A voir également:
- Security tool et analyse rapport highjak
- Hp format tool - Télécharger - Stockage
- Microsoft security essentials - Télécharger - Antivirus & Antimalwares
- Media creation tool - Télécharger - Systèmes d'exploitation
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
14 réponses
bonjour, regarde là
https://www.malekal.com/tutoriels-logiciels/
https://www.malekal.com/tutoriels-logiciels/
Bonjour et merci pour ta réponse,
Oui je connais déjà ce site que j'ai consulté afin de m'aider, mais au vue de ce que j'ai lu au sujet de combofix (à savoir assez dangereux quand même pour le système),je préfère le réserver qu'en tout dernier lieu. Déjà, aujourd'hui, je remarque qu'il n'y a plus aucune fenêtre de security tool, même si le fond d'écran reste à remettre en place et qu'il reste sur le bureau l'icône de Sec Tool.
Oui je connais déjà ce site que j'ai consulté afin de m'aider, mais au vue de ce que j'ai lu au sujet de combofix (à savoir assez dangereux quand même pour le système),je préfère le réserver qu'en tout dernier lieu. Déjà, aujourd'hui, je remarque qu'il n'y a plus aucune fenêtre de security tool, même si le fond d'écran reste à remettre en place et qu'il reste sur le bureau l'icône de Sec Tool.
Utilisateur anonyme
26 nov. 2009 à 12:50
26 nov. 2009 à 12:50
/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\
▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe"
_______________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
======================================================
▶ On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!
▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
>> Reviens sur le forum, et
▶ copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
J'ai effectué tout ce que tu m'as demandé. Mais problème : au moment d'exécuter Combofix (renommé ainsi que tes indications le précisent) une fenêtre ERROR Win32 only s'est ouverte pour indiquer ce message "OS incompatible. Combofix ne fonctionne qu'avec Windows 2000 ou XP".
Qu'en penses-tu et que dois-je faire? (je précise que j'ai désactivé au préalable antivirus et pare-feu)
Merci de ta réponse
Qu'en penses-tu et que dois-je faire? (je précise que j'ai désactivé au préalable antivirus et pare-feu)
Merci de ta réponse
Utilisateur anonyme
26 nov. 2009 à 14:26
26 nov. 2009 à 14:26
ah oui tu es sous vista....grrrr !!!!
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
! Déconnecte toi et FERME TOUTES TES APPLICATIONS EN COURS !
Double-clique sur " RSIT.exe " pour le lancer .
▶ Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
▶ Devant l'option "List files/folders created ..." , tu choisis : 2 months
▶ clique ensuite sur " Continue " pour lancer l'analyse ...
▶ laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
! Déconnecte toi et FERME TOUTES TES APPLICATIONS EN COURS !
Double-clique sur " RSIT.exe " pour le lancer .
▶ Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
▶ Devant l'option "List files/folders created ..." , tu choisis : 2 months
▶ clique ensuite sur " Continue " pour lancer l'analyse ...
▶ laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
Re-hello!
voici donc les rapports :
1/Log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by nature-pro at 2009-11-26 14:34:39
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 469 GB (79%) free of 596 GB
Total RAM: 3838 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:35:47, on 26/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Windows\SysWOW64\conime.exe
C:\Users\nature-pro\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\nature-pro.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EPSON BX300F Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S587B.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
voici donc les rapports :
1/Log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by nature-pro at 2009-11-26 14:34:39
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 469 GB (79%) free of 596 GB
Total RAM: 3838 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:35:47, on 26/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Windows\SysWOW64\conime.exe
C:\Users\nature-pro\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\nature-pro.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EPSON BX300F Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S587B.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
26 nov. 2009 à 14:46
26 nov. 2009 à 14:46
64 bits en plus !!!!! en ben on est pas dans la m****...c'est une horreur a desinfecter cet OS !...
▶ Telecharge et install UsbFix par Chiquitine29
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
▶ Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisis "éxécuter en tant qu'administrateur" .
▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
▶ Laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra.
Note : Le rapport UsbFix.txt est sauvegardé à la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
▶ Telecharge et install UsbFix par Chiquitine29
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
▶ Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisis "éxécuter en tant qu'administrateur" .
▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
▶ Laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra.
Note : Le rapport UsbFix.txt est sauvegardé à la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
ok, fait
Voici le résultat:
############################## | UsbFix V6.057 |
User : nature-pro (Administrateurs) # PC-NATETMIN
Update on 25/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 14:49:36 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 582,11 Go (458,34 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 14,06 Go (1,93 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe 2072
C:\hp\support\hpsysdrv.exe 2184
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe 2272
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe 2296
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe 2312
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe 2320
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe 2328
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe 2348
C:\Program Files (x86)\Bonjour\mDNSResponder.exe 2688
C:\Windows\SysWOW64\svchost.exe 2732
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 2832
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 1276
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe 816
C:\Windows\SysWOW64\conime.exe 4036
C:\Program Files (x86)\Internet Explorer\ieuser.exe 3364
################## | Fichiers # Dossiers infectieux |
C:\Windows\System32\regedit.exe
C:\Users\NATURE~1\AppData\Local\Temp\a.dat
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{c927dc85-5017-11de-8b01-002354a33657}
shell\Auto\command =K:\rcbexahdf.exe
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\rcbexahdf.exe
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.057 ! |
Voici le résultat:
############################## | UsbFix V6.057 |
User : nature-pro (Administrateurs) # PC-NATETMIN
Update on 25/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 14:49:36 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 582,11 Go (458,34 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 14,06 Go (1,93 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe 2072
C:\hp\support\hpsysdrv.exe 2184
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe 2272
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe 2296
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe 2312
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe 2320
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe 2328
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe 2348
C:\Program Files (x86)\Bonjour\mDNSResponder.exe 2688
C:\Windows\SysWOW64\svchost.exe 2732
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 2832
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 1276
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe 816
C:\Windows\SysWOW64\conime.exe 4036
C:\Program Files (x86)\Internet Explorer\ieuser.exe 3364
################## | Fichiers # Dossiers infectieux |
C:\Windows\System32\regedit.exe
C:\Users\NATURE~1\AppData\Local\Temp\a.dat
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{c927dc85-5017-11de-8b01-002354a33657}
shell\Auto\command =K:\rcbexahdf.exe
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\rcbexahdf.exe
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.057 ! |
Utilisateur anonyme
26 nov. 2009 à 15:00
26 nov. 2009 à 15:00
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir
▶ Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .
▶ choisi l option 2 ( Suppression )
▶ Ton bureau disparaitra et le pc redémarrera .
▶ Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
######### | Désinstallation | #########
▶ Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .
▶ Choisi l option Désinstaller ....
▶ Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .
▶ choisi l option 2 ( Suppression )
▶ Ton bureau disparaitra et le pc redémarrera .
▶ Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
######### | Désinstallation | #########
▶ Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .
▶ Choisi l option Désinstaller ....
J'ai procédé à la suppression (option 2) et voilà ci-dessous le rapport, comme demandé.
