Comment supprimer svchost.exe?
Résolu/Fermé
kacem06
Messages postés
71
Date d'inscription
vendredi 1 juillet 2011
Statut
Membre
Dernière intervention
7 novembre 2016
-
2 janv. 2012 à 18:25
billongo1 - 28 sept. 2015 à 16:43
billongo1 - 28 sept. 2015 à 16:43
A voir également:
- Supprimer svchost.exe virus
- Svchost.exe - Guide
- Supprimer une page word - Guide
- Supprimer compte instagram - Guide
- Supprimer edge - Guide
- Supprimer bing - Guide
78 réponses
Salut Electricien 69, Depuis midi que j'essaie d'entrer sur : https://www.virustotal.com/ , mais le site ne s'ouvre pas, y'a pas un autre site ?
j'ai trouvé les 2 fichiers,mais je n'arrive pas à rentrer sur le site que tu mas indiqué. Merci !
j'ai trouvé les 2 fichiers,mais je n'arrive pas à rentrer sur le site que tu mas indiqué. Merci !
Utilisateur anonyme
14 janv. 2012 à 16:50
14 janv. 2012 à 16:50
je sais peut être pour quoi tu n'arrives pas à te connecter sur le site de virus total !
* Télécharge TDSSKiller sur ton bureau :
https://support.kaspersky.com/downloads/utils/tdsskiller.exe
* Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )
* Clique sur [Start Scan] pour démarrer l'analyse.
* Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]
* Un rapport s'ouvrira au redémarrage du PC.
* Copie/Colle son contenu dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.
note : Si Tdsskiller trouve un fichier nommé "Sptd.sys", tu sélectionnes skip juste pour ce fichier :D
* Télécharge TDSSKiller sur ton bureau :
https://support.kaspersky.com/downloads/utils/tdsskiller.exe
* Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )
* Clique sur [Start Scan] pour démarrer l'analyse.
* Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]
* Un rapport s'ouvrira au redémarrage du PC.
* Copie/Colle son contenu dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.
note : Si Tdsskiller trouve un fichier nommé "Sptd.sys", tu sélectionnes skip juste pour ce fichier :D
Le lien ne veux pas s'ouvrir... ! j'ai même essayé de le télécharger sur 01net mais pareil, il ne veux pas s'ouvrir et le téléchargement ne se lance pas ! Quoi faire encore ? (j'espère que je ne te dérange pas), mais pourquoi tout les liens que tu m'envoies ne marchent pas ? Alors là je crois qu'il y'a un virus important qui empêche d'ouvrir les liens pour qu'ils se téléchargent, Merci bien j'attends ta réponse !
Utilisateur anonyme
14 janv. 2012 à 21:34
14 janv. 2012 à 21:34
tu as un ramnit et probablement un rootkit TLd4 sur ton pc !
c'est pour cette raison que tu n'arrives pas à ouvrire les liens !
prends le Tdsskiller ici :
http://ww38.toofiles.com/fr/oip/documents/exe/tdsskiller.html
puis lance le comme c'est indiqué sur mon précedant message
c'est pour cette raison que tu n'arrives pas à ouvrire les liens !
prends le Tdsskiller ici :
http://ww38.toofiles.com/fr/oip/documents/exe/tdsskiller.html
puis lance le comme c'est indiqué sur mon précedant message
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
kacem06
Messages postés
71
Date d'inscription
vendredi 1 juillet 2011
Statut
Membre
Dernière intervention
7 novembre 2016
26
15 janv. 2012 à 20:45
15 janv. 2012 à 20:45
ça y est il s'est téléchargé très dificilement, je l'ai lancé sur start scan pour l'analyse, il n'a rien trouvé, http://nsa22.casimages.com/img/2012/01/15/120115085314667707.png . Quoi faire maintenant stp et merci ! à bientôt .
Utilisateur anonyme
15 janv. 2012 à 20:53
15 janv. 2012 à 20:53
relance MABM, fais une mise à jour et lance un scan complet de nouveau, s'il trouve des choses, mets tout en quarantaine, poste le nouveau rapport !
as tu enregistré tes données ?
vu que les fichiers de dystème sont endommagé, il est robable, même sure qu'il faut lancer uen réparation car certaines fonctionnalités de windows sont HS !
as tu enregistré tes données ?
vu que les fichiers de dystème sont endommagé, il est robable, même sure qu'il faut lancer uen réparation car certaines fonctionnalités de windows sont HS !
kacem06
Messages postés
71
Date d'inscription
vendredi 1 juillet 2011
Statut
Membre
Dernière intervention
7 novembre 2016
26
15 janv. 2012 à 23:33
15 janv. 2012 à 23:33
salut electricien69,la mise à jour et le scan complet,c'est terminé.Je n'ai pas enregistré mes données mais où faut-il les enregistrées?Merçi bien.Ci joint le rapport:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Version de la base de données: v2012.01.15.03
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Bel :: EP-2FE626FFF2D3 [administrateur]
15/01/2012 22:35:37
mbam-log-2012-01-15 (22-35-37).txt
Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 219374
Temps écoulé: 37 minute(s), 11 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 4
HKCR\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AMSINT32 (Virus.Sality) -> Mis en quarantaine et supprimé avec succès.
HKLM\SYSTEM\CurrentControlSet\Services\amsint32 (Virus.Sality) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{B41DB860-8EE4-11D2-9906-E49FADC173CA} (Virus.Ramnit) -> Données: WinRAR shell extension -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 4
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit (Hijack.UserInit) -> Mauvais: (c:\windows\system32\userinit.exe,,c:\program files\microsoft\watermark.exe) Bon: (userinit.exe) -> Mis en quarantaine et réparé avec succès
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 12
C:\mpxvs.pif (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.
C:\vkyw.exe (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.
C:\Documents and Settings\Bel\Bureau\RogueKillermgr.exe (Spyware.Passwords.XGen) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Microsoft\WaterMark.exe (Spyware.Passwords.XGen) -> Suppression au redémarrage.
C:\WINDOWS\Explorermgr.exe (Spyware.Passwords.XGen) -> Mis en quarantaine et supprimé avec succès.
D:\itjxa.exe (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.
D:\ngvw.exe (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\Rar.exe (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\RarExt.dll (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\Uninstall.exe (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\UnRAR.exe (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\WinRAR.exe (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
(fin)
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Version de la base de données: v2012.01.15.03
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Bel :: EP-2FE626FFF2D3 [administrateur]
15/01/2012 22:35:37
mbam-log-2012-01-15 (22-35-37).txt
Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 219374
Temps écoulé: 37 minute(s), 11 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 4
HKCR\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AMSINT32 (Virus.Sality) -> Mis en quarantaine et supprimé avec succès.
HKLM\SYSTEM\CurrentControlSet\Services\amsint32 (Virus.Sality) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{B41DB860-8EE4-11D2-9906-E49FADC173CA} (Virus.Ramnit) -> Données: WinRAR shell extension -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 4
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit (Hijack.UserInit) -> Mauvais: (c:\windows\system32\userinit.exe,,c:\program files\microsoft\watermark.exe) Bon: (userinit.exe) -> Mis en quarantaine et réparé avec succès
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 12
C:\mpxvs.pif (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.
C:\vkyw.exe (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.
C:\Documents and Settings\Bel\Bureau\RogueKillermgr.exe (Spyware.Passwords.XGen) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Microsoft\WaterMark.exe (Spyware.Passwords.XGen) -> Suppression au redémarrage.
C:\WINDOWS\Explorermgr.exe (Spyware.Passwords.XGen) -> Mis en quarantaine et supprimé avec succès.
D:\itjxa.exe (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.
D:\ngvw.exe (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\Rar.exe (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\RarExt.dll (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\Uninstall.exe (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\UnRAR.exe (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
D:\WinRar\WinRAR.exe (Virus.Ramnit) -> Mis en quarantaine et supprimé avec succès.
(fin)
Utilisateur anonyme
16 janv. 2012 à 07:16
16 janv. 2012 à 07:16
bonjour,
lit ceci pour Sality:
http://www.malekal.com/2010/11/12/supprimer-w32-sality-hwin32zapchastw32-hllp-sality/
lit ceci pour Ramnit :
https://www.malekal.com/ramnit-fait-son-retour-un-vrai-virus/
donc, ton pc est bien infecté !
tes données, il faut les enregistrer sur un autre support que ton disque dure !
il se peut que ça soit un disque dure externe, une clé usb ou même un DVD !
ton pc, si on arrive à le remettre en état, vu les infections que tu as, ça sera un miracle !
essai de redémarrer ton pc en mode sans echec avec la priseen charge du réseau !
si tu n'arrives pas, il faut lancer un CD live Dr. Web :
https://free.drweb.com/aid_admin/
ou OTLPE pour nettoyer ton pc :
https://forum.malekal.com/viewtopic.php?t=23453&start=
je file bosser, @ ++
lit ceci pour Sality:
http://www.malekal.com/2010/11/12/supprimer-w32-sality-hwin32zapchastw32-hllp-sality/
lit ceci pour Ramnit :
https://www.malekal.com/ramnit-fait-son-retour-un-vrai-virus/
donc, ton pc est bien infecté !
tes données, il faut les enregistrer sur un autre support que ton disque dure !
il se peut que ça soit un disque dure externe, une clé usb ou même un DVD !
ton pc, si on arrive à le remettre en état, vu les infections que tu as, ça sera un miracle !
essai de redémarrer ton pc en mode sans echec avec la priseen charge du réseau !
si tu n'arrives pas, il faut lancer un CD live Dr. Web :
https://free.drweb.com/aid_admin/
ou OTLPE pour nettoyer ton pc :
https://forum.malekal.com/viewtopic.php?t=23453&start=
je file bosser, @ ++
kacem06
Messages postés
71
Date d'inscription
vendredi 1 juillet 2011
Statut
Membre
Dernière intervention
7 novembre 2016
26
Modifié par kacem06 le 16/01/2012 à 20:58
Modifié par kacem06 le 16/01/2012 à 20:58
bonsoir,j'ai téléchargé https://forum.malekal.com/viewtopic.php?t=23453&start= , mais il m'est sorti le tableau suivant : http://nsa21.casimages.com/img/2012/01/16/120116090516893764.png , je n'ai rien compris la suite à faire. Réponds moi stp ! Merci !
Utilisateur anonyme
17 janv. 2012 à 07:24
17 janv. 2012 à 07:24
bonjour,
en gros, avec un pc sain, il faut que tu graves un CD de Dr Web ou OTLPE !
que tu redémarre le pc infecté là dessus
que tu lance un nettoyage et remise en état de ton pc avec OTLPE !
regarde bien le tuto pour voir comment ça fonctionne :D
en gros, avec un pc sain, il faut que tu graves un CD de Dr Web ou OTLPE !
que tu redémarre le pc infecté là dessus
que tu lance un nettoyage et remise en état de ton pc avec OTLPE !
regarde bien le tuto pour voir comment ça fonctionne :D
kacem06
Messages postés
71
Date d'inscription
vendredi 1 juillet 2011
Statut
Membre
Dernière intervention
7 novembre 2016
26
Modifié par kacem06 le 18/01/2012 à 19:11
Modifié par kacem06 le 18/01/2012 à 19:11
Bonsoir Electricien 69, j'ai fais ce que tu m'as dis, j'ai lancé un scan avec OTLPE, en cliquant sur RUN SCAN, une fois que le scan est terminé le rapport s'est affiché, maintenant comment faire le nettoyage et remise en état de mon PC avec OTLPE puisque qu'il n y'a aucune explication m'indiquant comment faire sur OTLPE. comment faire stp pour continuer à résoudre ce problème que j'ai depuis plusieurs jours et à nettoyer toutes les infections qui sont sur mon PC une fois pour toute. je suis pressé d'installer un anti virus ! j'attends ta réponse et merci beaucoup.
