - (.not file.) - 501dd622 (501dd622) .(...) - LEGACY_501DD622
O64 - Services: CurCS - (.not file.) - 5021af6a (5021af6a) .(...) - LEGACY_5021AF6A
O64 - Services: CurCS - (.not file.) - 503b6e9f (503b6e9f) .(...) - LEGACY_503B6E9F
O64 - Services: CurCS - (.not file.) - 5041777b (5041777b) .(...) - LEGACY_5041777B
O64 - Services: CurCS - (.not file.) - 50460d51 (50460d51) .(...) - LEGACY_50460D51
O64 - Services: CurCS - (.not file.) - 5053864f (5053864f) .(...) - LEGACY_5053864F
O64 - Services: CurCS - (.not file.) - 50692891 (50692891) .(...) - LEGACY_50692891
O64 - Services: CurCS - (.not file.) - 507f21ed (507f21ed) .(...) - LEGACY_507F21ED
O64 - Services: CurCS - (.not file.) - 507fd61f (507fd61f) .(...) - LEGACY_507FD61F
O64 - Services: CurCS - (.not file.) - 50843a5c (50843a5c) .(...) - LEGACY_50843A5C
O64 - Services: CurCS - (.not file.) - 50a1039c (50a1039c) .(...) - LEGACY_50A1039C
O64 - Services: CurCS - (.not file.) - 50a1fb69 (50a1fb69) .(...) - LEGACY_50A1FB69
O64 - Services: CurCS - (.not file.) - 512bc950 (512bc950) .(...) - LEGACY_512BC950
O64 - Services: CurCS - (.not file.) - 5160d5d8 (5160d5d8) .(...) - LEGACY_5160D5D8
O64 - Services: CurCS - (.not file.) - 5160d631 (5160d631) .(...) - LEGACY_5160D631
O64 - Services: CurCS - (.not file.) - 51afb955 (51afb955) .(...) - LEGACY_51AFB955
O64 - Services: CurCS - (.not file.) - 51bb4246 (51bb4246) .(...) - LEGACY_51BB4246
O64 - Services: CurCS - (.not file.) - 51d469d1 (51d469d1) .(...) - LEGACY_51D469D1
O64 - Services: CurCS - (.not file.) - 51d7a64b (51d7a64b) .(...) - LEGACY_51D7A64B
O64 - Services: CurCS - (.not file.) - 51eec123 (51eec123) .(...) - LEGACY_51EEC123
O64 - Services: CurCS - (.not file.) - 5202f19a (5202f19a) .(...) - LEGACY_5202F19A
O64 - Services: CurCS - (.not file.) - 531a3787 (531a3787) .(...) - LEGACY_531A3787
O64 - Services: CurCS - (.not file.) - 5350acef (5350acef) .(...) - LEGACY_5350ACEF
O64 - Services: CurCS - (.not file.) - 5433f8b1 (5433f8b1) .(...) - LEGACY_5433F8B1
O64 - Services: CurCS - (.not file.) - 5436fe18 (5436fe18) .(...) - LEGACY_5436FE18
O64 - Services: CurCS - (.not file.) - 5487bfcc (5487bfcc) .(...) - LEGACY_5487BFCC
O64 - Services: CurCS - (.not file.) - 54d32607 (54d32607) .(...) - LEGACY_54D32607
O64 - Services: CurCS - (.not file.) - 54e109bb (54e109bb) .(...) - LEGACY_54E109BB
O64 - Services: CurCS - (.not file.) - 54f54ccd (54f54ccd) .(...) - LEGACY_54F54CCD
O64 - Services: CurCS - (.not file.) - 551a19c3 (551a19c3) .(...) - LEGACY_551A19C3
O64 - Services: CurCS - (.not file.) - 55605c7f (55605c7f) .(...) - LEGACY_55605C7F
O64 - Services: CurCS - (.not file.) - 56233855 (56233855) .(...) - LEGACY_56233855
O64 - Services: CurCS - (.not file.) - 563630c8 (563630c8) .(...) - LEGACY_563630C8
