infection détectée

envoyer
par mail

imprimer

Partager |

Auteur

le 01/06/2010 17h55

Bonjour à tous

Voici les rapports emis par panda

ANALYSIS: 2010-06-01 17:36:53
PROTECTIONS: 1
MALWARE: 6
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Kaspersky Anti-Virus 9.0.0.736 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No i:\documents and settings\m mme lavergne\cookies\m_mme_lavergne@atdmt[2].txt
00623824 trj/sinowal.wbv Virus/Trojan No 0 Yes No hkey_current_user\software\mc
05945990 W32/Lineage.LIE.worm Virus/Worm No 0 Yes No n:\system volume information\_restore{a21932bc-6dda-42a7-ace0-57b149ca8d0a}\rp202\a0009438.inf
06207580 W32/Lineage.KDB.worm Virus/Worm No 1 Yes No m:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp197\a0119807.inf
06207580 W32/Lineage.KDB.worm Virus/Worm No 1 Yes No m:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp196\a0119800.inf
06209908 W32/Autorun.JWE.worm Virus/Worm No 1 Yes No m:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp196\a0119787.inf
06243997 W32/Lineage.KDB Virus No 1 Yes No n:\wyskq6lt.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
No j:\recycler\s-1-5-21-1708537768-725345543-839522115-1003\dj1.exe
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description

Et le second

ANALYSIS: 2010-06-01 10:12:54
PROTECTIONS: 0
MALWARE: 5
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00040297 adware/blazefind Adware No 0 Yes No c:\documents and settings\sandrine\local settings\temp\installer.exe
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\sandrine\cookies\sandrine@atdmt[2].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No c:\documents and settings\sandrine\cookies\sandrine@statse.webtrendslive[2].txt
00172825 Joke/Stress Jokes No 0 Yes No c:\program files\mini jeux\anti stress.exe
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\18
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\21
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\24
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\25
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\26
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\28
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\29
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\30
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\31
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\33
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\35
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\36
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\37
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\40
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\41
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\42
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\43
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\44
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\45
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\46
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\47
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\48
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\49
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\51
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\52
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\1
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\54
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\55
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\56
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\58
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\59
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\60
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\61
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\63
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\65
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\66
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\67
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\70
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\71
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\72
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\73
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\74
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\75
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\76
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\77
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\78
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\79
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\81
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\82
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\83
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\84
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\90
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\91
03009106 W32/Xor-encoded.A Virus No 0 Yes No c:\documents and settings\sandrine\local settings\temp\housecall\log\cceb7be3-5c81-4810-b8a9-5736ca3f92ea\backup\53
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================
Quelqu'un peut-il me dire la manière de me débarasser de toutes ces infections
Mes 2 PC sont XP SP3

Merci d'avance

Auteur

le 01/06/2010 20h28

Pour le premier pc.
Pour le cookies pas de soucis par contre pour cela.

n:\system volume information\_restore{a21932bc-6dda-42a7-ace0-

Il s'agit de la restauration donc il suffit de la purger.

Maintenant on va mettre la restauration du système propre.

Cliquez avec le bouton droit sur l'icône Poste de travail, puis cliquez sur Propriétés
ou touche "Windows+Pause"
Cliquez sur l'onglet Restauration du système

Sélectionnez Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs.

Cliquez sur Appliquer puis OUI dans la fenêtre suivante.

Attendre quelques instants puis :

activer la restauration du système de nouveau.

Cliquez avec le bouton droit sur Poste de travail, puis cliquez sur Propriétés
ou touche "Windows+Pause"
Cliquez sur l'onglet Restauration du système

Désélectionnez Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs»

Maintenant on crée un nouveau point de restauration.

Démarrer—Exécuter—ou touche "Windows+R" et tapes:

%SystemRoot%\System32\restore\rstrui.exe

Puis coche " Créer un point de restauration" que tu nommes PC- Clean. Valide.

Vous pouvez maintenant fermer toutes les fenêtres.

Ensuite pour le deuxième.

Tout cela est dans les fichiers temporaires donc.

Rends toi ici.

c:\documents and settings\sandrine\local settings\temp\

vide ce dossier "temp"

A l'avenir effectue cette manip avec Ccleaner si tu veux.

Télécharge CCLEANER

TUTO

Fait un nettoyage comme cela :

**Décoche la case dans Options –avancé- Effacer uniquement les fichiers, du dossier temp de Windows : plus vieux que 24 Heures

Recocher cette case une fois le premier nettoyage effectué

1-Élimine les fichiers temporaires et les traces ( onglet nettoyeur )

que vous laissez en naviguant sur Internet ou bien en ouvrant simplement des fichiers avec n'importe quel logiciel sous Windows : le Lecteur Windows Media, Emule, Office, Nero, Adobe Reader, etc.

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 02/06/2010 06h41

Merci pour ta réponse. je vais faire toutes ces manips. Par contre, j'avais déjà purgé, la restauration avant le scan mais rien à faire. Je retente à nouveau et verrai s'ils finissent par être supprimés. A moins que tu aies une autre idée?

javascript:putsmilie(':bien:')

Auteur

le 02/06/2010 08h03

je continue mes tentatives de desinfections.
Voici le rapport créé par usb fix

############################## | UsbFix 7.003 |

Utilisateur: XXXXXXXXXXXXXX (Administrateur) # ACER-310 [ ]
Mis à jour le 01/06/10 par El Desaparecido & C_XX
Lancé à 07:51:29 | 02/06/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 7.0.5730.11

Pare-feu Windows: Activé
Antivirus: Kaspersky Anti-Virus 9.0.0.736 [Enabled | Updated]

RAM -> 1247 Mo
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ (%systemdrive%) -> Disque fixe # 20 Go (2 Go libre(s) - 10%) [Systeme] # NTFS
J:\ -> Disque fixe # 213 Go (201 Go libre(s) - 94%) [Stockage] # NTFS
K:\ -> CD-ROM
M:\ -> Disque fixe # 466 Go (134 Go libre(s) - 29%) [FILM500GO] # NTFS
N:\ -> Disque fixe # 297 Go (73 Go libre(s) - 25%) [FILM320] # NTFS

################## | Éléments infectieux |

Présent! K:\Autorun.inf
Présent! I:\Recycler\S-1-5-21-0043326662-2407546054-497314467-4254
Présent! I:\Recycler\S-1-5-21-0113902523-2102914037-090290676-1766
Présent! I:\Recycler\S-1-5-21-0156241473-4446151618-443358108-1792
Présent! I:\Recycler\S-1-5-21-0452671343-1078499193-139560663-1013
Présent! I:\Recycler\S-1-5-21-0641614257-9295539757-208908178-2661
Présent! I:\Recycler\S-1-5-21-1567743187-9950377182-978331771-1376
Présent! I:\Recycler\S-1-5-21-1708537768-725345543-839522115-1003
Présent! I:\Recycler\S-1-5-21-1764267032-0366958920-466182881-4625
Présent! I:\Recycler\S-1-5-21-1775169485-5127694540-057623823-7699
Présent! I:\Recycler\S-1-5-21-1834489752-1360396370-098380357-9458
Présent! I:\Recycler\S-1-5-21-1879602408-2952150484-831345797-2680
Présent! I:\Recycler\S-1-5-21-2269960528-6306065295-212451341-2747
Présent! I:\Recycler\S-1-5-21-2341545427-8687671625-379003505-7576
Présent! I:\Recycler\S-1-5-21-2456990658-6777498518-530355174-1546
Présent! I:\Recycler\S-1-5-21-2508737282-3374485672-808604718-5020
Présent! I:\Recycler\S-1-5-21-2517601826-9753317412-193638842-0339
Présent! I:\Recycler\S-1-5-21-2562100350-1601758168-487202772-5516
Présent! I:\Recycler\S-1-5-21-2757831501-7365652530-492949142-5092
Présent! I:\Recycler\S-1-5-21-2932358543-0716716048-392453405-9738
Présent! I:\Recycler\S-1-5-21-3145416732-0497065975-060716461-5412
Présent! I:\Recycler\S-1-5-21-3187209779-7396999701-088226373-3524
Présent! I:\Recycler\S-1-5-21-3196370681-2459098402-644235713-2509
Présent! I:\Recycler\S-1-5-21-3402809834-8030048580-304862606-0443
Présent! I:\Recycler\S-1-5-21-3517309482-4451606188-145212895-9853
Présent! I:\Recycler\S-1-5-21-3607339278-1714530590-068296246-0312
Présent! I:\Recycler\S-1-5-21-3607690269-4008078653-575986652-4878
Présent! I:\Recycler\S-1-5-21-3774642717-2904472993-697760426-6400
Présent! I:\Recycler\S-1-5-21-3827349936-1017127641-681211013-0313
Présent! I:\Recycler\S-1-5-21-3838858158-4255750752-894419743-9599
Présent! I:\Recycler\S-1-5-21-3875901917-4653728822-824208725-7097
Présent! I:\Recycler\S-1-5-21-4263060671-5204800144-874322024-3080
Présent! I:\Recycler\S-1-5-21-4426715866-2882054286-463325589-4820
Présent! I:\Recycler\S-1-5-21-4471918509-7794493879-706641356-3074
Présent! I:\Recycler\S-1-5-21-4584444123-4142806251-484450332-9270
Présent! I:\Recycler\S-1-5-21-4788703730-1949830990-165496732-0774
Présent! I:\Recycler\S-1-5-21-4888053546-5373278825-863861463-1975
Présent! I:\Recycler\S-1-5-21-4901293986-1796203953-388080286-9691
Présent! I:\Recycler\S-1-5-21-5055548835-1517300092-443717918-9927
Présent! I:\Recycler\S-1-5-21-5179158812-5045854028-744366872-5902
Présent! I:\Recycler\S-1-5-21-5298085330-2420652000-382432093-0775
Présent! I:\Recycler\S-1-5-21-5395267742-9011172512-932471687-9349
Présent! I:\Recycler\S-1-5-21-5421718364-0028826666-930040177-8577
Présent! I:\Recycler\S-1-5-21-5466355955-4602259523-747786267-0989
Présent! I:\Recycler\S-1-5-21-5931539842-3075680646-103690393-2742
Présent! I:\Recycler\S-1-5-21-6059667484-3795604241-180934119-4717
Présent! I:\Recycler\S-1-5-21-6077740659-8848724727-171068469-9276
Présent! I:\Recycler\S-1-5-21-6108280566-7670230584-737708263-2493
Présent! I:\Recycler\S-1-5-21-6257277069-4182004310-789100351-0173
Présent! I:\Recycler\S-1-5-21-6304162694-4380825916-402477512-8893
Présent! I:\Recycler\S-1-5-21-6340710948-5076515997-883476315-0458
Présent! I:\Recycler\S-1-5-21-6430230627-7667737121-258171712-2847
Présent! I:\Recycler\S-1-5-21-6511427229-0958976788-442469826-5555
Présent! I:\Recycler\S-1-5-21-6659206202-6578529518-295350299-9236
Présent! I:\Recycler\S-1-5-21-6692790100-6942250085-088709670-2954
Présent! I:\Recycler\S-1-5-21-6701935883-6225087325-917895184-9041
Présent! I:\Recycler\S-1-5-21-6736261850-2191807959-337518007-4013
Présent! I:\Recycler\S-1-5-21-6780612821-5876123494-244441029-5759
Présent! I:\Recycler\S-1-5-21-6856503016-9361540091-492588346-6446
Présent! I:\Recycler\S-1-5-21-7193316844-9522464772-244850922-5489
Présent! I:\Recycler\S-1-5-21-7280657263-5538223747-086755355-9092
Présent! I:\Recycler\S-1-5-21-7377498779-9481062560-371571228-3547
Présent! I:\Recycler\S-1-5-21-7423625301-6037702814-652327551-2489
Présent! I:\Recycler\S-1-5-21-7444010310-8936836724-544477749-5542
Présent! I:\Recycler\S-1-5-21-7601475271-5672061726-256473771-0865
Présent! I:\Recycler\S-1-5-21-7687190981-3600438838-507074797-1015
Présent! I:\Recycler\S-1-5-21-7785086328-3663505472-810778324-6356
Présent! I:\Recycler\S-1-5-21-7955092209-7792084287-448795262-5416
Présent! I:\Recycler\S-1-5-21-8003403866-9075441569-365759572-6805
Présent! I:\Recycler\S-1-5-21-8070624627-7946155554-146139420-1998
Présent! I:\Recycler\S-1-5-21-8197193013-3180679844-951853414-8992
Présent! I:\Recycler\S-1-5-21-8211856338-4146114501-335020138-3003
Présent! I:\Recycler\S-1-5-21-8216622533-8855914922-394599276-6571
Présent! I:\Recycler\S-1-5-21-8300566452-6106781169-237450883-7088
Présent! I:\Recycler\S-1-5-21-8460408787-5376849650-757052026-0966
Présent! I:\Recycler\S-1-5-21-8533928428-0972411885-195013906-1168
Présent! I:\Recycler\S-1-5-21-8642649586-6876317417-456929209-1501
Présent! I:\Recycler\S-1-5-21-8798890551-3028437290-763027807-1526
Présent! I:\Recycler\S-1-5-21-9104030630-6848174666-769246931-4477
Présent! I:\Recycler\S-1-5-21-9295325125-7319258029-874307668-9752
Présent! I:\Recycler\S-1-5-21-9374060349-4751498459-758908103-2007
Présent! I:\Recycler\S-1-5-21-9403128533-7664945175-174413284-2601
Présent! I:\Recycler\S-1-5-21-9541447337-7142691933-320356942-9900
Présent! J:\Recycler\S-1-5-21-1708537768-725345543-839522115-1003
Présent! M:\$Recycle.Bin\S-1-5-21-2699378068-4049936677-3354204619-1000
Présent! M:\Recycler\S-1-5-21-1708537768-725345543-839522115-1003
Présent! M:\Recycler\S-1-5-21-3237220562-3893096266-3431005691-1005
Présent! N:\Recycler\S-1-5-21-1708537768-725345543-839522115-1003
Présent! N:\Recycler\S-1-5-21-3237220562-3893096266-3431005691-1005
Présent! N:\wyskq6lt.exe

################## | Registre |

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{08bef15e-baef-11de-a748-000b6b991426}
Shell\AutoRun\Command = I:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\m.exe /s

HKCU\.\.\.\.\Explorer\MountPoints2\{2a644e19-93a0-11dd-a5de-000b6b991426}
Shell\AutoRun\Command = K:\path\wauclt.exe
Shell\OpEn\Command = K:\path\wauclt.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{4372740c-07eb-11df-a796-000b6b991426}
Shell\AutoRun\Command = K:\ysyjq1bs.exe
Shell\open\Command = K:\ysyjq1bs.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{437b2ecd-f854-11de-a787-000b6b991426}
Shell\AutoRun\Command = R:\vb0hsoay.exe
Shell\open\Command = R:\vb0hsoay.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{9200b153-bed0-11de-a751-000b6b991426}
Shell\AutoRun\Command = K:\LaunchU3.exe -a

HKCU\.\.\.\.\Explorer\MountPoints2\{b0723df1-075f-11df-a793-000b6b991426}
Shell\AutoRun\Command = L:\qkm.exe
Shell\open\Command = L:\qkm.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b65e8ad4-baf7-11de-a749-000b6b991426}
Shell\AutoRun\Command = K:\ysyjq1bs.exe
Shell\open\Command = K:\ysyjq1bs.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b65e8ad5-baf7-11de-a749-000b6b991426}
Shell\AutoRun\Command = M:\ysyjq1bs.exe
Shell\open\Command = M:\ysyjq1bs.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c3e94b44-7916-11de-a6ec-000b6b991426}
Shell\AutoRun\Command = K:\LaunchU3.exe -a

HKCU\.\.\.\.\Explorer\MountPoints2\{d0c91f24-54de-11df-a7e7-000b6b991426}
Shell\AutoRun\Command = M:\path\wauclt.exe
Shell\OpEn\Command = M:\path\wauclt.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d0c91f25-54de-11df-a7e7-000b6b991426}
Shell\AutoRun\Command = K:\path\wauclt.exe
Shell\OpEn\Command = K:\path\wauclt.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d0c91f28-54de-11df-a7e7-000b6b991426}
Shell\AutoRun\Command = "K:\WD SmartWare.exe" autoplay=true

HKCU\.\.\.\.\Explorer\MountPoints2\{d0c91f29-54de-11df-a7e7-000b6b991426}
Shell\AutoRun\Command = M:\path\wauclt.exe
Shell\OpEn\Command = M:\path\wauclt.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e29dd364-c07d-11dc-a57e-000b6b991426}
Shell\AutoRun\Command = L:\mh.exe
Shell\open\Command = L:\mh.exe

################## | Vaccin |

I:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
J:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
M:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
N:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

################## | E.O.F |

je dois nettoyer encore mais comment?

Merci pour vos réponses

Auteur

le 02/06/2010 20h56

Relance USBFIX puis cette fois choisi l'option 2 puis mets le nouveau rapport.

Ensuite ceci.

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
vstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

:salut:

-------
Bonne visite sur: http://tuto-b.comli.com/

Message édité par bernard53 le 02/06/2010 21:46:54

Auteur

le 03/06/2010 12h40

Auteur

le 03/06/2010 13h15

OTL logfile created on: 03/06/2010 12:41:16 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = I:\Documents and Settings\\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): I:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 19,53 Gb Total Space | 0,17 Gb Free Space | 0,86% Space Free | Partition Type: NTFS
Drive J: | 213,35 Gb Total Space | 201,00 Gb Free Space | 94,21% Space Free | Partition Type: NTFS
Drive K: | 465,76 Gb Total Space | 140,46 Gb Free Space | 30,16% Space Free | Partition Type: NTFS
Drive M: | 446,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive N: | 297,44 Gb Total Space | 73,02 Gb Free Space | 24,55% Space Free | Partition Type: NTFS

Computer Name: ACER-310
Current User Name: M
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - I:\Documents and Settings\M Mme \Bureau\OTL.exe (OldTimer Tools)
PRC - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
PRC - I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - I:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - I:\Documents and Settings\M Mme \Bureau\OTL.exe (OldTimer Tools)
MOD - I:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (SPAMfighter Update Service) -- File not found
SRV - (FLEXnet Licensing Service) -- I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AVP) -- I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
SRV - (WDDMService) -- I:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (WDSmartWareBackgroundService) -- I:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
SRV - (SeaPort) -- I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (odserv) -- I:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (LVPrcSrv) -- I:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- I:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (CTDevice_Srv) -- I:\Program Files\Creative\Shared Files\CTDevSrv.exe (Creative Technology Ltd)
SRV - (WinDefend) -- I:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (ose) -- I:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (Pml Driver HPZ12) -- I:\WINDOWS\system32\HPZipm12.exe (HP)

========== Driver Services (SafeList) ==========

DRV - (KLIF) -- I:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (klbg) -- I:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- I:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klim5) -- I:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (kl1) -- I:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (pavboot) -- I:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (WDC_SAM) -- I:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (sptd) -- I:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (LVRS) -- I:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- I:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- I:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- I:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (USB_RNDIS) -- I:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- I:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (PCANDIS5) -- I:\WINDOWS\system32\PCANDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Aspi32) -- I:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (LVUSBSta) -- I:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PRISM_A02) -- I:\WINDOWS\system32\drivers\PRISMA02.sys (Conexant Systems, Inc.)
DRV - (SiSkp) -- I:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)
DRV - (SiS315) -- I:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)
DRV - (BrScnUsb) -- I:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) -- I:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (HSFHWBS2) -- I:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- I:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- I:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- I:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- I:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (SISAGP) -- I:\WINDOWS\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)
DRV - (SiSide) -- I:\WINDOWS\system32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)
DRV - (sisidex) -- I:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider)
DRV - (sisperf) -- I:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: I:\Program Files\Mozilla Firefox\components [2010/04/06 23:51:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: I:\Program Files\Mozilla Firefox\plugins [2010/05/06 23:21:18 | 000,000,000 | ---D | M]