OTL logfile created on: 18/01/2012 18:30:27 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = G:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
622,00 Mb Total Physical Memory | 253,00 Mb Available Physical Memory | 41,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 936 1872 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 11,72 Gb Total Space | 6,30 Gb Free Space | 53,75% Space Free | Partition Type: NTFS
Drive D: | 11,72 Gb Total Space | 4,21 Gb Free Space | 35,88% Space Free | Partition Type: NTFS
Drive E: | 9,77 Gb Total Space | 0,95 Gb Free Space | 9,73% Space Free | Partition Type: NTFS
Drive F: | 5,13 Gb Total Space | 0,71 Gb Free Space | 13,85% Space Free | Partition Type: NTFS
Drive G: | 284,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: EP-2FE626FFF2D3 | User Name: Bel
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - File not found [Disabled] -- -- (HidServ)
SRV - File not found [Auto] -- -- (AVGIDSAgent)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - File not found [Kernel | On_Demand] -- -- (amsint32)
DRV - [2012/01/09 15:39:27 | 000,111,872 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007/05/23 04:21:12 | 000,016,272 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)
DRV - [2007/05/23 04:20:58 | 000,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007/05/11 03:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007/03/05 06:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007/03/05 05:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2007/03/05 05:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2007/03/05 05:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2007/03/05 05:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2005/03/16 07:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Bel\Application Data\IDM\idmmzcc3 [2012/01/14 09:03:09 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/01/13 23:00:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O4 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk = D:\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Télécharger avec IDM - D:\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - D:\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - D:\Internet Download Manager\IEGetAll.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/30 16:25:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/01/13 23:01:48 | 000,000,270 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/01/13 23:01:48 | 000,000,281 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/01/25 13:01:09 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/01/25 13:01:09 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 12:06:41 | 000,000,053 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2012/01/18 17:39:48 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012/01/18 17:39:48 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012/01/18 17:39:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/01/15 20:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Recuva
[2012/01/15 20:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012/01/13 23:32:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/13 23:06:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/01/13 22:52:20 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/13 22:25:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/13 22:25:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/13 22:25:15 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/13 22:25:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/13 22:24:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/13 22:24:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/13 22:24:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\Outils d'administration
[2012/01/13 22:24:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Mes documents\Mes vidéos
[2012/01/13 22:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\WinRAR
[2012/01/13 22:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
[2012/01/13 12:51:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/01/10 17:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Malwarebytes
[2012/01/10 17:38:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2012/01/10 17:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/10 17:38:33 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/09 18:40:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Bureau\Yahoo! France_files
[2012/01/09 15:45:06 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/01/09 14:08:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
[2012/01/09 13:16:18 | 000,000,000 | ---D | C] -- C:\RK_Quarantine
[2012/01/09 13:12:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Bureau\RK_Quarantine
[2012/01/08 19:14:19 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2012/01/07 11:54:48 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/01/06 21:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Local Settings\Application Data\Opera
[2012/01/06 21:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Opera
[2012/01/06 21:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012/01/06 18:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/01/06 18:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/01/06 13:42:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/01/06 13:34:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/01/06 10:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Mes documents\FFOutput
[2012/01/05 20:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Local Settings\Application Data\Comodo
[2012/01/05 20:38:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2012/01/05 20:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\COMODO
[2012/01/05 20:23:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2012/01/05 20:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2012/01/05 20:22:56 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2012/01/05 20:22:56 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll
[2012/01/05 18:29:15 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2012/01/05 18:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\S3
[2012/01/05 18:13:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012/01/05 18:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2012/01/05 18:13:07 | 000,013,696 | R--- | C] (BIOSTAR Group) -- C:\WINDOWS\System32\drivers\BIOS.sys
[2012/01/05 13:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\S3Inc
[2012/01/05 13:16:02 | 000,305,664 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn040c.exe
[2012/01/04 23:48:20 | 000,000,000 | ---D | C] -- C:\cabs
[2012/01/04 23:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SIW
[2012/01/04 23:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\SIW
[2012/01/04 23:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\OpenCandy
[2012/01/04 23:30:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\KONAMI
[2012/01/02 19:56:00 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/01/02 19:51:24 | 004,193,410 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Bel\Mes documents\ZHPDiag2.exe
[2012/01/01 21:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Powertoys for Windows XP
[2012/01/01 21:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2011/12/31 19:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Tracing
[2011/12/31 19:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/12/31 19:28:44 | 000,054,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2011/12/31 19:28:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/12/31 19:23:44 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011/12/31 19:22:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/12/31 19:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/12/31 19:19:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2011/12/31 19:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/12/31 19:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2011/12/31 19:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/12/31 19:16:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
[2011/12/31 19:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/12/31 17:28:35 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2011/12/31 16:59:59 | 000,210,352 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\idmmbc.dll
[2011/12/31 09:27:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/12/31 09:25:19 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2011/12/31 09:25:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/12/31 09:24:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/12/31 09:22:43 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/12/31 09:22:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/12/31 09:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Mes documents\Bluetooth
[2011/12/31 09:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2011/12/30 22:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\WinRAR
[2011/12/30 22:10:53 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2011/12/30 21:20:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\IVT BlueSoleil
[2011/12/30 21:15:48 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys
[2011/12/30 21:15:39 | 000,059,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2011/12/30 21:15:39 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2011/12/30 21:15:38 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2011/12/30 21:15:38 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2011/12/30 21:15:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2011/12/30 21:15:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2011/12/30 21:15:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2011/12/30 21:15:25 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/12/30 21:15:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2011/12/30 20:44:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\PhotoFiltre
[2011/12/30 20:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\vlc
[2011/12/30 19:21:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Macromedia
[2011/12/30 19:21:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Adobe
[2011/12/30 19:19:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\Google Chrome
[2011/12/30 18:13:57 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2011/12/30 18:13:54 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2011/12/30 18:13:52 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2011/12/30 18:13:51 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2011/12/30 18:13:49 | 000,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2011/12/30 18:13:47 | 000,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2011/12/30 18:13:45 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2011/12/30 18:13:44 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2011/12/30 18:13:41 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2011/12/30 18:13:39 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2011/12/30 18:13:37 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2011/12/30 18:13:24 | 004,122,368 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys
[2011/12/30 18:13:15 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2011/12/30 18:13:15 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2011/12/30 18:13:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/12/30 18:13:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2011/12/30 18:13:14 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2011/12/30 18:13:14 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2011/12/30 18:13:14 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2011/12/30 18:13:14 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2011/12/30 18:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2011/12/30 18:13:02 | 010,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe
[2011/12/30 18:12:59 | 018,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2011/12/30 18:12:59 | 000,647,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2011/12/30 18:12:58 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2011/12/30 18:12:58 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe
[2011/12/30 18:12:57 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/12/30 18:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2011/12/30 17:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Mes documents\Downloads
[2011/12/30 17:55:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\IDM
[2011/12/30 17:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\DMCache
[2011/12/30 17:41:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/12/30 17:41:31 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2011/12/30 17:32:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Local Settings\Application Data\Google
[2011/12/30 17:18:00 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2011/12/30 17:16:34 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/12/30 17:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ODBC
[2011/12/30 17:16:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2011/12/30 17:16:31 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2011/12/30 17:16:30 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2011/12/30 17:16:29 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2011/12/30 17:16:29 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2011/12/30 17:16:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2011/12/30 17:16:29 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/12/30 17:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SpeechEngines
[2011/12/30 17:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Microsoft Shared
[2011/12/30 17:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs
[2011/12/30 17:16:28 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2011/12/30 17:16:28 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/12/30 17:16:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/12/30 17:16:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll
[2011/12/30 17:16:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinpun.dll
[2011/12/30 17:16:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintel.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintam.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmar.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinkan.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinhin.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinguj.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdindev.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/12/30 17:16:28 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeo.dll
[2011/12/30 17:16:28 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarmw.dll
[2011/12/30 17:16:28 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarme.dll
[2011/12/30 17:16:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/12/30 17:16:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/12/30 17:16:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/12/30 17:16:27 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/12/30 17:16:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdvntc.dll
[2011/12/30 17:16:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/12/30 17:16:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr2.dll
[2011/12/30 17:16:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr1.dll
[2011/12/30 17:16:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/12/30 17:16:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/12/30 17:16:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdurdu.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfa.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv2.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv1.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda3.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda2.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda1.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/12/30 17:16:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdheb.dll
[2011/12/30 17:16:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/12/30 17:16:19 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth3.dll
[2011/12/30 17:16:19 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth2.dll
[2011/12/30 17:16:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/12/30 17:16:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/12/30 17:16:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll
[2011/12/30 17:16:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/12/30 17:16:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth1.dll
[2011/12/30 17:16:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth0.dll
[2011/12/30 17:16:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/12/30 17:16:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/12/30 17:16:18 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2011/12/30 17:16:16 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2011/12/30 17:16:16 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2011/12/30 17:16:16 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2011/12/30 17:16:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2011/12/30 17:16:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2011/12/30 17:16:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2011/12/30 17:16:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2011/12/30 17:16:14 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2011/12/30 17:16:12 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2011/12/30 17:16:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2011/12/30 17:16:12 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2011/12/30 17:16:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2011/12/30 17:16:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2011/12/30 17:16:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2011/12/30 17:16:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2011/12/30 17:16:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2011/12/30 17:16:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2011/12/30 17:16:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2011/12/30 17:16:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2011/12/30 17:16:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2011/12/30 17:16:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2011/12/30 17:16:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2011/12/30 17:16:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2011/12/30 17:16:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2011/12/30 17:16:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2011/12/30 17:16:10 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2011/12/30 17:16:10 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2011/12/30 17:16:10 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2011/12/30 17:16:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2011/12/30 17:16:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2011/12/30 17:16:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2011/12/30 17:16:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2011/12/30 17:16:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2011/12/30 17:16:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2011/12/30 17:16:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2011/12/30 17:16:08 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2011/12/30 17:16:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2011/12/30 17:16:08 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2011/12/30 17:16:08 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2011/12/30 17:16:08 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2011/12/30 17:16:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2011/12/30 17:16:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2011/12/30 17:16:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2011/12/30 17:16:05 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011/12/30 17:16:05 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2011/12/30 17:16:05 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2011/12/30 17:16:05 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2011/12/30 17:16:05 | 000,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2011/12/30 17:16:05 | 000,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2011/12/30 17:16:05 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/12/30 17:16:05 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/12/30 17:16:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/12/30 17:16:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/12/30 17:16:04 | 000,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2011/12/30 17:16:04 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2011/12/30 17:16:04 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2011/12/30 17:16:04 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2011/12/30 17:16:04 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2011/12/30 17:16:04 | 000,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2011/12/30 17:16:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2011/12/30 17:16:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2011/12/30 17:16:04 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2011/12/30 17:16:04 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2011/12/30 17:16:04 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2011/12/30 17:16:03 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2011/12/30 17:16:03 | 000,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2011/12/30 17:16:03 | 000,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2011/12/30 17:16:03 | 000,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2011/12/30 17:16:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2011/12/30 17:16:03 | 000,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2011/12/30 17:16:03 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2011/12/30 17:16:03 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2011/12/30 17:16:03 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2011/12/30 17:16:03 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2011/12/30 17:16:02 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2011/12/30 17:16:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2011/12/30 17:16:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2011/12/30 17:16:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2011/12/30 17:16:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2011/12/30 17:16:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2011/12/30 17:16:01 | 000,070,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2011/12/30 17:16:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2011/12/30 17:15:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer
[2011/12/30 17:15:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/12/30 17:15:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
[2011/12/30 17:15:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modèles
[2011/12/30 17:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoris
[2011/12/30 17:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2011/12/30 17:15:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/12/30 17:15:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/12/30 17:15:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/12/30 17:15:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/12/30 17:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/12/30 17:14:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/12/30 16:54:31 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/12/30 16:54:31 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/12/30 16:54:31 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/12/30 16:54:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1036
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011/12/30 16:43:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Identities
[2011/12/30 16:43:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Mes documents\Mes images
[2011/12/30 16:43:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Mes documents\Ma musique
[2011/12/30 16:42:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Bel\Application Data\Microsoft
[2011/12/30 16:42:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Bel\Cookies
[2011/12/30 16:42:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bel\SendTo
[2011/12/30 16:42:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bel\Recent
[2011/12/30 16:42:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bel\Application Data
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Mes documents
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Menu Démarrer
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Favoris
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\Démarrage
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\Accessoires
[2011/12/30 16:42:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bel\Modèles
[2011/12/30 16:42:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bel\Local Settings
[2011/12/30 16:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Local Settings\Application Data\Microsoft
[2011/12/30 16:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Bureau
[2011/12/30 16:42:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bel\Voisinage réseau
[2011/12/30 16:42:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bel\Voisinage d'impression
[2011/12/30 16:40:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/12/30 16:32:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/12/30 16:30:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/12/30 16:30:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/12/30 16:30:23 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/12/30 16:30:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/12/30 16:30:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Cookies
[2011/12/30 16:30:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Local Settings
[2011/12/30 16:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/12/30 16:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data
[2011/12/30 16:29:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/12/30 16:29:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\NetworkService\Local Settings
[2011/12/30 16:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/12/30 16:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data
[2011/12/30 16:28:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/12/30 16:28:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/12/30 16:28:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/12/30 16:28:47 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/12/30 16:28:47 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/12/30 16:28:46 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/12/30 16:28:45 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/12/30 16:28:45 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/12/30 16:28:44 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2011/12/30 16:28:44 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2011/12/30 16:28:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2011/12/30 16:28:43 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2011/12/30 16:28:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2011/12/30 16:28:43 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/12/30 16:28:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2011/12/30 16:28:43 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2011/12/30 16:28:42 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/12/30 16:28:42 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/12/30 16:28:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/12/30 16:28:40 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/12/30 16:28:39 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2011/12/30 16:28:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/12/30 16:28:37 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/12/30 16:28:37 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/12/30 16:28:37 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/12/30 16:28:37 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2011/12/30 16:28:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/12/30 16:28:36 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/12/30 16:28:36 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/12/30 16:28:36 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/12/30 16:28:34 | 000,046,592 | ---- | C] (Micros
OTL logfile created on: 18/01/2012 18:30:27 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = G:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
622,00 Mb Total Physical Memory | 253,00 Mb Available Physical Memory | 41,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 936 1872 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 11,72 Gb Total Space | 6,30 Gb Free Space | 53,75% Space Free | Partition Type: NTFS
Drive D: | 11,72 Gb Total Space | 4,21 Gb Free Space | 35,88% Space Free | Partition Type: NTFS
Drive E: | 9,77 Gb Total Space | 0,95 Gb Free Space | 9,73% Space Free | Partition Type: NTFS
Drive F: | 5,13 Gb Total Space | 0,71 Gb Free Space | 13,85% Space Free | Partition Type: NTFS
Drive G: | 284,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: EP-2FE626FFF2D3 | User Name: Bel
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - File not found [Disabled] -- -- (HidServ)
SRV - File not found [Auto] -- -- (AVGIDSAgent)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - File not found [Kernel | On_Demand] -- -- (amsint32)
DRV - [2012/01/09 15:39:27 | 000,111,872 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007/05/23 04:21:12 | 000,016,272 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)
DRV - [2007/05/23 04:20:58 | 000,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007/05/11 03:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007/03/05 06:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007/03/05 05:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2007/03/05 05:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2007/03/05 05:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2007/03/05 05:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2005/03/16 07:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Bel\Application Data\IDM\idmmzcc3 [2012/01/14 09:03:09 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/01/13 23:00:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O4 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk = D:\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1644491937-2052111302-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Télécharger avec IDM - D:\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - D:\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - D:\Internet Download Manager\IEGetAll.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\System32\idmmbc.dll (Tonec Inc.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - File not found