Qu'en penses-tu? merci encore à toi,
############################## | UsbFix V6.057 |
User : nature-pro (Administrateurs) # PC-NATETMIN
Update on 25/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:04:37 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 582,11 Go (458,35 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 14,06 Go (1,93 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Program Files (x86)\Bonjour\mDNSResponder.exe 1100
C:\Windows\SysWOW64\svchost.exe 1720
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 1764
C:\Windows\SysWOW64\runonce.exe 2376
C:\Windows\SysWOW64\conime.exe 2412
################## | Fichiers # Dossiers infectieux |
Non supprimé ! C:\Windows\System32\regedit.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\a.dat
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{c927dc85-5017-11de-8b01-002354a33657}\Shell\Auto\Command
################## | Listing des fichiers présent |
[21/01/2008 03:50|-rahs----|333203] C:\bootmgr
[02/12/2008 05:23|-ra-s----|8192] C:\BOOTSECT.BAK
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[01/12/2008 21:57|--a------|361] C:\updatedatfix.log
[26/11/2009 15:07|--a------|1730] C:\UsbFix.txt
[21/01/2008 03:49|-rahs----|80384] C:\woot.wink
[19/06/2007 16:26|---hs----|438328] D:\boo.mgr
[18/01/2008 23:45|---hs----|333203] D:\bootmgr
[28/03/2008 19:54|---hs----|1242] D:\Desktop.ini
[15/04/2009 14:09|--ahs----|188] D:\MASTER.LOG
[16/09/2008 16:45|--ahs----|422] D:\pcdr.ini
[19/06/2007 16:22|---hs----|182323] D:\protect.arabic
[19/06/2007 16:22|---hs----|181572] D:\protect.catalan
[19/06/2007 16:22|---hs----|181898] D:\protect.chinese hong kong
[19/06/2007 16:22|---hs----|181916] D:\protect.chinese simplified
[19/06/2007 16:22|---hs----|181898] D:\protect.chinese traditional
[04/07/2007 12:31|---hs----|181735] D:\protect.czech
[19/06/2007 16:22|---hs----|181680] D:\protect.danish
[19/06/2007 16:22|---hs----|181605] D:\protect.dutch
[19/06/2007 16:22|---hs----|181648] D:\protect.english
[19/06/2007 16:22|---hs----|181648] D:\protect.finnish
[19/06/2007 16:22|---hs----|181616] D:\protect.french
[19/06/2007 16:22|---hs----|181650] D:\protect.german
[04/07/2007 12:33|---hs----|182717] D:\protect.greek
[04/07/2007 12:36|---hs----|182626] D:\protect.hebrew
[19/06/2007 16:22|---hs----|181535] D:\protect.italian
[19/06/2007 16:22|---hs----|182351] D:\protect.japanese
[19/06/2007 16:22|---hs----|182043] D:\protect.korean
[04/07/2007 12:39|---hs----|181562] D:\protect.norwegian
[04/07/2007 12:39|---hs----|181741] D:\protect.polish
[04/07/2007 12:40|---hs----|181617] D:\protect.portuguese
[04/07/2007 12:40|---hs----|181866] D:\protect.portuguese brazilian
[19/06/2007 16:22|---hs----|211936] D:\protect.russian
[05/07/2007 11:32|---hs----|181959] D:\protect.serbian latin
[04/07/2007 12:46|---hs----|181954] D:\protect.slovak
[19/06/2007 16:22|---hs----|181572] D:\protect.spanish
[04/07/2007 12:43|---hs----|181605] D:\protect.swedish
[04/07/2007 12:44|---hs----|181829] D:\protect.turkish
[02/12/2008 08:06|---hs----|44] D:\RESTORE.INI
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | https://www.virustotal.com/gui/ |
################## | Cracks / Keygens / Serials |
################## | Upload |
Veuillez envoyer le fichier : C:\Users\NATURE~1\Desktop\UsbFix_Upload_Me_PC-natetmin.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.057 ! |
Qu'en penses-tu? merci encore à toi,
############################## | UsbFix V6.057 |
User : nature-pro (Administrateurs) # PC-NATETMIN
Update on 25/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:04:37 | 26/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 582,11 Go (458,35 Go free) [HP] # NTFS