[2009/10/17 17:28:27 | 000,000,000 | ---D | M] -- I:\Documents and Settings\M Mme LAVERGNE\Application Data\Mozilla\Extensions
[2010/06/03 12:01:04 | 000,000,000 | ---D | M] -- I:\Documents and Settings\M Mme LAVERGNE\Application Data\Mozilla\Firefox\Profiles\3gc9jz55.default\extensions
[2010/03/31 08:28:51 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- I:\Documents and Settings\M Mme LAVERGNE\Application Data\Mozilla\Firefox\Profiles\3gc9jz55.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/05/30 03:23:08 | 000,000,000 | ---D | M] (SearchPreview) -- I:\Documents and Settings\M Mme \Application Data\Mozilla\Firefox\Profiles\3gc9jz55.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009/12/22 16:16:33 | 000,002,650 | ---- | M] () -- I:\Documents and Settings\M Mme \Application Data\Mozilla\Firefox\Profiles\3gc9jz55.default\searchplugins\bing.xml
[2010/06/03 12:01:04 | 000,000,000 | ---D | M] -- I:\Program Files\Mozilla Firefox\extensions
[2010/05/06 23:21:19 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/30 17:53:17 | 000,000,000 | ---D | M] -- I:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/16 03:10:07 | 000,001,516 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/16 03:10:07 | 000,001,822 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/16 03:10:07 | 000,000,757 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/16 03:10:07 | 000,001,426 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/03/25 08:53:11 | 000,000,956 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/05/29 21:01:10 | 000,305,945 | ---- | M]) - I:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10532 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - I:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - i:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] I:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] I:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] I:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BrMfcWnd] I:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] I:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] I:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogitechCommunicationsManager] I:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [PaperPort PTD] I:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] I:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SiSPower] I:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SSBkgdUpdate] I:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] I:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] I:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LDM] I:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [TSC] I:\Documents and Settings\M Mme LAVERGNE\Local Settings\Temp\HouseCall\TSC.exe (Trend Micro Inc.)
O4 - Startup: I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WDDMStatus.lnk = I:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WDSmartWare.lnk = I:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8 - Extra context menu item: Ajouter à un fichier PDF existant - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir au format Adobe PDF - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - I:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15031/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (Reg Error: Key error.)
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} http://www.facebook.com/controls/contactx.dll (ContactExtractor Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/m(...) (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/play(...) (Virtools WebPlayer Class)
O16 - DPF: {D6ED542B-6339-11D2-91A8-00A0C9B760DB} http://cabs.rte.fr/RteAllCabsMFC.cab (RteDocumatDoc Control)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15034/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bw+0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw+0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0 {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0s {db147923-78d2-44ac-93a1-32a1fd415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - I:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - I:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - I:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {DB147923-78D2-44AC-93A1-32A1FD415141} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - I:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (I:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - I:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - I:\WINDOWS\system32\klogon.dll - I:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: I:\Documents and Settings\M Mme \Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: I:\Documents and Settings\M Mme \Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - I:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/03 12:33:45 | 000,000,000 | RHSD | M] - I:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/06/03 12:33:45 | 000,000,000 | RHSD | M] - J:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/06/03 12:33:45 | 000,000,000 | RHSD | M] - K:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 23:12:18 | 000,000,088 | R--- | M] () - M:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010/06/03 12:33:45 | 000,000,000 | RHSD | M] - N:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - I:\WINDOWS\system32\ias [2007/01/05 22:40:11 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/06/03 12:33:45 | 000,000,000 | RHSD | C] -- I:\Autorun.inf
[2010/06/03 12:18:09 | 000,571,904 | ---- | C] (OldTimer Tools) -- I:\Documents and Settings\M Mme \Bureau\OTL.exe
[2010/06/02 08:09:05 | 000,000,000 | ---D | C] -- I:\Program Files\Windows Defender
[2010/06/02 07:41:52 | 000,000,000 | ---D | C] -- I:\UsbFix
[2010/05/31 18:24:05 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- I:\WINDOWS\System32\drivers\pavboot.sys
[2010/05/30 20:39:11 | 000,000,000 | ---D | C] -- I:\Documents and Settings\M Mme \Application Data\Malwarebytes
[2010/05/30 20:38:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- I:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/30 20:38:51 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/30 20:38:46 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- I:\WINDOWS\System32\drivers\mbam.sys
[2010/05/30 20:38:46 | 000,000,000 | ---D | C] -- I:\Program Files\Malwarebytes' Anti-Malware
[2010/05/30 17:51:10 | 000,000,000 | ---D | C] -- I:\Program Files\Kaspersky Lab
[2010/05/30 17:51:10 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2010/05/30 17:50:52 | 000,315,408 | ---- | C] (Kaspersky Lab) -- I:\WINDOWS\System32\drivers\klif.sys
[2010/05/30 17:29:57 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2010/05/30 12:20:57 | 000,000,000 | ---D | C] -- I:\Program Files\ESET
[2010/05/30 12:05:55 | 000,000,000 | ---D | C] -- I:\Program Files\Panda Security
[2010/05/30 03:44:02 | 000,095,024 | ---- | C] (Sunbelt Software) -- I:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/29 21:07:48 | 000,221,568 | ---- | C] (Microsoft Corporation) -- I:\WINDOWS\System32\MpSigStub.exe
[2010/05/28 17:22:01 | 000,000,000 | RH-D | C] -- I:\Documents and Settings\M Mme \Recent
[2010/05/06 23:21:18 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- I:\WINDOWS\System32\deployJava1.dll
[2010/05/06 23:21:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- I:\WINDOWS\System32\javaws.exe
[2010/05/06 23:21:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- I:\WINDOWS\System32\javaw.exe
[2010/05/06 23:21:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- I:\WINDOWS\System32\java.exe
[5 I:\WINDOWS\*.tmp files -> I:\WINDOWS\*.tmp -> ]
[3 I:\WINDOWS\System32\*.tmp files -> I:\WINDOWS\System32\*.tmp -> ]
[1 I:\*.tmp files -> I:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/03 12:45:00 | 000,000,420 | -H-- | M] () -- I:\WINDOWS\tasks\User_Feed_Synchronization-{6EF595C6-6867-476C-AAF8-032C2C15B267}.job
[2010/06/03 12:43:03 | 000,000,272 | ---- | M] () -- I:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[2010/06/03 12:34:03 | 000,189,449 | ---- | M] () -- I:\UsbFix_Upload_Me_ACER-310.zip
[2010/06/03 12:18:14 | 000,571,904 | ---- | M] (OldTimer Tools) -- I:\Documents and Settings\M Mme \Bureau\OTL.exe
[2010/06/03 05:50:50 | 000,000,330 | -H-- | M] () -- I:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/06/02 09:47:43 | 000,002,206 | ---- | M] () -- I:\WINDOWS\System32\wpa.dbl
[2010/06/02 09:45:47 | 000,000,006 | -H-- | M] () -- I:\WINDOWS\tasks\SA.DAT
[2010/06/02 09:45:42 | 000,002,048 | --S- | M] () -- I:\WINDOWS\bootstat.dat
[2010/06/02 03:44:00 | 000,000,492 | ---- | M] () -- I:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/06/01 20:01:02 | 000,012,753 | ---- | M] () -- I:\Documents and Settings\M Mme \Bureau\La biche est la femelle du.docx
[2010/06/01 19:48:41 | 000,038,875 | ---- | M] () -- I:\Documents and Settings\M Mme \Bureau\bilan.doc
[2010/06/01 19:40:35 | 000,000,369 | ---- | M] () -- I:\WINDOWS\SoftWriting.ini
[2010/06/01 19:37:51 | 000,000,101 | ---- | M] () -- I:\WINDOWS\BUZZTWLC.INI
[2010/06/01 18:46:11 | 000,031,483 | ---- | M] () -- I:\Documents and Settings\M Mme \Bureau\fonctions des mots.docx
[2010/06/01 08:43:13 | 013,680,640 | ---- | M] () -- I:\Documents and Settings\M Mme \ntuser.dat
[2010/06/01 08:43:13 | 000,000,284 | -HS- | M] () -- I:\Documents and Settings\M Mme \ntuser.ini
[2010/05/30 18:04:50 | 000,315,408 | ---- | M] (Kaspersky Lab) -- I:\WINDOWS\System32\drivers\klif.sys
[2010/05/30 18:04:48 | 000,113,933 | ---- | M] () -- I:\WINDOWS\System32\drivers\klin.dat
[2010/05/30 18:04:48 | 000,097,549 | ---- | M] () -- I:\WINDOWS\System32\drivers\klick.dat
[2010/05/30 17:44:57 | 000,003,072 | ---- | M] () -- I:\WINDOWS\System32\CONFIG.NT
[2010/05/30 15:27:28 | 000,000,036 | ---- | M] () -- I:\Documents and Settings\M Mme LAVERGNE\Local Settings\Application Data\housecall.guid.cache
[2010/05/30 03:43:56 | 000,095,024 | ---- | M] (Sunbelt Software) -- I:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/29 20:00:00 | 000,000,422 | ---- | M] () -- I:\WINDOWS\tasks\Registry Winner Schedule.job
[2010/05/29 16:05:02 | 000,000,284 | ---- | M] () -- I:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/05/21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\System32\MpSigStub.exe
[2010/05/15 19:55:26 | 001,575,382 | -H-- | M] () -- I:\Documents and Settings\M Mme LAVERGNE\Local Settings\Application Data\IconCache.db
[2010/05/13 09:26:14 | 001,028,132 | ---- | M] () -- I:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/13 09:26:14 | 000,499,592 | ---- | M] () -- I:\WINDOWS\System32\perfh00C.dat
[2010/05/13 09:26:14 | 000,409,160 | ---- | M] () -- I:\WINDOWS\System32\perfh009.dat
[2010/05/13 09:26:14 | 000,086,934 | ---- | M] () -- I:\WINDOWS\System32\perfc00C.dat
[2010/05/13 09:26:14 | 000,064,552 | ---- | M] () -- I:\WINDOWS\System32\perfc009.dat
[5 I:\WINDOWS\*.tmp files -> I:\WINDOWS\*.tmp -> ]
[3 I:\WINDOWS\System32\*.tmp files -> I:\WINDOWS\System32\*.tmp -> ]
[1 I:\*.tmp files -> I:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/02 15:04:33 | 000,189,449 | ---- | C] () -- I:\UsbFix_Upload_Me_ACER-310.zip
[2010/06/02 08:12:21 | 000,000,330 | -H-- | C] () -- I:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/06/01 19:49:13 | 000,012,753 | ---- | C] () -- I:\Documents and Settings\M Mme LAVERGNE\Bureau\La biche est la femelle du.docx
[2010/06/01 19:40:25 | 000,038,875 | ---- | C] () -- I:\Documents and Settings\M Mme LAVERGNE\Bureau\bilan.doc
[2010/06/01 18:46:11 | 000,031,483 | ---- | C] () -- I:\Documents and Settings\M Mme LAVERGNE\Bureau\fonctions des mots.docx
[2010/05/30 17:53:00 | 000,113,933 | ---- | C] () -- I:\WINDOWS\System32\drivers\klin.dat
[2010/05/30 17:53:00 | 000,097,549 | ---- | C] () -- I:\WINDOWS\System32\drivers\klick.dat
[2010/05/30 15:27:28 | 000,000,036 | ---- | C] () -- I:\Documents and Settings\M Mme LAVERGNE\Local Settings\Application Data\housecall.guid.cache
[2010/05/30 03:46:02 | 000,000,492 | ---- | C] () -- I:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/02/11 00:53:25 | 000,000,206 | ---- | C] () -- I:\WINDOWS\System32\MRT.INI
[2009/10/18 10:10:55 | 000,044,544 | R--- | C] () -- I:\WINDOWS\System32\gif89.dll
[2009/10/18 10:10:00 | 000,000,287 | ---- | C] () -- I:\WINDOWS\SIERRA.INI
[2009/10/17 18:49:36 | 000,178,176 | ---- | C] () -- I:\WINDOWS\System32\unrar.dll
[2009/10/17 18:49:36 | 000,000,038 | ---- | C] () -- I:\WINDOWS\avisplitter.ini
[2009/10/17 18:49:34 | 000,881,664 | ---- | C] () -- I:\WINDOWS\System32\xvidcore.dll
[2009/10/17 18:49:33 | 003,596,288 | ---- | C] () -- I:\WINDOWS\System32\qt-dx331.dll
[2009/10/17 18:49:33 | 000,205,824 | ---- | C] () -- I:\WINDOWS\System32\xvidvfw.dll
[2009/10/17 18:49:31 | 000,085,504 | ---- | C] () -- I:\WINDOWS\System32\ff_vfw.dll
[2009/10/17 18:49:31 | 000,000,547 | ---- | C] () -- I:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/10/17 17:11:46 | 000,000,127 | ---- | C] () -- I:\WINDOWS\BuzzTWCP.INI
[2009/10/17 17:11:46 | 000,000,101 | ---- | C] () -- I:\WINDOWS\BUZZTWLC.INI
[2009/10/17 17:11:46 | 000,000,071 | ---- | C] () -- I:\WINDOWS\BuzzTWSC.INI
[2009/10/17 17:06:43 | 000,000,369 | ---- | C] () -- I:\WINDOWS\SoftWriting.ini
[2009/06/07 19:17:57 | 000,000,434 | ---- | C] () -- I:\WINDOWS\BRWMARK.INI
[2009/06/07 19:17:57 | 000,000,027 | ---- | C] () -- I:\WINDOWS\BRPP2KA.INI
[2009/06/07 19:00:31 | 000,031,831 | ---- | C] () -- I:\WINDOWS\maxlink.ini
[2009/03/07 13:00:42 | 000,000,097 | ---- | C] () -- I:\WINDOWS\System32\PICSDK.ini
[2009/01/18 09:48:34 | 000,682,232 | ---- | C] () -- I:\WINDOWS\System32\drivers\sptd.sys
[2008/10/14 19:28:53 | 000,000,067 | ---- | C] () -- I:\WINDOWS\Easy Video to DVD.INI
[2008/08/26 14:15:25 | 000,221,184 | --S- | C] () -- I:\WINDOWS\System32\glut32.dll
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- I:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/05/26 23:23:32 | 000,016,698 | ---- | C] () -- I:\WINDOWS\System32\gthrctr.ini
[2008/05/26 23:23:30 | 000,021,596 | ---- | C] () -- I:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 23:23:28 | 000,016,036 | ---- | C] () -- I:\WINDOWS\System32\gsrvctr.ini
[2008/02/06 11:04:20 | 000,431,163 | ---- | C] () -- I:\WINDOWS\System32\sqlite3.dll
[2008/01/08 09:19:29 | 000,000,065 | ---- | C] () -- I:\WINDOWS\FISHUI.INI
[2007/07/20 21:00:44 | 000,048,205 | R--- | C] () -- I:\WINDOWS\System32\lvcoinst.ini
[2007/05/06 18:16:56 | 000,000,214 | ---- | C] () -- I:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/02/04 19:13:18 | 000,000,000 | ---- | C] () -- I:\WINDOWS\SETUP32.INI
[2007/01/13 20:17:12 | 000,000,116 | ---- | C] () -- I:\WINDOWS\NeroDigital.ini
[2007/01/11 23:59:06 | 000,000,068 | ---- | C] () -- I:\WINDOWS\DVDRegionFree.INI
[2007/01/10 15:28:51 | 000,000,048 | ---- | C] () -- I:\WINDOWS\HFREP.INI
[2007/01/10 15:28:51 | 000,000,000 | ---- | C] () -- I:\WINDOWS\WD.INI
[2007/01/07 19:28:12 | 000,052,858 | ---- | C] () -- I:\WINDOWS\System32\interceptor.sys
[2007/01/07 19:26:58 | 000,027,059 | ---- | C] () -- I:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2007/01/06 01:05:36 | 000,000,169 | ---- | C] () -- I:\WINDOWS\RtlRack.ini
[2007/01/06 01:03:50 | 000,000,385 | ---- | C] () -- I:\WINDOWS\ODBC.INI
[2007/01/05 23:30:39 | 000,139,264 | ---- | C] () -- I:\WINDOWS\System32\IDEproperty.dll
[2007/01/05 23:28:01 | 000,083,022 | ---- | C] () -- I:\WINDOWS\VGAsetup.ini
[2007/01/05 23:27:37 | 000,096,402 | ---- | C] () -- I:\WINDOWS\System32\VGAunistlog.ini
[2007/01/05 23:25:29 | 000,000,164 | ---- | C] () -- I:\WINDOWS\avrack.ini
[2003/04/01 10:58:02 | 000,005,260 | ---- | C] () -- I:\WINDOWS\System32\OUTLPERF.INI
[2003/03/09 06:31:04 | 000,561,152 | ---- | C] () -- I:\WINDOWS\System32\hpotscl.dll

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2004/08/19 17:20:54 | 018,782,711 | ---- | M] () .cab file -- I:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- I:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/19 17:20:54 | 018,782,711 | ---- | M] () .cab file -- I:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- I:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- I:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- I:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- I:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- I:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/19 17:20:54 | 018,782,711 | ---- | M] () .cab file -- I:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- I:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/19 17:20:54 | 018,782,711 | ---- | M] () .cab file -- I:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/04/13 20:47:24 | 020,102,028 | ---- | M] () .cab file -- I:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- I:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- I:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- I:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- I:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/19 17:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- I:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- I:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- I:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- I:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- I:\WINDOWS\system32\netlogon.dll
[2004/08/19 17:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- I:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/19 17:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- I:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- I:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- I:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/14 04:33:33 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- I:\WINDOWS\system32\msvbvm60.dll
[3 I:\WINDOWS\system32\*.tmp files -> I:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> I:\Documents and Settings\All Users\Application Data\TEMP:88050731
< End of report >

Auteur

le 03/06/2010 20h49

Rapport OK :bien:

tu as installé tout cela.

I:\Program Files\ESET
I:\Program Files\Panda Security

+ Kaspersky qui lui est encore actif je pense.

Supprimes ces deux fichiers si tu ne les utilises plus.

Pour le reste pour moi c'est OK.
:salut:

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 03/06/2010 21h41

oui, j'avais installé tout ca car j'étais bien infecté.Ok, je supprime les 2log
Merci pour ton aide! :bien:

Auteur

le 03/06/2010 21h52

de rien .

tu peux supprimer OTL et USfix.
:salut:

Clique sur

en bas de ton message puis à la suite de ton titre marque : RESOLU

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 05/06/2010 03h18

Je ne vais pas encore mettre résolu car malgré la désactivation de la restauration et un passage USB fix le dernier scan Panda m'édite ceci

ANALYSIS: 2010-06-05 03:07:16
PROTECTIONS: 1
MALWARE: 6
SUSPECTS: 1

PROTECTIONS
Description Version Active Updated

Kaspersky Anti-Virus 9.0.0.736 Yes Yes

MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No i:\documents and settings\m mme \cookies\@atdmt[2].txt
00623824 trj/sinowal.wbv Virus/Trojan No 0 Yes No hkey_current_user\software\mc
03074964 Trj/CI.A Virus/Trojan No 0 Yes No i:\usbfix\usbfix.exe
03074964 Trj/CI.A Virus/Trojan No 0 No No i:\documents and settings\m mme \bureau\nettoyage-protection\usbfix.exe[usbfix.exe]
05945990 W32/Lineage.LIE.worm Virus/Worm No 0 Yes No n:\system volume information\_restore{a21932bc-6dda-42a7-ace0-57b149ca8d0a}\rp202\a0009438.inf
06207580 W32/Lineage.KDB.worm Virus/Worm No 1 Yes No k:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp197\a0119807.inf
06207580 W32/Lineage.KDB.worm Virus/Worm No 1 Yes No k:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp196\a0119800.inf
06209908 W32/Autorun.JWE.worm Virus/Worm No 1 Yes No k:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp196\a0119787.inf

SUSPECTS
Sent Location

No i:\documents and settings\m mme \bureau\nettoyage-protection\usbfix.exe

VULNERABILITIES
Id Severity Description

je n'arrive pas à nettoyer la restauration et me débarrasser de ce W 32. Merci de m'aider à nouveau.

Auteur

le 05/06/2010 11h04

Regarde les détections.

"usbfix" que tu as installé. il suffit de la supprimer.

"n:\system volume information\_restore{a21932bc-6dda-42a7-ace0-.."

C'est la restauration. il suffit de la purger comme indiqué si dessus.

"i:\documents and settings\m mme \cookies\@atdmt[2].txt "

cookies donc pas de soucis.

:salut:

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 05/06/2010 20h07

C'est bien là mon souci!! j'avais purgé la restauration avant de lancer le scan mais malgré ça j'ai encore des saletés et cette ligne là
00623824 trj/sinowal.wbv Virus/Trojan No 0 Yes No hkey_current_user\software\mc
m'a plutot l'air d'etre une clé du registre. Je me trompe?
Une idée pour m'aider. merci

Auteur

le 05/06/2010 21h22

Oui c'est une clé de registre.

fait ceci.

Installe Malewarebytes' Antimalware,
Téléchargement

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 05/06/2010 21h54

j'ai déjà passé Malewarebytes' Antimalware, il ne detecte rien!
Une idée quant à cette restauration? Je vais essayer de purger en mode sans echec. Je verrai bien :chepa:

Auteur

le 06/06/2010 20h22

Cette clé n'est pas dans la registre.

Fait un nettoyage du registre avec Ccleaner au besoin.
:salut:

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 09/06/2010 08h18

Voilà, nettoyage CCleaner fait et j'ai purgé la restauration en mode sans echec mais rien à faire le rapport me sort toujours ces infections!
Pffff, je ne sais plus quoi faire!!!! Une autre idée?
Merci

Auteur

le 09/06/2010 12h53

Mets moi l'adresse exact de cette détection de clé de registre et on va la supprimer autrement.