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/30 16:25:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/01/13 23:01:48 | 000,000,270 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/01/13 23:01:48 | 000,000,281 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/01/25 13:01:09 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/01/25 13:01:09 | 000,000,000 | ---D | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 12:06:41 | 000,000,053 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2012/01/18 17:39:48 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012/01/18 17:39:48 | 000,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012/01/18 17:39:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/01/15 20:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Recuva
[2012/01/15 20:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012/01/13 23:32:38 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/13 23:06:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/01/13 22:52:20 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/13 22:25:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/13 22:25:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/13 22:25:15 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/13 22:25:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/13 22:24:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/13 22:24:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/13 22:24:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\Outils d'administration
[2012/01/13 22:24:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Mes documents\Mes vidéos
[2012/01/13 22:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\WinRAR
[2012/01/13 22:08:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
[2012/01/13 12:51:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/01/10 17:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Malwarebytes
[2012/01/10 17:38:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2012/01/10 17:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/10 17:38:33 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/09 18:40:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Bureau\Yahoo! France_files
[2012/01/09 15:45:06 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/01/09 14:08:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
[2012/01/09 13:16:18 | 000,000,000 | ---D | C] -- C:\RK_Quarantine
[2012/01/09 13:12:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Bureau\RK_Quarantine
[2012/01/08 19:14:19 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2012/01/07 11:54:48 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/01/06 21:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Local Settings\Application Data\Opera
[2012/01/06 21:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Opera
[2012/01/06 21:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012/01/06 18:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/01/06 18:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/01/06 13:42:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/01/06 13:34:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/01/06 10:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Mes documents\FFOutput
[2012/01/05 20:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Local Settings\Application Data\Comodo
[2012/01/05 20:38:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2012/01/05 20:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\COMODO
[2012/01/05 20:23:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo
[2012/01/05 20:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo
[2012/01/05 20:22:56 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2012/01/05 20:22:56 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll
[2012/01/05 18:29:15 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2012/01/05 18:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\S3
[2012/01/05 18:13:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012/01/05 18:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2012/01/05 18:13:07 | 000,013,696 | R--- | C] (BIOSTAR Group) -- C:\WINDOWS\System32\drivers\BIOS.sys
[2012/01/05 13:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\S3Inc
[2012/01/05 13:16:02 | 000,305,664 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn040c.exe
[2012/01/04 23:48:20 | 000,000,000 | ---D | C] -- C:\cabs
[2012/01/04 23:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SIW
[2012/01/04 23:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\SIW
[2012/01/04 23:41:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\OpenCandy
[2012/01/04 23:30:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\KONAMI
[2012/01/02 19:56:00 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/01/02 19:51:24 | 004,193,410 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\Bel\Mes documents\ZHPDiag2.exe
[2012/01/01 21:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Powertoys for Windows XP
[2012/01/01 21:10:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2011/12/31 19:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Tracing
[2011/12/31 19:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/12/31 19:28:44 | 000,054,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fssfltr_tdi.sys
[2011/12/31 19:28:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/12/31 19:23:44 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011/12/31 19:22:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/12/31 19:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/12/31 19:19:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2011/12/31 19:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/12/31 19:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2011/12/31 19:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011/12/31 19:16:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
[2011/12/31 19:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/12/31 17:28:35 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2011/12/31 16:59:59 | 000,210,352 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\idmmbc.dll
[2011/12/31 09:27:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/12/31 09:25:19 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2011/12/31 09:25:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/12/31 09:24:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/12/31 09:22:43 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/12/31 09:22:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/12/31 09:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Mes documents\Bluetooth
[2011/12/31 09:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2011/12/30 22:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\WinRAR
[2011/12/30 22:10:53 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2011/12/30 21:20:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\IVT BlueSoleil
[2011/12/30 21:15:48 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys
[2011/12/30 21:15:39 | 000,059,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2011/12/30 21:15:39 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2011/12/30 21:15:38 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2011/12/30 21:15:38 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2011/12/30 21:15:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2011/12/30 21:15:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2011/12/30 21:15:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2011/12/30 21:15:25 | 000,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/12/30 21:15:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2011/12/30 20:44:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\PhotoFiltre
[2011/12/30 20:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\vlc
[2011/12/30 19:21:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Macromedia
[2011/12/30 19:21:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Adobe
[2011/12/30 19:19:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\Google Chrome
[2011/12/30 18:13:57 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2011/12/30 18:13:54 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2011/12/30 18:13:52 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2011/12/30 18:13:51 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2011/12/30 18:13:49 | 000,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2011/12/30 18:13:47 | 000,171,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2011/12/30 18:13:45 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2011/12/30 18:13:44 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2011/12/30 18:13:41 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2011/12/30 18:13:39 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2011/12/30 18:13:37 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2011/12/30 18:13:24 | 004,122,368 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys
[2011/12/30 18:13:15 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2011/12/30 18:13:15 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2011/12/30 18:13:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/12/30 18:13:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2011/12/30 18:13:14 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2011/12/30 18:13:14 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2011/12/30 18:13:14 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2011/12/30 18:13:14 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2011/12/30 18:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2011/12/30 18:13:02 | 010,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe
[2011/12/30 18:12:59 | 018,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2011/12/30 18:12:59 | 000,647,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2011/12/30 18:12:58 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2011/12/30 18:12:58 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe
[2011/12/30 18:12:57 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/12/30 18:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2011/12/30 17:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Mes documents\Downloads
[2011/12/30 17:55:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\IDM
[2011/12/30 17:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\DMCache
[2011/12/30 17:41:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/12/30 17:41:31 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2011/12/30 17:32:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Local Settings\Application Data\Google
[2011/12/30 17:18:00 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2011/12/30 17:16:34 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/12/30 17:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ODBC
[2011/12/30 17:16:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2011/12/30 17:16:31 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2011/12/30 17:16:30 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2011/12/30 17:16:29 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2011/12/30 17:16:29 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2011/12/30 17:16:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2011/12/30 17:16:29 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/12/30 17:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SpeechEngines
[2011/12/30 17:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Microsoft Shared
[2011/12/30 17:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs
[2011/12/30 17:16:28 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2011/12/30 17:16:28 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/12/30 17:16:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/12/30 17:16:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll
[2011/12/30 17:16:28 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinpun.dll
[2011/12/30 17:16:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintel.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintam.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmar.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinkan.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinhin.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinguj.dll
[2011/12/30 17:16:28 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdindev.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/12/30 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/12/30 17:16:28 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeo.dll
[2011/12/30 17:16:28 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarmw.dll
[2011/12/30 17:16:28 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarme.dll
[2011/12/30 17:16:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/12/30 17:16:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/12/30 17:16:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/12/30 17:16:27 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/12/30 17:16:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdvntc.dll
[2011/12/30 17:16:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/12/30 17:16:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr2.dll
[2011/12/30 17:16:26 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr1.dll
[2011/12/30 17:16:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/12/30 17:16:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/12/30 17:16:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdurdu.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfa.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv2.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv1.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda3.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda2.dll
[2011/12/30 17:16:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda1.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/12/30 17:16:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/12/30 17:16:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdheb.dll
[2011/12/30 17:16:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/12/30 17:16:19 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth3.dll
[2011/12/30 17:16:19 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth2.dll
[2011/12/30 17:16:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/12/30 17:16:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/12/30 17:16:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll
[2011/12/30 17:16:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/12/30 17:16:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth1.dll
[2011/12/30 17:16:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth0.dll
[2011/12/30 17:16:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/12/30 17:16:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/12/30 17:16:18 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2011/12/30 17:16:16 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2011/12/30 17:16:16 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2011/12/30 17:16:16 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2011/12/30 17:16:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2011/12/30 17:16:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2011/12/30 17:16:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2011/12/30 17:16:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2011/12/30 17:16:14 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2011/12/30 17:16:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2011/12/30 17:16:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2011/12/30 17:16:12 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2011/12/30 17:16:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2011/12/30 17:16:12 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2011/12/30 17:16:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2011/12/30 17:16:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2011/12/30 17:16:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2011/12/30 17:16:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2011/12/30 17:16:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2011/12/30 17:16:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2011/12/30 17:16:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2011/12/30 17:16:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2011/12/30 17:16:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2011/12/30 17:16:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2011/12/30 17:16:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2011/12/30 17:16:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2011/12/30 17:16:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2011/12/30 17:16:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2011/12/30 17:16:10 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2011/12/30 17:16:10 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2011/12/30 17:16:10 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2011/12/30 17:16:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2011/12/30 17:16:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2011/12/30 17:16:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2011/12/30 17:16:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2011/12/30 17:16:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2011/12/30 17:16:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2011/12/30 17:16:10 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2011/12/30 17:16:08 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2011/12/30 17:16:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2011/12/30 17:16:08 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2011/12/30 17:16:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2011/12/30 17:16:08 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2011/12/30 17:16:08 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2011/12/30 17:16:08 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2011/12/30 17:16:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2011/12/30 17:16:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2011/12/30 17:16:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2011/12/30 17:16:05 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011/12/30 17:16:05 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2011/12/30 17:16:05 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2011/12/30 17:16:05 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2011/12/30 17:16:05 | 000,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2011/12/30 17:16:05 | 000,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2011/12/30 17:16:05 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/12/30 17:16:05 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/12/30 17:16:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/12/30 17:16:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/12/30 17:16:04 | 000,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2011/12/30 17:16:04 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2011/12/30 17:16:04 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2011/12/30 17:16:04 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2011/12/30 17:16:04 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2011/12/30 17:16:04 | 000,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2011/12/30 17:16:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2011/12/30 17:16:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2011/12/30 17:16:04 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2011/12/30 17:16:04 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2011/12/30 17:16:04 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2011/12/30 17:16:03 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2011/12/30 17:16:03 | 000,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2011/12/30 17:16:03 | 000,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2011/12/30 17:16:03 | 000,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2011/12/30 17:16:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2011/12/30 17:16:03 | 000,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2011/12/30 17:16:03 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2011/12/30 17:16:03 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2011/12/30 17:16:03 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2011/12/30 17:16:03 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2011/12/30 17:16:02 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2011/12/30 17:16:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2011/12/30 17:16:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2011/12/30 17:16:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2011/12/30 17:16:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2011/12/30 17:16:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2011/12/30 17:16:01 | 000,070,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2011/12/30 17:16:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2011/12/30 17:15:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer
[2011/12/30 17:15:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/12/30 17:15:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
[2011/12/30 17:15:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modèles
[2011/12/30 17:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoris
[2011/12/30 17:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2011/12/30 17:15:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/12/30 17:15:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/12/30 17:15:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/12/30 17:15:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/12/30 17:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/12/30 17:14:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/12/30 16:54:31 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/12/30 16:54:31 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/12/30 16:54:31 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/12/30 16:54:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1036
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/12/30 16:54:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011/12/30 16:43:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Application Data\Identities
[2011/12/30 16:43:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Mes documents\Mes images
[2011/12/30 16:43:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Mes documents\Ma musique
[2011/12/30 16:42:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Bel\Application Data\Microsoft
[2011/12/30 16:42:40 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Bel\Cookies
[2011/12/30 16:42:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bel\SendTo
[2011/12/30 16:42:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bel\Recent
[2011/12/30 16:42:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bel\Application Data
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Mes documents
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Menu Démarrer
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Favoris
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\Démarrage
[2011/12/30 16:42:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bel\Menu Démarrer\Programmes\Accessoires
[2011/12/30 16:42:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bel\Modèles
[2011/12/30 16:42:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bel\Local Settings
[2011/12/30 16:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Local Settings\Application Data\Microsoft
[2011/12/30 16:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bel\Bureau
[2011/12/30 16:42:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bel\Voisinage réseau
[2011/12/30 16:42:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Bel\Voisinage d'impression
[2011/12/30 16:40:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/12/30 16:32:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/12/30 16:30:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/12/30 16:30:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/12/30 16:30:23 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/12/30 16:30:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/12/30 16:30:22 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Cookies
[2011/12/30 16:30:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Local Settings
[2011/12/30 16:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/12/30 16:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data
[2011/12/30 16:29:49 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/12/30 16:29:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\NetworkService\Local Settings
[2011/12/30 16:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/12/30 16:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data
[2011/12/30 16:28:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/12/30 16:28:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/12/30 16:28:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/12/30 16:28:47 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/12/30 16:28:47 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/12/30 16:28:46 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/12/30 16:28:45 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/12/30 16:28:45 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/12/30 16:28:44 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2011/12/30 16:28:44 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2011/12/30 16:28:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2011/12/30 16:28:43 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2011/12/30 16:28:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2011/12/30 16:28:43 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/12/30 16:28:43 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2011/12/30 16:28:43 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2011/12/30 16:28:42 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/12/30 16:28:42 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/12/30 16:28:40 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/12/30 16:28:40 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/12/30 16:28:39 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2011/12/30 16:28:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/12/30 16:28:37 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/12/30 16:28:37 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/12/30 16:28:37 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/12/30 16:28:37 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2011/12/30 16:28:37 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/12/30 16:28:36 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/12/30 16:28:36 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/12/30 16:28:36 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/12/30 16:28:34 | 000,046,592 | ---- | C] (Micros
Utilisateur anonyme
18 janv. 2012 à 20:52
18 janv. 2012 à 20:52
bonsoir,
dans le menu d'OTLPE, tu trouves " My computer", tu verras le contenu de ton disque dure !
trouve le répertoir de Malawarbit antimalawares !
trouve l'executable qui s'appelle MBAM.exe, lance le et laisse le travailler !
tu sais comment l'utiliser :D
lance une mise à jour,
puis un scan complet du pc, s'il trouve des choses, mets tout en quarantaine.
dans le menu d'OTLPE, tu trouves " My computer", tu verras le contenu de ton disque dure !
trouve le répertoir de Malawarbit antimalawares !
trouve l'executable qui s'appelle MBAM.exe, lance le et laisse le travailler !
tu sais comment l'utiliser :D
lance une mise à jour,
puis un scan complet du pc, s'il trouve des choses, mets tout en quarantaine.
Bonsoir Electricien69, j'ai lanc?BAM, et un tableau est sorti, j'ai cliqu?ur l'onglet mise a jour, mais il n y'a pas de mise a jour http://nsa22.casimages.com/img/2012/01/19/120119071409168039.png , puis j'ai cliqu?ur SCAN, un message d'erreur s'affiche . http://nsa21.casimages.com/img/2012/01/19/120119071620226078.png
Quoi faire pour continuer ce que tu m'as dis, par ce que ca ne marche pas. Je te remercie beaucoup de tous tes conseils. A bientot
Quoi faire pour continuer ce que tu m'as dis, par ce que ca ne marche pas. Je te remercie beaucoup de tous tes conseils. A bientot
Utilisateur anonyme
19 janv. 2012 à 19:24
19 janv. 2012 à 19:24
bonsoir,
on aurait du passer par un live cd de dr web directe !
https://forum.pcastuces.com/analyse_antivirus_par_un_live_cd-f31s36.htm
tu as sur la page ce qu'il te faut pour nettoyer le pc :D
on aurait du passer par un live cd de dr web directe !
https://forum.pcastuces.com/analyse_antivirus_par_un_live_cd-f31s36.htm
tu as sur la page ce qu'il te faut pour nettoyer le pc :D
kacem06
Messages postés
71
Date d'inscription
vendredi 1 juillet 2011
Statut
Membre
Dernière intervention
7 novembre 2016
26
19 janv. 2012 à 19:26
19 janv. 2012 à 19:26
Bonsoir Electricien69, j'ai lancé MBAM, et un tableau est sorti, j'ai cliqué sur l'onglet mise a jour, mais il n y'a pas de mise a jour
http://nsa22.casimages.com/img/2012/01/19/120119071409168039.png , puis j'ai cliqué sur SCAN, un message d'erreur s'affiche .
http://nsa21.casimages.com/img/2012/01/19/120119071620226078.png
Quoi faire pour continuer ce que tu m'as dis, par ce que ca ne marche pas. Je te remercie beaucoup de tous tes conseils. A bientôt
http://nsa22.casimages.com/img/2012/01/19/120119071409168039.png , puis j'ai cliqué sur SCAN, un message d'erreur s'affiche .
http://nsa21.casimages.com/img/2012/01/19/120119071620226078.png
Quoi faire pour continuer ce que tu m'as dis, par ce que ca ne marche pas. Je te remercie beaucoup de tous tes conseils. A bientôt
kacem06
Messages postés
71
Date d'inscription
vendredi 1 juillet 2011
Statut
Membre
Dernière intervention
7 novembre 2016
26
20 janv. 2012 à 16:46
20 janv. 2012 à 16:46
Salut Electricien69, j'ai téléchargé live cd de dr web, mais il s'arrête a 99.98% il ne se termine pas ! je l'ai refait une 2ème fois pareil ! rien ne sort pour continuer la suite. Quoi faire ? je l'ai deja essayé y'a 2 jours de ça, et il ne se termine pas, c'est pour ça que j'ai opté pour OTLPE qui lui s'installe a 100% mais il ne termine pas la suite à faire, et c'est pour cette raison que je t'ai envoyé le message hier . Comment continuer la suite, je te remerci beaucoup de tes conseils.