D:\ -> Disque fixe local # 14,06 Go (1,93 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Program Files (x86)\Bonjour\mDNSResponder.exe 1100
C:\Windows\SysWOW64\svchost.exe 1720
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 1764
C:\Windows\SysWOW64\runonce.exe 2376
C:\Windows\SysWOW64\conime.exe 2412
################## | Fichiers # Dossiers infectieux |
Non supprimé ! C:\Windows\System32\regedit.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\a.dat
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{c927dc85-5017-11de-8b01-002354a33657}\Shell\Auto\Command
################## | Listing des fichiers présent |
[21/01/2008 03:50|-rahs----|333203] C:\bootmgr
[02/12/2008 05:23|-ra-s----|8192] C:\BOOTSECT.BAK
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[01/12/2008 21:57|--a------|361] C:\updatedatfix.log
[26/11/2009 15:07|--a------|1730] C:\UsbFix.txt
[21/01/2008 03:49|-rahs----|80384] C:\woot.wink
[19/06/2007 16:26|---hs----|438328] D:\boo.mgr
[18/01/2008 23:45|---hs----|333203] D:\bootmgr
[28/03/2008 19:54|---hs----|1242] D:\Desktop.ini
[15/04/2009 14:09|--ahs----|188] D:\MASTER.LOG
[16/09/2008 16:45|--ahs----|422] D:\pcdr.ini
[19/06/2007 16:22|---hs----|182323] D:\protect.arabic
[19/06/2007 16:22|---hs----|181572] D:\protect.catalan
[19/06/2007 16:22|---hs----|181898] D:\protect.chinese hong kong
[19/06/2007 16:22|---hs----|181916] D:\protect.chinese simplified
[19/06/2007 16:22|---hs----|181898] D:\protect.chinese traditional
[04/07/2007 12:31|---hs----|181735] D:\protect.czech
[19/06/2007 16:22|---hs----|181680] D:\protect.danish
[19/06/2007 16:22|---hs----|181605] D:\protect.dutch
[19/06/2007 16:22|---hs----|181648] D:\protect.english
[19/06/2007 16:22|---hs----|181648] D:\protect.finnish
[19/06/2007 16:22|---hs----|181616] D:\protect.french
[19/06/2007 16:22|---hs----|181650] D:\protect.german
[04/07/2007 12:33|---hs----|182717] D:\protect.greek
[04/07/2007 12:36|---hs----|182626] D:\protect.hebrew
[19/06/2007 16:22|---hs----|181535] D:\protect.italian
[19/06/2007 16:22|---hs----|182351] D:\protect.japanese
[19/06/2007 16:22|---hs----|182043] D:\protect.korean
[04/07/2007 12:39|---hs----|181562] D:\protect.norwegian
[04/07/2007 12:39|---hs----|181741] D:\protect.polish
[04/07/2007 12:40|---hs----|181617] D:\protect.portuguese
[04/07/2007 12:40|---hs----|181866] D:\protect.portuguese brazilian
[19/06/2007 16:22|---hs----|211936] D:\protect.russian
[05/07/2007 11:32|---hs----|181959] D:\protect.serbian latin
[04/07/2007 12:46|---hs----|181954] D:\protect.slovak
[19/06/2007 16:22|---hs----|181572] D:\protect.spanish
[04/07/2007 12:43|---hs----|181605] D:\protect.swedish
[04/07/2007 12:44|---hs----|181829] D:\protect.turkish
[02/12/2008 08:06|---hs----|44] D:\RESTORE.INI
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | https://www.virustotal.com/gui/ |
################## | Cracks / Keygens / Serials |
################## | Upload |
Veuillez envoyer le fichier : C:\Users\NATURE~1\Desktop\UsbFix_Upload_Me_PC-natetmin.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.057 ! |
Utilisateur anonyme
26 nov. 2009 à 15:36
26 nov. 2009 à 15:36
c'est un bon debut.....
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent
▶ Télécharge List&Kill'em et enregistre le sur ton bureau
▶ dezippe-le , (clic droit/ extraire.....)
Il ne necessite pas d'installation
▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan
choisis la langue puis choisis l'option 1 = Mode Recherche
▶laisse travailler l'outil
▶Poste le contenu du rapport qui s'ouvre
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent
▶ Télécharge List&Kill'em et enregistre le sur ton bureau
▶ dezippe-le , (clic droit/ extraire.....)
