~ Rapport de ZHPDiag v2015.3.12.29 - Nicolas Coolman (12/03/2015) ~ Lancé par Administrateur (17/03/2015 10:00:38) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Not Found ---\\ Navigateurs Internet MSIE: Internet Explorer v7.0.5730.13 MFIE: Mozilla Firefox 33.0 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows Automatic Updates : OK Windows Genuine Advantage : OK Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600) ---\\ Logiciels de protection du système ---\\ Logiciels d'optimisation du système CCleaner v3.27 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player Plugin Adobe Reader 8.1.2 - Français ---\\ Informations sur le système ~ Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 503 MB (74% free) System Restore: Activé (Enable) System drive C: has 93 GB (94%) free of 98 GB ---\\ Mode de connexion au système ~ Computer Name: SWEET-6F2A781C1 ~ User Name: Administrateur ~ All Users Names: SUPPORT_388945a0, HelpAssistant, Administrateur, ~ Unselected Option: O45,O61 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\Administrateur\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\ ~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\ ~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 93 Go of 98 Go) D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 98 Go) E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 84 Go) F: CD-ROM drive (Not Inserted) G: CD-ROM drive (Not Inserted) H: CD-ROM drive (Free 0 Go of 0 Go) I: Floppy drive, Flash card reader, USB Key (Free 0 Go of 2 Go) ---\\ Etat du Centre de Sécurité Windows ~ Security Center: 51 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.A9A7C2D6571E8FF9FE910BE2A319DCA8] - (.Microsoft Corporation - Explorateur Windows.) (.17/03/2015 - 02:44:34.) -- C:\WINDOWS\Explorer.exe [1584128] [MD5.B8FCD84F253A7EB9F14DE1163FD68379] - (.Microsoft Corporation - Internet Extensions for Win32.) (.25/06/2008 - 18:31:07.) -- C:\WINDOWS\system32\wininet.dll [971264] [MD5.DE669722494CF41F6E39A62B3B08525C] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.25/06/2008 - 18:31:07.) -- C:\WINDOWS\system32\Winlogon.exe [561152] [MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/06/2008 - 18:29:53.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 12:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/06/2008 - 18:29:57.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/06/2008 - 18:29:58.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.25/06/2008 - 18:30:17.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.25/06/2008 - 18:30:19.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.25/06/2008 - 18:30:21.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.25/06/2008 - 18:30:22.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.25/06/2008 - 18:30:24.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.25/06/2008 - 18:30:23.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.25/06/2008 - 18:30:30.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.25/06/2008 - 18:30:43.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.25/06/2008 - 18:30:47.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.25/06/2008 - 18:30:13.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/06/2008 - 18:30:53.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/06/2008 - 18:31:05.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2 ~ Mes musiques (My Musics) : 1/2 ~ Mes Favoris (My Favorites) : 1/5 ~ Mes Documents (My Documents) : 1/17 ~ Mon Bureau (My Desktop) : 2/14 ~ Menu demarrer (Programs) : 1/38 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [PID.1284] [MD5.AAC20E2DC0EFF52E91F9672B11144365] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.340] [MD5.41D82876036E46F9F37DBFAACA72E974] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [106496] [PID.3160] [MD5.493710C72868C76100C920576BACEC2D] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [90112] [PID.3172] [MD5.B5085E3184574E5DBF77C8AF30FADEB5] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [126976] [PID.3180] [MD5.80CFAE4CD19FBCB392CEE0D9700C2ED5] - (.DAEMON'S HOME - Virtual DAEMON Manager.) -- C:\Program Files\D-Tools\daemon.exe [94208] [PID.3348] [MD5.7334DFA83020E95EC820BCE8E5F5E9A2] - (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe [200704] [PID.3640] [MD5.D5700DA7D9941554AFB04948067D7914] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3821136] [PID.3652] [MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.3792] [MD5.23970D86B4D250ECA6563D6699E4E7CC] - (...) -- C:\Documents