Utilisateur anonyme
20 janv. 2012 à 17:52
20 janv. 2012 à 17:52
bonjour,
je viens de relire le topic !
l'infection a touché tout ton système, mêmesi on arrive à nettoyer, il y a besoin de réparer le système, voir même tout réinstaller !
Avec Otple, on puet réctifier les choses, mais pas à ce point d'avancement des infections Sality et Ramnit !
démarre ton pc en mode normal !
lance un nettoyage avec Prescan :
http://general-changelog-team.fr/outils/234-prescan
essaie de lancer Dr WEB :
https://forums.commentcamarche.net/forum/affich-24077130-comment-supprimer-svchost-exe?full#14
je viens de relire le topic !
l'infection a touché tout ton système, mêmesi on arrive à nettoyer, il y a besoin de réparer le système, voir même tout réinstaller !
Avec Otple, on puet réctifier les choses, mais pas à ce point d'avancement des infections Sality et Ramnit !
démarre ton pc en mode normal !
lance un nettoyage avec Prescan :
http://general-changelog-team.fr/outils/234-prescan
essaie de lancer Dr WEB :
https://forums.commentcamarche.net/forum/affich-24077130-comment-supprimer-svchost-exe?full#14
kacem06
Messages postés
71
Date d'inscription
vendredi 1 juillet 2011
Statut
Membre
Dernière intervention
7 novembre 2016
26
21 janv. 2012 à 18:01
21 janv. 2012 à 18:01
Bonsoir Electricien69, J'ai démarré mon PC en mode normal, j'ai lancé un nettoyage avec Prescan, l'opération a été exécutée, le scan n'a rien trouvé. J'ai téléchargé Dr.Web l'opération a réussi, mais dès que je clique dessus il ne s'ouvre pas, j'ai recommencé plusieurs fois mais ça ne marche pas. Je ne sais plus quoi faire pour terminer ce problème qui persiste. Dr.web s'installe, mais je voudrais bien savoir pourquoi il ne s'ouvre pas ! Je te remercie beaucoup. Ci joint le rapport :
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.021 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤
~ Mis à jour le 20/01/2012 | 01.00 par g3n-h@ckm@n
~ Informations Evolution : https://gen-hackman.kanak.fr/
~ Informations sur les switchs Pre_Script : https://gen-hackman.kanak.fr/
~ Remontées rogues : https://gen-hackman.kanak.fr/#504
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Utilisateur : Bel (Administrateurs) | SID = S-1-5-21-1644491937-2052111302-1801674531-1003
~ Ordinateur : EP-2FE626FFF2D3
~ Système d'exploitation : Microsoft Windows XP (32 bits) Service Pack 2
~ Enregistré sous : Personnel
~ Enregistré sous : eP
~ Processeur : Intel(R) Celeron(R) CPU 2.13GHz
~ Identification : x86 Family 15 Model 4 Stepping 9
Internet Explorer : 6.0.2900.2180
~ Navigateur Opéra présent
Google Chrome : 16.0.912.75
Pare-feu windows : Inactif
Windows Defender : Inactif
a:\ -> [Removable] | []
c:\ -> [Fixed] | [] | Total : 12000 Mo | Free : 6130 Mo -> NTFS
d:\ -> [Fixed] | [] | Total : 12000 Mo | Free : 3790 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 10000 Mo | Free : 760 Mo -> NTFS
f:\ -> [Fixed] | [] | Total : 5260 Mo | Free : 720 Mo -> NTFS
g:\ -> [CDROM] | []
Scan : 18:04:31 | 20/01/2012
[HKLM | Auto Update\Results\Install] | LastSuccessTime -> 2011-12-31 08:28:31
¤¤¤¤¤¤¤¤¤¤ | Sessions
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-1003 : ProfileImagePath -> %SystemDrive%\Documents and Settings\Bel
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-1003 : RefCount -> 1
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-1003 : State -> 256
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-500 : ProfileImagePath -> %SystemDrive%\Documents and Settings\Administrateur
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-500 : RefCount -> 1
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-500 : State -> 260
¤¤¤¤¤¤¤¤¤¤ | Contrôle MD5
[MD5.F1EFB65D5F737F7B559104D7A14631A4] -- [20/01/2012 | 18:04:31] -- C:\Kill'em\MBR.bin
[MD5.2A7BD330924252A2FD80344FC949BB72] -- [19/08/2004 | 15:09:54] -- C:\windows\explorer.exe
[MD5.2A7BD330924252A2FD80344FC949BB72] -- [13/01/2012 | 23:04:39] -- C:\windows\ERDNT\cache\explorer.exe
[MD5.2A7BD330924252A2FD80344FC949BB72] -- [19/08/2004 | 15:09:54] -- C:\windows\system32\dllcache\explorer.exe
[MD5.84717891F0734C611721F56C60B5FBC3] -- [19/08/2004 | 15:10:04] -- C:\WINDOWS\System32\Userinit.exe
[MD5.123EEA158F74D0F67A51DCDF065D1091] -- [19/08/2004 | 15:10:06] -- C:\WINDOWS\System32\Winlogon.exe
[MD5.CDD7140C0EAA754C527B983CCC9993CD] -- [19/08/2004 | 15:10:04] -- C:\WINDOWS\System32\rundll32.exe
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] -- [03/08/2004 | 21:59:44] -- C:\WINDOWS\System32\Drivers\Atapi.sys
[MD5.AF9C19B3100FE010496B1A27181FBF72] -- [03/08/2004 | 21:59:54] -- C:\WINDOWS\system32\drivers\Cdrom.sys
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] -- [19/08/2004 | 14:59:14] -- C:\WINDOWS\System32\Drivers\Volsnap.sys
¤¤¤¤¤¤¤¤¤¤ | Processus en cours
Demarrage : Normal
740 | C:\WINDOWS\System32\smss.exe - SYSTEM - Normal - \SystemRoot\System32\smss.exe - 4
812 | C:\WINDOWS\system32\csrss.exe - SYSTEM - Normal - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 740
836 | C:\WINDOWS\system32\winlogon.exe - SYSTEM - High - winlogon.exe - 740
880 | C:\WINDOWS\system32\services.exe - SYSTEM - Normal - C:\WINDOWS\system32\services.exe - 836
892 | C:\WINDOWS\system32\lsass.exe - SYSTEM - Normal - C:\WINDOWS\system32\lsass.exe - 836
1048 | C:\WINDOWS\system32\svchost.exe - SYSTEM - Normal - C:\WINDOWS\system32\svchost.exe -k DcomLaunch - 880
1108 | C:\WINDOWS\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\WINDOWS\system32\svchost.exe -k rpcss - 880
1256 | C:\WINDOWS\System32\svchost.exe - SYSTEM - Normal - C:\WINDOWS\System32\svchost.exe -k netsvcs - 880
1304 | C:\WINDOWS\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\WINDOWS\system32\svchost.exe -k NetworkService - 880
1348 | C:\WINDOWS\system32\svchost.exe - SERVICE LOCAL - Normal - C:\WINDOWS\system32\svchost.exe -k LocalService - 880
244 | D:\Internet Download Manager\IDMan.exe - Bel - Normal - "D:\Internet Download Manager\IDMan.exe" /onboot - 1708
2924 | D:\Internet Download Manager\IEMonitor.exe - Bel - Normal - "D:\Internet Download Manager\IEMonitor.exe" - 244
12564 | C:\WINDOWS\system32\svchost.exe - SYSTEM - Normal - C:\WINDOWS\system32\svchost.exe -k imgsvc - 880
13416 | C:\WINDOWS\System32\svchost.exe - SYSTEM - Normal - C:\WINDOWS\System32\svchost.exe -k HTTPFilter - 880
21300 | C:\Documents and Settings\Bel\Mes documents\Downloads\Programs\Pre_scan.exe - Bel - High - "C:\Documents and Settings\Bel\Mes documents\Downloads\Programs\Pre_scan.exe" - 244
16320 | C:\Program Files\Windows Live\Family Safety\fsssvc.exe - SYSTEM - Normal - "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" - 880
31672 | C:\WINDOWS\system32\cmd.exe - Bel - Normal - cmd /c ""C:\Kill'em\Pv.bat" " - 21300
2792 | C:\Kill'em\Pv.exe - Bel - Normal - C:\Kill'em\pv.exe -o"%i | %f - %u - %p - %l - %r" - 31672
¤¤¤¤¤¤¤¤¤¤ | Démarrage principaux avant suppression
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=SOUNDMAN.EXE
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
"VTTimer"=VTTimer.exe
"VTTrayp"=VTtrayp.exe
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-21-1644491937-2052111302-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=D:\Internet Download Manager\IDMan.exe /onboot
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [19/08/2004|15:09:52]
[HKEY_USERS\S-1-5-21-1644491937-2052111302-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-21-1644491937-2052111302-1801674531-1003_Classes\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-21-1644491937-2052111302-1801674531-1003_Classes\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
¤¤¤¤¤¤¤¤¤¤ | Autres Démarrages Silencieux
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Fichiers hors connexion] | @ -> {750fdf0e-2a26-11d1-a3ea-080036587f03}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Open With] | @ -> {09799AFB-AD67-11d1-ABCD-00C04FC30936}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu] | @ -> {A470F8CF-A1E8-4f65-8335-227475AA5C46}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\ShellExtension] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}] | @ -> Épingle du menu Démarrer
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu] | @ -> {7444C719-39BF-11D1-8CD9-00C04FC29D45}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\PropertySheetHandlers\{1F2E5C40-9550-11CE-99D2-00AA006E086C}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\PropertySheetHandlers\{3EA48300-8CF6-101B-84FB-666CCB9BCD32}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}] | @ -> Summary Properties Page
[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt] | @ -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\Send To] | @ -> {7BA4C740-9E81-11CF-99D3-00AA004AE837}
[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu] | @ -> {A470F8CF-A1E8-4f65-8335-227475AA5C46}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\Fichiers hors connexion] | @ -> {750fdf0e-2a26-11d1-a3ea-080036587f03}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing] | @ -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\ShellExtension] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\CopyHookHandlers\CDF] | @ -> {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem] | @ -> {217FC9C0-3AEA-1069-A2DB-08002B30309D}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments] | @ -> {ECF03A33-103D-11d2-854D-006008059367}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing] | @ -> {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing] | @ -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\{1F2E5C40-9550-11CE-99D2-00AA006E086C}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\New] | @ -> {D969A300-E7FF-11d0-A93B-00A0C90F2719}
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\MBAMShlExt] | @ -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\DragDropHandlers\{BD472F60-27FA-11cf-B8B4-444553540000}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSCDBurningOnArrival] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17169
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSLivePhotoAcqHWEventHandler] | @ -> @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-11
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSLivePhotoAcquireDropHandler] | @ -> @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-11
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSLiveShowPicturesOnArrival] | @ -> @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-12
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSLiveVideoCameraArrivalCaptureWizard] | @ -> @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-13
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSOpenFolder] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17154
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPlayCDAudioOnArrival] | @ -> @wmploc.dll,-6503
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPlayDVDMovieOnArrival] | @ -> @wmploc.dll,-6504
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPlayMediaOnArrival] | @ -> @wmploc.dll,-1800
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPrintPicturesOnArrival] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17158
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPromptEachTime] | @ -> Prompt each time
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPromptEachTimeNoContent] | @ -> Prompt each time - No Content
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSRipCDAudioOnArrival] | @ -> @wmploc.dll,-6506
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSShowPicturesOnArrival] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17156
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSTakeNoAction] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17168
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSVideoCameraArrival] | @ -> @C:\Program Files\Movie Maker\wmm2res.dll,-63095
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSWiaEventHandler] | @ -> @%systemroot%\System32\wiaacmgr.exe,-276
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSWMDMHandler] | @ -> Transfer Files
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSWMPBurnCDOnArrival] | @ -> @wmploc.dll,-6505
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders] | SecurityProviders -> msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager] | BootExecute -> autocheck autochk *
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
¤
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] | {AEB6717E-7E19-11d0-97EE-00C04FD91972} ->
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"=0x00
¤
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{01E04581-4EEE-11D0-BFE9-00AA005B4383}"=0x8145E001EE4ED011BFE900AA005B4383100000000000000001E032F401000000
"{0E5CBF21-D15F-11D0-8301-00AA005B4383}"=0x21BF5C0E5FD1D011830100AA005B438322001C000800000006000000010000000000000000000000000000004C0000000114020000000000C0000000000000468100000010000000D45A3AB609C7CC010E81CD3284C8CC010E0FA5BC09C7CC01000000000000000001000000000000000000000000000000410114001F50E04FD020EA3A6910A2D808002B30309D19002F433A5C000000000000000000000000000000000000005C003100000000009E3F547D1000444F43554D457E310000440003000400EFBE9E3FCE81214013661400000044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073000000180030003100000000009F3F0594100042656C001E0003000400EFBE9E3F547D2140136614000000420065006C000000120050003100000000009E3F667D11004661766F726973003A0003000400EFBE9E3F557D21401366140024004600610076006F007200690073000000407368656C6C33322E646C6C2C2D313236393300160036003100000000009E3F677D10004C69656E7300220003000400EFBE9E3F617D2140E045140000004C00690065006E00730000001400000060000000030000A0580000000000000065702D32666536323666666632643300E2DDFC9F1CD0C6429F7D62797AF653F0F12CAE58FD32E111A7DB0016EC70B86CE2DDFC9F1CD0C6429F7D62797AF653F0F12CAE58FD32E111A7DB0016EC70B86C00000000
"ITBarLayout"=0x110000004C00000000000000340000001F000100760000000100000020070000A00F00000500000062050000260000000200000021070000A00F00000400000021010000A00F0000030000002003000000000000060000002105000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000EF44FA216D37534D9B0F8A89D32290680000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"=0xEF44FA216D37534D9B0F8A89D3229068
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] | {438755C2-A8BA-11D1-B96B-00A0C90312E1} -> Pré-chargeur Browseui
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] | {8C7461EF-2B13-11d2-BE35-3078302C2030} -> Démon de cache des catégories de composant
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"=Feuille de propriétés du fichier multimédia
"{176d6597-26d3-11d1-b350-080036a75b03}"=Gestion de scanneur ICM
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"=Page de sécurité NTFS
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"=Page des propriétés de OLE DocFile
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"=Extensions de l'environnement pour le partage
"{41E300E0-78B6-11ce-849B-444553540000}"=PlusPack CPL Extension
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"=Extension Affichage Carte du Panneau de configuration
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"=Extension Affichage Écran du Panneau de configuration
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"=Extension Affichage Panorama du Panneau de configuration
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"=Page de sécurité DS
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"=Page de compatibilité
"{56117100-C0CD-101B-81E2-00AA004AE837}"=Gestionnaire de données endommagées de l'environnement
"{59099400-57FF-11CE-BD94-0020AF85B590}"=Extension copie de disquette
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"=Extensions de l'environnement pour les objets réseau de Microsoft Windows
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"=Gestion d'écran ICM
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"=Gestion d'imprimante ICM
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"=Extensions de l'environnement de compression de fichiers
"{77597368-7b15-11d0-a0c2-080036af3f03}"=Extension de l'environnement d'imprimante Web
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"=Disk Quota UI
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"=Menu contextuel de cryptage
"{85BBD920-42A0-1069-A2E4-08002B30309D}"=Porte-documents
"{88895560-9AA2-1069-930E-00AA0030EBC8}"=Extension icône HyperTerminal
"{BD84B380-8CA2-1069-AB1D-08000948F534}"=Fonts
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"=Profil ICC
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"=Page de sécurité des imprimantes
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"=Extensions de l'environnement pour le partage
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"=Display TroubleShoot CPL Extension
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"=Extension de cryptographie PKO
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"=Extension de cryptographie Sign
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"=Connexions réseau
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"=Connexions réseau
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"=&Scanneurs et appareils photo
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"=&Scanneurs et appareils photo
"{905667aa-acd6-11d2-8080-00805f6596d2}"=&Scanneurs et appareils photo
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"=&Scanneurs et appareils photo
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"=&Scanneurs et appareils photo
"{F0152790-D56E-4445-850E-4F3117DB740C}"=Remote Sessions CPL Extension
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"=Extensions de l'interpréteur de commandes pour l'environnement d'exécution de scripts Windows
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"=Liaison de données Microsoft
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"=Tasks Folder Icon Handler
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"=Tasks Folder Shell Extension
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"=Tâches planifiées
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"=Set Program Access and Defaults
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"=Auto Update Property Sheet Extension
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"=Barre des tâches et menu Démarrer
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"=Rechercher
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"=Aide et support
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"=Aide et support
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"=Exécuter...