O64 - Services: CurCS - (.not file.) - 56eabe48 (56eabe48) .(...) - LEGACY_56EABE48
O64 - Services: CurCS - (.not file.) - 57504033 (57504033) .(...) - LEGACY_57504033
O64 - Services: CurCS - (.not file.) - 582b09b8 (582b09b8) .(...) - LEGACY_582B09B8
O64 - Services: CurCS - (.not file.) - 585b4eb8 (585b4eb8) .(...) - LEGACY_585B4EB8
O64 - Services: CurCS - (.not file.) - 585b7b42 (585b7b42) .(...) - LEGACY_585B7B42
O64 - Services: CurCS - (.not file.) - 585fdabe (585fdabe) .(...) - LEGACY_585FDABE
O64 - Services: CurCS - (.not file.) - 586f8319 (586f8319) .(...) - LEGACY_586F8319
O64 - Services: CurCS - (.not file.) - 58b8be37 (58b8be37) .(...) - LEGACY_58B8BE37
O64 - Services: CurCS - (.not file.) - 58bf2891 (58bf2891) .(...) - LEGACY_58BF2891
O64 - Services: CurCS - (.not file.) - 58c4aa16 (58c4aa16) .(...) - LEGACY_58C4AA16
O64 - Services: CurCS - (.not file.) - 58ce33bb (58ce33bb) .(...) - LEGACY_58CE33BB
O64 - Services: CurCS - (.not file.) - 591d5e52 (591d5e52) .(...) - LEGACY_591D5E52
O64 - Services: CurCS - (.not file.) - 59442e46 (59442e46) .(...) - LEGACY_59442E46
O64 - Services: CurCS - (.not file.) - 59b4b7d4 (59b4b7d4) .(...) - LEGACY_59B4B7D4
O64 - Services: CurCS - (.not file.) - 59f8b6b3 (59f8b6b3) .(...) - LEGACY_59F8B6B3
O64 - Services: CurCS - (.not file.) - 5a5a684b (5a5a684b) .(...) - LEGACY_5A5A684B
O64 - Services: CurCS - (.not file.) - 5ac5c2d2 (5ac5c2d2) .(...) - LEGACY_5AC5C2D2
O64 - Services: CurCS - (.not file.) - 5ae065fd (5ae065fd) .(...) - LEGACY_5AE065FD
O64 - Services: CurCS - (.not file.) - 5afb9cac (5afb9cac) .(...) - LEGACY_5AFB9CAC
O64 - Services: CurCS - (.not file.) - 5b34ef7b (5b34ef7b) .(...) - LEGACY_5B34EF7B
O64 - Services: CurCS - (.not file.) - 5b466b79 (5b466b79) .(...) - LEGACY_5B466B79
O64 - Services: CurCS - (.not file.) - 5b4e61b9 (5b4e61b9) .(...) - LEGACY_5B4E61B9
O64 - Services: CurCS - (.not file.) - 5b6f1287 (5b6f1287) .(...) - LEGACY_5B6F1287
O64 - Services: CurCS - (.not file.) - 5b8be020 (5b8be020) .(...) - LEGACY_5B8BE020
O64 - Services: CurCS - (.not file.) - 5bfbbee0 (5bfbbee0) .(...) - LEGACY_5BFBBEE0
O64 - Services: CurCS - (.not file.) - 5c35592e (5c35592e) .(...) - LEGACY_5C35592E
O64 - Services: CurCS - (.not file.) - 5c3958bf (5c3958bf) .(...) - LEGACY_5C3958BF
O64 - Services: CurCS - (.not file.) - 5c523fe4 (5c523fe4) .(...) - LEGACY_5C523FE4
O64 - Services: CurCS - (.not file.) - 5c5f0711 (5c5f0711) .(...) - LEGACY_5C5F0711
O64 - Services: CurCS - (.not file.) - 5c7f03fb (5c7f03fb) .(...) - LEGACY_5C7F03FB
O64 - Services: CurCS - (.not file.) - 5d110fa5 (5d110fa5) .(...) - LEGACY_5D110FA5
O64 - Services: CurCS - (.not file.) - 5d4740aa (5d4740aa) .(...) - LEGACY_5D4740AA
O64 - Services: CurCS - (.not file.) - 5d6ce5b2 (5d6ce5b2) .(...) - LEGACY_5D6CE5B2