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 09/06/2010 20h24

ANALYSIS: 2010-06-09 07:14:17
PROTECTIONS: 1
MALWARE: 5
SUSPECTS: 1
PROTECTIONS
Description Version Active Updated
avast! Antivirus 5.0.83886625 Yes Yes
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No i:\documents and settings\m mme XXXXXX\cookies\m_mme_@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No i:\documents and settings\m mme \cookies\m_mme_XXXXXXX@atdmt[3].txt
00623824 trj/sinowal.wbv Virus/Trojan No 0 Yes No hkey_current_user\software\mc
03074964 Trj/CI.A Virus/Trojan No 0 Yes No i:\system volume information\_restore{614b6353-98ac-424a-9c4f-fda42ef2d891}\rp4\a0000386.exe
03074964 Trj/CI.A Virus/Trojan No 0 No No i:\system volume information\_restore{614b6353-98ac-424a-9c4f-fda42ef2d891}\rp4\a0000384.exe[usbfix.exe]
06207580 W32/Lineage.KDB.worm Virus/Worm No 1 Yes No k:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp196\a0119800.inf
06207580 W32/Lineage.KDB.worm Virus/Worm No 1 Yes No k:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp197\a0119807.inf
06209908 W32/Autorun.JWE.worm Virus/Worm No 1 Yes No k:\system volume information\_restore{36d576c6-d89e-469e-9fbc-abf0712a416e}\rp196\a0119787.inf

No i:\system volume information\_restore{614b6353-98ac-424a-9c4f-fda42ef2d891}\rp4\a0000384.exe

VULNERABILITIES
Id Severity Description

Voilà le dernier scan. je sais que la ligne des cookies n'est pas gênante. Ce sont celles de la restauration qui me gênent. Elles réapparaissent malgré une purge. Et la ligne :
00623824 trj/sinowal.wbv Virus/Trojan hkey_current_user\software\mc
est tjs là malgré passage de maleware et ccleaner.

Voilà. merci de ton aide! :bien:

Auteur

le 09/06/2010 20h40

Ok déjà tu as la restauration dans deux lecteurs.

i:\system volume information\_restore

et:

k:\system volume information\_restore

il te faut donc purger ces deux lecteurs.

ensuite pour ta clé de registre.

*Impératif* Par précaution fait une sauvegarde du registre comme ceci.

http://telechargement.zebulon.fr/erunt.html

Ensuite ceci.

rends toi a cette adresse dans le registre.
[-hkey_current_user\software\mc] Puis clique droit dessus et valide "exporter"

mets moi ce que contiens ce fichier reg s.t.p

Ensuite on fera sa suppression comme ceci mais attends que je te donne le feu vert s.t.p

Télécharge >>OTM<< (de Old_Timer) sur ton Bureau.

>> Pour VISTA : Clic-droit et choisis "Exécuter en tant qu'administrateur".

>> AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.

Double-clique sur OTM pour le lancer.

Copie la liste qui se trouve en citation ci-dessous:

:Reg
[-hkey_current_user\software\mc]

:Commands
[emptytemp]
[Reboot]

et colle-la dans le cadre de gauche de OTM sous ceci:

Clique sur

pour lancer la suppression.
attendre la fin du travail de l'outil puis fermer OTM

Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTM\MovedFiles\06092009_130526.log "Exemple"

NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Oui/Yes.
:salut:

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 09/06/2010 21h20

voilà le rapport otm
All processes killed
========== REGISTRY ==========
Registry key hkey_current_user\software\mc\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 1483 bytes
->Temporary Internet Files folder emptied: 182715 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: M Mme
->Temp folder emptied: 85488027 bytes
->Temporary Internet Files folder emptied: 58905 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 53192206 bytes
->Flash cache emptied: 1509 bytes

User: NetworkService
->Temp folder emptied: 21104 bytes
->Temporary Internet Files folder emptied: 49554 bytes

%systemdrive% .tmp files removed: 23276 bytes
%systemroot% .tmp files removed: 1158527 bytes
%systemroot%\System32 .tmp files removed: 2830336 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 713891 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 7724786 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 145,00 mb

OTM by OldTimer - Version 3.1.12.2 log created on 06092010_210740

Files moved on Reboot...
I:\Documents and Settings\\Local Settings\Temp\IadHide5.dll moved successfully.
File I:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
File move failed. I:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...

j'ai exporté hkey_current_user\software\mc. Voilà ce qu'il contient :
REG SZ valeur non definie
REG DWORD 0x49216a70

Et pour la restauration, j'ai beau purgé a chaque nouveau scan les lignes reapparaissent!!!
voilà.

:salut:

Auteur

le 09/06/2010 21h40

Bizarre car on dirait on contraire que ta restauration n'est pas purger
:chepa:

Fait ceci alors.

>>Télécharge Winsockxpfix sur ton bureau et passe à la suite.

si a tout hasard ta connexion internet n'est plus active après le redémarrage du pc fait cela pour la réparer...

Fait un double clic sur l'icône < inclued picture >

de WinsockXPFix.

>>clique sur "Fix" > et si ton pc ne redémarre pas,redémarre le manuellement.

Télécharge ComboFix <ICI>>

Pour les Utilisateurs de VISTA: Clic-droit et choisis "Exécuter en tant qu'administrateur".
Pour VISTA : pas d'installation de la console de récupération.

>> Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée.

Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir préinstallée sur votre PC avant toute suppression de nuisibles.
Elle permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de vous aider plus facilement si jamais votre ordinateur rencontre un problème après une tentative de nettoyage.

Suis les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela est demandé, accepte le Contrat de Licence Utilisateur Final pour l'installer.
>> Une fois sur ton bureau double clique dessus pour le lancer.
Note importante : Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.

Lorsque le scan sera complet, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt

>>Ne pas cliquer dans la fenêtre de Combofix durant l’analyse, ceci provoquerait le gel du programme

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 09/06/2010 21h44

i:\system volume information\_restore
k:\system volume information\_restore

Quand je clique sur les dossiers, un message me dit que l'acces est refusé
:chepa:

Auteur

le 09/06/2010 22h12

Voilà le rapport combofix

ComboFix 10-06-09.01 - 09/06/2010 21:55:45.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1247.781 [GMT 2:00]
Lancé depuis: j:\download net\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

i:\documents and settings\\Application Data\inst.exe
i:\windows\system32\Ijl11.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-05-09 au 2010-06-09 ))))))))))))))))))))))))))))))))))))
.

2010-06-09 18:55 . 2010-06-09 18:56 -------- d-----w- i:\program files\ERUNT
2010-06-07 09:03 . 2010-06-07 09:03 -------- d-----w- i:\program files\CCleaner
2010-06-06 06:11 . 2010-06-06 06:31 -------- d-----w- i:\program files\Spybot - Search & Destroy
2010-06-06 05:20 . 2010-05-06 20:39 164048 ----a-w- i:\windows\system32\drivers\aswSP.sys
2010-06-06 05:20 . 2010-05-06 20:34 23376 ----a-w- i:\windows\system32\drivers\aswRdr.sys
2010-06-06 05:20 . 2010-05-06 20:33 19024 ----a-w- i:\windows\system32\drivers\aswFsBlk.sys
2010-06-06 05:20 . 2010-05-06 20:39 46672 ----a-w- i:\windows\system32\drivers\aswTdi.sys
2010-06-06 05:20 . 2010-05-06 20:33 100432 ----a-w- i:\windows\system32\drivers\aswmon2.sys
2010-06-06 05:20 . 2010-05-06 20:33 94800 ----a-w- i:\windows\system32\drivers\aswmon.sys
2010-06-06 05:20 . 2010-05-06 20:33 28880 ----a-w- i:\windows\system32\drivers\aavmker4.sys
2010-06-06 05:20 . 2010-05-06 20:59 38848 ----a-w- i:\windows\system32\avastSS.scr
2010-06-06 05:20 . 2010-05-06 20:59 165032 ----a-w- i:\windows\system32\aswBoot.exe
2010-06-06 05:20 . 2010-06-06 05:20 -------- d-----w- i:\documents and settings\All Users\Application Data\Alwil Software
2010-06-06 03:48 . 2010-04-29 13:39 38224 ----a-w- i:\windows\system32\drivers\mbamswissarmy.sys
2010-06-06 03:48 . 2010-06-06 03:48 -------- d-----w- i:\program files\Malwarebytes' Anti-Malware
2010-06-06 03:48 . 2010-04-29 13:39 20952 ----a-w- i:\windows\system32\drivers\mbam.sys
2010-06-06 03:47 . 2010-06-06 04:30 -------- d-----w- i:\program files\jv16 PowerTools
2010-06-06 00:19 . 2010-06-06 00:19 -------- d-----w- i:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2010-06-02 06:09 . 2010-06-02 06:09 -------- d-----w- i:\program files\Windows Defender
2010-05-31 16:24 . 2009-06-30 07:37 28552 ----a-w- i:\windows\system32\drivers\pavboot.sys
2010-05-30 18:39 . 2010-05-30 18:39 -------- d-----w- i:\documents and settings\\Application Data\Malwarebytes
2010-05-30 18:38 . 2010-05-30 18:38 -------- d-----w- i:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-30 14:43 . 2010-05-30 14:43 -------- d-----w- i:\documents and settings\Administrateur\Application Data\Windows Search
2010-05-30 10:20 . 2010-05-30 10:20 -------- d-----w- i:\program files\ESET
2010-05-30 10:05 . 2010-05-30 13:27 -------- d-----w- i:\program files\Panda Security
2010-05-30 01:44 . 2010-05-30 01:43 95024 ----a-w- i:\windows\system32\drivers\SBREDrv.sys
2010-05-29 19:07 . 2010-05-21 12:14 221568 ------w- i:\windows\system32\MpSigStub.exe
2010-05-23 11:21 . 2010-05-23 11:21 503808 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1ea255de-n\msvcp71.dll
2010-05-23 11:21 . 2010-05-23 11:21 499712 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1ea255de-n\jmc.dll
2010-05-23 11:21 . 2010-05-23 11:21 348160 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1ea255de-n\msvcr71.dll
2010-05-23 11:21 . 2010-05-23 11:21 61440 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-32120cdb-n\decora-sse.dll
2010-05-23 11:21 . 2010-05-23 11:21 12800 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-32120cdb-n\decora-d3d.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-08 10:59 . 2007-01-11 19:31 -------- d-----w- i:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-07 09:03 . 2009-10-25 19:05 -------- d-----w- i:\documents and settings\\Application Data\Media Player Classic
2010-06-06 05:20 . 2007-01-14 11:40 -------- d-----w- i:\program files\Alwil Software
2010-05-30 15:34 . 2008-04-22 21:55 -------- d-----w- i:\documents and settings\All Users\Application Data\Lavasoft
2010-05-30 15:34 . 2007-10-31 17:43 -------- d-----w- i:\program files\Lavasoft
2010-05-30 10:41 . 2007-01-14 08:03 -------- d-----w- i:\program files\DivXboX
2010-05-13 07:26 . 2001-08-28 12:00 86934 ----a-w- i:\windows\system32\perfc00C.dat
2010-05-13 07:26 . 2001-08-28 12:00 499592 ----a-w- i:\windows\system32\perfh00C.dat
2010-05-12 19:31 . 2009-10-17 15:47 -------- d-----w- i:\documents and settings\All Users\Application Data\Microsoft Help
2010-05-06 21:21 . 2007-04-04 15:59 -------- d-----w- i:\program files\Java
2010-04-12 15:29 . 2010-05-06 21:21 411368 ----a-w- i:\windows\system32\deployJava1.dll
2010-04-06 07:27 . 2007-01-05 21:01 74936 -c--a-w- i:\documents and settings\\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-31 06:28 . 2010-03-31 06:28 503808 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-47bdd647-n\msvcp71.dll
2010-03-31 06:28 . 2010-03-31 06:28 499712 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-47bdd647-n\jmc.dll
2010-03-31 06:28 . 2010-03-31 06:28 348160 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-47bdd647-n\msvcr71.dll
2010-03-31 06:28 . 2010-03-31 06:28 61440 ----a-w- i:\documents and settings\\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1eea5eda-n\decora-sse.dll
2010-03-31 06:28 . 2010-03-31 06:28 12800 ----a-w- i:\documents and settings\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1eea5eda-n\decora-d3d.dll
2007-01-10 15:22 . 2007-01-07 17:32 278528 -c--a-w- i:\program files\Fichiers communs\FDEUnInstaller.exe
2009-06-07 18:13 . 2009-06-07 18:13 0 -csh--r- i:\windows\FFSSET.BIN
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . i:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . i:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . i:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2001-08-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . i:\windows\system32\dllcache\beep.sys
[-] 2001-08-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . i:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 16813155807C6881F4BFBF6657424659 . 25216 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 16813155807C6881F4BFBF6657424659 . 25216 . . [5.1.2600.5512] . . i:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-19 . E798705E8DC7FAB596EF6BFDF167E007 . 25216 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . i:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . i:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . i:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . i:\windows\$NtServicePackUninstall$\ntfs.sys

[-] 2001-08-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . i:\windows\system32\dllcache\null.sys
[-] 2001-08-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . i:\windows\system32\drivers\null.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . i:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . i:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . i:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . i:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

[-] 2008-04-14 . 06B54A7B1EF7CB16BFD0E208D343FA71 . 77824 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . 06B54A7B1EF7CB16BFD0E208D343FA71 . 77824 . . [5.1.2600.5512] . . i:\windows\system32\browser.dll
[-] 2004-08-19 . 75AC49029966BFFEA09F96C1C194F684 . 77312 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . i:\windows\system32\lsass.exe
[-] 2004-08-19 . 259AF82A0932EEA4F316F92DB94707B6 . 13312 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2008-04-14 . BE0CB143FA427D93440DED18DB8C918B . 198144 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . BE0CB143FA427D93440DED18DB8C918B . 198144 . . [5.1.2600.5512] . . i:\windows\system32\netman.dll
[-] 2005-08-22 . 0D55724D88488BBFC53BC2EA219240F3 . 197632 . . [5.1.2600.2743] . . i:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 31748843AD5811351B115CC52CEA8D77 . 197632 . . [5.1.2600.2743] . . i:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll

[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . i:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . i:\windows\system32\qmgr.dll
[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . i:\windows\system32\bits\qmgr.dll
[-] 2004-08-19 . 659F7B6C502051BFA37910614B225548 . 382464 . . [6.6.2600.2180] . . i:\windows\$NtServicePackUninstall$\qmgr.dll

[-] 2009-02-09 . 0203B1AAD358F206CB0A3C1F93CCE17A . 401408 . . [5.1.2600.5755] . . i:\windows\system32\rpcss.dll
[-] 2009-02-09 . 0203B1AAD358F206CB0A3C1F93CCE17A . 401408 . . [5.1.2600.5755] . . i:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . 3D65EB82E1FA6DB15A33E024C9E03CAB . 399360 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . CB7D37602638369A516757E994CBB31D . 397824 . . [5.1.2600.2726] . . i:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . B38D431ACE730452CD1FEE4FB7ECD6E2 . 398336 . . [5.1.2600.2726] . . i:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . FD292BFE003558F4C39AA3D44F420AC7 . 396288 . . [5.1.2600.2665] . . i:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll

[-] 2009-02-09 . C3FB1D70CB88722267949694BA51759E . 111104 . . [5.1.2600.5755] . . i:\windows\system32\services.exe
[-] 2009-02-09 . C3FB1D70CB88722267949694BA51759E . 111104 . . [5.1.2600.5755] . . i:\windows\system32\dllcache\services.exe
[-] 2008-04-14 . 54CB50058851D95E56EC70D09F70857F . 109056 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-19 . 63DCDE1A0D86EEB8924D6738FF616EAD . 108544 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\services.exe

[-] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . i:\windows\system32\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . i:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . i:\windows\$NtServicePackUninstall$\spoolsv.exe

[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . i:\windows\system32\winlogon.exe
[-] 2004-08-19 . 123EEA158F74D0F67A51DCDF065D1091 . 506368 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . i:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . i:\windows\system32\comctl32.dll
[-] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . i:\windows\system32\dllcache\comctl32.dll
[-] 2006-08-25 . 5BBCD65CFD7610F36BCA96B72BBAED4B . 617472 . . [5.82] . . i:\windows\$NtServicePackUninstall$\comctl32.dll

[-] 2008-04-14 . 7A6D0B71035E123FDDA2156A25578AD3 . 62464 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 7A6D0B71035E123FDDA2156A25578AD3 . 62464 . . [5.1.2600.5512] . . i:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . 7A6D0B71035E123FDDA2156A25578AD3 . 62464 . . [5.1.2600.5512] . . i:\windows\system32\dllcache\cryptsvc.dll
[-] 2004-08-19 . CD73133EB24C572019944001FAD1B8D9 . 60416 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . i:\windows\system32\es.dll
[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . i:\windows\system32\dllcache\es.dll
[-] 2008-04-14 02:33 . 9FD4A0615BF3E9388A46EDF8774C7294 . 246272 . . [2001.12.4414.701] . . i:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:39 . D9CDB9380E0EFC9E97CC589B5F484B94 . 243200 . . [2001.12.4414.308] . . i:\windows\$NtServicePackUninstall$\es.dll
[-] 2005-07-26 04:29 . B56B69129181FF63BAED5EDE65DCC9B1 . 243200 . . [2001.12.4414.308] . . i:\windows\$hf_mig$\KB902400\SP2QFE\es.dll

[-] 2008-04-14 . 0469B73DB32E5520F342C5E163AA3CCA . 110080 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0469B73DB32E5520F342C5E163AA3CCA . 110080 . . [5.1.2600.5512] . . i:\windows\system32\imm32.dll
[-] 2004-08-19 . E55DAFA1A354BD5CB69151563DC9748A . 110080 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . 98F08549604D090B6B2514AF845F329F . 1054720 . . [5.1.2600.5781] . . i:\windows\system32\kernel32.dll
[-] 2009-03-21 . 98F08549604D090B6B2514AF845F329F . 1054720 . . [5.1.2600.5781] . . i:\windows\system32\dllcache\kernel32.dll
[-] 2008-04-14 . 3AC8886DFA5AB641417DF4D3B7F5512E . 1054720 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 6F1FE2AE7B22EB9CED1BFF533C9455EA . 1049600 . . [5.1.2600.3119] . . i:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-07-05 . FB85EF2A6713E3A58A497E093626B93C . 1050112 . . [5.1.2600.2945] . . i:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

[-] 2008-04-14 . 5C64008E661307C4A3C3C25D9086CDE7 . 19968 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 5C64008E661307C4A3C3C25D9086CDE7 . 19968 . . [5.1.2600.5512] . . i:\windows\system32\linkinfo.dll
[-] 2005-09-01 . D9BD4CCA0533401B6609E47FF74F40DC . 19968 . . [5.1.2600.2751] . . i:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . 8D9A075C065DFE1228688D10155D6624 . 19968 . . [5.1.2600.2751] . . i:\windows\$NtServicePackUninstall$\linkinfo.dll