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"=Internet
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"=Courrier électronique
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"=Polices
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"=Outils d'administration
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"=Page de propriétés des versions précédentes
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"=Versions précédentes
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"=Audio Media Properties Handler
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"=Video Media Properties Handler
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"=Wav Properties Handler
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"=Avi Properties Handler
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"=Midi Properties Handler
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"=Video Thumbnail Extractor
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"=Barre d'outils Internet Microsoft
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"=État du téléchargement
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"=Dossier Bureau étendu
"{6413BA2C-B461-11d1-A18A-080036B11A03}"=Dossier du shell augmenté
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"=BandProxy
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"=Bande du navigateur Microsoft
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"=Bande de recherche
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"=Volet intégré de recherche
"{07798131-AF23-11d1-9111-00A0C98BA67D}"=Recherche Web
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"=Utilitaire des options de l'arborescence du Registre
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"=&Adresse
"{A08C11D2-A228-11d0-825B-00AA005B4383}"=Boîte d'entrée de l'adresse
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"=Saisie semi-automatique Microsoft
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"=TridentImageExtractor
"{6756A641-DE71-11d0-831B-00AA005B4383}"=Liste de saisie semi-automatique MRU
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"=Liste de saisie semi-automatique personnalisée MRU
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"=Accessible
"{acf35015-526e-4230-9596-becbe19f0ac9}"=Barre de progrès auto-ouvrante
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"=Liste de saisie semi-automatique de l'historique Microsoft
"{03C036F1-A186-11D0-824A-00AA005B4383}"=Liste de saisie semi-automatique du dossier Shell Microsoft
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"=Conteneur de la liste de saisie semi-automatique multiple Microsoft
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"=Menu Site de bandes
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"=Shell DeskBarApp
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"=Barre du Bureau
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"=Shell Rebar BandSite
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"=Assistance utilisateur
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"=Paramètres du dossier global
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"=Favorites Band
"{0A89A860-D7B1-11CE-8350-444553540000}"=Shell Automation Inproc Service
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"=Shell DocObject Viewer
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"=Microsoft Browser Architecture
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"=InternetShortcut
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"=Microsoft Url History Service
"{FF393560-C2A7-11CF-BFF4-444553540000}"=Historique
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"=Temporary Internet Files
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"=Temporary Internet Files
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=Microsoft Url Search Hook
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"=Image de démarrage de la Suite IE4
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"=CDF Extension Copy Hook
"{131A6951-7F78-11D0-A979-00C04FD705A2}"=ISFBand OC
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"=Search Assistant OC
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"=Internet
"{871C5380-42A0-1069-A2EA-08002B30309D}"=Internet Name Space
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"=Explorer Band
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"=Sendmail service
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"=Sendmail service
"{88C6C381-2E85-11D0-94DE-444553540000}"=Dossier ActiveX Cache
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"=WebCheck
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"=Subscription Mgr
"{F5175861-2688-11d0-9C5E-00AA00A45957}"=Dossier Inscription
"{08165EA0-E946-11CF-9C87-00AA005127ED}"=WebCheckWebCrawler
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"=WebCheckChannelAgent
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"=TrayAgent
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"=Code Download Agent
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"=ConnectionAgent
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"=PostAgent
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"=WebCheck SyncMgr Handler
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"=Gestionnaire d'applications d'environnement
"{0B124F8F-91F0-11D1-B8B5-006008059382}"=Énumérateur d'applications installées
"{CFCCC7A0-A282-11D1-9082-006008059382}"=Publication d'application Darwin
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"=Shell Image Verbs
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"=Shell Image Data Factory
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"=Autoplay for SlideShow
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"=Extracteur de miniatures de fichier + GDI
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"=Gestionnaire de miniatures - Informations de résumé (DOCFILES)
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"=Extracteur de miniatures HTML
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"=Shell Image Property Handler
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"=Assistant Publication de sites Web
"{add36aa8-751a-4579-a266-d66f5202ccbb}"=Commande d'impressions via le Web
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"=Objet Assistant de publication Shell
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"=Assistant Obtenir une identité Passport
"{7A9D77BD-5403-11d2-8785-2E0420524153}"=Comptes d'utilisateurs
"{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}"=Dossier compressé
"{BD472F60-27FA-11cf-B8B4-444553540000}"=Compressed (zipped) Folder Right Drag Handler
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"=Compressed (zipped) Folder SendTo Target
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"=Fichier de chaîne
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"=Raccourci de chaîne
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"=Channel Handler Object
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"=Channel Menu
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"=Channel Properties
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"=Extensions Manager Folder
"{63da6ec0-2e98-11cf-8d82-444553540000}"=FTP Folders Webview
"{883373C3-BF89-11D1-BE35-080036B11A03}"=Microsoft DocProp Shell Ext
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"=Microsoft DocProp Inplace Edit Box Control
"{8EE97210-FD1F-4B19-91DA-67914005F020}"=Microsoft DocProp Inplace ML Edit Box Control
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"=Microsoft DocProp Inplace Droplist Combo Control
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"=Microsoft DocProp Inplace Calendar Control
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"=Microsoft DocProp Inplace Time Control
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"=Directory Query UI
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"=Shell properties for a DS object
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"=Directory Object Find
"{F020E586-5264-11d1-A532-0000F8757D7E}"=Directory Start/Search Find
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"=Directory Property UI
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"=Directory Context Menu Verbs
"{ECF03A33-103D-11d2-854D-006008059367}"=MyDocs Copy Hook
"{ECF03A32-103D-11d2-854D-006008059367}"=MyDocs Drop Target
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"=MyDocs Properties
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"=Offline Files Menu
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"=Offline Files Folder Options
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"=Dossier Fichiers hors connexion
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"=Microsoft Agent Character Property Sheet Handler
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"=DfsShell
"{60fd46de-f830-4894-a628-6fa81bc0190d}"=%DESC_PublishDropTarget%
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"=MMC Icon Handler
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=.CAB file viewer
"{32714800-2E5F-11d0-8B85-00AA0044F941}"=Des &personnes...
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"=Windows Media Player Play as Playlist Context Menu Handler
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"=Windows Media Player Burn Audio CD Context Menu Handler
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"=Windows Media Player Add to Playlist Context Menu Handler
"{21569614-B795-46b1-85F4-E737A8DC09AD}"=Shell Search Band
"{0563DB41-F538-4B37-A92D-4659049B7766}"=WLMD Message Handler
"{06A2568A-CED6-4187-BB20-400B8C02BE5A}"=
"{00F33137-EE26-412F-8D71-F84E4C2C6625}"=
"{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}"=Windows Live Photo Gallery Autoplay Drop Target
"{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}"=Windows Live Photo Gallery Viewer Drop Target
"{00F374B7-B390-4884-B372-2FC349F2172B}"=Windows Live Photo Gallery Editor Drop Target
"{00F346CB-35A4-465B-8B8F-65A29DBAB1F6}"=Windows Live Photo Gallery Viewer Drop Target Shim
"{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D}"=Windows Live Photo Gallery Editor Drop Target Shim
"{00F30F90-3E96-453B-AFCD-D71989ECC2C7}"=Windows Live Photo Gallery Autoplay Drop Target Shim
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"=ShellLink for Application References
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"=Shell Icon Handler for Application References
"{1530F7EE-5128-43BD-9977-84A4B0FAD7DF}"=PhotoToys
¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InstallShield_{DE99FBD3-463D-475E-B19E-9E557AA77E57}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB893803v2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB898461]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB923561]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB950762]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB951376-v2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB951748]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB955069]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB956802]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB956803]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB956844]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB958470]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB958869]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB959426]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB969059]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB971032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB971468]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB971657]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB972270]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973507]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973540_WM9L]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973815]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973869]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB974112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB974392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB974571]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB975561]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB977816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB978037]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB978542]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB978601]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB979309]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB979482]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB980195]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB981350]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB982381]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Microsoft .NET Framework 2.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Opera 11.60.1185]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VIA/S3G UniChrome Family Win2K/XP/Server2003 Display]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WIC]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WinLiveSuite_Wave3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1CB92574-96F2-467B-B793-5CEB35C40C29}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{205C6BDD-7B73-42DE-8505-9A093F35A238}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{76810709-A7D3-468D-9167-A1780C1E766C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{846AC73B-9394-48B9-B941-8F7F472F0047}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D7C5B9DC-6E4C-4DEE-9A7B-4183DA4DC1C2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB08F381-6533-4108-B7DD-039E11FBC27E}]
¤¤¤¤¤¤¤¤¤¤ | BHO
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] | (IDMIEHlprObj Class) -> D:\Internet Download Manager\IDMIECC.dll [26/05/2010|13:57:43]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] | (AVG Safe Search) -> C:\Program Files\AVG\AVG2012\avgssie.dll
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] | (Windows Live Family Safety Browser Helper Class) -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [28/04/2010|07:44:02]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] | () ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] | (Search Helper) -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [14/01/2009|17:49:24]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] | (Programme d'aide de l'Assistant de connexion Windows Live) -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [22/01/2009|15:41:30]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] | (Windows Live Toolbar Helper) -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [16/04/2010|19:55:34]
¤¤¤¤¤¤¤¤¤¤ | ActiveX
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] | -> 2,0,0,0
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] | -> 6,0,2900,2180
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] | -> 2,0,0,0
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] | -> 9,0,0,3250
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | -> 9,0,0,3250
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] | -> 1,1,1,7
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] | -> 6,0,2900,2180
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] | -> 4,4,0,3400
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] | -> 9,0,0,3250
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] | -> 4,7,0,3000
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] | -> 9,0,0,3250
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] | -> 6,0,2600,0000
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] | -> 6,0,2900,2180
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] | -> 6,0,2900,2180
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] | ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | WMPACCESS -> Microsoft Windows Media Player
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] | IEACCESS -> Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] | BRANDING.CAB -> Personnalisation du navigateur
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] | OEACCESS -> Outlook Express
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}] | MSVML -> Rendu VML (Vector Graphics Rendering)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] | NetShow ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | Microsoft Windows Media Player -> Lecteur Windows Media Microsoft 6.4
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}] | DirectAnimation -> DirectAnimation
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] | Theme Component -> Themes Setup
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}] | TridataJava -> Liaison de données Dynamic HTML pour Java
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] | MobilePk -> Logiciel de navigation hors connexion
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}] | USP10 -> Uniscribe
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}] | AdvAuth -> Création avancée
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] | MailNews -> Microsoft Outlook Express 6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] | NetMeeting -> NetMeeting 3.01
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] | activemovie -> DirectShow
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] | DirectDrawEx -> DirectDrawEx
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] | HelpCont -> Aide sur Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}] | DAJava -> Classes Java DirectAnimation
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] | MSVBScript -> Microsoft Windows Script 5.6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] | Messenger -> Windows Messenger 4.7
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}] | ICW ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] | GenSetup -> Outils d'installation Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] | ExtraPack -> Améliorations pour la navigation