Il ne necessite pas d'installation
▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan
choisis la langue puis choisis l'option 1 = Mode Recherche
▶laisse travailler l'outil
▶Poste le contenu du rapport qui s'ouvre
OK, un peu plus long cette fois... voici le rapport :
List'em by g3n-h@ckm@n 1.0.5.6
Thx to Chiquitine29.....
User : nature-pro (Administrateurs) # PC-NATETMIN
Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
Start at: 15:50:11 | 26/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled
C:\ -> Disque fixe local | 582,11 Go (458,96 Go free) [HP] | NTFS
D:\ -> Disque fixe local | 14,06 Go (1,93 Go free) [FACTORY_IMAGE] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\Program Files (x86)\Bonjour\mDNSResponder.exe 1100
C:\Windows\SysWOW64\svchost.exe 1720
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 1764
C:\Windows\SysWOW64\conime.exe 2412
C:\Users\nature-pro\Desktop\List_Killem\List_Kill'em.exe 2552
C:\Windows\SysWOW64\cmd.exe 2676
C:\Users\nature-pro\AppData\Local\Temp\F325.tmp\pv.exe 2376
======================
Cles de demarrage "Run"
======================
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DAEMON Tools Lite REG_SZ "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
EPSON BX300F Series (Copie 1) REG_SZ C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S587B.tmp" /EF "HKCU"
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
hpsysdrv REG_SZ c:\hp\support\hpsysdrv.exe
KBD REG_SZ C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
HP Health Check Scheduler REG_SZ c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
UpdateP2GoShortCut REG_SZ "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
UpdatePDIRShortCut REG_SZ "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
UpdatePSTShortCut REG_SZ "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
TSMAgent REG_SZ "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
CLMLServer for HP TouchSmart REG_SZ "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
DVDAgent REG_SZ "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
SunJavaUpdateSched REG_SZ "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
HP Software Update REG_SZ c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Acrobat Assistant 8.0 REG_SZ "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
<SANS NOM> REG_SZ
Malwarebytes Anti-Malware (reboot) REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
=====================
cles additionnelles
=====================
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
ConsentPromptBehaviorAdmin REG_DWORD 0x2
ConsentPromptBehaviorUser REG_DWORD 0x1
EnableInstallerDetection REG_DWORD 0x1
EnableLUA REG_DWORD 0x1
EnableSecureUIAPaths REG_DWORD 0x1
EnableVirtualization REG_DWORD 0x1
PromptOnSecureDesktop REG_DWORD 0x1
ValidateAdminCodeSignatures REG_DWORD 0x0
dontdisplaylastusername REG_DWORD 0x0
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
scforceoption REG_DWORD 0x0
shutdownwithoutlogon REG_DWORD 0x1
undockwithoutlogon REG_DWORD 0x1
FilterAdministratorToken REG_DWORD 0x0
EnableUIADesktopToggle REG_DWORD 0x0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI
===============
===============
BHO :
======
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3
EapHost : 0x3
Wlansvc : 0x3
SharedAccess : 0x4
windefend : 0x2
wuauserv : 0x2
=========
=========================
Environnement variables :
=========================
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\nature-pro\AppData\Roaming
choix=1
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=PC-NATETMIN
ComSpec=C:\Windows\system32\cmd.exe
DFSTRACINGON=FALSE
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\nature-pro
LOCALAPPDATA=C:\Users\nature-pro\AppData\Local
LOGONSERVER=\\PC-NATETMIN
MSWorksProductCode={3B160861-7250-451E-B5EE-8B92BF30A710}
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\hp\bin\Python
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Pavilion
Platform=HPD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=AMD64 Family 15 Model 107 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6b02
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\NATURE~1\AppData\Local\Temp
TMP=C:\Users\NATURE~1\AppData\Local\Temp
TRACE_FORMAT_SEARCH_PATH=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
USERDOMAIN=PC-natetmin
USERNAME=nature-pro
USERPROFILE=C:\Users\nature-pro
windir=C:\Windows
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
C:\Windows\System32\EXPLORER.exe
C:\Windows\system32\regedit.exe
C:\Users\nature-pro\LOCAL Settings\Temp\cawsonexrm.exe
C:\Users\nature-pro\LOCAL Settings\Temp\nacxwrsoem.exe
C:\Users\nature-pro\LOCAL Settings\Temp\rxamewcnso.exe
C:\Users\nature-pro\LOCAL Settings\Temp\xwsracenmo.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is16F9.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is85B2.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_isB5A8.exe
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoActiveDesktopChanges"
=====================
Verification Rootkits
=====================
driver loading error catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-26 15:51:13
Windows 6.0.6001 Service Pack 1 WOW64 NTFS
scanning hidden files ...