[-] 2008-04-14 . 982B2C204337C3B12211E1E1D9BA8C9C . 22016 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 982B2C204337C3B12211E1E1D9BA8C9C . 22016 . . [5.1.2600.5512] . . i:\windows\system32\lpk.dll
[-] 2004-08-19 . 3236A6A1650E6C055FD5E87D7C4A05AD . 22016 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2010-03-11 . 42672DA5A7A741FE5728AE37F7080EFC . 3599872 . . [7.00.6000.17023] . . i:\windows\system32\mshtml.dll
[-] 2010-03-11 . 42672DA5A7A741FE5728AE37F7080EFC . 3599872 . . [7.00.6000.17023] . . i:\windows\system32\dllcache\mshtml.dll
[-] 2010-03-11 . 1E81869FCA9787B42DC45A434BF14F2A . 3602944 . . [7.00.6000.21228] . . i:\windows\$hf_mig$\KB980182-IE7\SP3QFE\mshtml.dll
[-] 2010-01-05 . 6241995FF3C0DDB7480CBBF28414E95F . 3599360 . . [7.00.6000.16981] . . i:\windows\ie7updates\KB980182-IE7\mshtml.dll
[-] 2010-01-05 . AC71009216EB0ED85E1408E9D856139F . 3602944 . . [7.00.6000.21183] . . i:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
[-] 2009-10-29 . 05379D041CDD76F229614C9FA6308652 . 3598336 . . [7.00.6000.16945] . . i:\windows\ie7updates\KB978207-IE7\mshtml.dll
[-] 2009-10-29 . 1B40E978A49D126576DA1B4AC65C5F31 . 3602432 . . [7.00.6000.21148] . . i:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
[-] 2009-10-21 . 0C52593238E9886E1646295C9210F745 . 3598336 . . [7.00.6000.16939] . . i:\windows\ie7updates\KB976325-IE7\mshtml.dll
[-] 2009-10-21 . 1411E21288C951FA0011C4EE6DCB70AB . 3602432 . . [7.00.6000.21142] . . i:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll
[-] 2009-08-29 . CDE840862EBE2DB23ED82686FC263708 . 3598336 . . [7.00.6000.16915] . . i:\windows\ie7updates\KB976749-IE7\mshtml.dll
[-] 2009-08-29 . 5929FA14CE47CC401E43AA7489BFA692 . 3600384 . . [7.00.6000.21115] . . i:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtml.dll
[-] 2009-07-19 . 0E396FC8AED9D3D550DB38152F6A4FC7 . 3597824 . . [7.00.6000.16890] . . i:\windows\ie7updates\KB974455-IE7\mshtml.dll
[-] 2009-07-19 . 73FFE289F14EDFBB22429E88ACF17016 . 3600384 . . [7.00.6000.21089] . . i:\windows\$hf_mig$\KB972260-IE7\SP3QFE\mshtml.dll
[-] 2009-04-29 . 9B6478E6F9E83A04B6DA76FA61BB1FA7 . 3596288 . . [7.00.6000.16850] . . i:\windows\ie7updates\KB972260-IE7\mshtml.dll
[-] 2009-04-29 . 246F148CD2E4F5AE164C1890D0A06420 . 3598336 . . [7.00.6000.21045] . . i:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[-] 2009-02-20 . 78068F040272D5EEF5198B3C75DD4D99 . 3595264 . . [7.00.6000.16825] . . i:\windows\ie7updates\KB969897-IE7\mshtml.dll
[-] 2009-01-16 . 0975BFBBCF2639C8BB5C0790F020DE6C . 3594752 . . [7.00.6000.16809] . . i:\windows\ie7updates\KB963027-IE7\mshtml.dll
[-] 2008-12-13 . 0AFB982529328ABAF64EFC6C85E0F09C . 3593216 . . [7.00.6000.16788] . . i:\windows\ie7updates\KB961260-IE7\mshtml.dll
[-] 2008-10-17 . 74BF6087086364FA96BF047DA7C9EB38 . 3593216 . . [7.00.6000.16762] . . i:\windows\ie7updates\KB960714-IE7\mshtml.dll
[-] 2008-08-27 . 3CCDB836BBAB800FDED3181AF7EED38F . 3593216 . . [7.00.6000.16735] . . i:\windows\ie7updates\KB958215-IE7\mshtml.dll
[-] 2008-06-24 . 03F74B51CC156B0E78D998DDF0EF31C1 . 3592192 . . [7.00.6000.16705] . . i:\windows\ie7updates\KB956390-IE7\mshtml.dll
[-] 2008-04-23 . D7A36FCE62649BD7146053C5E982EBF3 . 3591680 . . [7.00.6000.16674] . . i:\windows\ie7updates\KB953838-IE7\mshtml.dll
[-] 2008-04-14 . C4153F037157C7BE7C54FD88887F027D . 3066880 . . [6.00.2900.5512] . . i:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2008-03-01 . F745B291067B273909D87D9D84857F4D . 3591680 . . [7.00.6000.16640] . . i:\windows\ie7updates\KB950759-IE7\mshtml.dll
[-] 2007-12-08 . DA88BCD1CA467FE0464E896D01110E5A . 3592192 . . [7.00.6000.16608] . . i:\windows\ie7updates\KB947864-IE7\mshtml.dll
[-] 2007-10-30 . 89397AFC934A509580FF089035E71DA8 . 3590656 . . [7.00.6000.16587] . . i:\windows\ie7updates\KB944533-IE7\mshtml.dll
[-] 2007-08-20 . 12357B36CB76D754FB9AE7822A64A03D . 3584512 . . [7.00.6000.16544] . . i:\windows\ie7updates\KB942615-IE7\mshtml.dll
[-] 2007-07-19 . 5CA5101D0606245574D84B0520CFE780 . 3583488 . . [7.00.6000.16525] . . i:\windows\ie7updates\KB939653-IE7\mshtml.dll
[-] 2007-05-08 . B672A6772187AE5E63762A1B4EAAF2CA . 3584000 . . [7.00.6000.20591] . . i:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll
[-] 2007-05-08 . 919232D791120960D3DA5F5880CC261C . 3583488 . . [7.00.6000.16481] . . i:\windows\ie7updates\KB937143-IE7\mshtml.dll
[-] 2007-03-23 . 0CF276F7C5D51F2BB92CCEF4A770EA30 . 3582976 . . [7.00.6000.20544] . . i:\windows\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll
[-] 2007-02-27 . FC38B18A1AD106289BF4FEFC2670A9B5 . 3581952 . . [7.00.6000.16441] . . i:\windows\ie7updates\KB933566-IE7\mshtml.dll
[-] 2007-01-12 . 5D45318804A30CE9D6EA83066E84B4A7 . 3580416 . . [7.00.6000.16414] . . i:\windows\ie7updates\KB931768-IE7\mshtml.dll
[-] 2006-11-07 . CBF04597F9CF7739E572276A2698FDD3 . 3577856 . . [7.00.5730.11] . . i:\windows\ie7updates\KB928090-IE7\mshtml.dll
[-] 2006-10-23 . EE542871960ACFD459F4113B1BCC6C10 . 3082240 . . [6.00.2900.3020] . . i:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll
[-] 2006-10-23 . EE542871960ACFD459F4113B1BCC6C10 . 3082240 . . [6.00.2900.3020] . . i:\windows\ie7\mshtml.dll
[-] 2004-08-19 . 7CA9E0D2C4DCA6B710FD57F40E597337 . 3003392 . . [6.00.2900.2180] . . i:\windows\$NtServicePackUninstall$\mshtml.dll

[-] 2008-04-14 . 3891413139EAABFEFE9B0CA49B5CD395 . 343040 . . [7.0.2600.5512] . . i:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 3891413139EAABFEFE9B0CA49B5CD395 . 343040 . . [7.0.2600.5512] . . i:\windows\system32\msvcrt.dll
[-] 2004-08-19 . B89F48FDFD6C3312B92D5D633C23F075 . 343040 . . [7.0.2600.2180] . . i:\windows\$NtServicePackUninstall$\msvcrt.dll

[-] 2008-06-20 . 58AF8498C62E1E1DAB5AE59C6E08C180 . 247808 . . [5.1.2600.5625] . . i:\windows\system32\mswsock.dll
[-] 2008-06-20 . 58AF8498C62E1E1DAB5AE59C6E08C180 . 247808 . . [5.1.2600.5625] . . i:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . 196CCC3FDD21665DCAA9F83FFC03B41A . 247808 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-19 . 6FA2DDF70DC9B762EBF8920F89B6BEA3 . 247808 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\mswsock.dll

[-] 2008-04-14 . 04821179C3171554C1BD1F9888A113E2 . 407040 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 04821179C3171554C1BD1F9888A113E2 . 407040 . . [5.1.2600.5512] . . i:\windows\system32\netlogon.dll
[-] 2004-08-19 . D4CFAC76926C24E32B7F25A35C31BC6E . 407040 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2010-02-17 . ADDA825853063A00D75D66188C3F1449 . 2192000 . . [5.1.2600.5938] . . i:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-02-17 . ADDA825853063A00D75D66188C3F1449 . 2192000 . . [5.1.2600.5938] . . i:\windows\system32\ntoskrnl.exe
[-] 2010-02-17 . ADDA825853063A00D75D66188C3F1449 . 2192000 . . [5.1.2600.5938] . . i:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-02-16 . 126C8FD13731649A7CD6F0A311CD49B8 . 2192128 . . [5.1.2600.5938] . . i:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 9EC870EAB7D08695E59579C7AAC3B23D . 2191360 . . [5.1.2600.5913] . . i:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 63864AF70CAC631077A6C1223617336B . 2191360 . . [5.1.2600.5857] . . i:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2008-04-14 . 099D639DA1EF6968D4E41795BB507E6B . 2191104 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2007-02-28 . 8E244108562E0E452EB68DFF64CB08A9 . 2184192 . . [5.1.2600.3093] . . i:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 . 7D6D19AAC51A4325F6039F083C22303C . 2182400 . . [5.1.2600.3093] . . i:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2006-12-19 . 1F3FA2065E6E043A1D82A487B5DA309C . 2184064 . . [5.1.2600.3051] . . i:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 3E2A0A4A0C0B19FC113618A9562A3B2A . 2181632 . . [5.1.2600.2622] . . i:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe

[-] 2008-04-14 . 9F2C862E39BF8E8FC51C3F6A6BCEB415 . 17408 . . [6.00.2900.5512] . . i:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9F2C862E39BF8E8FC51C3F6A6BCEB415 . 17408 . . [6.00.2900.5512] . . i:\windows\system32\powrprof.dll
[-] 2004-08-19 . 29D5E58FB089C41898A81BD4C8970F22 . 17408 . . [6.00.2900.2180] . . i:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . 973B36634C544948C663E8269AA1B3A3 . 187392 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 973B36634C544948C663E8269AA1B3A3 . 187392 . . [5.1.2600.5512] . . i:\windows\system32\scecli.dll
[-] 2004-08-19 . 58D439F6EF73A2D9288B204E819F4BBD . 186368 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2008-04-14 . 9A4E7ECBB5B7FB86F3B926AB039F4FEC . 5120 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 9A4E7ECBB5B7FB86F3B926AB039F4FEC . 5120 . . [5.1.2600.5512] . . i:\windows\system32\sfc.dll
[-] 2004-08-19 . BB695F18354B38CFF693E67EE7A30C22 . 5120 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . i:\windows\system32\svchost.exe
[-] 2004-08-19 . 2979B03D5382A602623C0535B16AB9C0 . 14336 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 8E5231171AD6595FF002E848CC54FCD7 . 249856 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 8E5231171AD6595FF002E848CC54FCD7 . 249856 . . [5.1.2600.5512] . . i:\windows\system32\tapisrv.dll
[-] 2005-07-08 . C9FA05D271A0066764FE75BE38E24D69 . 249344 . . [5.1.2600.2716] . . i:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 720DA0C9DB8996AD9B7F5164B2242DAA . 249344 . . [5.1.2600.2716] . . i:\windows\$NtServicePackUninstall$\tapisrv.dll

[-] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . i:\windows\system32\user32.dll
[-] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . i:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . i:\windows\$NtServicePackUninstall$\user32.dll
[-] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . i:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

[-] 2008-04-14 . E74DDB12188C2FF57A78624DBF7332FC . 26624 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . E74DDB12188C2FF57A78624DBF7332FC . 26624 . . [5.1.2600.5512] . . i:\windows\system32\userinit.exe
[-] 2004-08-19 . 84717891F0734C611721F56C60B5FBC3 . 25088 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2010-03-11 . 1BFBAE6B188230677BFE63962C2A11B4 . 832512 . . [7.00.6000.17023] . . i:\windows\system32\wininet.dll
[-] 2010-03-11 . 1BFBAE6B188230677BFE63962C2A11B4 . 832512 . . [7.00.6000.17023] . . i:\windows\system32\dllcache\wininet.dll
[-] 2010-03-11 . 5CC1B037988E966725FF544C564A22F3 . 841216 . . [7.00.6000.21228] . . i:\windows\$hf_mig$\KB980182-IE7\SP3QFE\wininet.dll
[-] 2010-01-05 . F306825E8A0756AA58189C1D24F11C9C . 832512 . . [7.00.6000.16981] . . i:\windows\ie7updates\KB980182-IE7\wininet.dll
[-] 2010-01-05 . 8DC8F8E144ADD7CCF27DA6E1F7720722 . 841216 . . [7.00.6000.21183] . . i:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
[-] 2009-10-29 . 0BA084C2B3155F10D2D49244B16B2475 . 832512 . . [7.00.6000.16945] . . i:\windows\ie7updates\KB978207-IE7\wininet.dll
[-] 2009-10-29 . E366FE230408822BD0D0A6087799F844 . 841216 . . [7.00.6000.21148] . . i:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
[-] 2009-08-29 . 21AB2D2F2F48BD2D566777D0ABB36A45 . 832512 . . [7.00.6000.16915] . . i:\windows\ie7updates\KB976325-IE7\wininet.dll
[-] 2009-08-29 . 7F40D3CD13090D03552B1FC6B28C94B5 . 840704 . . [7.00.6000.21115] . . i:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 71333B8101B10CDEC4D58D949C97D3BA . 828928 . . [7.00.6000.21073] . . i:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 9620CC3780D7279A48D3556860813587 . 827392 . . [7.00.6000.16876] . . i:\windows\ie7updates\KB974455-IE7\wininet.dll
[-] 2009-04-29 . 08EFECB3F17F38F23F14148D374ACBC9 . 827392 . . [7.00.6000.16850] . . i:\windows\ie7updates\KB972260-IE7\wininet.dll
[-] 2009-04-29 . 754097815B575A721AB58B1C55476805 . 828928 . . [7.00.6000.21045] . . i:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-03 . 68A2567FDD62AE7E31D8A885C5173EF9 . 826368 . . [7.00.6000.16827] . . i:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2008-12-20 . 0551C946E305CEE0A79BA744DC141BFC . 826368 . . [7.00.6000.16791] . . i:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . CFBFA47415E85018E2CDC509E5E3D011 . 826368 . . [7.00.6000.16762] . . i:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-08-26 . E30CACD98479B36A3DBFA3267BF62DD0 . 826368 . . [7.00.6000.16735] . . i:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-06-23 . AC0BD61DC2C64906FBFE50E005FEFA2C . 826368 . . [7.00.6000.16705] . . i:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-04-23 . 02D6AABD5F5A32C61478B5CDFE50E4A8 . 826368 . . [7.00.6000.16674] . . i:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-14 . 4A6E04EA20F48D750D9BFED8600D516B . 670208 . . [6.00.2900.5512] . . i:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-03-01 . 8E027981DDFFA690D456FE18B37415A0 . 826368 . . [7.00.6000.16640] . . i:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2007-12-07 . 4FC90BECE54FAC81B0090B94E27BFB6B . 824832 . . [7.00.6000.16608] . . i:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2007-10-10 . BC5119C53BDD48DABC628D448A3BDCCB . 824832 . . [7.00.6000.16574] . . i:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-08-20 . F6DFCEED3A7AA4C9EEB966D3F1ADC70A . 824832 . . [7.00.6000.16544] . . i:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-06-27 . 2274862267D7445E7010D9AF826E89C3 . 823808 . . [7.00.6000.16512] . . i:\windows\ie7updates\KB939653-IE7\wininet.dll
[-] 2007-04-25 . 47DDAD237F60729DEA2B9E0E2382B58F . 823808 . . [7.00.6000.20583] . . i:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[-] 2007-04-25 . 2C138AB59E2FFA06E8952AE656E443C5 . 822784 . . [7.00.6000.16473] . . i:\windows\ie7updates\KB937143-IE7\wininet.dll
[-] 2007-03-23 . 375B58A68A016546535A84060092325C . 823296 . . [7.00.6000.20544] . . i:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[-] 2007-02-27 . 75DE73E328E300CAED5965FAEA2F5D3F . 822784 . . [7.00.6000.16441] . . i:\windows\ie7updates\KB933566-IE7\wininet.dll
[-] 2007-01-12 . BE43D00D802C92F01C8CC952C6F483F8 . 822784 . . [7.00.6000.16414] . . i:\windows\ie7updates\KB931768-IE7\wininet.dll
[-] 2006-11-07 . 92995334F993E6E49C25C6D02EC04401 . 818688 . . [7.00.5730.11] . . i:\windows\ie7updates\KB928090-IE7\wininet.dll
[-] 2006-10-23 . EFA0C2870CBA1747809A13E09F35BF82 . 668672 . . [6.00.2900.3020] . . i:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2006-10-23 . EFA0C2870CBA1747809A13E09F35BF82 . 668672 . . [6.00.2900.3020] . . i:\windows\ie7\wininet.dll
[-] 2004-08-19 . 4E958B97EFC3D801F49283D1820F48B7 . 660480 . . [6.00.2900.2180] . . i:\windows\$NtServicePackUninstall$\wininet.dll

[-] 2008-04-14 . FB836F9E62D82904C983AD21296A5D9C . 82432 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . FB836F9E62D82904C983AD21296A5D9C . 82432 . . [5.1.2600.5512] . . i:\windows\system32\ws2_32.dll
[-] 2004-08-19 . EED74B969B2CA1ACC558FF60FB420E28 . 82944 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . i:\windows\explorer.exe
[-] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . i:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . i:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . i:\windows\system32\srsvc.dll
[-] 2004-08-19 . CE978404558CE2D82896AC2032F06DBF . 171008 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . i:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . i:\windows\system32\dllcache\wscntfy.exe
[-] 2004-08-19 . 8558905BA81F6EFAAF9667139BB117DD . 13824 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512] . . i:\windows\system32\xmlprov.dll
[-] 2004-08-19 . 912591E2055E26566D1CB54092A7E8B0 . 129536 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 4EC800BDF80521B0207BD2301DFC7D14 . 56320 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 4EC800BDF80521B0207BD2301DFC7D14 . 56320 . . [5.1.2600.5512] . . i:\windows\system32\eventlog.dll
[-] 2004-08-19 . 49B1376885340BF9EA0D99F71557B59A . 55808 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . E17C85D5B5CF477638433B851A98499E . 1571840 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . E17C85D5B5CF477638433B851A98499E . 1571840 . . [5.1.2600.5512] . . i:\windows\system32\sfcfiles.dll
[-] 2004-08-19 . 6D8F3AC555E3F8A569AA9B2A817698C1 . 1548288 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . i:\windows\system32\ctfmon.exe
[-] 2004-08-19 . 64E41E8FEE655B03E3F19DED21BA5118 . 15360 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . B9F20D71E5B6CE89A7A94B38351FDBDC . 135680 . . [6.00.2900.5512] . . i:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . B9F20D71E5B6CE89A7A94B38351FDBDC . 135680 . . [6.00.2900.5512] . . i:\windows\system32\shsvcs.dll
[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . i:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 1839CDF416A5AA8BF2EFE377F57452CC . 135680 . . [6.00.2900.3051] . . i:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

[-] 2008-04-14 . E598D81197E2E0EC42A0C55772BB00E8 . 59904 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . E598D81197E2E0EC42A0C55772BB00E8 . 59904 . . [5.1.2600.5512] . . i:\windows\system32\regsvc.dll
[-] 2004-08-19 . B6F76CE10953A141545A0D01F1776885 . 59904 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 55F5C5C1BE1A78E285033E432BA01597 . 194560 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 55F5C5C1BE1A78E285033E432BA01597 . 194560 . . [5.1.2600.5512] . . i:\windows\system32\schedsvc.dll
[-] 2004-08-19 . A65E74CC5831CED5762AA16033ED20EE . 193024 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . EA9E0DB8684CEF2FD3BADD671DF5A112 . 71680 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . EA9E0DB8684CEF2FD3BADD671DF5A112 . 71680 . . [5.1.2600.5512] . . i:\windows\system32\ssdpsrv.dll
[-] 2004-08-19 . DCB185C829538971E47AFFE77BA138C3 . 71680 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . 710BC85A8C22626EE094439E3EA0D38C . 297984 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . 710BC85A8C22626EE094439E3EA0D38C . 297984 . . [5.1.2600.5512] . . i:\windows\system32\termsrv.dll
[-] 2004-08-19 . 78F90C3E230AD122BCB116ABAD5FEFE9 . 297984 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2008-04-14 . F36C9F78FC902C8DCE4D3B576BB0435A . 176640 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . F36C9F78FC902C8DCE4D3B576BB0435A . 176640 . . [5.1.2600.5512] . . i:\windows\system32\appmgmts.dll
[-] 2004-08-19 . 7E9D138DC991BCCE6E6026CD74E69CC4 . 176640 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\appmgmts.dll

[-] 2001-08-28 . E4ABC1212B70BB03D35E60681C447210 . 12032 . . [5.1.2600.0] . . i:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . i:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . i:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . i:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . i:\windows\$NtServicePackUninstall$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . i:\windows\system32\dllcache\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . i:\windows\system32\drivers\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . i:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2008-04-14 02:33 . CE21FE79AD3B913A79E0C742BED6BF85 . 927504 . . [4.1.0.61] . . i:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 02:33 . CE21FE79AD3B913A79E0C742BED6BF85 . 927504 . . [4.1.0.61] . . i:\windows\system32\mfc40u.dll
[-] 2008-04-14 02:33 . CE21FE79AD3B913A79E0C742BED6BF85 . 927504 . . [4.1.0.61] . . i:\windows\system32\dllcache\mfc40u.dll
[-] 2006-11-01 19:18 . FCD58951B3B2392007E0EE34D2CF944F . 927504 . . [4.1.0.61] . . i:\windows\$NtServicePackUninstall$\mfc40u.dll

[-] 2008-04-14 . E67A66A3781C1A483F0F8992664CBE0D . 33792 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . E67A66A3781C1A483F0F8992664CBE0D . 33792 . . [5.1.2600.5512] . . i:\windows\system32\msgsvc.dll
[-] 2004-08-19 . DE71362123E81D268088E78543752576 . 33792 . . [5.1.2600.2180] . . i:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2006-10-18 21:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . i:\windows\system32\mspmsnsv.dll
[-] 2004-08-19 15:09 . 535D54D2AF721A3497F058CAA2C63447 . 52736 . . [9.0.1.56] . . i:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-19 15:09 . 535D54D2AF721A3497F058CAA2C63447 . 52736 . . [9.0.1.56] . . i:\windows\ServicePackFiles\i386\mspmsnsv.dll