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] | Microsoft Windows Media Player -> Microsoft Windows Media Player
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] | MSN_Auth -> Accès au site MSN
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}] | .NETFramework -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] | WAB -> Carnet d'adresses 6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] | IE4Shell_NT -> Mise à jour du Bureau Windows
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] | BASEIE40_W2K -> Internet Explorer 6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] | DOTNETFRAMEWORKS ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] | Tridata -> Liaison de données Dynamic HTML
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}] | ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] | Fontcore -> Polices de base Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}] | MSTASK -> Planificateur de tâches
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}] | Windows Movie Maker v2.1 ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}] | Flash -> Macromedia Shockwave Flash
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] | HTMLHelp -> Aide HTML
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] | ADSI -> Active Directory Service Interface
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}] | ->
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}] | ->
¤¤¤¤¤¤¤¤¤¤ | AppPaths
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\bckgzm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe [30/12/2011|16:21:13]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\bluesoleil.exe] -> D:\BlueSoleil\bluesoleil.exe [06/06/2007|15:50:42]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chkrzm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe [30/12/2011|16:21:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe] -> C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [30/12/2011|19:19:35]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe] -> C:\WINDOWS\system32\cmmgr32.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe] -> C:\Documents and Settings\Bel\Mes documents\Downloads\Programs\ComboFix.exe [13/01/2012|22:42:16]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\CONF.EXE] -> C:\Program Files\NetMeeting\conf.exe [30/12/2011|16:22:31]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\dialer.exe] -> C:\Program Files\Windows NT\dialer.exe [30/12/2011|16:20:32]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\fsquirt.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HELPCTR.EXE] -> %Systemroot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\hrtzzm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe [30/12/2011|16:21:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\hypertrm.exe] -> "C:\Program Files\Windows NT\hypertrm.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ICWCONN1.EXE] -> "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN1.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ICWCONN2.EXE] -> "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN2.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE] -> C:\Program Files\Internet Explorer\iexplore.exe [30/12/2011|16:22:17]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\INETWIZ.EXE] -> "C:\Program Files\Internet Explorer\Connection Wizard\INETWIZ.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\install.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ISIGNUP.EXE] -> "C:\Program Files\Internet Explorer\Connection Wizard\ISIGNUP.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mbam.exe] -> D:\Malwarebytes' Anti-Malware\mbam.exe [10/01/2012|17:38:34]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\migwiz.exe] -> %SystemRoot%\system32\usmt\migwiz.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\moviemk.exe] -> C:\Program Files\Movie Maker\moviemk.exe [30/12/2011|16:22:43]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mplayer2.exe] -> "C:\Program Files\Windows Media Player\mplayer2.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSCONFIG.EXE] -> %systemroot%\pchealth\helpctr\Binaries\MSCONFIG.EXE
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msimn.exe] -> %ProgramFiles%\Outlook Express\msimn.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msinfo32.exe] -> C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\MSInfo32.exe [30/12/2011|16:23:00]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSMSGS.EXE] -> C:\Program Files\Messenger\msmsgs.exe [30/12/2011|16:21:15]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSNMSGR.EXE] -> C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [16/04/2010|22:12:52]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pbrush.exe] -> %SystemRoot%\system32\mspaint.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pinball.exe] -> C:\Program Files\Windows NT\Pinball\pinball.exe [30/12/2011|16:20:33]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\recuva.exe] -> C:\Program Files\Recuva\recuva.exe [01/12/2011|13:34:46]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\rvsezm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\rvsezm.exe [30/12/2011|16:21:13]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\setup.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\shvlzm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe [30/12/2011|16:21:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\siw.exe] -> C:\Program Files\SIW\siw.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\table30.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wab.exe] -> %ProgramFiles%\Outlook Express\wab.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wabmig.exe] -> %ProgramFiles%\Outlook Express\wabmig.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\winnt32.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe] -> D:\WinRar\WinRAR.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wlmail.exe] -> C:\Program Files\Windows Live\Mail\wlmail.exe [16/04/2010|22:12:54]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wmplayer.exe] -> C:\Program Files\Windows Media Player\wmplayer.exe [30/12/2011|16:22:49]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WORDPAD.EXE] -> "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WRITE.EXE] -> "%ProgramFiles%\Windows NT\Accessoires\WORDPAD.EXE"
¤¤¤¤¤¤¤¤¤¤ | HKCR\Applications
[HKCR\Applications\chrome.exe\Shell\open\command] | -> "C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -- "%1"
[HKCR\Applications\iexplore.exe\Shell\open\command] | -> "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKCR\Applications\notepad.exe\Shell\open\command] | -> %SystemRoot%\system32\NOTEPAD.EXE %1
[HKCR\Applications\Opera.exe\Shell\open\command] | -> "C:\Program Files\Opera\Opera.exe" "%1"
[HKCR\Applications\photofiltre.exe\Shell\open\command] | -> "D:\PhotoFiltre\photofiltre.exe" "%1"
[HKCR\Applications\shimgvw.dll\Shell\open\command] | -> rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_Fullscreen %1
[HKCR\Applications\vlc.exe\Shell\open\command] | -> "E:\VLC\vlc.exe" "%1"
[HKCR\Applications\WinRAR.exe\Shell\open\command] | -> "D:\Program Files\WinRAR\WinRAR.exe" "%1"
[HKCR\Applications\WLXPhotoGallery.exe\Shell\open\command] | -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1"
[HKCR\Applications\WLXPhotoViewer.dll\Shell\open\command] | -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1"
[HKCR\Applications\wmplayer.exe\Shell\open\command] | -> C:\Program Files\Windows Media Player\wmplayer.exe /Open "%L"
[HKCR\Applications\wordpad.exe\Shell\open\command] | -> "%ProgramFiles%\Windows NT\Accessoires\WORDPAD.EXE" "%1"
¤¤¤¤¤¤¤¤¤¤ | Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
¤¤¤¤¤¤¤¤¤¤ | Winlogon
¤
[HKLM | Winlogon] | Shell : Explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1 -> 0
[HKLM | Winlogon] | userinit : userinit.exe, -> C:\WINDOWS\system32\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 0 -> 1
[HKLM | Winlogon] | System :
[HKLM | Winlogon] | VMApplet : rundll32 shell32,Control_RunDLL "sysdm.cpl"
¤¤¤¤¤¤¤¤¤¤ | Winlogon\Notify
¤¤¤¤¤¤¤¤¤¤ | Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : ComFile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : rundll32.exe shdocvw.dll,OpenURL %l -> "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1 -> rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : %SystemRoot%\Explorer.exe /idlist,%I,%L -> C:\WINDOWS\explorer.exe
¤
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Chrome | Command] | @ : "C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\Chrome.exe"
[Opera | Command] | @ : "C:\Program Files\Opera\Opera.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ | Corrections diverses
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 1 -> 0
[HKLM | Advanced\Folder\Hidden\SHOWALL] | CheckedValue : 1
[HKCU | Desktop] | Wallpaper : -> C:\Documents and Settings\Bel\Application Data\Microsoft\Wallpaper1.bmp
[HKCU | policies\Explorer] | NoDriveTypeAutoRun : 323 -> 145
[HKLM | policies\Explorer] | NoDriveTypeAutoRun : 323 -> 145
[HKU\.DEFAULT | policies\Explorer] | NoDriveTypeAutoRun : 323 -> 145
Supprimé : [HKLM | policies\system] | DisableRegistryTools -> 0
¤¤¤¤¤¤¤¤¤¤ | Services
[RPCSS] | Start : 2 : Actif
[srService] | Start : 2 : Actif
[Ndisuio] | Start : 3 : Actif
[PlugPlay] | Start : 2 : Actif
[Parvdm] | Start : 2 : Actif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[ERSvc] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[SharedAccess] | Start : 4 -> 2 : Inactif
[wuauserv] | Start : 2 : Actif
[wscsvc] | Start : 4 -> 2 : Inactif
[wzcsvc] | Start : 2 : Actif
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
[HKCU | Main] | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> https://www.google.com/?gws_rd=ssl
[HKCU | Main] | Local Page : C:\WINDOWS\system32\blank.htm
[HKCU | Main] | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.021 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤
~ Mis à jour le 20/01/2012 | 01.00 par g3n-h@ckm@n
~ Informations Evolution : https://gen-hackman.kanak.fr/
~ Informations sur les switchs Pre_Script : https://gen-hackman.kanak.fr/
~ Remontées rogues : https://gen-hackman.kanak.fr/#504
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Utilisateur : Bel (Administrateurs) | SID = S-1-5-21-1644491937-2052111302-1801674531-1003
~ Ordinateur : EP-2FE626FFF2D3
~ Système d'exploitation : Microsoft Windows XP (32 bits) Service Pack 2
~ Enregistré sous : Personnel
~ Enregistré sous : eP
~ Processeur : Intel(R) Celeron(R) CPU 2.13GHz
~ Identification : x86 Family 15 Model 4 Stepping 9
Internet Explorer : 6.0.2900.2180
~ Navigateur Opéra présent
Google Chrome : 16.0.912.75
Pare-feu windows : Inactif
Windows Defender : Inactif
a:\ -> [Removable] | []
c:\ -> [Fixed] | [] | Total : 12000 Mo | Free : 6130 Mo -> NTFS
d:\ -> [Fixed] | [] | Total : 12000 Mo | Free : 3790 Mo -> NTFS
e:\ -> [Fixed] | [] | Total : 10000 Mo | Free : 760 Mo -> NTFS
f:\ -> [Fixed] | [] | Total : 5260 Mo | Free : 720 Mo -> NTFS
g:\ -> [CDROM] | []
Scan : 18:04:31 | 20/01/2012
[HKLM | Auto Update\Results\Install] | LastSuccessTime -> 2011-12-31 08:28:31
¤¤¤¤¤¤¤¤¤¤ | Sessions
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-1003 : ProfileImagePath -> %SystemDrive%\Documents and Settings\Bel
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-1003 : RefCount -> 1
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-1003 : State -> 256
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-500 : ProfileImagePath -> %SystemDrive%\Documents and Settings\Administrateur
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-500 : RefCount -> 1
~ [HKLM | ProfileList] | S-1-5-21-1644491937-2052111302-1801674531-500 : State -> 260
¤¤¤¤¤¤¤¤¤¤ | Contrôle MD5
[MD5.F1EFB65D5F737F7B559104D7A14631A4] -- [20/01/2012 | 18:04:31] -- C:\Kill'em\MBR.bin
[MD5.2A7BD330924252A2FD80344FC949BB72] -- [19/08/2004 | 15:09:54] -- C:\windows\explorer.exe
[MD5.2A7BD330924252A2FD80344FC949BB72] -- [13/01/2012 | 23:04:39] -- C:\windows\ERDNT\cache\explorer.exe
[MD5.2A7BD330924252A2FD80344FC949BB72] -- [19/08/2004 | 15:09:54] -- C:\windows\system32\dllcache\explorer.exe
[MD5.84717891F0734C611721F56C60B5FBC3] -- [19/08/2004 | 15:10:04] -- C:\WINDOWS\System32\Userinit.exe
[MD5.123EEA158F74D0F67A51DCDF065D1091] -- [19/08/2004 | 15:10:06] -- C:\WINDOWS\System32\Winlogon.exe
[MD5.CDD7140C0EAA754C527B983CCC9993CD] -- [19/08/2004 | 15:10:04] -- C:\WINDOWS\System32\rundll32.exe
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] -- [03/08/2004 | 21:59:44] -- C:\WINDOWS\System32\Drivers\Atapi.sys
[MD5.AF9C19B3100FE010496B1A27181FBF72] -- [03/08/2004 | 21:59:54] -- C:\WINDOWS\system32\drivers\Cdrom.sys
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] -- [19/08/2004 | 14:59:14] -- C:\WINDOWS\System32\Drivers\Volsnap.sys
¤¤¤¤¤¤¤¤¤¤ | Processus en cours
Demarrage : Normal
740 | C:\WINDOWS\System32\smss.exe - SYSTEM - Normal - \SystemRoot\System32\smss.exe - 4
812 | C:\WINDOWS\system32\csrss.exe - SYSTEM - Normal - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 740
836 | C:\WINDOWS\system32\winlogon.exe - SYSTEM - High - winlogon.exe - 740
880 | C:\WINDOWS\system32\services.exe - SYSTEM - Normal - C:\WINDOWS\system32\services.exe - 836
892 | C:\WINDOWS\system32\lsass.exe - SYSTEM - Normal - C:\WINDOWS\system32\lsass.exe - 836
1048 | C:\WINDOWS\system32\svchost.exe - SYSTEM - Normal - C:\WINDOWS\system32\svchost.exe -k DcomLaunch - 880
1108 | C:\WINDOWS\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\WINDOWS\system32\svchost.exe -k rpcss - 880
1256 | C:\WINDOWS\System32\svchost.exe - SYSTEM - Normal - C:\WINDOWS\System32\svchost.exe -k netsvcs - 880
1304 | C:\WINDOWS\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\WINDOWS\system32\svchost.exe -k NetworkService - 880
1348 | C:\WINDOWS\system32\svchost.exe - SERVICE LOCAL - Normal - C:\WINDOWS\system32\svchost.exe -k LocalService - 880
244 | D:\Internet Download Manager\IDMan.exe - Bel - Normal - "D:\Internet Download Manager\IDMan.exe" /onboot - 1708
2924 | D:\Internet Download Manager\IEMonitor.exe - Bel - Normal - "D:\Internet Download Manager\IEMonitor.exe" - 244
12564 | C:\WINDOWS\system32\svchost.exe - SYSTEM - Normal - C:\WINDOWS\system32\svchost.exe -k imgsvc - 880
13416 | C:\WINDOWS\System32\svchost.exe - SYSTEM - Normal - C:\WINDOWS\System32\svchost.exe -k HTTPFilter - 880
21300 | C:\Documents and Settings\Bel\Mes documents\Downloads\Programs\Pre_scan.exe - Bel - High - "C:\Documents and Settings\Bel\Mes documents\Downloads\Programs\Pre_scan.exe" - 244
16320 | C:\Program Files\Windows Live\Family Safety\fsssvc.exe - SYSTEM - Normal - "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" - 880
31672 | C:\WINDOWS\system32\cmd.exe - Bel - Normal - cmd /c ""C:\Kill'em\Pv.bat" " - 21300
2792 | C:\Kill'em\Pv.exe - Bel - Normal - C:\Kill'em\pv.exe -o"%i | %f - %u - %p - %l - %r" - 31672
¤¤¤¤¤¤¤¤¤¤ | Démarrage principaux avant suppression
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=SOUNDMAN.EXE
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
"VTTimer"=VTTimer.exe
"VTTrayp"=VTtrayp.exe
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-21-1644491937-2052111302-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=D:\Internet Download Manager\IDMan.exe /onboot
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [19/08/2004|15:09:52]
[HKEY_USERS\S-1-5-21-1644491937-2052111302-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-21-1644491937-2052111302-1801674531-1003_Classes\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-21-1644491937-2052111302-1801674531-1003_Classes\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
¤¤¤¤¤¤¤¤¤¤ | Autres Démarrages Silencieux
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Fichiers hors connexion] | @ -> {750fdf0e-2a26-11d1-a3ea-080036587f03}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Open With] | @ -> {09799AFB-AD67-11d1-ABCD-00C04FC30936}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu] | @ -> {A470F8CF-A1E8-4f65-8335-227475AA5C46}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\ShellExtension] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}] | @ -> Épingle du menu Démarrer
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\PropertySheetHandlers\CryptoSignMenu] | @ -> {7444C719-39BF-11D1-8CD9-00C04FC29D45}
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\PropertySheetHandlers\{1F2E5C40-9550-11CE-99D2-00AA006E086C}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\PropertySheetHandlers\{3EA48300-8CF6-101B-84FB-666CCB9BCD32}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}] | @ -> Summary Properties Page
[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt] | @ -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\Send To] | @ -> {7BA4C740-9E81-11CF-99D3-00AA004AE837}
[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu] | @ -> {A470F8CF-A1E8-4f65-8335-227475AA5C46}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\Fichiers hors connexion] | @ -> {750fdf0e-2a26-11d1-a3ea-080036587f03}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing] | @ -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\ShellExtension] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\CopyHookHandlers\CDF] | @ -> {67EA19A0-CCEF-11d0-8024-00C04FD75D13}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\CopyHookHandlers\FileSystem] | @ -> {217FC9C0-3AEA-1069-A2DB-08002B30309D}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\CopyHookHandlers\MyDocuments] | @ -> {ECF03A33-103D-11d2-854D-006008059367}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing] | @ -> {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\DragDropHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing] | @ -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\{1F2E5C40-9550-11CE-99D2-00AA006E086C}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\New] | @ -> {D969A300-E7FF-11d0-A93B-00A0C90F2719}
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\MBAMShlExt] | @ -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\DragDropHandlers\WinRAR] | @ -> {B41DB860-8EE4-11D2-9906-E49FADC173CA}