and Settings\Administrateur\Bureau\jfrnlmf4.exe [163910440] [PID.1864] [MD5.D6295410E4A4C8AEF023691EB0316A16] - (...) -- c:\documents and settings\administrateur\local settings\temp\F75563F4-CB42EB46-C5E4B56C-5B843FD6\9LSQShLcWxs2.exe [2134440] [PID.1828] [MD5.F13139797A213C1E265B49778F5E7810] - (...) -- c:\documents and settings\administrateur\local settings\temp\F75563F4-CB42EB46-C5E4B56C-5B843FD6\lSOCag6q.exe [7154944] [PID.1744] [MD5.94AA4FA24057745DFBC6ABB1A1A7F63C] - (...) -- c:\documents and settings\administrateur\local settings\temp\F75563F4-CB42EB46-C5E4B56C-5B843FD6\U9W4orH6ga.exe [479248] [PID.1224] [MD5.CC01B1B9B7A37EE887DBC0265D6E6EC8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8290816] [PID.2036] ~ Processes Running: Scanned in 00mn 05s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,,C:\Program Files\xgtjhpmq\gmlvrsvh.exe F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (19) ~ Hosts File: Scanned in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Mmm] . (...) -- C:\WINDOWS\system32\mmm.exe O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] . (.DAEMON'S HOME - Virtual DAEMON Manager.) -- C:\Program Files\D-Tools\daemon.exe O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe O4 - HKCU\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 O4 - HKUS\S-1-5-21-861567501-527237240-1417001333-500\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe O4 - HKUS\S-1-5-21-861567501-527237240-1417001333-500\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: qpevikeffmznimkkasvw (stmwcysyyc) . (...) - C:\WINDOWS\system32\fsldsw.exe ~ Services: 2 Legitimates Filtered in 00mn 06s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Aasppapmmxkleh] [HKLM\Software\7F68A003] ~ Key Software: 210 Legitimates Filtered in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 14/03/2015 - 20:09:38 - [] ----D C:\Program Files\ANGEL LOVE O43 - CFD: 14/03/2015 - 00:43:38 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux ~ Program Folder: 121 Legitimates Filtered in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.741856B15DCF6A281B7F674FBDB354CE] - 14/03/2015 - 00:41:48 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [92286] O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 14/03/2015 - 00:41:54 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768] O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 14/03/2015 - 00:41:54 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3914] O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 14/03/2015 - 00:41:54 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286] O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 14/03/2015 - 00:41:55 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [27768] O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 14/03/2015 - 00:41:55 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1263] O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 14/03/2015 - 00:41:56 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984] O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\Bulles de savon.bmp [65978] O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\Rosace bleue 16.bmp [1272] O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\Tasse à café.bmp [17062] O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006] O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458] O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948] O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484] O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876] O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740] O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 14/03/2015 - 00:41:57 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702] O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 14/03/2015 - 00:41:58 ---A- . (...) -- C:\WINDOWS\Granit vert.bmp [26582] O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 14/03/2015 - 00:41:58 ---A- . (...) -- C:\WINDOWS\Jour de pêche.bmp [17336] O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 14/03/2015 - 00:41:58 ---A- . (...) -- C:\WINDOWS\Mur de Santa Fe.bmp [65832] O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 14/03/2015 - 00:41:58 ---A- . (...) -- C:\WINDOWS\Plume.bmp [16730] O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 14/03/2015 - 00:41:58 ---A- . (...) -- C:\WINDOWS\Rhododendron.bmp [17362] O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 14/03/2015 - 00:41:58 ---A- . (...) -- C:\WINDOWS\Rivière Sumida.bmp [26680] O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 14/03/2015 - 00:41:58 ---A- . (...) -- C:\WINDOWS\Vent de prairie.bmp [65954] O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 14/03/2015 - 00:41:58 ---A- . (...) -- C:\WINDOWS\Zapotec.bmp [9522] O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 14/03/2015 - 00:42:13 ---A- . (...) -- C:\WINDOWS\system32\icrav03.rat [8798] O44 - LFC:[MD5.1B26CF070C67085E0D529332C411DBC5] - 14/03/2015 - 00:42:14 ---A- . (...) -- C:\WINDOWS\system32\IE7Eula.rtf [74715] O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 14/03/2015 - 00:42:17 ---A- . (...) -- C:\WINDOWS\system32\ticrf.rat [1988] O44 - LFC:[MD5.F08F19FEAA26FB2DAC62E4AA4C44020C] - 14/03/2015 - 00:42:45 ---A- . (.Red Hat - Cygwin® POSIX Emulation DLL.) -- C:\WINDOWS\system32\cygwin1.dll [1872666] O44 - LFC:[MD5.C54EB1E578EEF0552DB2480096C20877] - 14/03/2015 - 00:42:46 ---A- . (...) -- C:\WINDOWS\system32\cygwinb19.dll [394752] O44 - LFC:[MD5.80E41408F6D641DC1C0F5353A0CC8125] - 14/03/2015 - 00:42:46 ---A- . (.Pas de propriétaire - zlib data compression library.) -- C:\WINDOWS\system32\zlib1.dll [59904] O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 14/03/2015 - 00:43:23 ---A- . (...) -- C:\WINDOWS\vb.ini [36] O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 14/03/2015 - 00:43:23 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37] O44 - LFC:[MD5.C65A8ECD17D7ED3285725AEB830359E1] - 14/03/2015 - 00:43:33 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21892] O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 14/03/2015 - 00:45:17 ---A- . (...) -- C:\WINDOWS\desktop.ini [2] O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 14/03/2015 - 00:45:17 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2] O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 14/03/2015 - 00:45:17 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [49102] O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 14/03/2015 - 00:45:17 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [49102] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 14/03/2015 - 00:45:54 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 14/03/2015 - 00:45:54 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 14/03/2015 - 00:45:54 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 14/03/2015 - 00:45:54 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 14/03/2015 - 00:45:54 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 14/03/2015 - 00:45:54 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749] O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 14/03/2015 - 00:45:59 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488] O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 14/03/2015 - 00:45:59 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488] O44 - LFC:[MD5.B7F72F381C7CD86C17C0467263CE7957] - 14/03/2015 - 00:46:53 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [138354] O44 - LFC:[MD5.8FCEAD39F23D20A0B44DB0F60382468F] - 14/03/2015 - 00:46:58 ---A- . (...) -- C:\SilverlightMSI.log [193796] O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 14/03/2015 - 00:46:59 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205] O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 14/03/2015 - 00:47:07 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640] O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 14/03/2015 - 00:47:09 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832] O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 14/03/2015 - 00:47:09 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392] O44 - LFC:[MD5.2A44570770236D602FF1C0B51B61FBA1] - 14/03/2015 - 00:47:14 ---A- . (...) -- C:\WINDOWS\win.ini [507] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/03/2015 - 00:47:16 ---A- . (...) -- C:\AUTOEXEC.BAT [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/03/2015 - 00:47:16 ---A- . (...) -- C:\CONFIG.SYS [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/03/2015 - 00:47:16 ---A- . (...) -- C:\WINDOWS\control.ini [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/03/2015 - 00:47:16 RSHA- . (...) -- C:\IO.SYS [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/03/2015 - 00:47:16 RSHA- . (...) -- C:\MSDOS.SYS [0] O44 - LFC:[MD5.98E7B4DF71DAFA6FF0082BC02DDEFF4B] - 