[-] 2010-02-16 . 4394E451E25D9A01344D91BB16CF35CB . 2068864 . . [5.1.2600.5938] . . i:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2010-02-16 . 4394E451E25D9A01344D91BB16CF35CB . 2068864 . . [5.1.2600.5938] . . i:\windows\system32\ntkrnlpa.exe
[-] 2010-02-16 . 4394E451E25D9A01344D91BB16CF35CB . 2068864 . . [5.1.2600.5938] . . i:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-02-16 . 6CB7C9A8C7103FEA51B0D478128CEFC0 . 2068992 . . [5.1.2600.5938] . . i:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 875EB5E5C8A6B3A2297D87029A880D23 . 2068224 . . [5.1.2600.5913] . . i:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . FE0C9C9035E3FDC193255C646BAC2C3D . 2068224 . . [5.1.2600.5857] . . i:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . B71A8F101CEFAF82FC5EC16130A54A3F . 2067968 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2007-02-28 . 7A56A64EB50399613587E90292DD2AAB . 2061440 . . [5.1.2600.3093] . . i:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 . A1D5231403329478AE4FE2778C55C77F . 2059648 . . [5.1.2600.3093] . . i:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2006-12-19 . 8B039EFBE4C9AA23F152FFA0E238B8FA . 2061440 . . [5.1.2600.3051] . . i:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 5311776074B6C13F983DC75BAEAC9C0C . 2059008 . . [5.1.2600.2622] . . i:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe

[-] 2008-04-14 02:33 . 037D92B3A7853A183FCAB77FB1D13D6C . 438272 . . [5.1.2400.5512] . . i:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 02:33 . 037D92B3A7853A183FCAB77FB1D13D6C . 438272 . . [5.1.2400.5512] . . i:\windows\system32\ntmssvc.dll
[-] 2004-08-19 15:09 . 951543FFB84012D13F4CB09DA2EACE96 . 438272 . . [5.1.2400.2180] . . i:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . BD8166A495B02308F364B36249475F22 . 186368 . . [5.1.2600.5512] . . i:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . BD8166A495B02308F364B36249475F22 . 186368 . . [5.1.2600.5512] . . i:\windows\system32\upnphost.dll
[-] 2007-02-05 . 385DB2591BF11955F26E0A97728B1B31 . 185344 . . [5.1.2600.3077] . . i:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . 96B3C690ED82E36E04C130F916E3AE91 . 185344 . . [5.1.2600.3077] . . i:\windows\$NtServicePackUninstall$\upnphost.dll

[-] 2008-04-14 . 4BB396EA6CAA50F2208078602549F2F2 . 367616 . . [5.3.2600.5512] . . i:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4BB396EA6CAA50F2208078602549F2F2 . 367616 . . [5.3.2600.5512] . . i:\windows\system32\dsound.dll
[-] 2004-08-19 . 7FD6E3D4918514565DF553BE693E3034 . 367616 . . [5.3.2600.2180] . . i:\windows\$NtServicePackUninstall$\dsound.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="i:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-08-31 36864]
"SpybotSD TeaTimer"="i:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2004-12-17 49152]
"LogitechCommunicationsManager"="i:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"SSBkgdUpdate"="i:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="i:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="i:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="i:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="i:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536]
"ControlCenter3"="i:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
"Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"SunJavaUpdateSched"="i:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="i:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Adobe ARM"="i:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"AdobeCS4ServiceManager"="i:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="i:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-04-03 38840]
"Acrobat Assistant 8.0"="i:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-04-03 640440]
"Windows Defender"="i:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"avast5"="i:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="i:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

i:\documents and settings\\Menu D‚marrer\Programmes\D‚marrage\
ERUNT AutoBackup.lnk - i:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

i:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
WDDMStatus.lnk - i:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-8-17 2043904]
WDSmartWare.lnk - i:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-8-17 8919040]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=i:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=i:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=i:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=i:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=i:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=i:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Utility Tray.lnk]
backup=i:\windows\pss\Utility Tray.lnkCommon Startup

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]
backup=i:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- i:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTZDetec.exe]
2007-12-18 12:20 401408 -c----w- i:\program files\Creative\Creative Media Lite\CTZDetec.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2008-08-31 12:26 36864 ----a-w- i:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2008-08-14 15:15 2407184 -c--a-w- i:\program files\Logitech\QuickCam\Quickcam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2005-01-04 13:17 1937408 -c----w- i:\program files\Ahead\Nero BackItUp\NBJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 -c--a-w- i:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2003-08-15 14:34 57344 -c--a-w- i:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"i:\\WINDOWS\\system32\\dpvsetup.exe"=
"i:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"i:\\WINDOWS\\system32\\mmc.exe"=
"i:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"i:\\Program Files\\Le Robert\\Le Petit Robert 2009\\RobertHA.exe"=
"i:\\Program Files\\Le Robert\\Le Petit Robert 2009\\prnet.exe"=
"i:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"i:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"i:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 pavboot;pavboot;i:\windows\system32\drivers\pavboot.sys [31/05/2010 18:24 28552]
R1 aswSP;aswSP;i:\windows\system32\drivers\aswSP.sys [06/06/2010 07:20 164048]
R2 aswFsBlk;aswFsBlk;i:\windows\system32\drivers\aswFsBlk.sys [06/06/2010 07:20 19024]
R2 WDDMService;WD SmartWare Drive Manager;i:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [17/08/2009 11:52 98304]
R2 WinDefend;Windows Defender;i:\program files\Windows Defender\MsMpEng.exe [03/11/2006 19:19 13592]
S0 sptd;sptd;i:\windows\system32\drivers\sptd.sys [18/01/2009 09:48 682232]
S2 SPAMfighter Update Service;SPAMfighter Update Service;"i:\program files\SPAMfighter\sfus.exe" --> i:\program files\SPAMfighter\sfus.exe [?]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;i:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16/06/2009 10:58 20480]
S3 WDC_SAM;WD SCSI Pass Thru driver;i:\windows\system32\drivers\wdcsam.sys [24/12/2009 21:04 11520]
.
Contenu du dossier 'Tâches planifiées'

2010-06-05 i:\windows\Tasks\AppleSoftwareUpdate.job
- i:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-06-09 i:\windows\Tasks\MP Scheduled Scan.job
- i:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2010-06-09 i:\windows\Tasks\User_Feed_Synchronization-{6EF595C6-6867-476C-AAF8-032C2C15B267}.job
- i:\windows\system32\msfeedssync.exe [2006-10-17 10:58]

2010-06-09 i:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- i:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
IE: Ajouter la cible du lien à un fichier PDF existant - i:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - i:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - i:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - i:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: E&xporter vers Microsoft Excel - i:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - i:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {D6ED542B-6339-11D2-91A8-00A0C9B760DB} - hxxp://cabs.rte.fr/RteAllCabsMFC.cab
FF - ProfilePath - i:\documents and settings\M Mme LAVERGNE\Application Data\Mozilla\Firefox\Profiles\3gc9jz55.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: i:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: i:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: i:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: i:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: i:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - truei:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
i:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
i:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
i:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
i:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
i:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
i:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
i:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
i:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
i:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
.
------- Associations de fichier -------
.
.reg=Regedit.Document
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-MsnMsgr - i:\program files\MSN Messenger\MsnMsgr.Exe
AddRemove-DivXboX - i:\program files\Nouveau dossier\WDUNINST.EXE

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-09 22:00
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2010-06-09 22:04:13
ComboFix-quarantined-files.txt 2010-06-09 20:04

Avant-CF: 4 067 606 528 octets libres
Après-CF: 4 047 708 160 octets libres

- - End Of File - - 09B31237DC25C8409E74E67CA8FB06A2
:salut:

Auteur

le 09/06/2010 22h28

Rapport combofix OK.

dis moi pour ta restauration tu fais bien comme ceci.

Cliquez avec le bouton droit sur l'icône Poste de travail, puis cliquez sur Propriétés
ou touche "Windows+Pause"
Cliquez sur l'onglet Restauration du système

Sélectionnez Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs.

Cliquez sur Appliquer puis OUI dans la fenêtre suivante.

Attendre quelques instants puis :

activer la restauration du système de nouveau.

Cliquez avec le bouton droit sur Poste de travail, puis cliquez sur Propriétés
ou touche "Windows+Pause"
Cliquez sur l'onglet Restauration du système

Désélectionnez Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs»

Maintenant on crée un nouveau point de restauration.

Démarrer—Exécuter—ou touche "Windows+R" et tapes:

%SystemRoot%\System32\restore\rstrui.exe

Puis coche " Créer un point de restauration" que tu nommes PC- Clean. Valide.

Vous pouvez maintenant fermer toutes les fenêtres.

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 10/06/2010 06h42

oui tout à fait.Mais il n'y a rien à faire!!!!!

Auteur

le 10/06/2010 12h47

Tu as du réussir a purger la restauration :chepa:

Désactive "Spybot " et fait un scan en ligne .

Fait un scan ici : http://www.eset-nod32.fr/scanner.html

Merci de poster le rapport Nod32 (coche toutes les cases à chaque fois)
A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt

ou la.

scan en ligne bitdefender:
http://www.bitdefender.fr/

-------
Bonne visite sur: http://tuto-b.comli.com/

Auteur

le 10/06/2010 18h35

bon je relance
merci!

Auteur

le 10/06/2010 20h47

QuickScan Beta 32-bit v0.9.9.23
-------------------------------
Date de l'analyse : Thu Jun 10 20:32:09 2010
I:\WINDOWS\FFSSET.BIN - accès impossible

Aucune infection détectée.
--------------------------

Processus
---------
<non signé> CTDevSrv Application 2060 I:\Program Files\Creative\Shared Files\CTDevSrv.exe
<non signé> Control Center 3 560 I:\Program Files\Brother\ControlCenter3\brccMCtl.exe
<non signé> Creative Service for CDROM Access 1784 I:\WINDOWS\system32\CTsvcCDA.exe
<non signé> Logitech Desktop Messenger 580 I:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
<non signé> Microsoft® Visual Studio .NET 2208 I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
<non signé> Microsoft® Windows® Operating System 2784 I:\WINDOWS\System32\alg.exe
<non signé> Microsoft® Windows® Operating System 784 I:\WINDOWS\system32\csrss.exe
<non signé> Microsoft® Windows® Operating System 636 I:\WINDOWS\system32\ctfmon.exe
<non signé> Microsoft® Windows® Operating System 864 I:\WINDOWS\system32\lsass.exe
<non signé> Microsoft® Windows® Operating System 2684 I:\WINDOWS\system32\SearchIndexer.exe
<non signé> Microsoft® Windows® Operating System 368 I:\WINDOWS\system32\spoolsv.exe
<non signé> Microsoft® Windows® Operating System 1084 I:\WINDOWS\system32\svchost.exe
<non signé> Microsoft® Windows® Operating System 1268 I:\WINDOWS\System32\svchost.exe
<non signé> Microsoft® Windows® Operating System 1300 I:\WINDOWS\system32\svchost.exe
<non signé> Microsoft® Windows® Operating System 1552 I:\WINDOWS\System32\svchost.exe
<non signé> Microsoft® Windows® Operating System 1620 I:\WINDOWS\system32\svchost.exe
<non signé> Microsoft® Windows® Operating System 1676 I:\WINDOWS\System32\svchost.exe
<non signé> Microsoft® Windows® Operating System 2436 I:\WINDOWS\System32\svchost.exe
<non signé> Microsoft® Windows® Operating System 1024 I:\WINDOWS\system32\svchost.exe
<non signé> Système d'exploitation Microsoft® Windo 1956 I:\WINDOWS\Explorer.EXE
<non signé> Système d'exploitation Microsoft® Windo 852 I:\WINDOWS\system32\services.exe
<non signé> Système d'exploitation Microsoft® Windo 716 I:\WINDOWS\System32\smss.exe
<non signé> Système d'exploitation Microsoft® Windo 808 I:\WINDOWS\system32\winlogon.exe
<non signé> TeaTimer.exe 620 I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
<non signé> WD Drive Manager 2460 I:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
<non signé> WD Drive Manager 656 I:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
<non signé> WD SmartWare 3384 I:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

<verifié> AcroTray - Adobe Acrobat Distiller help 544 I:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
<verifié> avast! Antivirus 1896 I:\Program Files\Alwil Software\Avast5\AvastSvc.exe
<verifié> avast! Antivirus 568 I:\Program Files\Alwil Software\Avast5\AvastUI.exe
<verifié> Communications_Helper.exe 388 I:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
<verifié> Firefox 3016 I:\Program Files\Mozilla Firefox\firefox.exe
<verifié> Java(TM) Platform SE 6 U20 2096 I:\Program Files\Java\jre6\bin\jqs.exe
<verifié> Logitech QuickCam 2132 I:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
<verifié> Logitech QuickCam 2592 I:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
<verifié> Logitech QuickCam 704 I:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
<verifié> Microsoft Search Enhancement Pack 2288 I:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
<verifié> PaperPort 404 I:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
<verifié> Windows Defender 552 I:\Program Files\Windows Defender\MSASCui.exe
<verifié> Windows Defender 1228 I:\Program Files\Windows Defender\MsMpEng.exe

Activité du réseau
------------------
Processus firefox.exe (3016) connecté sur le port 80 (HTTP) --> 92.123.228.20
Processus firefox.exe (3016) connecté sur le port 80 (HTTP) --> 66.235.143.118
Processus firefox.exe (3016) connecté sur le port 80 (HTTP) --> 74.125.77.101
Processus firefox.exe (3016) connecté sur le port 80 (HTTP) --> 88.221.197.115
Processus firefox.exe (3016) connecté sur le port 80 (HTTP) --> 91.103.136.102
Processus firefox.exe (3016) connecté sur le port 80 (HTTP) --> 81.52.160.152
Processus firefox.exe (3016) connecté sur le port 80 (HTTP) --> 91.103.136.102
Processus firefox.exe (3016) connecté sur le port 80 (HTTP) --> 79.125.122.149

Processus svchost.exe (1084) écoute sur les ports: 135 (RPC)

Fichiers critiques et Autorun
-----------------------------
<non signé> AUTOBACK.EXE I:\Program Files\ERUNT\AUTOBACK.EXE
<non signé> Brother Status Monitor Application I:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
<non signé> ControlCenter I:\Program Files\Brother\ControlCenter3\brctrcen.exe
<non signé> Logitech Desktop Messenger I:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
<non signé> Microsoft® Windows® Operating System I:\WINDOWS\system32\cryptnet.dll
<non signé> Microsoft® Windows® Operating System I:\WINDOWS\system32\ctfmon.exe
<non signé> Microsoft® Windows® Operating System I:\WINDOWS\system32\dimsntfy.dll
<non signé> Microsoft® Windows® Operating System I:\WINDOWS\system32\WPDShServiceObj.dll
<non signé> QuickTime I:\Program Files\QuickTime\QTTask.exe
<non signé> SiS Power Scheme Library I:\WINDOWS\system32\SiSPower.dll
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\browseui.dll
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\crypt32.dll
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\cscdll.dll
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\logonui.exe
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\sclgntfy.dll
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\shell32.dll
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\stobject.dll
<non signé> Système d'exploitation Microsoft® Windo i:\windows\system32\userinit.exe
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\wlnotify.dll
<non signé> TeaTimer.exe I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
<non signé> WD Drive Manager I:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
<non signé> WD SmartWare I:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
<non signé> Windows Live Toolbar I:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
<non signé> Windows® Internet Explorer I:\WINDOWS\system32\msfeedssync.exe
<non signé> Windows® Internet Explorer I:\WINDOWS\system32\webcheck.dll

<verifié> AcroTray - Adobe Acrobat Distiller help I:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
<verifié> Adobe Acrobat I:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
<verifié> Adobe Acrobat I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
<verifié> Adobe CS4 Service Manager I:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe
<verifié> Adobe Reader and Acrobat Manager I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
<verifié> Apple Software Update I:\Program Files\Apple Software Update\SoftwareUpdate.exe
<verifié> avast! Antivirus I:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
<verifié> Communications_Helper.exe I:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
<verifié> Java(TM) Platform SE Auto Updater 2 0 I:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
<verifié> PaperPort I:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
<verifié> PaperPort I:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
<verifié> SSBkgdUpdate I:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
<verifié> SSEreg I:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
<verifié> Watson Subscriber for SENS Network Noti I:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE
<verifié> Windows Defender I:\Program Files\Windows Defender\MpCmdRun.exe
<verifié> Windows Defender i:\program files\windows defender\mpshhook.dll
<verifié> Windows Defender I:\Program Files\Windows Defender\MSASCui.exe
<verifié> Windows Genuine Advantage I:\WINDOWS\system32\WgaLogon.dll

Plugins du navigateur
---------------------
<non signé> InstallShield Update Service I:\WINDOWS\Downloaded Program Files\dwusplay.dll
<non signé> InstallShield Update Service I:\WINDOWS\Downloaded Program Files\dwusplay.exe
<non signé> InstallShield Update Service I:\WINDOWS\Downloaded Program Files\isusweb.dll
<non signé> Microsoft® Windows® Operating System I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<non signé> Microsoft® Windows® Operating System I:\WINDOWS\system32\rsvpsp.dll
<non signé> Microsoft® Windows® Operating System I:\WINDOWS\system32\winrnr.dll
<non signé> nppdf32.DEU I:\Program Files\Mozilla Firefox\plugins\nppdf32.DEU
<non signé> nppdf32.FRA I:\Program Files\Internet Explorer\plugins\nppdf32.FRA
<non signé> nppdf32.FRA I:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Internet Explorer\plugins\npqtplugin.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
<non signé> QuickTime Plug-in 7.6.5 I:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
<non signé> RealPlayer Version Plugin I:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
<non signé> RealPlayer Version Plugin I:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
<non signé> Rte Documat DataTable ActiveX Control M I:\WINDOWS\Downloaded Program Files\RteDataTable.ocx
<non signé> RteDocumatDoc ActiveX Control Module I:\WINDOWS\Downloaded Program Files\RteDoc.ocx
<non signé> RTETiffX ActiveX Control Module I:\WINDOWS\Downloaded Program Files\RteTiffX.ocx
<non signé> Shockwave for Director I:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<non signé> Système d'exploitation Microsoft® Windo I:\WINDOWS\system32\mswsock.dll
<non signé> Windows® Internet Explorer I:\WINDOWS\system32\ieframe.dll

<verifié> 2007 Microsoft Office system I:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
<verifié> AcroIEHelperShim Library i:\program files\fichiers communs\adobe\acrobat\activex\acroiehelpershim.dll
<verifié> Adobe Acrobat I:\Program Files\Internet Explorer\plugins\nppdf32.dll
<verifié> Adobe Acrobat I:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
<verifié> Adobe PDF Toolbar for IE i:\program files\fichiers communs\adobe\acrobat\activex\acroiefavclient.dll
<verifié> Adobe® Flash® Player ActiveX I:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe
<verifié> Adobe® Flash® Player ActiveX I:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
<verifié> Barre d'outils Google pour IE i:\program files\google\googletoolbar1.dll
<verifié> BitDefender QuickScan I:\Documents and Settings\M Mme LAVERGNE\Application Data\Mozilla\Firefox\Profiles\3gc9jz55.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
<verifié> BitDefender QuickScan I:\Documents and Settings\M Mme LAVERGNE\Application Data\Mozilla\Firefox\Profiles\3gc9jz55.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
<verifié> Contact Extractor I:\WINDOWS\Downloaded Program Files\contactx.dll
<verifié> Creative Software AutoUpdate Engine I:\WINDOWS\Downloaded Program Files\CTSUEng.ocx
<verifié> CTPID ActiveX Control Module I:\WINDOWS\Downloaded Program Files\CTPID.ocx
<verifié> Java Deployment Toolkit 6.0.200.2 I:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
<verifié> Java(TM) Platform SE 6 U20 i:\program files\java\jre6\bin\jp2ssv.dll
<verifié> Java(TM) Platform SE 6 U20 i:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
<verifié> Microsoft Office Live Plug-in for Firef I:\Program Files\Microsoft\Office Live\npOLW.dll
<verifié> Microsoft Search Enhancement Pack i:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
<verifié> Microsoft® Windows Live Login Helper i:\program files\fichiers communs\microsoft shared\windows live\windowslivelogin.dll
<verifié> Mozilla Default Plug-in I:\Program Files\Mozilla Firefox\plugins\npnul32.dll
<verifié> NPSWF32.dll I:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verifié> Oberon Game Host I:\WINDOWS\Downloaded Program Files\OberonGameHost.dll
<verifié> Panda ActiveScan 2.0 I:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
<verifié> RealPlayer(tm) G2 LiveConnect-Enabled P I:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
<verifié> RealPlayer(tm) G2 LiveConnect-Enabled P I:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
<verifié> SDHelper.dll I:\Program Files\Spybot - Search & Destroy\SDHelper.dll
<verifié> Silverlight Plug-In I:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
<verifié> Windows Live Toolbar i:\program files\windows live toolbar\msntb.dll

Fichiers manquants
------------------
Fichier non trouvé : C:\WINDOWS\system32\wuauserv.dll
référencé dans : HKLM\System\ControlSet001\services\wuauserv\Parameters\"ServiceDll"

Fichier non trouvé : I:\DOCUME~1\MMMELA~1\LOCALS~1\Temp\catchme.sys
référencé dans : HKLM\System\ControlSet001\services\catchme\"ImagePath"

Fichier non trouvé : I:\Program Files\Messenger\msmsgs.exe
référencé dans : HKLM\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\"Exec"