[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\DragDropHandlers\{BD472F60-27FA-11cf-B8B4-444553540000}] | @ ->
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSCDBurningOnArrival] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17169
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSLivePhotoAcqHWEventHandler] | @ -> @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-11
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSLivePhotoAcquireDropHandler] | @ -> @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-11
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSLiveShowPicturesOnArrival] | @ -> @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-12
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSLiveVideoCameraArrivalCaptureWizard] | @ -> @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-13
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSOpenFolder] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17154
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPlayCDAudioOnArrival] | @ -> @wmploc.dll,-6503
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPlayDVDMovieOnArrival] | @ -> @wmploc.dll,-6504
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPlayMediaOnArrival] | @ -> @wmploc.dll,-1800
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPrintPicturesOnArrival] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17158
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPromptEachTime] | @ -> Prompt each time
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSPromptEachTimeNoContent] | @ -> Prompt each time - No Content
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSRipCDAudioOnArrival] | @ -> @wmploc.dll,-6506
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSShowPicturesOnArrival] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17156
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSTakeNoAction] | @ -> @%SystemRoot%\system32\SHELL32.dll,-17168
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSVideoCameraArrival] | @ -> @C:\Program Files\Movie Maker\wmm2res.dll,-63095
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSWiaEventHandler] | @ -> @%systemroot%\System32\wiaacmgr.exe,-276
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSWMDMHandler] | @ -> Transfer Files
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\MSWMPBurnCDOnArrival] | @ -> @wmploc.dll,-6505
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders] | SecurityProviders -> msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager] | BootExecute -> autocheck autochk *
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
¤
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] | {AEB6717E-7E19-11d0-97EE-00C04FD91972} ->
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"=0x00
¤
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{01E04581-4EEE-11D0-BFE9-00AA005B4383}"=0x8145E001EE4ED011BFE900AA005B4383100000000000000001E032F401000000
"{0E5CBF21-D15F-11D0-8301-00AA005B4383}"=0x21BF5C0E5FD1D011830100AA005B438322001C000800000006000000010000000000000000000000000000004C0000000114020000000000C0000000000000468100000010000000D45A3AB609C7CC010E81CD3284C8CC010E0FA5BC09C7CC01000000000000000001000000000000000000000000000000410114001F50E04FD020EA3A6910A2D808002B30309D19002F433A5C000000000000000000000000000000000000005C003100000000009E3F547D1000444F43554D457E310000440003000400EFBE9E3FCE81214013661400000044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073000000180030003100000000009F3F0594100042656C001E0003000400EFBE9E3F547D2140136614000000420065006C000000120050003100000000009E3F667D11004661766F726973003A0003000400EFBE9E3F557D21401366140024004600610076006F007200690073000000407368656C6C33322E646C6C2C2D313236393300160036003100000000009E3F677D10004C69656E7300220003000400EFBE9E3F617D2140E045140000004C00690065006E00730000001400000060000000030000A0580000000000000065702D32666536323666666632643300E2DDFC9F1CD0C6429F7D62797AF653F0F12CAE58FD32E111A7DB0016EC70B86CE2DDFC9F1CD0C6429F7D62797AF653F0F12CAE58FD32E111A7DB0016EC70B86C00000000
"ITBarLayout"=0x110000004C00000000000000340000001F000100760000000100000020070000A00F00000500000062050000260000000200000021070000A00F00000400000021010000A00F0000030000002003000000000000060000002105000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000EF44FA216D37534D9B0F8A89D32290680000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"=0xEF44FA216D37534D9B0F8A89D3229068
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] | {438755C2-A8BA-11D1-B96B-00A0C90312E1} -> Pré-chargeur Browseui
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] | {8C7461EF-2B13-11d2-BE35-3078302C2030} -> Démon de cache des catégories de composant
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"=Feuille de propriétés du fichier multimédia
"{176d6597-26d3-11d1-b350-080036a75b03}"=Gestion de scanneur ICM
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"=Page de sécurité NTFS
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"=Page des propriétés de OLE DocFile
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"=Extensions de l'environnement pour le partage
"{41E300E0-78B6-11ce-849B-444553540000}"=PlusPack CPL Extension
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"=Extension Affichage Carte du Panneau de configuration
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"=Extension Affichage Écran du Panneau de configuration
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"=Extension Affichage Panorama du Panneau de configuration
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"=Page de sécurité DS
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"=Page de compatibilité
"{56117100-C0CD-101B-81E2-00AA004AE837}"=Gestionnaire de données endommagées de l'environnement
"{59099400-57FF-11CE-BD94-0020AF85B590}"=Extension copie de disquette
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"=Extensions de l'environnement pour les objets réseau de Microsoft Windows
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"=Gestion d'écran ICM
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"=Gestion d'imprimante ICM
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"=Extensions de l'environnement de compression de fichiers
"{77597368-7b15-11d0-a0c2-080036af3f03}"=Extension de l'environnement d'imprimante Web
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"=Disk Quota UI
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"=Menu contextuel de cryptage
"{85BBD920-42A0-1069-A2E4-08002B30309D}"=Porte-documents
"{88895560-9AA2-1069-930E-00AA0030EBC8}"=Extension icône HyperTerminal
"{BD84B380-8CA2-1069-AB1D-08000948F534}"=Fonts
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"=Profil ICC
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"=Page de sécurité des imprimantes
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"=Extensions de l'environnement pour le partage
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"=Display TroubleShoot CPL Extension
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"=Extension de cryptographie PKO
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"=Extension de cryptographie Sign
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"=Connexions réseau
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"=Connexions réseau
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"=&Scanneurs et appareils photo
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"=&Scanneurs et appareils photo
"{905667aa-acd6-11d2-8080-00805f6596d2}"=&Scanneurs et appareils photo
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"=&Scanneurs et appareils photo
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"=&Scanneurs et appareils photo
"{F0152790-D56E-4445-850E-4F3117DB740C}"=Remote Sessions CPL Extension
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"=Extensions de l'interpréteur de commandes pour l'environnement d'exécution de scripts Windows
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"=Liaison de données Microsoft
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"=Tasks Folder Icon Handler
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"=Tasks Folder Shell Extension
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"=Tâches planifiées
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"=Set Program Access and Defaults
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"=Auto Update Property Sheet Extension
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"=Barre des tâches et menu Démarrer
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"=Rechercher
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"=Aide et support
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"=Aide et support
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"=Exécuter...
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"=Internet
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"=Courrier électronique
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"=Polices
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"=Outils d'administration
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"=Page de propriétés des versions précédentes
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"=Versions précédentes
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"=Audio Media Properties Handler
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"=Video Media Properties Handler
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"=Wav Properties Handler
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"=Avi Properties Handler
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"=Midi Properties Handler
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"=Video Thumbnail Extractor
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"=Barre d'outils Internet Microsoft
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"=État du téléchargement
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"=Dossier Bureau étendu
"{6413BA2C-B461-11d1-A18A-080036B11A03}"=Dossier du shell augmenté
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"=BandProxy
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"=Bande du navigateur Microsoft
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"=Bande de recherche
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"=Volet intégré de recherche
"{07798131-AF23-11d1-9111-00A0C98BA67D}"=Recherche Web
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"=Utilitaire des options de l'arborescence du Registre
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"=&Adresse
"{A08C11D2-A228-11d0-825B-00AA005B4383}"=Boîte d'entrée de l'adresse
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"=Saisie semi-automatique Microsoft
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"=TridentImageExtractor
"{6756A641-DE71-11d0-831B-00AA005B4383}"=Liste de saisie semi-automatique MRU
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"=Liste de saisie semi-automatique personnalisée MRU
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"=Accessible
"{acf35015-526e-4230-9596-becbe19f0ac9}"=Barre de progrès auto-ouvrante
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"=Liste de saisie semi-automatique de l'historique Microsoft
"{03C036F1-A186-11D0-824A-00AA005B4383}"=Liste de saisie semi-automatique du dossier Shell Microsoft
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"=Conteneur de la liste de saisie semi-automatique multiple Microsoft
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"=Menu Site de bandes
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"=Shell DeskBarApp
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"=Barre du Bureau
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"=Shell Rebar BandSite
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"=Assistance utilisateur
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"=Paramètres du dossier global
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"=Favorites Band
"{0A89A860-D7B1-11CE-8350-444553540000}"=Shell Automation Inproc Service
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"=Shell DocObject Viewer
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"=Microsoft Browser Architecture
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"=InternetShortcut
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"=Microsoft Url History Service
"{FF393560-C2A7-11CF-BFF4-444553540000}"=Historique
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"=Temporary Internet Files
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"=Temporary Internet Files
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=Microsoft Url Search Hook
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"=Image de démarrage de la Suite IE4
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"=CDF Extension Copy Hook
"{131A6951-7F78-11D0-A979-00C04FD705A2}"=ISFBand OC
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"=Search Assistant OC
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"=Internet
"{871C5380-42A0-1069-A2EA-08002B30309D}"=Internet Name Space
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"=Explorer Band
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"=Sendmail service
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"=Sendmail service
"{88C6C381-2E85-11D0-94DE-444553540000}"=Dossier ActiveX Cache
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"=WebCheck
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"=Subscription Mgr
"{F5175861-2688-11d0-9C5E-00AA00A45957}"=Dossier Inscription
"{08165EA0-E946-11CF-9C87-00AA005127ED}"=WebCheckWebCrawler
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"=WebCheckChannelAgent
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"=TrayAgent
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"=Code Download Agent
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"=ConnectionAgent
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"=PostAgent
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"=WebCheck SyncMgr Handler
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"=Gestionnaire d'applications d'environnement
"{0B124F8F-91F0-11D1-B8B5-006008059382}"=Énumérateur d'applications installées
"{CFCCC7A0-A282-11D1-9082-006008059382}"=Publication d'application Darwin
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"=Shell Image Verbs
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"=Shell Image Data Factory
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"=Autoplay for SlideShow
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"=Extracteur de miniatures de fichier + GDI
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"=Gestionnaire de miniatures - Informations de résumé (DOCFILES)
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"=Extracteur de miniatures HTML
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"=Shell Image Property Handler
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"=Assistant Publication de sites Web
"{add36aa8-751a-4579-a266-d66f5202ccbb}"=Commande d'impressions via le Web
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"=Objet Assistant de publication Shell
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"=Assistant Obtenir une identité Passport
"{7A9D77BD-5403-11d2-8785-2E0420524153}"=Comptes d'utilisateurs
"{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}"=Dossier compressé
"{BD472F60-27FA-11cf-B8B4-444553540000}"=Compressed (zipped) Folder Right Drag Handler
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"=Compressed (zipped) Folder SendTo Target
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"=Fichier de chaîne
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"=Raccourci de chaîne
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"=Channel Handler Object
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"=Channel Menu
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"=Channel Properties
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"=Extensions Manager Folder
"{63da6ec0-2e98-11cf-8d82-444553540000}"=FTP Folders Webview
"{883373C3-BF89-11D1-BE35-080036B11A03}"=Microsoft DocProp Shell Ext
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"=Microsoft DocProp Inplace Edit Box Control
"{8EE97210-FD1F-4B19-91DA-67914005F020}"=Microsoft DocProp Inplace ML Edit Box Control
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"=Microsoft DocProp Inplace Droplist Combo Control
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"=Microsoft DocProp Inplace Calendar Control
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"=Microsoft DocProp Inplace Time Control
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"=Directory Query UI
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"=Shell properties for a DS object
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"=Directory Object Find
"{F020E586-5264-11d1-A532-0000F8757D7E}"=Directory Start/Search Find
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"=Directory Property UI
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"=Directory Context Menu Verbs
"{ECF03A33-103D-11d2-854D-006008059367}"=MyDocs Copy Hook
"{ECF03A32-103D-11d2-854D-006008059367}"=MyDocs Drop Target
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"=MyDocs Properties
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"=Offline Files Menu
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"=Offline Files Folder Options
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"=Dossier Fichiers hors connexion
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"=Microsoft Agent Character Property Sheet Handler
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"=DfsShell
"{60fd46de-f830-4894-a628-6fa81bc0190d}"=%DESC_PublishDropTarget%
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"=MMC Icon Handler
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=.CAB file viewer
"{32714800-2E5F-11d0-8B85-00AA0044F941}"=Des &personnes...