14/03/2015 - 00:55:00 ---A- . (.Pas de propriétaire - Commandline Window Utility for NT4/2000/XP.) -- C:\WINDOWS\system32\cmdow.exe [58880] O44 - LFC:[MD5.EAE5EB875C386D7BEFAB2CED29B30A80] - 14/03/2015 - 00:55:23 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [1376] O44 - LFC:[MD5.1748F3900995967DC9CEC055B077B865] - 14/03/2015 - 01:00:09 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.6.0_06-b02.log [6508] O44 - LFC:[MD5.79A1F65754F54B2ECD73326798129F38] - 14/03/2015 - 01:01:46 ---A- . (...) -- C:\WINDOWS\system32\Cabarc.exe [142336] O44 - LFC:[MD5.1648A08B47BABF1AFCB351F599FF750D] - 14/03/2015 - 01:01:46 ---A- . (...) -- C:\WINDOWS\system32\Cabtool.exe [49664] O44 - LFC:[MD5.BE2CEA95259656D288DCD297B72C13D7] - 14/03/2015 - 01:01:46 ---A- . (...) -- C:\WINDOWS\system32\Cdimage.exe [406016] O44 - LFC:[MD5.D3A1CA7AAF93529386C873D5946F4CC5] - 14/03/2015 - 01:01:49 ---A- . (.n7Epsilon - FileGather Handler.) -- C:\WINDOWS\system32\FGCBAHandler.exe [122880] O44 - LFC:[MD5.1BEAF350F00AB2642A243514206F341F] - 14/03/2015 - 01:01:49 ---A- . (.n7Epsilon - FileGather.) -- C:\WINDOWS\system32\Fgcba.exe [151552] O44 - LFC:[MD5.D9B2675CC85AEA7A4317C3623FC9F41A] - 14/03/2015 - 01:01:50 ---A- . (.Pas de propriétaire - Extract Windows Hotfix`s.) -- C:\WINDOWS\system32\HFExtract.exe [1152165] O44 - LFC:[MD5.6132CBF0705227585B5D339D5F2C9BD3] - 14/03/2015 - 01:01:52 ---A- . (...) -- C:\WINDOWS\system32\MMM.dll [175616] O44 - LFC:[MD5.461EAD991A5F6922D0C32D687845D4BD] - 14/03/2015 - 01:01:52 ---A- . (...) -- C:\WINDOWS\system32\MakeISO.cmd [1503] O44 - LFC:[MD5.A758711B77DADF7B2C9A1BED7E48A006] - 14/03/2015 - 01:01:52 ---A- . (...) -- C:\WINDOWS\system32\Modifype.exe [39936] O44 - LFC:[MD5.DBDA75CAE09BACEDDF6203379AF2A3E4] - 14/03/2015 - 01:01:52 ---A- . (.Lucersoft - LCISOCreator.) -- C:\WINDOWS\system32\LCISOCreator.exe [80896] O44 - LFC:[MD5.9EBB704CFD9C4C55548ECA303A5E10BC] - 14/03/2015 - 01:01:54 ---A- . (...) -- C:\WINDOWS\system32\Reg2InfHandler.cmd [1373] O44 - LFC:[MD5.D604F7BD9540155732B22ED8D8C98905] - 14/03/2015 - 01:01:54 ---A- . (...) -- C:\WINDOWS\system32\Replacer.cmd [18030] O44 - LFC:[MD5.241377445067E4DF9C9FD8314E3A4806] - 14/03/2015 - 01:01:54 ---A- . (.n7Epsilon - Reg2Inf.) -- C:\WINDOWS\system32\Reg2inf.exe [94208] O44 - LFC:[MD5.A601471368FD5E15A2212ADD3982004A] - 14/03/2015 - 01:01:55 ---A- . (.Pas de propriétaire - Upx Gui.) -- C:\WINDOWS\system32\Upxgui.exe [797465] O44 - LFC:[MD5.D790D38D72408A383ABD20AA0A6B5212] - 14/03/2015 - 01:01:56 ---A- . (...) -- C:\WINDOWS\system32\Wc.com [1128] O44 - LFC:[MD5.CE05C025433085B7E856E7214F7CE8B1] - 14/03/2015 - 01:01:56 ---A- . (...) -- C:\WINDOWS\system32\xpBoot.img [2048] O44 - LFC:[MD5.5776322F93CDB91086111F5FFBFDA2A0] - 14/03/2015 - 01:04:36 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\Drivers\d347bus.sys [155136] O44 - LFC:[MD5.B49F79ACE459763F4E0380071BE9CB45] - 14/03/2015 - 01:04:36 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\Drivers\d347prt.sys [5248] O44 - LFC:[MD5.2CE4E3B3FEAABE7ACE422FA29C11CDC3] - 14/03/2015 - 01:05:33 ---A- . (...) -- C:\WPI.log [12336] O44 - LFC:[MD5.F3C139AD492C4F73353057442E6995CE] - 14/03/2015 - 01:06:42 ---A- . (...) -- C:\WINDOWS\system32\c_10021.nls [66082] O44 - LFC:[MD5.72233F1A1D788A84D4687A258CC97CBF] - 14/03/2015 - 01:06:45 ---A- . (...) -- C:\WINDOWS\system32\c_10005.nls [66082] O44 - LFC:[MD5.A99203A3397A9DB352C5D8DFBDA230A8] - 14/03/2015 - 01:06:45 ---A- . (...) -- C:\WINDOWS\system32\c_862.nls [66594] O44 - LFC:[MD5.4D4C7CED88E5621F21A4911A44CADACC] - 14/03/2015 - 01:06:46 ---A- . (...) -- C:\WINDOWS\system32\C_28596.NLS [66082] O44 - LFC:[MD5.1DBBCC1B712C2674BDF29A05A5DD366E] - 14/03/2015 - 01:06:46 ---A- . (...) -- C:\WINDOWS\system32\c_10004.nls [66082] O44 - LFC:[MD5.77F127766D758EB2C6451E221A0C7F7D] - 14/03/2015 - 01:06:46 ---A- . (...) -- C:\WINDOWS\system32\c_708.nls [66082] O44 - LFC:[MD5.C050215D8D21DF5658E94187973FB89C] - 14/03/2015 - 01:06:46 ---A- . (...) -- C:\WINDOWS\system32\c_720.nls [66594] O44 - LFC:[MD5.C58563DF50115E935BC811FFBCE1FC89] - 14/03/2015 - 01:06:46 ---A- . (...) -- C:\WINDOWS\system32\c_864.nls [66594] O44 - LFC:[MD5.157A2706E78D7B581642F6F787EC37E5] - 14/03/2015 - 01:07:12 ---A- . (...) -- C:\WINDOWS\system32\c_10001.nls [162850] O44 - LFC:[MD5.AAB0740BCBDCE107E0BABEE466905EB4] - 14/03/2015 - 01:07:12 ---A- . (...) -- C:\WINDOWS\system32\c_20000.nls [180258] O44 - LFC:[MD5.B2B3B6A63D9A1837673A2B2C44455A20] - 14/03/2015 - 