O64 - Services: CurCS - (.not file.) - 5e12a41b (5e12a41b) .(...) - LEGACY_5E12A41B
O64 - Services: CurCS - (.not file.) - 5e1b86a1 (5e1b86a1) .(...) - LEGACY_5E1B86A1
O64 - Services: CurCS - (.not file.) - 5e67db6c (5e67db6c) .(...) - LEGACY_5E67DB6C
O64 - Services: CurCS - (.not file.) - 5ebaa6df (5ebaa6df) .(...) - LEGACY_5EBAA6DF
O64 - Services: CurCS - (.not file.) - 5f36b91d (5f36b91d) .(...) - LEGACY_5F36B91D
O64 - Services: CurCS - (.not file.) - 5f45f809 (5f45f809) .(...) - LEGACY_5F45F809
O64 - Services: CurCS - (.not file.) - 5f8ace08 (5f8ace08) .(...) - LEGACY_5F8ACE08
O64 - Services: CurCS - (.not file.) - 5fb5a49c (5fb5a49c) .(...) - LEGACY_5FB5A49C
O64 - Services: CurCS - (.not file.) - 60161ddd (60161ddd) .(...) - LEGACY_60161DDD
O64 - Services: CurCS - (.not file.) - 601e9a97 (601e9a97) .(...) - LEGACY_601E9A97
O64 - Services: CurCS - (.not file.) - 606e49d9 (606e49d9) .(...) - LEGACY_606E49D9
O64 - Services: CurCS - (.not file.) - 6086706b (6086706b) .(...) - LEGACY_6086706B
O64 - Services: CurCS - (.not file.) - 60d79228 (60d79228) .(...) - LEGACY_60D79228
O64 - Services: CurCS - (.not file.) - 6107a8ad (6107a8ad) .(...) - LEGACY_6107A8AD
O64 - Services: CurCS - (.not file.) - 611e0bce (611e0bce) .(...) - LEGACY_611E0BCE
O64 - Services: CurCS - (.not file.) - 614ad8dd (614ad8dd) .(...) - LEGACY_614AD8DD
O64 - Services: CurCS - (.not file.) - 616ae682 (616ae682) .(...) - LEGACY_616AE682
O64 - Services: CurCS - (.not file.) - 617cd27f (617cd27f) .(...) - LEGACY_617CD27F
O64 - Services: CurCS - (.not file.) - 61a8fba3 (61a8fba3) .(...) - LEGACY_61A8FBA3
O64 - Services: CurCS - (.not file.) - 61e581b1 (61e581b1) .(...) - LEGACY_61E581B1
O64 - Services: CurCS - (.not file.) - 627b2277 (627b2277) .(...) - LEGACY_627B2277
O64 - Services: CurCS - (.not file.) - 627f034a (627f034a) .(...) - LEGACY_627F034A
O64 - Services: CurCS - (.not file.) - 62a9409f (62a9409f) .(...) - LEGACY_62A9409F
O64 - Services: CurCS - (.not file.) - 62b048c5 (62b048c5) .(...) - LEGACY_62B048C5
O64 - Services: CurCS - (.not file.) - 62dea138 (62dea138) .(...) - LEGACY_62DEA138
O64 - Services: CurCS - (.not file.) - 631d2abe (631d2abe) .(...) - LEGACY_631D2ABE
O64 - Services: CurCS - (.not file.) - 63a2bb74 (63a2bb74) .(...) - LEGACY_63A2BB74
O64 - Services: CurCS - (.not file.) - 6491c840 (6491c840) .(...) - LEGACY_6491C840
O64 - Services: CurCS - (.not file.) - 650323b2 (650323b2) .(...) - LEGACY_650323B2
O64 - Services: CurCS - (.not file.) - 664297ab (664297ab) .(...) - LEGACY_664297AB
O64 - Services: CurCS - (.not file.) - 6686a1c7 (6686a1c7) .(...) - LEGACY_6686A1C7
O64 - Services: CurCS - (.not file.) - 668f1267 (668f1267) .(...) - LEGACY_668F1267
O64 - Services: CurCS - (.not file.) - 67255274 (67255274) .(...) - LEGACY_67255274