Fichier non trouvé : I:\Program Files\SPAMfighter\sfus.exe
référencé dans : HKLM\System\ControlSet001\services\SPAMfighter Update Service\"ImagePath"

Fichier non trouvé : System32\Drivers\btwusb.sys
référencé dans : HKLM\System\ControlSet001\services\BTWUSB\"ImagePath"

Fichier non trouvé : system32\DRIVERS\LVMVDrv.sys
référencé dans : HKLM\System\ControlSet001\services\LVMVDrv\"ImagePath"

Fichier non trouvé : system32\DRIVERS\LVcKap.sys
référencé dans : HKLM\System\ControlSet001\services\LVcKap\"ImagePath"

Fichier non trouvé : system32\DRIVERS\btport.sys
référencé dans : HKLM\System\ControlSet001\services\BTDriver\"ImagePath"

Fichier non trouvé : system32\DRIVERS\btwdndis.sys
référencé dans : HKLM\System\ControlSet001\services\BTWDNDIS\"ImagePath"

Fichier non trouvé : system32\DRIVERS\btwhid.sys
référencé dans : HKLM\System\ControlSet001\services\btwhid\"ImagePath"

Fichier non trouvé : system32\drivers\btaudio.sys
référencé dans : HKLM\System\ControlSet001\services\btaudio\"ImagePath"