IPC error: 2 Le fichier spécifié est introuvable.
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 3616 bytes
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 3616 bytes
C:\Windows\System32\ActiveDRV.txt 47 bytes
C:\Windows\System32\esxcwiad.dll 83968 bytes executable
C:\Windows\System32\LocalGroupAdminAdd.log 15 bytes
C:\Windows\System32\Local_LLU.log 49 bytes
C:\Windows\System32\AdobePDF64.dll 35928 bytes executable
C:\Windows\System32\Boot\fr-FR
C:\Windows\System32\brcoinst.dll 19456 bytes executable
C:\Windows\System32\catroot
C:\Windows\System32\catroot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CaptureWizard-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11055 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CaptureWizard-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11925 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 260946 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 816142 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-LanguagePack-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ClipsInTheLibrary-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ClipsInTheLibrary-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9581 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CodecPack-Basic-Encoder-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11039 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-DesktopWindowManager-uDWM-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-DFSR-ClientEdition-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9871 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-DFSR-ClientEdition-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10757 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Disk-Diagnosis-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9589 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Disk-Diagnosis-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10169 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 8123 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GPUPipeline-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8413 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-BRCpl-Premium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9879 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CodecPack-Basic-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14551 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GPUPipeline-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10749 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Indexing-Service-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 13689 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 121675 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-SideShow-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14543 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetFx3-OC-Package~31bf3856ad364e35~amd64~en-US~6.0.6000.16386.cat 27351 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAHP-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 38595 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAHP-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 23493 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-Customization-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8703 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-Customization-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9283 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 13343 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-AddOn-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 65720 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-AddOn-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 120148 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 58211 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 82524 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Indexing-Service-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11933 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Links-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8703 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Links-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 8123 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 21341 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 228341 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaCenter-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 24861 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaCenter-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 98375 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 25465 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Basic-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10177 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Basic-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11329 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11353 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 12215 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-SideShow-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11643 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetFx3-OC-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 53261 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetFx3-OC-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 137938 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpticalMediaDisc-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10177 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpticalMediaDisc-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 124242 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ParentalControls-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 21397 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ParentalControls-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 26053 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-AdhocMeetings-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-Full-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 16919 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-Full-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 22958 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 21349 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 28663 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-Foundation-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 12247 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-Foundation-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 12843 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-XPSServices-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8413 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RasRip-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RasRip-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RDC-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8413 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RDC-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9879 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RecDisc-SDP-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6001.18000.cat 13280 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RecDisc-SDP-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.cat 18167 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemoteAssistance-Package-Client~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11957 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemovableStorageManagement-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 12545 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemovableStorageManagement-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14027 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SampleContent-Movies-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10733 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SampleContent-Music-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14793 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ServicingBaseline-HomePremium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 8703 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 13971 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 18353 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10757 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 12803 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SimpleTCP-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SimpleTCP-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9291 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SNMP-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 14293 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SNMP-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 30879 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 12545 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 18638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TabletPC-OC-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 28163 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Client-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Client-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9291 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Server-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10177 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Server-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11047 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TFTP-Client-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TFTP-Client-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-VistaServicePack-UninstallRemoval-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6001.