O64 - Services: CurCS - (.not file.) - 67f03f87 (67f03f87) .(...) - LEGACY_67F03F87
O64 - Services: CurCS - (.not file.) - 68125afb (68125afb) .(...) - LEGACY_68125AFB
O64 - Services: CurCS - (.not file.) - 68adfbb1 (68adfbb1) .(...) - LEGACY_68ADFBB1
O64 - Services: CurCS - (.not file.) - 68ae8de1 (68ae8de1) .(...) - LEGACY_68AE8DE1
O64 - Services: CurCS - (.not file.) - 68d2db22 (68d2db22) .(...) - LEGACY_68D2DB22
O64 - Services: CurCS - (.not file.) - 69286e9f (69286e9f) .(...) - LEGACY_69286E9F
O64 - Services: CurCS - (.not file.) - 699ba069 (699ba069) .(...) - LEGACY_699BA069
O64 - Services: CurCS - (.not file.) - 69b8e1a7 (69b8e1a7) .(...) - LEGACY_69B8E1A7
O64 - Services: CurCS - (.not file.) - 6a05b10c (6a05b10c) .(...) - LEGACY_6A05B10C
O64 - Services: CurCS - (.not file.) - 6a05b114 (6a05b114) .(...) - LEGACY_6A05B114
O64 - Services: CurCS - (.not file.) - 6a061b38 (6a061b38) .(...) - LEGACY_6A061B38
O64 - Services: CurCS - (.not file.) - 6a06fb5b (6a06fb5b) .(...) - LEGACY_6A06FB5B
O64 - Services: CurCS - (.not file.) - 6a20d9ab (6a20d9ab) .(...) - LEGACY_6A20D9AB
O64 - Services: CurCS - (.not file.) - 6a3b6f12 (6a3b6f12) .(...) - LEGACY_6A3B6F12
O64 - Services: CurCS - (.not file.) - 6a3bfba9 (6a3bfba9) .(...) - LEGACY_6A3BFBA9
O64 - Services: CurCS - (.not file.) - 6a4880c0 (6a4880c0) .(...) - LEGACY_6A4880C0
O64 - Services: CurCS - (.not file.) - 6a7a3335 (6a7a3335) .(...) - LEGACY_6A7A3335
O64 - Services: CurCS - (.not file.) - 6b235433 (6b235433) .(...) - LEGACY_6B235433
O64 - Services: CurCS - (.not file.) - 6b5fd162 (6b5fd162) .(...) - LEGACY_6B5FD162
O64 - Services: CurCS - (.not file.) - 6bcdfe10 (6bcdfe10) .(...) - LEGACY_6BCDFE10
O64 - Services: CurCS - (.not file.) - 6bf832b0 (6bf832b0) .(...) - LEGACY_6BF832B0
O64 - Services: CurCS - (.not file.) - 6cf92fae (6cf92fae) .(...) - LEGACY_6CF92FAE
O64 - Services: CurCS - (.not file.) - 6d407142 (6d407142) .(...) - LEGACY_6D407142
O64 - Services: CurCS - (.not file.) - 6d409229 (6d409229) .(...) - LEGACY_6D409229
O64 - Services: CurCS - (.not file.) - 6d517cdd (6d517cdd) .(...) - LEGACY_6D517CDD
O64 - Services: CurCS - (.not file.) - 6d5cafe0 (6d5cafe0) .(...) - LEGACY_6D5CAFE0
O64 - Services: CurCS - (.not file.) - 6da5a355 (6da5a355) .(...) - LEGACY_6DA5A355
O64 - Services: CurCS - (.not file.) - 6dbedc67 (6dbedc67) .(...) - LEGACY_6DBEDC67
O64 - Services: CurCS - (.not file.) - 6e10b282 (6e10b282) .(...) - LEGACY_6E10B282
O64 - Services: CurCS - (.not file.) - 6e7cfebe (6e7cfebe) .(...) - LEGACY_6E7CFEBE
O64 - Services: CurCS - (.not file.) - 6e9fe0e5 (6e9fe0e5) .(...) - LEGACY_6E9FE0E5
O64 - Services: CurCS - (.not file.) - 6ea24071 (6ea24071) .(...) - LEGACY_6EA24071
O64 - Services: CurCS - (.not file.) - 6eac4a33 (6eac4a33) .(...) - LEGACY_6EAC4A33