Analyse
-------
<non signé> MD5: 072d68762b0380bc8651332ebc504f02 I:\DOCUME~1\MMMELA~1\LOCALS~1\temp\IadHide5.dll
<non signé> MD5: a607626982921c2a651f01dbc80abc09 I:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.FRA
<non signé> MD5: 91930168b16e0ebf11a648f75e82e549 I:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
<non signé> MD5: 387132f6bd26f3c947749ca8fc180aeb I:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
<non signé> MD5: f23603be6ac2a65a5eeb38bcb96e8665 I:\Program Files\Alwil Software\Avast5\defs\10061000\algo.dll
<non signé> MD5: 022822b3b7b7e30880449eb4e3594c2d I:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
<non signé> MD5: d1a253340fe7ba1d496167421af2e906 I:\Program Files\Brother\ControlCenter3\brccDCtl.dll
<non signé> MD5: 1d9a15f7179476f81c209b4dfd0fe4fe I:\Program Files\Brother\ControlCenter3\brccFCtl.dll
<non signé> MD5: 20fca8e44f5306be7297cdac3690da05 I:\Program Files\Brother\ControlCenter3\brccfre.dll
<non signé> MD5: 9c3f9cf03e0f27a1ee29c4e1276970b7 I:\Program Files\Brother\ControlCenter3\brccimg.dll
<non signé> MD5: 9d377a5f2baea06a368d671dd6fba527 I:\Program Files\Brother\ControlCenter3\brccMCtl.exe
<non signé> MD5: 5983e84038ff6cb55b4ba740c341a54b I:\Program Files\Brother\ControlCenter3\brctrcen.exe
<non signé> MD5: f14425b29193f18efcb9f856f28bcd59 I:\Program Files\Brother\ControlCenter3\BrDbgOut.dll
<non signé> MD5: abff6282b3960644748bb89fbe5d5c3c I:\Program Files\Brother\ControlCenter3\lfbmp12n.dll
<non signé> MD5: 71747472120f3410ba1d509ec6cf2c47 I:\Program Files\Brother\ControlCenter3\LFCMP12n.DLL
<non signé> MD5: c55322ea1f55fc6f842e166ce13f427c I:\Program Files\Brother\ControlCenter3\lffax12n.dll
<non signé> MD5: 503b1d27508c1b623b9245e487269034 I:\Program Files\Brother\ControlCenter3\lflmb12n.dll
<non signé> MD5: 25e24ef9ff9f50338677e5b35dab144d I:\Program Files\Brother\ControlCenter3\lfpcx12n.dll
<non signé> MD5: 58671c4515ff07cf883c5b2c57ade1af I:\Program Files\Brother\ControlCenter3\lftif12n.dll
<non signé> MD5: 77fb208063da1322c2e3355466bb3fd4 I:\Program Files\Brother\ControlCenter3\LTDIS12n.dll
<non signé> MD5: 3e673974ab50a2b8276de3fded15d56a I:\Program Files\Brother\ControlCenter3\ltfil12n.DLL
<non signé> MD5: f122133b677e43c0a027f5f742822bec I:\Program Files\Brother\ControlCenter3\ltkrn12n.dll
<non signé> MD5: a5bea0e5c297f5f3835638a87e512fba I:\Program Files\Creative\Shared Files\CTDevSrv.exe
<non signé> MD5: e00de20f0f6bed5cd2160247ddc9443b I:\Program Files\ERUNT\AUTOBACK.EXE
<non signé> MD5: 2caaef5ab410a5d69d57e3be0870e589 I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
<non signé> MD5: 3280ea3a31dd03d6b4f09534425c9f09 I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\1036\MDMUI.DLL
<non signé> MD5: 7cf1b716372b89568ae4c0fe769f5869 I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
<non signé> MD5: 2f1c2b887327ceca18c04041eddd8f20 I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\msdbg2.dll
<non signé> MD5: bec27cf5564827eab7f08c98ee55b1cc I:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\pdm.dll
<non signé> MD5: f81ca5091c26a92e6b464381b8694e5a I:\Program Files\Internet Explorer\plugins\nppdf32.FRA
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Internet Explorer\plugins\npqtplugin.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
<non signé> MD5: 86f1895ae8c5e8b17d99ece768a70732 I:\Program Files\Java\jre6\bin\msvcr71.dll
<non signé> MD5: 01f0264937036bd962563f1adf35ce72 I:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
<non signé> MD5: 357b1c61b1a541edffc9914c34718172 I:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\backweb.dll
<non signé> MD5: 9f1ff87b9749619ed85b22427af48357 I:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWDocMapExt.dll
<non signé> MD5: f6485fc3717c171fdb10037a6b9132a6 I:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwfiles.dll
<non signé> MD5: 4be1ee3d82a8900b92f9a7542122a44b I:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\BWScriptExt.dll
<non signé> MD5: 2cd37d74d0864abf60134a35bba79f54 I:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\bwsec.dll
<non signé> MD5: d33db2da6a0c95059cfebf37cffaff21 I:\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.157-8876480SL\Program\clntutil.dll
<non signé> MD5: 7fb76d6ebc11793a8ee96b80f8def440 I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll
<non signé> MD5: 7fb76d6ebc11793a8ee96b80f8def440 I:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll
<non signé> MD5: 7fb76d6ebc11793a8ee96b80f8def440 I:\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll
<non signé> MD5: c94cbbc10b9ecbfceca486b41a4dbea1 I:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogiLdmW.dll
<non signé> MD5: 75a8679f5d996d286fc8649e74394b79 I:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
<non signé> MD5: cce58fff9fa25c2f934e34733974b059 I:\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll
<non signé> MD5: 26b018758226a5dc06de45496c394d40 I:\Program Files\Mozilla Firefox\freebl3.dll
<non signé> MD5: 9dfb30f203999a3ae0f258a33fa598f9 I:\Program Files\Mozilla Firefox\nssdbm3.dll
<non signé> MD5: 8d9d6896ae583b4025e810342b50257e I:\Program Files\Mozilla Firefox\plugins\nppdf32.DEU
<non signé> MD5: f81ca5091c26a92e6b464381b8694e5a I:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c I:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
<non signé> MD5: 01f0264937036bd962563f1adf35ce72 I:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
<non signé> MD5: 1fd6c03c0001a5e1eaf61596c2502f0c I:\Program Files\Mozilla Firefox\softokn3.dll
<non signé> MD5: 55d7a219ad8d0db8980528944152a6fd I:\Program Files\QuickTime\QTTask.exe
<non signé> MD5: e2bf206e5164569500742637b5459402 I:\Program Files\ScanSoft\PaperPort\BliceCtr.dll
<non signé> MD5: 390679f7a217a5e73d756276c40ae887 I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
<non signé> MD5: 8f4757511ba745a81378cb93eb6c430d I:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
<non signé> MD5: a5d073e47008e57cae3bf51838da0f93 I:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll
<non signé> MD5: f3455e60b905d95d22f7ab8a6b49acce I:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
<non signé> MD5: 4a2a016491f169b5ec954d948565e251 I:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll
<non signé> MD5: a61aca63218eb5c9439ce06e30021b6c I:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll
<non signé> MD5: a03d9d6408a723f264f1fb77298ec63b I:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll
<non signé> MD5: b496b5322fc36979ddca98b2bf43b150 I:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll
<non signé> MD5: f08f525453d3ad31ec20af779ae27040 I:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll
<non signé> MD5: 7145783529ec02a6b78f851ef97a12fe I:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
<non signé> MD5: 138ab06adbbf300aa804d7974a5aec82 I:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
<non signé> MD5: 65062d18283065799715ea6001c07709 I:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll
<non signé> MD5: 300b4847e1157bdd7a306b18ed65a97e I:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
<non signé> MD5: 3cc2a27927fe746d5946599821c5f8b7 I:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
<non signé> MD5: 5fe3af4beb0593cd551998243af69a5a I:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
<non signé> MD5: c9bea742ce225cc993c9465fddae4656 I:\Program Files\Windows Media Player\WMPNetwk.exe
<non signé> MD5: 2d9d626f9ec48ae115b91490f34493d3 I:\Program Files\WinRAR\RarExt.dll
<non signé> MD5: 290c504a25ebe1d05d1c2d58bc34b911 I:\PROGRA~1\Logitech\DESKTO~1\8876480\720~1.157\Program\EN\ClientRc.dll
<non signé> MD5: 44fd9cfd9d732b25c10792ce0aeb3e7d I:\WINDOWS\AppPatch\acadproc.dll
<non signé> MD5: a3ce34d81c45aa0cfd5551c0d7b34d9a I:\WINDOWS\AppPatch\acgenral.dll
<non signé> MD5: 342e631d44e81404c73f204c61545da4 I:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
<non signé> MD5: 073134b1455e7c9669284d68485bc711 I:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll
<non signé> MD5: 0631ffa1ea2f95e69d08507d65f1ba96 I:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
<non signé> MD5: 8061019deb87a0437d16368479bc7607 I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
<non signé> MD5: 9dbe599e63befae22cd865bbbb428be4 I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll
<non signé> MD5: 34b0bb91b09af174154bbaf040f785d1 I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
<non signé> MD5: da082d7cc5a7aa678fb788bc918df4c1 I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
<non signé> MD5: fb26856e8f3ea6dfec9966cd758b328a I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
<non signé> MD5: 161913b5aeafeef7f8c9d41bac21bfbd I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll
<non signé> MD5: 3704e1f3c1b9aeeac42273257e9b31c9 I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
<non signé> MD5: 9f6e95868f7b979a5ccf03d31330e084 I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll
<non signé> MD5: 3bd2d7dc0f9edd459dd459dc1c1bd1ea I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
<non signé> MD5: 74d8a0ce2d39a418cc0c21606525d856 I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
<non signé> MD5: fd38968f97b8b7c38a426f36e970d09e I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
<non signé> MD5: 7902e805358f27489e67d6dfa45e764b I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
<non signé> MD5: 3fea9d2edf23b0283c7a66c8dea380bd I:\WINDOWS\Downloaded Program Files\dwusplay.dll
<non signé> MD5: cdbe35ea59bc9223e4f800bd1db82d27 I:\WINDOWS\Downloaded Program Files\dwusplay.exe
<non signé> MD5: 3f4413dcd8d3bbabf08f68f25e6d60e1 I:\WINDOWS\Downloaded Program Files\isusweb.dll
<non signé> MD5: 8dd665e5f64b382f85c91a98eb17dd5c I:\WINDOWS\Downloaded Program Files\RteDataTable.ocx
<non signé> MD5: a09fba9778db67d34019ce88ffcbd520 I:\WINDOWS\Downloaded Program Files\RteDoc.ocx
<non signé> MD5: ab2237c91e540bc8e83b5962a6a089da I:\WINDOWS\Downloaded Program Files\RteTiffX.ocx
<non signé> MD5: f2317622d29f9ff0f88aeecd5f60f0dd I:\WINDOWS\Explorer.EXE
<non signé> MD5: 4b423ddb78ab25bcd2ef9bb2f264cbd7 I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
<non signé> MD5: 86f1895ae8c5e8b17d99ece768a70732 I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
<non signé> MD5: aac1d4ee39df138c5d30ac5883e3b59f I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<non signé> MD5: 1247f83b705af0e796330442f7967cf8 I:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll
<non signé> MD5: 020a947166b2762e74fdb43b655371ac I:\WINDOWS\system32\activeds.dll
<non signé> MD5: b9ec85600aed78e78761d774df129b8d I:\WINDOWS\system32\actxprxy.dll
<non signé> MD5: e2cca1b3ba59949ae16ec587e89a09ba I:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<non signé> MD5: d0724a5ad95933a44fc8586844fae23a I:\WINDOWS\system32\adsldpc.dll
<non signé> MD5: 31c1fd0bbdc5b81c21edba4331edae55 I:\WINDOWS\system32\advapi32.dll
<non signé> MD5: 5e9a6658a2a69ae7eb195113b7a2e7a9 I:\WINDOWS\System32\alg.exe
<non signé> MD5: 758fdc60d41716ef889d849989b4b1cd I:\WINDOWS\system32\alrsvc.dll
<non signé> MD5: 720e6c8052b0eb97a3bac7f259ba6bdd I:\WINDOWS\system32\apphelp.dll
<non signé> MD5: f36c9f78fc902c8dce4d3b576bb0435a I:\WINDOWS\system32\appmgmts.dll
<non signé> MD5: 6c7c1da920eff48bc9bfea8b6e2f26d3 I:\WINDOWS\system32\atl.dll
<non signé> MD5: b4005aef7873144634765b570dac466e I:\WINDOWS\system32\audiosrv.dll
<non signé> MD5: b680fb8584c4491b8c6fdc8d580b4c57 I:\WINDOWS\system32\authz.dll
<non signé> MD5: 61013ab2e38550619637aa6cc02383d4 I:\WINDOWS\system32\basesrv.dll
<non signé> MD5: adef915c0366632080931610dc1eaeb9 I:\WINDOWS\system32\batmeter.dll
<non signé> MD5: 3decfcfa6f1ab66c198137f2b5640819 I:\WINDOWS\system32\browselc.dll
<non signé> MD5: 06b54a7b1ef7cb16bfd0e208d343fa71 I:\WINDOWS\system32\browser.dll
<non signé> MD5: 22fcb018c168f3b3b0227a0a938fcc13 I:\WINDOWS\system32\browseui.dll
<non signé> MD5: 12ca10163f5c1e5e670a0a2ff5d5392f I:\WINDOWS\system32\BrUsi08a.dll
<non signé> MD5: 6f5db10ebb5f638550110f1c738723e1 I:\WINDOWS\system32\BrWia08a.dll
<non signé> MD5: 25ffd3b5cd6c6fc03438d5873a8087a6 I:\WINDOWS\system32\cabinet.dll
<non signé> MD5: 6b9d6177e2852c103114c07d62072851 I:\WINDOWS\system32\catsrv.dll
<non signé> MD5: beb9ad8cd1e53495d4f584c9f7c1db3e I:\WINDOWS\system32\catsrvut.dll
<non signé> MD5: b029fce838ca4f8a6b5e9f477b710b40 I:\WINDOWS\system32\certcli.dll
<non signé> MD5: e425c5cd1e069d86963e930c69c67ae7 I:\WINDOWS\system32\cfgmgr32.dll
<non signé> MD5: 793ef38a5fd086c3c8e48a8a861562ed I:\WINDOWS\system32\cisvc.exe
<non signé> MD5: bd6c84e39cb7073bda60a0b16b9298c2 I:\WINDOWS\system32\clbcatq.dll
<non signé> MD5: 8b30cbb0c07d49b2658fb190946b0e7e I:\WINDOWS\system32\clipsrv.exe
<non signé> MD5: 6321c6479712074655591e7347446a54 I:\WINDOWS\system32\clusapi.dll
<non signé> MD5: 85d5dcf81ae47b68d5dc91255b9ad16f I:\WINDOWS\system32\cmd.exe
<non signé> MD5: e3c4c079d00497cef7f0d972ac2604ea I:\WINDOWS\system32\cnbjmon.dll
<non signé> MD5: 8245a3d7c3c42dfa3536e7f38acba1fe I:\WINDOWS\system32\colbact.dll
<non signé> MD5: b4aa331468315b6a174c3f0d5b3bc135 I:\WINDOWS\system32\comctl32.dll
<non signé> MD5: fb13293cbd3446cb95dbe745b2407724 I:\WINDOWS\system32\comdlg32.dll
<non signé> MD5: f4b7146c7eed6c4e158dcd9b5266c25a I:\WINDOWS\system32\comres.dll
<non signé> MD5: 4fc412747440950e8c0d24203ecccd88 I:\WINDOWS\system32\comsvcs.dll
<non signé> MD5: e086fa4790d49bfaf83135206dc1ab53 I:\WINDOWS\system32\credui.dll
<non signé> MD5: 39976dad9564b336b153184268db032f I:\WINDOWS\system32\crypt32.dll
<non signé> MD5: c2aa2cbc8fb636b5e1630388021ece41 I:\WINDOWS\system32\cryptdll.dll
<non signé> MD5: 938488d25648d26e6bfe3e47dc2ec5e8 I:\WINDOWS\system32\cryptnet.dll
<non signé> MD5: 7a6d0b71035e123fdda2156a25578ad3 I:\WINDOWS\system32\cryptsvc.dll
<non signé> MD5: b2152f29739c90393813de1f447e0d23 I:\WINDOWS\system32\cryptui.dll
<non signé> MD5: 6b646a601aec823032af4dc19273cfda I:\WINDOWS\system32\cscdll.dll
<non signé> MD5: 1ef62abb6d2240d9da84f8f2fcaa0ad7 I:\WINDOWS\system32\cscui.dll
<non signé> MD5: 10c9ed78f400d5c212f8cee488a29202 I:\WINDOWS\system32\csrsrv.dll
<non signé> MD5: e0e8a531cfce1c2e5d79f683282c10c3 I:\WINDOWS\system32\csrss.exe
<non signé> MD5: 59dc5bb82e4c8e0b3eadcfdbc44ba6e4 I:\WINDOWS\system32\ctfmon.exe
<non signé> MD5: 3c8b6609712f4ff78e521f6dcfc4032b I:\WINDOWS\system32\CTsvcCDA.exe
<non signé> MD5: ea4644b042117f19aa6291e748a33f44 I:\WINDOWS\system32\davclnt.dll
<non signé> MD5: cf6665f973893ed475fcf711286a8b18 I:\WINDOWS\system32\dbghelp.dll
<non signé> MD5: 5bfebbb3e8615d552d3269925ed9621f I:\WINDOWS\system32\dciman32.dll
<non signé> MD5: 318f535dc05551d96deeb90b6d6904de I:\WINDOWS\system32\dhcpcsvc.dll
<non signé> MD5: 48abb5a17b3fdaab6631224d74ddbcaf I:\WINDOWS\system32\dimsntfy.dll
<non signé> MD5: 0dad93bb0fecf5016ae3c06cbb0a873b I:\WINDOWS\System32\dllhost.exe
<non signé> MD5: ead2b8aaeb16e538106d295cd7bd7a48 I:\WINDOWS\System32\dmadmin.exe
<non signé> MD5: 6797c23d6b79935482d7f0e8ca5e5b67 I:\WINDOWS\system32\dmserver.dll
<non signé> MD5: 4107c23c8f44e28eff27b7d92edba479 I:\WINDOWS\system32\dnsapi.dll
<non signé> MD5: 8a3ce3e2525e1a341fb25e4bdb648fa9 I:\WINDOWS\system32\dnsrslvr.dll
<non signé> MD5: 44d9cbbc81605dacc764630644a00956 I:\WINDOWS\system32\dot3api.dll
<non signé> MD5: 9ffce88e42e745699a0eb7374966d180 I:\WINDOWS\system32\dot3dlg.dll
<non signé> MD5: 3fcf86f03d0302443c21ce6e5bbf7a25 I:\WINDOWS\System32\dot3svc.dll
<non signé> MD5: e5e6dbfc41ea8aad005cb9a57a96b43b I:\WINDOWS\System32\DRIVERS\ACPI.sys
<non signé> MD5: e4abc1212b70bb03d35e60681c447210 I:\WINDOWS\system32\drivers\ACPIEC.sys
<non signé> MD5: 8bed39e3c35d6a489438b8141717a557 I:\WINDOWS\system32\drivers\aec.sys
<non signé> MD5: 7e775010ef291da96ad17ca4b17137d7 I:\WINDOWS\system32\drivers\AFD.sys
<non signé> MD5: a9355a51698f6901b362ef738b15631d I:\WINDOWS\system32\drivers\ALCXSENS.SYS
<non signé> MD5: b191753b1aa2e7b11a18d5fde8248aa2 I:\WINDOWS\system32\drivers\ALCXWDM.SYS
<non signé> MD5: b5b8a80875c1dededa8b02765642c32f I:\WINDOWS\system32\drivers\ARP1394.sys
<non signé> MD5: eb62fa6d7da4e774e47d376e4d19ca5f I:\WINDOWS\system32\drivers\ASPI32.sys
<non signé> MD5: b153affac761e7f5fcfa822b9c4e97bc I:\WINDOWS\system32\DRIVERS\asyncmac.sys
<non signé> MD5: 9f3a2f5aa6875c72bf062c712cfa2674 I:\WINDOWS\System32\DRIVERS\atapi.sys
<non signé> MD5: 9916c1225104ba14794209cfa8012159 I:\WINDOWS\System32\DRIVERS\atmarpc.sys
<non signé> MD5: d9f724aa26c010a217c97606b160ed68 I:\WINDOWS\System32\DRIVERS\audstub.sys
<non signé> MD5: da1f27d85e0d1525f6621372e7b685e9 I:\WINDOWS\system32\drivers\BEEP.sys
<non signé> MD5: 92a964547b96d697e5e9ed43b4297f5a I:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
<non signé> MD5: 90a673fc8e12a79afbed2576f6a7aaf9 I:\WINDOWS\system32\drivers\cbidf2k.sys
<non signé> MD5: 0be5aef125be881c4f854c554f2b025c I:\WINDOWS\system32\DRIVERS\CCDECODE.sys
<non signé> MD5: c1b486a7658353d33a10cc15211a873b I:\WINDOWS\system32\drivers\Cdaudio.sys
<non signé> MD5: c885b02847f5d2fd45a24e219ed93b32 I:\WINDOWS\system32\drivers\CDFS.sys
<non signé> MD5: 1f4260cc5b42272d71f79e570a27a4fe I:\WINDOWS\System32\DRIVERS\cdrom.sys
<non signé> MD5: 044452051f3e02e7963599fc8f4f3e25 I:\WINDOWS\System32\DRIVERS\disk.sys
<non signé> MD5: f5deadd42335fb33edca74ecb2f36cba I:\WINDOWS\system32\drivers\DMBOOT.sys
<non signé> MD5: 5a7c47c9b3f9fb92a66410a7509f0c71 I:\WINDOWS\system32\drivers\dmio.sys
<non signé> MD5: e9317282a63ca4d188c0df5e09c6ac5f I:\WINDOWS\system32\drivers\DMLOAD.sys
<non signé> MD5: 8a208dfcf89792a484e76c40e5f50b45 I:\WINDOWS\system32\drivers\DMusic.sys
<non signé> MD5: 8f5fcff8e8848afac920905fbd9d33c8 I:\WINDOWS\system32\drivers\drmkaud.sys
<non signé> MD5: 38d332a6d56af32635675f132548343e I:\WINDOWS\system32\drivers\FASTFAT.sys
<non signé> MD5: 92cdd60b6730b9f50f6a1a0c1f8cdc81 I:\WINDOWS\System32\DRIVERS\fdc.sys
<non signé> MD5: 31f923eb2170fc172c81abda0045d18c I:\WINDOWS\system32\drivers\FIPS.sys
<non signé> MD5: 9d27e7b80bfcdf1cdd9b555862d5e7f0 I:\WINDOWS\System32\DRIVERS\flpydisk.sys
<non signé> MD5: b2cf4b0786f8212cb92ed2b50c6db6b0 I:\WINDOWS\system32\drivers\FLTMGR.sys
<non signé> MD5: 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a I:\WINDOWS\system32\drivers\FS_REC.sys
<non signé> MD5: a86859b77b908c18c2657f284aa29fe3 I:\WINDOWS\system32\drivers\ftdisk.sys
<non signé> MD5: c65a13fa2d2758887c80d3b9a2fb5307 I:\WINDOWS\system32\drivers\GDNDISIC.sys
<non signé> MD5: ccf82c5ec8a7326c3066de870c06daf1 I:\WINDOWS\System32\DRIVERS\hidusb.sys
<non signé> MD5: 863cc3a82c63c9f60acf2e85d5310620 I:\WINDOWS\system32\DRIVERS\HPZid412.sys
<non signé> MD5: 08cb72e95dd75b61f2966b311d0e4366 I:\WINDOWS\system32\DRIVERS\HPZipr12.sys
<non signé> MD5: ca990306ed4ef732af9695bff24fc96f I:\WINDOWS\system32\DRIVERS\HPZius12.sys
<non signé> MD5: 292b0bba146793a7937d9849bddb4298 I:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
<non signé> MD5: 7129d0662665b2442898a0ef8fc85bb5 I:\WINDOWS\system32\DRIVERS\HSF_DP.sys
<non signé> MD5: e53970b0d5614f0b1220e35052828cc3 I:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
<non signé> MD5: f80a415ef82cd06ffaf0d971528ead38 I:\WINDOWS\system32\drivers\HTTP.sys
<non signé> MD5: a09bdc4ed10e3b2e0ec27bb94af32516 I:\WINDOWS\System32\DRIVERS\i8042prt.sys
<non signé> MD5: 083a052659f5310dd8b6a6cb05edcf8e I:\WINDOWS\system32\DRIVERS\imapi.sys
<non signé> MD5: ad340800c35a42d4de1641a37feea34c I:\WINDOWS\System32\DRIVERS\intelppm.sys
<non signé> MD5: 3bb22519a194418d5fec05d800a19ad0 I:\WINDOWS\system32\drivers\ip6fw.sys
<non signé> MD5: 731f22ba402ee4b62748adaf6363c182 I:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
<non signé> MD5: b87ab476dcf76e72010632b5550955f5 I:\WINDOWS\System32\DRIVERS\ipinip.sys
<non signé> MD5: cc748ea12c6effde940ee98098bf96bb I:\WINDOWS\system32\drivers\IPNAT.sys
<non signé> MD5: 23c74d75e36e7158768dd63d92789a91 I:\WINDOWS\system32\drivers\IPSEC.sys
<non signé> MD5: c93c9ff7b04d772627a3646d89f7bf89 I:\WINDOWS\System32\DRIVERS\irenum.sys
<non signé> MD5: 355836975a67b6554bca60328cd6cb74 I:\WINDOWS\System32\DRIVERS\isapnp.sys
<non signé> MD5: 16813155807c6881f4bfbf6657424659 I:\WINDOWS\System32\DRIVERS\kbdclass.sys
<non signé> MD5: 94c59cb884ba010c063687c3a50dce8e I:\WINDOWS\system32\DRIVERS\kbdhid.sys
<non signé> MD5: 692bcf44383d056aed41b045a323d378 I:\WINDOWS\system32\drivers\kmixer.sys
<non signé> MD5: b467646c54cc746128904e1654c750c1 I:\WINDOWS\system32\drivers\KSECDD.sys
<non signé> MD5: eeaea6514ba7c9d273b5e87c4e1aab30 I:\WINDOWS\system32\drivers\MDMXSDK.sys
<non signé> MD5: 4ae068242760a1fb6e1a44bf4e16afa6 I:\WINDOWS\system32\drivers\MNMDD.sys
<non signé> MD5: 510ade9327fe84c10254e1902697e25f I:\WINDOWS\system32\drivers\Modem.sys
<non signé> MD5: 027c01bd7ef3349aaebc883d8a799efb I:\WINDOWS\System32\DRIVERS\mouclass.sys
<non signé> MD5: 124d6846040c79b9c997f78ef4b2a4e5 I:\WINDOWS\System32\DRIVERS\mouhid.sys
<non signé> MD5: a80b9a0bad1b73637dbcbba7df72d3fd I:\WINDOWS\system32\drivers\MOUNTMGR.sys
<non signé> MD5: 11d42bb6206f33fbb3ba0288d3ef81bd I:\WINDOWS\system32\drivers\MRXDAV.sys
<non signé> MD5: f3aefb11abc521122b67095044169e98 I:\WINDOWS\system32\drivers\MRXSMB.sys
<non signé> MD5: c941ea2454ba8350021d774daf0f1027 I:\WINDOWS\system32\drivers\MSFS.sys
<non signé> MD5: 0a02c63c8b144bd8c86b103dee7c86a2 I:\WINDOWS\System32\DRIVERS\msgpc.sys
<non signé> MD5: d1575e71568f4d9e14ca56b7b0453bf1 I:\WINDOWS\system32\drivers\MSKSSRV.sys
<non signé> MD5: 325bb26842fc7ccc1fcce2c457317f3e I:\WINDOWS\system32\drivers\MSPCLOCK.sys
<non signé> MD5: bad59648ba099da4a17680b39730cb3d I:\WINDOWS\system32\drivers\MSPQM.sys
<non signé> MD5: af5f4f3f14a8ea2c26de30f7a1e17136 I:\WINDOWS\System32\DRIVERS\mssmbios.sys