01:07:12 ---A- . (...) -- C:\WINDOWS\system32\c_20290.nls [66082] O44 - LFC:[MD5.3FEF4EEFC8827A03B19124575B17205E] - 14/03/2015 - 01:07:12 ---A- . (...) -- C:\WINDOWS\system32\c_20932.nls [180770] O44 - LFC:[MD5.32919D0DA9A834E8197203C4858ABCF6] - 14/03/2015 - 01:07:12 ---A- . (...) -- C:\WINDOWS\system32\c_20936.nls [173602] O44 - LFC:[MD5.232094E602642181A5A508975665D11B] - 14/03/2015 - 01:07:12 ---A- . (...) -- C:\WINDOWS\system32\c_20949.nls [177698] O44 - LFC:[MD5.07CD5D103AEB4AD2B624EE1ADBFAA456] - 14/03/2015 - 01:07:12 ---A- . (...) -- C:\WINDOWS\system32\c_21027.nls [66082] O44 - LFC:[MD5.09E420F90A329BDA68477FA4AF43CB28] - 14/03/2015 - 01:07:12 ---A- . (...) -- C:\WINDOWS\system32\xjis.nls [28288] O44 - LFC:[MD5.A337491EA01F4BE0779A981CB7ACB999] - 14/03/2015 - 01:07:28 ---A- . (...) -- C:\WINDOWS\system32\c_1361.nls [189986] O44 - LFC:[MD5.DB4F8D50EDA4C0C51BDD0753880FA20B] - 14/03/2015 - 01:07:28 ---A- . (...) -- C:\WINDOWS\system32\ksc.nls [47066] O44 - LFC:[MD5.1855E6398A2E937E47809FD8B83647E4] - 14/03/2015 - 01:07:29 ---A- . (...) -- C:\WINDOWS\system32\c_10003.nls [177698] O44 - LFC:[MD5.AAF2CFDFCEAE84151060465A4C4506DA] - 14/03/2015 - 01:07:36 ---A- . (...) -- C:\WINDOWS\system32\WINPY.MB [1783864] O44 - LFC:[MD5.23C1E8F026FB81824388E8EC457CF75E] - 14/03/2015 - 01:07:36 ---A- . (...) -- C:\WINDOWS\system32\c_10008.nls [173602] O44 - LFC:[MD5.54144F43EDF5AA8F504A30E7C1D1A7B5] - 14/03/2015 - 01:07:36 ---A- . (...) -- C:\WINDOWS\system32\prc.nls [83748] O44 - LFC:[MD5.901863C68E6523336CAC602FE9320ABC] - 14/03/2015 - 01:07:36 ---A- . (...) -- C:\WINDOWS\system32\prcp.nls [83748] O44 - LFC:[MD5.FBA8EDF2418C8754D7199B7DCAD9F159] - 14/03/2015 - 01:07:37 ---A- . (...) -- C:\WINDOWS\system32\WINSP.MB [1564868] O44 - LFC:[MD5.5A651B76C819817A2B992F34C3A8BC8D] - 14/03/2015 - 01:07:37 ---A- . (...) -- C:\WINDOWS\system32\WINZM.MB [1223500] O44 - LFC:[MD5.EA2A501A6EE240361FA42FBA90E93611] - 14/03/2015 - 01:07:39 ---A- . (...) -- C:\WINDOWS\system32\PINTLPAD.HLP [14821] O44 - LFC:[MD5.6D62961C6936709C4FE55CE5F7BE4AC1] - 14/03/2015 - 01:07:39 ---A- . (...) -- C:\WINDOWS\system32\PINTLPAE.HLP [16254] O44 - LFC:[MD5.6556B40EBEB0879DB90B7AC32B41379B] - 14/03/2015 - 01:07:39 ---A- . (...) -- C:\WINDOWS\system32\a15.tbl [1460] O44 - LFC:[MD5.9CF1E26D5CFC4747AF8BA76297353523] - 14/03/2015 - 01:07:39 ---A- . (...) -- C:\WINDOWS\system32\a234.tbl [44370] O44 - LFC:[MD5.FF0ABF80940C1A6A9E0DB36EB431EB8E] - 14/03/2015 - 01:07:39 ---A- . (...) -- C:\WINDOWS\system32\acode.tbl [44370] O44 - LFC:[MD5.C01B81BB10AD14DBC5C4ECD350638096] - 14/03/2015 - 01:07:39 ---A- . (...) -- C:\WINDOWS\system32\big5.nls [66728] O44 - LFC:[MD5.EE1F60F8774D74BED8B13498F3FE737A] - 14/03/2015 - 01:07:39 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.nls [82172] O44 - LFC:[MD5.05C0B7F8FA403E6DA75671685A58A940] - 14/03/2015 - 01:07:39 ---A- . (...) -- C:\WINDOWS\system32\c_10002.nls [195618] O44 - LFC:[MD5.217BC5677C19491A22846324300A363C] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\arphr.tbl [110566] O44 - LFC:[MD5.BB30616600212D6EA337441AAC516F22] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\arptr.tbl [16312] O44 - LFC:[MD5.2D37D46049C16DEDCF89BF76EC734877] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\array30.tab [146126] O44 - LFC:[MD5.1924C588038F922AAB8CB66DF42EA4D6] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\arrayhw.tab [18600] O44 - LFC:[MD5.2511B0F32128156F4C7F9F1164D5A108] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\dayiphr.tbl [520] O44 - LFC:[MD5.F649C69497F99AA0E87EE81A1E140D0A] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\dayiptr.tbl [700] O44 - LFC:[MD5.531FE5A2634D87A078017259F21D9736] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\lcphrase.tbl [211938] O44 - LFC:[MD5.D3C85593F8C4576FCF9B42AC48CA4368] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\lcptr.tbl [24114] O44 - LFC:[MD5.805EE17EB45B370D75BD8DE1986EE0D5] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\msdayi.tbl [116285] O44 - LFC:[MD5.87027AC38E50D8185F83F27F92C41330] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\phon.tbl [4071] O44 - LFC:[MD5.84E0FC05489B2E05B1F7CD41B3E7FD3B] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\phoncode.tbl [43242] O44 - LFC:[MD5.1C47CF06E760E1865C9AAF04710D517C] - 14/03/2015 - 01:07:40 ---A- . (...) -- C:\WINDOWS\system32\phonptr.tbl [2714] O44 - LFC:[MD5.C04D36BBEF5B9BAA8D8DA0B57F22BE20] - 14/03/2015 - 01:07:46 ---A- . (...) -- C:\WINDOWS\system32\noise.jpn [2060] O44 - LFC:[MD5.55DCED5F0946C03E70B255A3AFC932B1] - 14/03/2015 - 01:07:47 ---A- . (...) -- C:\WINDOWS\system32\korwbrkr.lex [1158818] O44 - LFC:[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - 14/03/2015 - 01:07:47 ---A- . (...) -- C:\WINDOWS\system32\noise.kor [1486] O44 - LFC:[MD5.95123464EEBF34BFE8725542C6E384EA] - 14/03/2015 - 01:28:06 ---A- . (...) -- C:\WINDOWS\system32\igxpxa32.cpa [524850] O44 - LFC:[MD5.1037CD764D18B8E6D05CE006A771F9E9] - 14/03/2015 - 01:28:26 ---A- . (...) -- C:\WINDOWS\system32\igxpxa32.vp [929] O44 - LFC:[MD5.765CB03717D62E6F7C9F0D42D6420BE3] - 14/03/2015 - 01:28:26 ---A- . (...) -- C:\WINDOWS\system32\igxpxk32.vp [58704] O44 - LFC:[MD5.4F61B041FB6D605845E834BD4EAF0E00] - 14/03/2015 - 01:28:26 ---A- . (...) -- C:\WINDOWS\system32\igxpxs32.vp [24736] O44 - LFC:[MD5.CA766F99CF167151BAD175EAC06CF4F3] - 14/03/2015 - 01:32:25 ---A- . (.Sensaura Ltd - Audio3D.) -- C:\WINDOWS\system32\a3d.dll [720896] O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 14/03/2015 - 01:35:36 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [3072] O44 - LFC:[MD5.64C48F73F0150A85EC5A939BDFE961CB] - 14/03/2015 - 01:35:36 ---A- . (...) -- C:\WINDOWS\NOTEPAD.EXE [64000] O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 14/03/2015 - 01:35:36 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [1896] O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 14/03/2015 - 01:35:40 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082] O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 14/03/2015 - 01:35:41 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082] O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 14/03/2015 - 01:35:41 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082] O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 14/03/2015 - 01:35:41 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082] O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 14/03/2015 - 01:35:41 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594] O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 14/03/2015 - 01:35:44 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082] O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 14/03/2015 - 01:35:44 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594] O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 14/03/2015 - 01:35:44 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594] O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 14/03/2015 - 01:35:45 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082] O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 14/03/2015 - 01:35:45 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082] O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 14/03/2015 - 01:35:45 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594] O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 14/03/2015 - 01:35:45 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594] O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 14/03/2015 - 01:35:45 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082] O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 14/03/2015 - 01:35:46 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082] O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 14/03/2015 - 01:35:46 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082] O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 14/03/2015 - 01:35:46 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082] O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 14/03/2015 - 01:35:48 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082] O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 14/03/2015 - 01:35:48 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082] O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 14/03/2015 - 01:35:48 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594] O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 14/03/2015 - 01:35:49 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082] O44 - LFC:[MD5.33D279B4701D06EEF165092E838D203B] - 14/03/2015 - 01:36:00 ---A- . (...) -- C:\WINDOWS\system32\pid.PNF [4444] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/03/2015 - 01:40:37 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0] O44 - LFC:[MD5.F22AEF617A60AD00CEDDE893924C4A2E] - 14/03/2015 - 16:09:15 ---A- . (...) -- C:\WINDOWS\system.ini [268] O44 - LFC:[MD5.CF393D01A0ED8117F769312810A8BDEA] - 14/03/2015 - 16:09:56 ----- . (...) -- C:\gnge.exe [103140] O44 - LFC:[MD5.74A044FC3A2C0B8A1F2B8EA480CC8A1D] - 14/03/2015 - 16:09:56 RSH-- . (...) -- C:\autorun.inf [346] O44 - LFC:[MD5.9F94A60A0D890EAD86607F7CAC89E3A4] - 14/03/2015 - 20:09:10 ---A- . (...) -- C:\WINDOWS\system32\pkdhky.exe [77312] O44 - LFC:[MD5.6BEC35CDA90002E9E4B40DCF6EE9A86E] - 14/03/2015 - 20:09:15 RSH-- . (...) -- C:\lpk.dll [278942] O44 - LFC:[MD5.FD44FA80DA03EA144153A76DEBBB61B4] - 14/03/2015 - 23:06:15 ---A- . (...) -- C:\WINDOWS\system32\Drivers\TrueSight.sys [35064] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/03/2015 - 22:29:05 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0] O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 16/03/2015 - 02:06:44 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69] O44 - LFC:[MD5.82441BDE557CCD2664D740D88C6C8D9D] - 16/03/2015 - 15:11:03 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.59233A50FD38BEA868A76239570101E4] - 16/03/2015 - 15:45:30 ---A- . (...) -- C:\WINDOWS\wiadebug.log [411] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:02:54 ---A- . (...) -- C:\WINDOWS\system32\aaaaaa.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:02:54 ---A- . (...) -- C:\WINDOWS\system32\pchjco.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:02:56 ---A- . (...) -- C:\WINDOWS\system32\iickie.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:02:59 ---A- . (...) -- C:\WINDOWS\system32\rebfec.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:02:59 ---A- . (...) -- C:\WINDOWS\system32\vipxie.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:03:01 ---A- . (...) -- C:\WINDOWS\system32\eeosec.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:03:01 ---A- . (...) -- C:\WINDOWS\system32\ssyqsw.exe [77312] O44 - LFC:[MD5.F94B974CA7FBB90ABC0724452C36D115] - 17/03/2015 - 09:03:08 RSH-- . (...) -- C:\WINDOWS\lpk.dll [87040] O44 - LFC:[MD5.8D2D6715DD5A84FF72FC637128BE02CB] - 17/03/2015 - 09:32:24 ---A- . (...) -- C:\WINDOWS\system32\mmm.exe [1031680] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:07 ---A- . (...) -- C:\WINDOWS\system32\qqeuqi.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:08 ---A- . (...) -- C:\WINDOWS\system32\yygeym.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:09 ---A- . (...) -- C:\WINDOWS\system32\wwmiwy.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:11 ---A- . (...) -- C:\WINDOWS\system32\hufzuk.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:14 ---A- . (...) -- C:\WINDOWS\system32\boxlou.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:15 ---A- . (...) -- C:\WINDOWS\system32\ccuwco.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:15 ---A- . (...) -- C:\WINDOWS\system32\fsldsw.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:15 ---A- . (...) -- C:\WINDOWS\system32\jwzvwy.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:15 ---A- . (...) -- C:\WINDOWS\system32\mmqcmg.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:15 ---A- . (...) -- C:\WINDOWS\system32\nannaa.exe [77312] O44 - LFC:[MD5.24D5F08C81FA4EE779C338A74465C8CE] - 17/03/2015 - 09:39:15 ---A- . (...) -- C:\WINDOWS\system32\uusmuk.exe [77312] ~ Files: 678 Legitimates Filtered in 00mn 18s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mmm.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\mmm.exe O47 - AAKE:Key Export SP - "I:\Nouveau dossier\RogueKiller.exe" [Enabled] .(.Pas de propriétaire.) -- I:\Nouveau dossier\RogueKiller.exe O47 - AAKE:Key Export SP - "C:\Program Files\Unlocker\UnlockerAssistant.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Unlocker\UnlockerAssistant.exe O47 - AAKE:Key Export SP - "C:\Program Files\WinMover\WinMover.exe" [Enabled] .(.Andreas Eliasson (EliasAE).) -- C:\Program Files\WinMover\WinMover.exe ~ Keys Export: 18 Legitimates Filtered in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 ~ MWPS: 8 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMConfigurePrograms"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "ForceClassicControlPanel"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInternetIcon"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRemoteRecursiveEvents"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoInternetIcon"=0 ~ MWPE Keys: 11 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\36A31510.sys [22472] O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528] O58 - SDL:22/08/2004 - 16:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\Drivers\d347bus.sys [155136] O58 - SDL:22/08/2004 - 16:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\Drivers\d347prt.sys [5248] O58 - SDL:09/08/2007 - 04:13:04 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\system32\Drivers\ewdcsc.sys [24448] O58 - SDL:25/06/2008 - 18:30:19 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384] O58 - SDL:28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\system32\Drivers\idmtdi.sys [121184] O58 - SDL:25/06/2008 - 18:30:52 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792] O58 - SDL:15/08/2006 - 16:48:22 ---A- . (.Analog Devices, Inc. - SoundMAX Stub Driver.) -- C:\WINDOWS\system32\Drivers\smsens.sys [3744] O58 - SDL:15/08/2006 - 16:48:24 ---A- . (.Analog Devices, Inc. - SoundMAX Integrated Digital Audio.) -- C:\WINDOWS\system32\Drivers\smwdm.sys [578304] O58 - SDL:14/03/2015 - 23:06:15 ---A- . (...) -- C:\WINDOWS\system32\Drivers\TrueSight.sys [35064] O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112] O58 - SDL:25/06/2008 - 18:29:54 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:25/06/2008 - 18:30:01 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:25/06/2008 - 18:30:20 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:25/06/2008 - 18:30:25 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:25/06/2008 - 18:30:25 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:25/06/2008 - 18:30:46 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ~ Drivers: 42 Legitimates Filtered in 00mn 01s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 13/10/1745 - C:\WINDOWS\system32\drivers\epkmtt.sys (amsint32) .(...) - LEGACY_AMSINT32 ~ Legacy: 105 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKUS\.DEFAULT] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org O69 - SBI: SearchScopes [HKUS\.DEFAULT] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com O69 - SBI: SearchScopes [HKUS\.DEFAULT] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org O69 - SBI: SearchScopes [HKUS\S-1-5-18] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKUS\S-1-5-19] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKUS\S-1-5-19] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org O69 - SBI: SearchScopes [HKUS\S-1-5-19] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com O69 - SBI: SearchScopes [HKUS\S-1-5-19] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKUS\S-1-5-20] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKUS\S-1-5-20] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org O69 - SBI: SearchScopes [HKUS\S-1-5-20] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com O69 - SBI: SearchScopes [HKUS\S-1-5-20] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.23970D86B4D250ECA6563D6699E4E7CC] [SPRF][17/03/2015] (...) -- C:\Documents and Settings\Administrateur\Bureau\jfrnlmf4.exe [163910440] [MD5.638BFE8237964C16FC7593B7C10B2345] [SPRF][16/03/2015] (...) -- C:\Documents and Settings\Administrateur\Bureau\lpk.dll [470360] ~ Files: 2 Legitimates Filtered in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Administrateur at 17/03/2015 10:02:13 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x81E51C70]<< 1 nt!IofCallDriver[0x804E37C5] >> \Device\Harddisk0\DR0[0x81E2C240] \Driver\atapi[0x81ECF5B8] >> IRP_MJ_CREATE >> 0x81E51C70 kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi >> 0x81e51c70 user & kernel MBR OK Warning: possible MBR rootkit infection ! ~ MBR: 18 Legitimates Filtered in 00mn 02s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Administrateur at 17/03/2015 10:02:15 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O58 - SDL:22/08/2004 - 16:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\Drivers\d347bus.sys [155136] O58 - SDL:22/08/2004 - 16:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\Drivers\d347prt.sys [5248] ~ Emulateurs: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 13008 - (12/03/2015) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\CLSID\{e8cfc029-8420-4eae-adef-915bdc77e1dc}] =>Spyware.AdaEbook ~ Additionnel Scan: 106993 Items scanned in 00mn 24s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50) ~ AMI: 3 Legitimates Filtered in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://www.nicolascoolman.fr/blog/ =>Spyware.AdaEbook ~ MSI: 1 link(s) detected in 00mn 00s ~ 1370 Legitimates filtered by white list End of the scan (612 lines in 02mn 03s)(0.4)