O64 - Services: CurCS - (.not file.) - 6ec8a2f6 (6ec8a2f6) .(...) - LEGACY_6EC8A2F6
O64 - Services: CurCS - (.not file.) - 6f1b38e0 (6f1b38e0) .(...) - LEGACY_6F1B38E0
O64 - Services: CurCS - (.not file.) - 6f67e653 (6f67e653) .(...) - LEGACY_6F67E653
O64 - Services: CurCS - (.not file.) - 6f72c2dc (6f72c2dc) .(...) - LEGACY_6F72C2DC
O64 - Services: CurCS - (.not file.) - 6fde9109 (6fde9109) .(...) - LEGACY_6FDE9109
O64 - Services: CurCS - (.not file.) - 6fdecb1a (6fdecb1a) .(...) - LEGACY_6FDECB1A
O64 - Services: CurCS - (.not file.) - 6fdefd05 (6fdefd05) .(...) - LEGACY_6FDEFD05
O64 - Services: CurCS - (.not file.) - 70186944 (70186944) .(...) - LEGACY_70186944
O64 - Services: CurCS - (.not file.) - 7056c560 (7056c560) .(...) - LEGACY_7056C560
O64 - Services: CurCS - (.not file.) - 70781ac0 (70781ac0) .(...) - LEGACY_70781AC0
O64 - Services: CurCS - (.not file.) - 70acef68 (70acef68) .(...) - LEGACY_70ACEF68
O64 - Services: CurCS - (.not file.) - 70b73f0d (70b73f0d) .(...) - LEGACY_70B73F0D
O64 - Services: CurCS - (.not file.) - 70c29422 (70c29422) .(...) - LEGACY_70C29422
O64 - Services: CurCS - (.not file.) - 7117566d (7117566d) .(...) - LEGACY_7117566D
O64 - Services: CurCS - (.not file.) - 714233f8 (714233f8) .(...) - LEGACY_714233F8
O64 - Services: CurCS - (.not file.) - 7142466b (7142466b) .(...) - LEGACY_7142466B
O64 - Services: CurCS - (.not file.) - 71682809 (71682809) .(...) - LEGACY_71682809
O64 - Services: CurCS - (.not file.) - 7181e047 (7181e047) .(...) - LEGACY_7181E047
O64 - Services: CurCS - (.not file.) - 71a2e10b (71a2e10b) .(...) - LEGACY_71A2E10B
O64 - Services: CurCS - (.not file.) - 72aeebb4 (72aeebb4) .(...) - LEGACY_72AEEBB4
O64 - Services: CurCS - (.not file.) - 72cd2cfd (72cd2cfd) .(...) - LEGACY_72CD2CFD



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 16/10/2010 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Demand 19/10/2009 183880 | (Arrakis3) . (.BitDefender S.R.L. http://www.bitdefender.c.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
SR - | Auto 03/08/2005 58880 | (ARSVC) . (.Microsoft.) - C:\WINDOWS\arservice.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 04/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/08/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
0
Réponse 20 / 47
Charly
19 mars 2011 à 10:57
Voilà ça y est la totalité du copier coller ...ouf !!!
merci de ta patiense !!!
0

Discussions similaires

recherche à partir de la barre d'adresse
Sylviane -
Lulin -

11 réponses
[référencement] Ne pas être référencé
kij_82 -
Searaphina -

10 réponses
Yahoo Search (moteur de recherche) revient
jbpfrance -
alice -

38 réponses
1fichier
titi342 -
bazfile -

1 réponse
Google est par défaut, mais change de moteur de recherche
Mathis5454000 -
pistouri -

3 réponses