<non signé> MD5: e53736a9e30c45fa9e7b5eac55056d1d I:\WINDOWS\system32\drivers\MSTEE.sys
<non signé> MD5: 2f625d11385b1a94360bfc70aaefdee1 I:\WINDOWS\system32\drivers\MUP.sys
<non signé> MD5: 5b50f1b2a2ed47d560577b221da734db I:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
<non signé> MD5: 1df7f42665c94b825322fae71721130d I:\WINDOWS\system32\drivers\NDIS.sys
<non signé> MD5: 7ff1f1fd8609c149aa432f95a8163d97 I:\WINDOWS\system32\DRIVERS\NdisIP.sys
<non signé> MD5: 1ab3d00c991ab086e69db84b6c0ed78f I:\WINDOWS\system32\drivers\NDISTAPI.sys
<non signé> MD5: f927a4434c5028758a842943ef1a3849 I:\WINDOWS\system32\drivers\NDISUIO.sys
<non signé> MD5: edc1531a49c80614b2cfda43ca8659ab I:\WINDOWS\System32\DRIVERS\ndiswan.sys
<non signé> MD5: 6215023940cfd3702b46abc304e1d45a I:\WINDOWS\system32\drivers\NDPROXY.sys
<non signé> MD5: 5d81cf9a2f1a3a756b66cf684911cdf0 I:\WINDOWS\system32\drivers\NETBIOS.sys
<non signé> MD5: 74b2b2f5bea5e9a3dc021d685551bd3d I:\WINDOWS\system32\drivers\NETBT.sys
<non signé> MD5: e9e47cfb2d461fa0fc75b7a74c6383ea I:\WINDOWS\System32\DRIVERS\nic1394.sys
<non signé> MD5: 3182d64ae053d6fb034f44b6def8034a I:\WINDOWS\system32\drivers\NPFS.sys
<non signé> MD5: 78a08dd6a8d65e697c18e1db01c5cdca I:\WINDOWS\system32\drivers\NTFS.sys
<non signé> MD5: 73c1e1f395918bc2c6dd67af7591a3ad I:\WINDOWS\system32\drivers\NULL.sys
<non signé> MD5: b305f3fad35083837ef46a0bbce2fc57 I:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
<non signé> MD5: c99b3415198d1aab7227f2c88fd664b9 I:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
<non signé> MD5: ca33832df41afb202ee7aeb05145922f I:\WINDOWS\System32\DRIVERS\ohci1394.sys
<non signé> MD5: 8fd0bdbea875d06ccf6c945ca9abaf75 I:\WINDOWS\System32\DRIVERS\parport.sys
<non signé> MD5: beb3ba25197665d82ec7065b724171c6 I:\WINDOWS\system32\drivers\PARTMGR.sys
<non signé> MD5: 9575c5630db8fb804649a6959737154c I:\WINDOWS\system32\drivers\PARVDM.sys
<non signé> MD5: 043410877bda580c528f45165f7125bc I:\WINDOWS\System32\DRIVERS\pci.sys
<non signé> MD5: f4bfde7209c14a07aaa61e4d6ae69eac I:\WINDOWS\system32\drivers\PCIIDE.sys
<non signé> MD5: f0406cbc60bdb0394a0e17ffb04cdd3d I:\WINDOWS\system32\drivers\Pcmcia.sys
<non signé> MD5: 5b6c11de7e839c05248ced8825470fef I:\WINDOWS\System32\Drivers\pcouffin.sys
<non signé> MD5: 586a0f9139d14729217dfff1259ffdbd I:\WINDOWS\system32\DRIVERS\PRISMA02.sys
<non signé> MD5: e19c9632ac828f6f214391e2bdda11cb I:\WINDOWS\System32\DRIVERS\processr.sys
<non signé> MD5: 09298ec810b07e5d582cb3a3f9255424 I:\WINDOWS\System32\DRIVERS\psched.sys
<non signé> MD5: 80d317bd1c3dbc5d4fe7b1678c60cadd I:\WINDOWS\System32\DRIVERS\ptilink.sys
<non signé> MD5: fe0d99d6f31e4fad8159f690d68ded9c I:\WINDOWS\system32\drivers\RASACD.sys
<non signé> MD5: 11b4a627bc9614b885c4969bfa5ff8a6 I:\WINDOWS\System32\DRIVERS\rasl2tp.sys
<non signé> MD5: 5bc962f2654137c9909c3d4603587dee I:\WINDOWS\System32\DRIVERS\raspppoe.sys
<non signé> MD5: efeec01b1d3cf84f16ddd24d9d9d8f99 I:\WINDOWS\System32\DRIVERS\raspptp.sys
<non signé> MD5: fdbb1d60066fcfbb7452fd8f9829b242 I:\WINDOWS\System32\DRIVERS\raspti.sys
<non signé> MD5: 7ad224ad1a1437fe28d89cf22b17780a I:\WINDOWS\system32\drivers\RDBSS.sys
<non signé> MD5: 4912d5b403614ce99c28420f75353332 I:\WINDOWS\system32\drivers\RDPCDD.sys
<non signé> MD5: 15cabd0f7c00c47c70124907916af3f1 I:\WINDOWS\system32\drivers\RDPDR.sys
<non signé> MD5: 6728e45b66f93c08f11de2e316fc70dd I:\WINDOWS\system32\drivers\RDPWD.sys
<non signé> MD5: d8eb2a7904db6c916eb5361878ddcbae I:\WINDOWS\System32\DRIVERS\redbook.sys
<non signé> MD5: d507c1400284176573224903819ffda3 I:\WINDOWS\System32\DRIVERS\RTL8139.SYS
<non signé> MD5: 76c465f570e90c28942d52ccb2580a10 I:\WINDOWS\system32\drivers\scsiport.sys
<non signé> MD5: 90a3935d05b494a5a39d37e71f09a677 I:\WINDOWS\system32\drivers\SECDRV.sys
<non signé> MD5: 0f29512ccd6bead730039fb4bd2c85ce I:\WINDOWS\System32\DRIVERS\serenum.sys
<non signé> MD5: 93d313c31f7ad9ea2b75f26075413c7c I:\WINDOWS\System32\DRIVERS\serial.sys
<non signé> MD5: 8e6b8c671615d126fdc553d1e2de5562 I:\WINDOWS\System32\DRIVERS\sfloppy.sys
<non signé> MD5: 61ca562def09a782d26b3e7edec5369a I:\WINDOWS\system32\DRIVERS\SISAGPX.sys
<non signé> MD5: 4a45b541306097bc06fed9ea36c8e3be I:\WINDOWS\system32\DRIVERS\sisgrp.sys
<non signé> MD5: 065533f24037ccc7eee3ea8647c9ef20 I:\WINDOWS\system32\DRIVERS\siside.sys
<non signé> MD5: 6225224b8e846ac230f8d9b343635910 I:\WINDOWS\system32\drivers\SISIDEX.sys
<non signé> MD5: 596d4a7052002d2bd344d8937da6f66d I:\WINDOWS\system32\drivers\sisperf.sys
<non signé> MD5: 866d538ebe33709a5c9f5c62b73b7d14 I:\WINDOWS\system32\DRIVERS\SLIP.sys
<non signé> MD5: ab8b92451ecb048a4d1de7c3ffcb4a9f I:\WINDOWS\system32\drivers\splitter.sys
<non signé> MD5: 4f576e516cc76ec50a244586bcfa1c78 I:\WINDOWS\system32\drivers\SPTD.sys
<non signé> MD5: 39626e6dc1fb39434ec40c42722b660a I:\WINDOWS\system32\drivers\SR.sys
<non signé> MD5: 89220b427890aa1dffd1a02648ae51c3 I:\WINDOWS\system32\drivers\SRV.sys
<non signé> MD5: 96ad556979fb5d5e56141219772a9ec9 I:\WINDOWS\system32\DRIVERS\srvkp.sys
<non signé> MD5: 77813007ba6265c4b6098187e6ed79d2 I:\WINDOWS\system32\DRIVERS\StreamIP.sys
<non signé> MD5: 3941d127aef12e93addf6fe6ee027e0f I:\WINDOWS\System32\DRIVERS\swenum.sys
<non signé> MD5: 8ce882bcc6cf8a62f2b2323d95cb3d01 I:\WINDOWS\system32\drivers\swmidi.sys
<non signé> MD5: 8b83f3ed0f1688b4958f77cd6d2bf290 I:\WINDOWS\system32\drivers\sysaudio.sys
<non signé> MD5: 9aefa14bd6b182d61e3119fa5f436d3d I:\WINDOWS\system32\drivers\TCPIP.sys
<non signé> MD5: 6471a66807f5e104e4885f5b67349397 I:\WINDOWS\system32\drivers\TDPIPE.sys
<non signé> MD5: c56b6d0402371cf3700eb322ef3aaf61 I:\WINDOWS\system32\drivers\TDTCP.sys
<non signé> MD5: 88155247177638048422893737429d9e I:\WINDOWS\System32\DRIVERS\termdd.sys
<non signé> MD5: d85938f272d1bcf3db3a31fc0a048928 I:\WINDOWS\system32\drivers\UAGP35.sys
<non signé> MD5: 5787b80c2e3c5e2f56c2a233d91fa2c9 I:\WINDOWS\system32\drivers\UDFS.sys
<non signé> MD5: 402ddc88356b1bac0ee3dd1580c76a31 I:\WINDOWS\System32\DRIVERS\update.sys
<non signé> MD5: bee793d4a059caea55d6ac20e19b3a8f I:\WINDOWS\system32\DRIVERS\usb8023.sys
<non signé> MD5: e919708db44ed8543a7c017953148330 I:\WINDOWS\system32\drivers\usbaudio.sys
<non signé> MD5: 173f317ce0db8e21322e71b7e60a27e8 I:\WINDOWS\system32\DRIVERS\usbccgp.sys
<non signé> MD5: 65dcf09d0e37d4c6b11b5b0b76d470a7 I:\WINDOWS\system32\DRIVERS\usbehci.sys
<non signé> MD5: 1ab3cdde553b6e064d2e754efe20285c I:\WINDOWS\System32\DRIVERS\usbhub.sys
<non signé> MD5: 0daecce65366ea32b162f85f07c6753b I:\WINDOWS\System32\DRIVERS\usbohci.sys
<non signé> MD5: a717c8721046828520c9edf31288fc00 I:\WINDOWS\system32\DRIVERS\usbprint.sys
<non signé> MD5: a6bc71402f4f7dd5b77fd7f4a8ddba85 I:\WINDOWS\system32\DRIVERS\usbscan.sys
<non signé> MD5: a32426d9b14a089eaa1d922e0c5801a9 I:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
<non signé> MD5: 0d3a8fafceacd8b7625cd549757a7df1 I:\WINDOWS\system32\drivers\VGA.sys
<non signé> MD5: 46de1126684369bace4849e4fc8c43ca I:\WINDOWS\system32\drivers\VOLSNAP.sys
<non signé> MD5: e20b95baedb550f32dd489265c1da1f6 I:\WINDOWS\system32\drivers\WANARP.sys
<non signé> MD5: d6efaf429fd30c5df613d220e344cce7 I:\WINDOWS\system32\DRIVERS\wdcsam.sys
<non signé> MD5: 6768acf64b18196494413695f0c3a00f I:\WINDOWS\system32\drivers\wdmaud.sys
<non signé> MD5: cf4def1bf66f06964dc0d91844239104 I:\WINDOWS\system32\DRIVERS\wpdusb.sys
<non signé> MD5: c98b39829c2bbd34e454150633c62c78 I:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
<non signé> MD5: f15feafffbb3644ccc80c5da584e6311 I:\WINDOWS\system32\drivers\WUDFPF.sys
<non signé> MD5: 28b524262bce6de1f7ef9f510ba3985b I:\WINDOWS\system32\DRIVERS\wudfrd.sys
<non signé> MD5: 32c806669c5b20297fa8c8f6960ba00b I:\WINDOWS\system32\drprov.dll
<non signé> MD5: 4bb396ea6caa50f2208078602549f2f2 I:\WINDOWS\system32\dsound.dll
<non signé> MD5: fede68bf80052bad393afd5c2e60dcb0 I:\WINDOWS\system32\dssenh.dll
<non signé> MD5: 6dce6f063ebac4e49ad245e7e13ac802 I:\WINDOWS\system32\duser.dll
<non signé> MD5: 6a4de85c3e0d5a899bf26e20da01400b I:\WINDOWS\system32\eapolqec.dll
<non signé> MD5: 10be121a3bf8f63b710436260194ad4f I:\WINDOWS\system32\eappcfg.dll
<non signé> MD5: becef773547f696a767221a4cbf7fdd1 I:\WINDOWS\system32\eappprxy.dll
<non signé> MD5: 8b5fc9087d2cab110bc2ed5cc5e7b8ac I:\WINDOWS\System32\eapsvc.dll
<non signé> MD5: 94f948cb12c4d35483f1e815deb16c7b I:\WINDOWS\system32\ersvc.dll
<non signé> MD5: ec16ae9b37eacf871629227a3f3913fd I:\WINDOWS\system32\es.dll
<non signé> MD5: 59e75c286235bc60ab887156ea8c4412 I:\WINDOWS\system32\esent.dll
<non signé> MD5: 4ec800bdf80521b0207bd2301dfc7d14 I:\WINDOWS\system32\eventlog.dll
<non signé> MD5: f22019886fb0c7c20d42418172079691 I:\WINDOWS\system32\faultrep.dll
<non signé> MD5: 4450a2587b3bfc71f74c768e5eaacf20 I:\WINDOWS\system32\feclient.dll
<non signé> MD5: 3a411fb5ae5b64cad3e222a7a7725d75 I:\WINDOWS\system32\fr-fr\tquery.dll.mui
<non signé> MD5: 66842c38b301f07ca574f7d4403bc31e I:\WINDOWS\system32\gdi32.dll
<non signé> MD5: 939d2cd046c46a247bdebcc2511d6ea3 I:\WINDOWS\system32\h323.tsp
<non signé> MD5: 8422d90ea3f931738aae80963dd69c94 I:\WINDOWS\system32\hhctrl.ocx
<non signé> MD5: 4f342ddbd8b2b05129f7dd53df4c3805 I:\WINDOWS\system32\hid.dll
<non signé> MD5: 6f132541862b00c50927b61dc4da45d4 I:\WINDOWS\system32\hidphone.tsp
<non signé> MD5: a3b9b4a68bc839ce5a264d5908092261 I:\WINDOWS\system32\hidserv.dll
<non signé> MD5: e62b0be3fc855066c872f5b50a6bcd1b I:\WINDOWS\system32\hnetcfg.dll
<non signé> MD5: fb03f341ff5380394bf2ee52f1979925 I:\WINDOWS\system32\HPZipm12.exe
<non signé> MD5: fb44c8568224451a43b745c39c182406 I:\WINDOWS\system32\hpzsnt07.dll
<non signé> MD5: 1bda51c28faab97d8a88d59c8a221485 I:\WINDOWS\system32\icaapi.dll
<non signé> MD5: 1253eb454a19c4bdad20eb5ffe5e572e I:\WINDOWS\system32\icm32.dll
<non signé> MD5: e8debf75bc214b094ba937499fe10a3b I:\WINDOWS\system32\ieframe.dll
<non signé> MD5: 54f1e8042743a7d8e1532f9922ddbe2a I:\WINDOWS\system32\iertutil.dll
<non signé> MD5: e544dce5582b9d2e1a49282eaf5cca09 I:\WINDOWS\system32\imagehlp.dll
<non signé> MD5: c4221678bbaa55239c23632875759961 I:\WINDOWS\system32\imapi.exe
<non signé> MD5: 0469b73db32e5520f342c5e163aa3cca I:\WINDOWS\system32\imm32.dll
<non signé> MD5: 9d091a70bf897c863f4910b50a7dbdd2 I:\WINDOWS\system32\inetmib1.dll
<non signé> MD5: 46610cac171b93928de8e59a9a25dbed I:\WINDOWS\system32\inetpp.dll
<non signé> MD5: addf3d7a38bb2063f6121049b6ce013c I:\WINDOWS\system32\infosoft.dll
<non signé> MD5: 23002ce458c04dce02b92926cfef57dd I:\WINDOWS\system32\ipconf.tsp
<non signé> MD5: d4063ad48776866b1c8c9c040fcb7f4e I:\WINDOWS\system32\iphlpapi.dll
<non signé> MD5: f4ce708a7d17a625de6c0fd746d50e88 I:\WINDOWS\system32\ipnathlp.dll
<non signé> MD5: 57e5fdd54653cbee404bd4f2a9048381 I:\WINDOWS\system32\ipsecsvc.dll
<non signé> MD5: bfc46502516552d3eba2a8c224e56c98 I:\WINDOWS\system32\jsproxy.dll
<non signé> MD5: 14e7cfebe8a6241a288182f13b3e33a9 I:\WINDOWS\system32\kerberos.dll
<non signé> MD5: 98f08549604d090b6b2514af845f329f I:\WINDOWS\system32\kernel32.dll
<non signé> MD5: 726b86a9bc11346ab7d407afb0633d85 I:\WINDOWS\system32\kmddsp.tsp
<non signé> MD5: 17b3c3d40cdba40c2e331d28be4de27f I:\WINDOWS\System32\kmsvc.dll
<non signé> MD5: 252455253b2ffca464786821a284e617 I:\WINDOWS\system32\l3codeca.acm
<non signé> MD5: 5c64008e661307c4a3c3c25d9086cde7 I:\WINDOWS\system32\linkinfo.dll
<non signé> MD5: 0f357c079ac529a844ab5b18e4eef881 I:\WINDOWS\system32\lmhsvc.dll
<non signé> MD5: 78e1a5b844cae0eca69807df0c172eca I:\WINDOWS\system32\loadperf.dll
<non signé> MD5: 4de2a2cdfb6985c7d65cde528fb3bb09 I:\WINDOWS\system32\localspl.dll
<non signé> MD5: 499c59a2584f6d4ea41e944da571d993 I:\WINDOWS\System32\locator.exe
<non signé> MD5: b40094d81df18a5cbebfe43f2578c048 I:\WINDOWS\system32\logonui.exe
<non signé> MD5: c0dd8332ea2cc24247a7cc46447408ef I:\WINDOWS\system32\lsasrv.dll
<non signé> MD5: 91e6024d6d4dcdecdb36c43ecf9bbecb I:\WINDOWS\system32\lsass.exe
<non signé> MD5: 9fe236a0477811ca50f9d000a63c3240 I:\WINDOWS\system32\lz32.dll
<non signé> MD5: 5a8b28b2410227abd435ceb6c8b947c5 I:\WINDOWS\system32\mfc42.dll
<non signé> MD5: 38d376e5f2da4215327f29e7064fefc7 I:\WINDOWS\system32\mfc42loc.dll
<non signé> MD5: 85d83d739efb1d47ba039c9a4f4a7000 I:\WINDOWS\system32\mfcsubs.dll
<non signé> MD5: 5d469fe7d63cf5215af80cfa37be6897 I:\WINDOWS\system32\midimap.dll
<non signé> MD5: 9511aaf68ae867eeb7c7eba2fa6c9a81 I:\WINDOWS\system32\mlang.dll
<non signé> MD5: d3a2870cd96cda7bcff3dc54f64087ad I:\WINDOWS\System32\mnmsrvc.exe
<non signé> MD5: ffa62740e916e193237c08e9cae52155 I:\WINDOWS\system32\modemui.dll
<non signé> MD5: 5d0355afafffab8313db50a7365c9615 I:\WINDOWS\system32\mpr.dll
<non signé> MD5: 81c659c43186d3a3baa7423192bcab0b I:\WINDOWS\system32\mprapi.dll
<non signé> MD5: 7da370c31673c99497bd07068ee6e354 I:\WINDOWS\System32\mprdim.dll
<non signé> MD5: 18f726d6767fd3632a3617f476e115e2 I:\WINDOWS\system32\msacm32.dll
<non signé> MD5: 675c6cf2eba4eb1c9ed86dbb73383c10 I:\WINDOWS\system32\msacm32.drv
<non signé> MD5: 6bf05fb48e745e5ee0abf9c029453e84 I:\WINDOWS\system32\msasn1.dll
<non signé> MD5: fb27ab345f51ffb375e180cafa282653 I:\WINDOWS\system32\mscms.dll
<non signé> MD5: 16b216b0010fc71de47d9c44fba0fb11 I:\WINDOWS\system32\msctf.dll
<non signé> MD5: 609c878e206011b5aecbfcf4d0de4bf4 I:\WINDOWS\system32\msctfime.ime
<non signé> MD5: 8648d670ae0d95c95e7bbb5b80661796 I:\WINDOWS\System32\msdtc.exe
<non signé> MD5: 84d05413e503d99a8502c3d52ca59501 I:\WINDOWS\system32\msdtcprx.dll
<non signé> MD5: 2ac243531aa1deec9b6920ed1df62ca4 I:\WINDOWS\system32\msdtcuiu.dll
<non signé> MD5: 330e0015b751fafb53b6f73d30a4bbf1 I:\WINDOWS\system32\msfeedssync.exe
<non signé> MD5: 74da94b6a5ba3f3b43ca1e0726dfc18c I:\WINDOWS\system32\msftedit.dll
<non signé> MD5: 0b83193246eb84b2902c0ba23027de6c I:\WINDOWS\system32\msgina.dll
<non signé> MD5: e67a66a3781c1a483f0f8992664cbe0d I:\WINDOWS\System32\msgsvc.dll
<non signé> MD5: 42672da5a7a741fe5728ae37f7080efc I:\WINDOWS\system32\mshtml.dll
<non signé> MD5: 8c22083ed515dc94d575438662f0be6a I:\WINDOWS\system32\msi.dll
<non signé> MD5: 07ac0ced055c3d90487575744ac93e80 I:\WINDOWS\system32\msidle.dll
<non signé> MD5: 7f7bc88c8fb6b52989e0e93084b5e678 I:\WINDOWS\system32\msiexec.exe
<non signé> MD5: b99fee786f755c84974cd285e21055c2 I:\WINDOWS\system32\msimg32.dll
<non signé> MD5: e6d1786dc910ba9c8bc420c4ac1b235e I:\WINDOWS\system32\msimtf.dll
<non signé> MD5: 2d15e1c7cd0bc1a9b7f9660e39a0ce3e I:\WINDOWS\system32\msls31.dll
<non signé> MD5: c51b4a5c05a5475708e3c81c7765b71d I:\WINDOWS\system32\MsPMSNSv.dll
<non signé> MD5: c6bb1d1500db4a0e224cb65e6c7e8a80 I:\WINDOWS\system32\msprivs.dll
<non signé> MD5: 8f580bcc5296ecc9dc8a649d75be6ba5 I:\WINDOWS\system32\msscb.dll
<non signé> MD5: f1aa467825079b05d590d475432b4066 I:\WINDOWS\system32\msscntrs.dll
<non signé> MD5: 8beaf2b4bcde405af7ec46a9e03b2d65 I:\WINDOWS\system32\mssprxy.dll
<non signé> MD5: e65c5f612400b39d7aa83e7057d798c2 I:\WINDOWS\system32\mssrch.dll
<non signé> MD5: 5d8327ddcf473e983a766f42c35e68e7 I:\WINDOWS\system32\mstlsapi.dll
<non signé> MD5: 37dfb0e036ec87829c548b7b7d9cc7b1 I:\WINDOWS\system32\msutb.dll
<non signé> MD5: 2921bbeab3eb2a09e7cbc7cae2a18110 I:\WINDOWS\system32\msv1_0.dll
<non signé> MD5: 699756c96ecf0f548b0220bd04f36929 I:\WINDOWS\system32\msvcp60.dll
<non signé> MD5: 3891413139eaabfefe9b0ca49b5cd395 I:\WINDOWS\system32\msvcrt.dll
<non signé> MD5: 58af8498c62e1e1dab5ae59c6e08c180 I:\WINDOWS\system32\mswsock.dll
<non signé> MD5: a527e2aa3d7f12d2414fc5caf31c2632 I:\WINDOWS\system32\msxml3.dll
<non signé> MD5: 8e1ef1f96c23d3f3790dd25e52e00e3b I:\WINDOWS\system32\mtxclu.dll
<non signé> MD5: 98b9bb289930687be67a5245cb9a3f65 I:\WINDOWS\system32\mui\000C\hhctrlui.dll
<non signé> MD5: b203dca0844007bb4d54a78ead606c1a I:\WINDOWS\system32\mydocs.dll
<non signé> MD5: 4df4320f4f40383fd2dd3f8705c3ed41 I:\WINDOWS\system32\ncobjapi.dll
<non signé> MD5: a70348b3eebf35c646375f765293e31c I:\WINDOWS\system32\nddeapi.dll
<non signé> MD5: debbfab1761703ca8eb5bd54d33c44f7 I:\WINDOWS\system32\ndptsp.tsp
<non signé> MD5: 28725d80c4b7a64562d49fb6da0cd82d I:\WINDOWS\system32\netapi32.dll
<non signé> MD5: 5512539d9850e3c57e32f6bd2ca2e56c I:\WINDOWS\system32\netcfgx.dll
<non signé> MD5: 5c9b1d83755b36237b70f95df3d46a52 I:\WINDOWS\system32\netdde.exe
<non signé> MD5: 31fb4b337dd09bdf99429d7dbb5fdd48 I:\WINDOWS\system32\netfxperf.dll
<non signé> MD5: 04821179c3171554c1bd1f9888a113e2 I:\WINDOWS\system32\netlogon.dll
<non signé> MD5: be0cb143fa427d93440ded18db8c918b I:\WINDOWS\system32\netman.dll
<non signé> MD5: 25d39fb041260c141a2c3f49ea13c97b I:\WINDOWS\system32\netrap.dll
<non signé> MD5: c068b14827c0dc9e4c4919fe1c451957 I:\WINDOWS\system32\netshell.dll
<non signé> MD5: 26a4426a733ef2f517450b478a4e2e38 I:\WINDOWS\system32\netui0.dll
<non signé> MD5: 0056aabfaaba070038f3f026fada0efb I:\WINDOWS\system32\netui1.dll
<non signé> MD5: 10753a3adc3e39a3b10cc3f08e98e6b4 I:\WINDOWS\system32\normaliz.dll
<non signé> MD5: 75551844099eb23835e504265827209b I:\WINDOWS\system32\ntdll.dll
<non signé> MD5: ac019b054af557847d381ac9d304fc94 I:\WINDOWS\system32\ntdsapi.dll
<non signé> MD5: 2fec80530bffed3ec6e65009890282bc I:\WINDOWS\system32\ntlanman.dll
<non signé> MD5: f8fd6bd0acfeede47b14b87f6defef3e I:\WINDOWS\system32\ntlsapi.dll
<non signé> MD5: 24bf6c92ea2dc0db979a7555eec33214 I:\WINDOWS\system32\ntmarta.dll
<non signé> MD5: 037d92b3a7853a183fcab77fb1d13d6c I:\WINDOWS\system32\ntmssvc.dll
<non signé> MD5: d204de1b5ffe3f0153b61fa3e3167f70 I:\WINDOWS\system32\ntshrui.dll
<non signé> MD5: 24c35608b74fed67c3e7d5b8a908bfb3 I:\WINDOWS\system32\oakley.dll
<non signé> MD5: 310f6910283a8a574a62fe98f02a2f45 I:\WINDOWS\system32\odbc32.dll
<non signé> MD5: d9a5ac696964a63437d2aaed0a3b391c I:\WINDOWS\system32\odbcbcp.dll
<non signé> MD5: c0723e4d763b555018a20685159f27cc I:\WINDOWS\system32\odbcint.dll
<non signé> MD5: 9245faf86a8235d5290a23c010dabd43 I:\WINDOWS\system32\ole32.dll
<non signé> MD5: d83ac62317c4da878ef6b2db3bf78fed I:\WINDOWS\system32\oleacc.dll
<non signé> MD5: 02ad7231ff1a60f96928fc1125d33dec I:\WINDOWS\system32\oleaut32.dll
<non signé> MD5: a8f3e721bb560a0ad4e4f2eca23a4938 I:\WINDOWS\system32\oledlg.dll
<non signé> MD5: 3ba21bd333a1b8b222006e5464d44f49 I:\WINDOWS\system32\olepro32.dll
<non signé> MD5: 0f6f57851c988588dcc9a9e46a570675 I:\WINDOWS\system32\onex.dll
<non signé> MD5: 2f9806b52cb3748b1e49222744b28e3c I:\WINDOWS\system32\PCANDIS5.SYS
<non signé> MD5: 95cd9b63094935c5999b61e42b16e732 I:\WINDOWS\system32\pdh.dll
<non signé> MD5: 08592889a219f7a60f9865b0ee7caff8 I:\WINDOWS\system32\perfctrs.dll
<non signé> MD5: 5363acc6c7e2c8f3bcb686ed28117894 I:\WINDOWS\system32\perfdisk.dll
<non signé> MD5: 4c1a40bea073b6b7e9d7374125244e31 I:\WINDOWS\system32\perfnet.dll
<non signé> MD5: b75e074357cf973463b84859ac2ec430 I:\WINDOWS\system32\perfos.dll
<non signé> MD5: 6899045b44641396bd3598b27da570f6 I:\WINDOWS\system32\perfproc.dll
<non signé> MD5: fb8c9c2252b56b4b639721856838d150 I:\WINDOWS\system32\perfts.dll
<non signé> MD5: 77c18aff18ad8ee42d5f7cf6dc7058b4 I:\WINDOWS\system32\pjlmon.dll
<non signé> MD5: 9d45b2201d0ecf9f42136c7b99deb8b2 I:\WINDOWS\system32\PortableDeviceApi.dll
<non signé> MD5: 22358578cb321f3325496a3723029409 I:\WINDOWS\system32\PortableDeviceTypes.dll
<non signé> MD5: 9f2c862e39bf8e8fc51c3f6a6bceb415 I:\WINDOWS\system32\powrprof.dll
<non signé> MD5: f93478df30c64537daa79baf28954636 I:\WINDOWS\system32\profmap.dll
<non signé> MD5: 89d74683c859b7982056d15938baca3e I:\WINDOWS\system32\propsys.dll
<non signé> MD5: b9bea255887d284848c82b60c49524a3 I:\WINDOWS\system32\psapi.dll
<non signé> MD5: 6537e6d9a0e302ecd2f0b8095a99f7af I:\WINDOWS\system32\psbase.dll
<non signé> MD5: 9c617e631a204b397d24a236fa916aa7 I:\WINDOWS\system32\pschdprf.dll
<non signé> MD5: 9d737aa79bee2ecd3996bc81e048b72c I:\WINDOWS\system32\pstorsvc.dll
<non signé> MD5: 69e4fbbabaeee1bff422e091da3171da I:\WINDOWS\System32\qagentrt.dll
<non signé> MD5: baa0b6e647c1ad593e9bae5cc31bcffb I:\WINDOWS\system32\qmgr.dll
<non signé> MD5: 93249c0ccee363056b06d8e7094bee4d I:\WINDOWS\system32\query.dll
<non signé> MD5: 25fd28ee12744651183d25f68ac85941 I:\WINDOWS\system32\qutil.dll
<non signé> MD5: e17bbf14dbe41cab571bbd244f97c25f I:\WINDOWS\system32\rasadhlp.dll
<non signé> MD5: 8d5c2324e028f59d2f5e27b4dae23486 I:\WINDOWS\system32\rasapi32.dll
<non signé> MD5: 78da9ccdac683ef5aa87d1c919f6d221 I:\WINDOWS\System32\rasauto.dll
<non signé> MD5: ec5265f600241f8a53499344606ce639 I:\WINDOWS\system32\raschap.dll
<non signé> MD5: 6e8e547e8acea7d149bec57f60a6560a I:\WINDOWS\system32\rasctrs.dll
<non signé> MD5: c645e9af161bb3ca02d2c9361661daa4 I:\WINDOWS\system32\rasdlg.dll
<non signé> MD5: 39cf739698665485b9c749caac382a5a I:\WINDOWS\system32\rasman.dll
<non signé> MD5: 0a48df90b4784f9b90a2671af992c914 I:\WINDOWS\system32\rasmans.dll
<non signé> MD5: 1ceacd80b6b5e113157fa2495f85a951 I:\WINDOWS\system32\rasppp.dll
<non signé> MD5: 35abfb198d5e8ac81986a5eb6d7a78f1 I:\WINDOWS\system32\rasqec.dll
<non signé> MD5: 841d1d43d6fe45d5c9a3b72f18013da1 I:\WINDOWS\system32\rastapi.dll
<non signé> MD5: 60f096fc7a97c0a1d30e7cb4d124692b I:\WINDOWS\system32\rastls.dll
<non signé> MD5: db0d85e918793d34ab30a4d927207e7d I:\WINDOWS\system32\regapi.dll
<non signé> MD5: e598d81197e2e0ec42a0c55772bb00e8 I:\WINDOWS\system32\regsvc.dll
<non signé> MD5: 0963716ce97399e0707b7633c944d601 I:\WINDOWS\system32\resutils.dll
<non signé> MD5: 6af9195b8e52463f40dc808b6f42da7c I:\WINDOWS\system32\rpcrt4.dll
<non signé> MD5: 0203b1aad358f206cb0a3c1f93cce17a I:\WINDOWS\system32\rpcss.dll
<non signé> MD5: 54dae3ea34802b4ed9ae1c6b1209fa56 I:\WINDOWS\system32\rsaenh.dll
<non signé> MD5: 414964844f4793acb868d057e8ed997e I:\WINDOWS\