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"=Windows Media Player Play as Playlist Context Menu Handler
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"=Windows Media Player Burn Audio CD Context Menu Handler
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"=Windows Media Player Add to Playlist Context Menu Handler
"{21569614-B795-46b1-85F4-E737A8DC09AD}"=Shell Search Band
"{0563DB41-F538-4B37-A92D-4659049B7766}"=WLMD Message Handler
"{06A2568A-CED6-4187-BB20-400B8C02BE5A}"=
"{00F33137-EE26-412F-8D71-F84E4C2C6625}"=
"{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}"=Windows Live Photo Gallery Autoplay Drop Target
"{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}"=Windows Live Photo Gallery Viewer Drop Target
"{00F374B7-B390-4884-B372-2FC349F2172B}"=Windows Live Photo Gallery Editor Drop Target
"{00F346CB-35A4-465B-8B8F-65A29DBAB1F6}"=Windows Live Photo Gallery Viewer Drop Target Shim
"{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D}"=Windows Live Photo Gallery Editor Drop Target Shim
"{00F30F90-3E96-453B-AFCD-D71989ECC2C7}"=Windows Live Photo Gallery Autoplay Drop Target Shim
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"=ShellLink for Application References
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"=Shell Icon Handler for Application References
"{1530F7EE-5128-43BD-9977-84A4B0FAD7DF}"=PhotoToys
¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InstallShield_{DE99FBD3-463D-475E-B19E-9E557AA77E57}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB893803v2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB898461]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB923561]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB950762]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB951376-v2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB951748]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB955069]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB956802]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB956803]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB956844]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB958470]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB958869]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB959426]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB969059]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB971032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB971468]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB971657]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB972270]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973507]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973540_WM9L]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973815]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973869]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB973904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB974112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB974392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB974571]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB975561]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB977816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB978037]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB978542]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB978601]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB979309]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB979482]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB980195]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB981350]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB982381]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Microsoft .NET Framework 2.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Opera 11.60.1185]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VIA/S3G UniChrome Family Win2K/XP/Server2003 Display]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WIC]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WinLiveSuite_Wave3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1CB92574-96F2-467B-B793-5CEB35C40C29}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{205C6BDD-7B73-42DE-8505-9A093F35A238}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{76810709-A7D3-468D-9167-A1780C1E766C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{846AC73B-9394-48B9-B941-8F7F472F0047}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D7C5B9DC-6E4C-4DEE-9A7B-4183DA4DC1C2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB08F381-6533-4108-B7DD-039E11FBC27E}]
¤¤¤¤¤¤¤¤¤¤ | BHO
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] | (IDMIEHlprObj Class) -> D:\Internet Download Manager\IDMIECC.dll [26/05/2010|13:57:43]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] | (AVG Safe Search) -> C:\Program Files\AVG\AVG2012\avgssie.dll
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] | (Windows Live Family Safety Browser Helper Class) -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [28/04/2010|07:44:02]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] | () ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] | (Search Helper) -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [14/01/2009|17:49:24]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] | (Programme d'aide de l'Assistant de connexion Windows Live) -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [22/01/2009|15:41:30]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] | (Windows Live Toolbar Helper) -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [16/04/2010|19:55:34]
¤¤¤¤¤¤¤¤¤¤ | ActiveX
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] | -> 2,0,0,0
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] | -> 6,0,2900,2180
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] | -> 2,0,0,0
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] | -> 9,0,0,3250
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | -> 9,0,0,3250
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] | -> 1,1,1,7
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] | -> 6,0,2900,2180
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] | -> 4,4,0,3400
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] | -> 9,0,0,3250
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] | -> 4,7,0,3000
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] | -> 9,0,0,3250
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] | -> 6,0,2600,0000
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] | -> 6,0,2900,2180
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] | -> 6,0,2900,2180
[HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] | ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | WMPACCESS -> Microsoft Windows Media Player
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] | IEACCESS -> Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] | BRANDING.CAB -> Personnalisation du navigateur
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] | OEACCESS -> Outlook Express
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}] | MSVML -> Rendu VML (Vector Graphics Rendering)
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] | NetShow ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | Microsoft Windows Media Player -> Lecteur Windows Media Microsoft 6.4
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}] | DirectAnimation -> DirectAnimation
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] | Theme Component -> Themes Setup
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}] | TridataJava -> Liaison de données Dynamic HTML pour Java
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] | MobilePk -> Logiciel de navigation hors connexion
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}] | USP10 -> Uniscribe
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}] | AdvAuth -> Création avancée
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] | MailNews -> Microsoft Outlook Express 6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] | NetMeeting -> NetMeeting 3.01
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] | activemovie -> DirectShow
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] | DirectDrawEx -> DirectDrawEx
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] | HelpCont -> Aide sur Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}] | DAJava -> Classes Java DirectAnimation
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] | MSVBScript -> Microsoft Windows Script 5.6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] | Messenger -> Windows Messenger 4.7
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}] | ICW ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] | GenSetup -> Outils d'installation Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] | ExtraPack -> Améliorations pour la navigation
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] | Microsoft Windows Media Player -> Microsoft Windows Media Player
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] | MSN_Auth -> Accès au site MSN
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}] | .NETFramework -> .NET Framework
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] | WAB -> Carnet d'adresses 6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] | IE4Shell_NT -> Mise à jour du Bureau Windows
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] | BASEIE40_W2K -> Internet Explorer 6
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] | DOTNETFRAMEWORKS ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] | Tridata -> Liaison de données Dynamic HTML
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}] | ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] | Fontcore -> Polices de base Internet Explorer
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}] | MSTASK -> Planificateur de tâches
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}] | Windows Movie Maker v2.1 ->
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}] | Flash -> Macromedia Shockwave Flash
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] | HTMLHelp -> Aide HTML
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] | ADSI -> Active Directory Service Interface
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}] | ->
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}] | ->
¤¤¤¤¤¤¤¤¤¤ | AppPaths
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\bckgzm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe [30/12/2011|16:21:13]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\bluesoleil.exe] -> D:\BlueSoleil\bluesoleil.exe [06/06/2007|15:50:42]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chkrzm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe [30/12/2011|16:21:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe] -> C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [30/12/2011|19:19:35]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe] -> C:\WINDOWS\system32\cmmgr32.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe] -> C:\Documents and Settings\Bel\Mes documents\Downloads\Programs\ComboFix.exe [13/01/2012|22:42:16]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\CONF.EXE] -> C:\Program Files\NetMeeting\conf.exe [30/12/2011|16:22:31]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\dialer.exe] -> C:\Program Files\Windows NT\dialer.exe [30/12/2011|16:20:32]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\fsquirt.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HELPCTR.EXE] -> %Systemroot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\hrtzzm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe [30/12/2011|16:21:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\hypertrm.exe] -> "C:\Program Files\Windows NT\hypertrm.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ICWCONN1.EXE] -> "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN1.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ICWCONN2.EXE] -> "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN2.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE] -> C:\Program Files\Internet Explorer\iexplore.exe [30/12/2011|16:22:17]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\INETWIZ.EXE] -> "C:\Program Files\Internet Explorer\Connection Wizard\INETWIZ.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\install.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ISIGNUP.EXE] -> "C:\Program Files\Internet Explorer\Connection Wizard\ISIGNUP.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mbam.exe] -> D:\Malwarebytes' Anti-Malware\mbam.exe [10/01/2012|17:38:34]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\migwiz.exe] -> %SystemRoot%\system32\usmt\migwiz.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\moviemk.exe] -> C:\Program Files\Movie Maker\moviemk.exe [30/12/2011|16:22:43]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mplayer2.exe] -> "C:\Program Files\Windows Media Player\mplayer2.exe"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSCONFIG.EXE] -> %systemroot%\pchealth\helpctr\Binaries\MSCONFIG.EXE
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msimn.exe] -> %ProgramFiles%\Outlook Express\msimn.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msinfo32.exe] -> C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\MSInfo32.exe [30/12/2011|16:23:00]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSMSGS.EXE] -> C:\Program Files\Messenger\msmsgs.exe [30/12/2011|16:21:15]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSNMSGR.EXE] -> C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [16/04/2010|22:12:52]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pbrush.exe] -> %SystemRoot%\system32\mspaint.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pinball.exe] -> C:\Program Files\Windows NT\Pinball\pinball.exe [30/12/2011|16:20:33]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\recuva.exe] -> C:\Program Files\Recuva\recuva.exe [01/12/2011|13:34:46]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\rvsezm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\rvsezm.exe [30/12/2011|16:21:13]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\setup.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\shvlzm.exe] -> C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe [30/12/2011|16:21:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\siw.exe] -> C:\Program Files\SIW\siw.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\table30.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wab.exe] -> %ProgramFiles%\Outlook Express\wab.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wabmig.exe] -> %ProgramFiles%\Outlook Express\wabmig.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\winnt32.exe] ->
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe] -> D:\WinRar\WinRAR.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wlmail.exe] -> C:\Program Files\Windows Live\Mail\wlmail.exe [16/04/2010|22:12:54]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wmplayer.exe] -> C:\Program Files\Windows Media Player\wmplayer.exe [30/12/2011|16:22:49]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WORDPAD.EXE] -> "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WRITE.EXE] -> "%ProgramFiles%\Windows NT\Accessoires\WORDPAD.EXE"
¤¤¤¤¤¤¤¤¤¤ | HKCR\Applications
[HKCR\Applications\chrome.exe\Shell\open\command] | -> "C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -- "%1"
[HKCR\Applications\iexplore.exe\Shell\open\command] | -> "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKCR\Applications\notepad.exe\Shell\open\command] | -> %SystemRoot%\system32\NOTEPAD.EXE %1
[HKCR\Applications\Opera.exe\Shell\open\command] | -> "C:\Program Files\Opera\Opera.exe" "%1"
[HKCR\Applications\photofiltre.exe\Shell\open\command] | -> "D:\PhotoFiltre\photofiltre.exe" "%1"
[HKCR\Applications\shimgvw.dll\Shell\open\command] | -> rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_Fullscreen %1
[HKCR\Applications\vlc.exe\Shell\open\command] | -> "E:\VLC\vlc.exe" "%1"
[HKCR\Applications\WinRAR.exe\Shell\open\command] | -> "D:\Program Files\WinRAR\WinRAR.exe" "%1"
[HKCR\Applications\WLXPhotoGallery.exe\Shell\open\command] | -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1"
[HKCR\Applications\WLXPhotoViewer.dll\Shell\open\command] | -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1"
[HKCR\Applications\wmplayer.exe\Shell\open\command] | -> C:\Program Files\Windows Media Player\wmplayer.exe /Open "%L"
[HKCR\Applications\wordpad.exe\Shell\open\command] | -> "%ProgramFiles%\Windows NT\Accessoires\WORDPAD.EXE" "%1"
¤¤¤¤¤¤¤¤¤¤ | Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
¤¤¤¤¤¤¤¤¤¤ | Winlogon
¤
[HKLM | Winlogon] | Shell : Explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1 -> 0
[HKLM | Winlogon] | userinit : userinit.exe, -> C:\WINDOWS\system32\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 0 -> 1
[HKLM | Winlogon] | System :
[HKLM | Winlogon] | VMApplet : rundll32 shell32,Control_RunDLL "sysdm.cpl"
¤¤¤¤¤¤¤¤¤¤ | Winlogon\Notify
¤¤¤¤¤¤¤¤¤¤ | Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : ComFile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : rundll32.exe shdocvw.dll,OpenURL %l -> "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1 -> rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : %SystemRoot%\Explorer.exe /idlist,%I,%L -> C:\WINDOWS\explorer.exe
¤
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Chrome | Command] | @ : "C:\Documents and Settings\Bel\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\Chrome.exe"
[Opera | Command] | @ : "C:\Program Files\Opera\Opera.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ | Corrections diverses
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 1 -> 0
[HKLM | Advanced\Folder\Hidden\SHOWALL] | CheckedValue : 1
[HKCU | Desktop] | Wallpaper : -> C:\Documents and Settings\Bel\Application Data\Microsoft\Wallpaper1.bmp
[HKCU | policies\Explorer] | NoDriveTypeAutoRun : 323 -> 145
[HKLM | policies\Explorer] | NoDriveTypeAutoRun : 323 -> 145
[HKU\.DEFAULT | policies\Explorer] | NoDriveTypeAutoRun : 323 -> 145
Supprimé : [HKLM | policies\system] | DisableRegistryTools -> 0
¤¤¤¤¤¤¤¤¤¤ | Services
[RPCSS] | Start : 2 : Actif
[srService] | Start : 2 : Actif
[Ndisuio] | Start : 3 : Actif
[PlugPlay] | Start : 2 : Actif
[Parvdm] | Start : 2 : Actif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[ERSvc] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[SharedAccess] | Start : 4 -> 2 : Inactif
[wuauserv] | Start : 2 : Actif
[wscsvc] | Start : 4 -> 2 : Inactif
[wzcsvc] | Start : 2 : Actif
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
[HKCU | Main] | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> https://www.google.com/?gws_rd=ssl
[HKCU | Main] | Local Page : C:\WINDOWS\system32\blank.htm
[HKCU | Main] | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Utilisateur anonyme
21 janv. 2012 à 18:18
21 janv. 2012 à 18:18
bonjour,
Je ne sais plus quoi faire pour terminer ce problème qui persiste. Dr.web s'installe, mais je voudrais bien savoir pourquoi il ne s'ouvre pas !
je pense que tu n'as pas encore conciance que le pc est gravement infecté et windows très endommagée !
relance MBAM, vide sa suarantaine.
refais une nouvelle mise à jour et lance un nouveau scan complet !
Je ne sais plus quoi faire pour terminer ce problème qui persiste. Dr.web s'installe, mais je voudrais bien savoir pourquoi il ne s'ouvre pas !
je pense que tu n'as pas encore conciance que le pc est gravement infecté et windows très endommagée !
relance MBAM, vide sa suarantaine.
refais une nouvelle mise à jour et lance un nouveau scan complet !