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-VistaServicePack-UninstallRemoval-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14503 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat 6106074 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntexe.cat 221046 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat 1052954 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat 1139256 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntprint.cat 19168 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.cat 10701 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem11.cat 8176 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem12.cat 8097 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem13.cat 8097 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem14.cat 8168 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.cat 10806 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_12_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_12_for_KB972036~31bf3856ad364e35~amd64~~6.0.2.0.cat 26637 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_130_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 23253 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_131_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 12026 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_13_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_13_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_13_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 19452 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_140_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 9658 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_143_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 18001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12684 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB950582~31bf3856ad364e35~amd64~~6.0.1.1.cat 12106 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB958483~31bf3856ad364e35~amd64~~6.0.1.2.cat 27261 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB958623~31bf3856ad364e35~amd64~~6.0.1.1.cat 10555 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_17_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_17_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 101163 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_19_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12394 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_19_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12692 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_19_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB905866~31bf3856ad364e35~amd64~~6.0.35.0.cat 10834 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12410 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-XPSServices-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10161 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemoteAssistance-Package-Client~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14019 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Sidebar-Killbits-SDP-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.cat 11218 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TabletPC-OC-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 73416 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-VistaSP1CEIP-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.cat 8097 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem34.cat 10822 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_20_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_21_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_21_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_21_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 13588 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_229_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 16150 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 43050 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12684 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 27362 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_239_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 27377 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_23_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_23_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12402 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_23_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_24_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 15296 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_24_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_24_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 17452 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 15656 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12394 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 20434 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_277_for_KB970653~31bf3856ad364e35~amd64~~6.0.1.0.cat 10500 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_277_for_KB976098~31bf3856ad364e35~amd64~~6.0.1.1.cat 10515 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_27_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_27_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 20272 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_27_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_28_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_28_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 13546 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_28_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12692 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_28_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_293_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 26253 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_296_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 20918 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 28908 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 13588 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 17986 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11814 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11806 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_31_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 13588 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_320_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 7917 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_321_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 7917 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_322_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 7917 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_32_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_32_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 43428 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_32_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 15632 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_32_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_35_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_35_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11508 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_35_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_36_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_36_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_36_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 19048 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_36_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_39_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 19514 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_39_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11508 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_39_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB905866~31bf3856ad364e35~amd64~~6.0.35.0.cat 10834 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12394 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_41_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11814 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 27046 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB950582~31bf3856ad364e35~amd64~~6.0.1.1.cat 87382 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB958623~31bf3856ad364e35~amd64~~6.0.1.1.cat 85831 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_43_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_17_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_19_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 36800 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB951376~31bf3856ad364e35~amd64~~6.0.1.1.cat 14184 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB954588~31bf3856ad364e35~amd64~~6.0.1.0.cat 11808 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB959108~31bf3856ad364e35~amd64~~6.0.1.0.cat 17885 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_20_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 370521 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_23_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 16196 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-AdhocMeetings-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 13423 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_41_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 53684 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 22863 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB950124_client_1~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB956391_client_1~31bf3856ad364e35~amd64~~6.0.1.2.cat 8409 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB973540_client_2~31bf3856ad364e35~amd64~~6.0.1.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_46_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 225446 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_46_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_47_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_47_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 112912 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_47_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_47_for_KB952154~31bf3856ad364e35~amd64~~6.0.2.0.cat 11518 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_48_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_48_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 372143 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_48_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12974 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_48_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 13570 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB951072~31bf3856ad364e35~amd64~~6.0.2.0.cat 13572 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB970653~31bf3856ad364e35~amd64~~6.0.1.0.cat 10500 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB976098~31bf3856ad364e35~amd64~~6.0.1.1.cat 10515 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_50_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15608 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_50_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_51_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_51_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 14730 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_51_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 24452 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 32083 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 36211 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 103913 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_55_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_56_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15946 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB952154~31bf3856ad364e35~amd64~~6.0.2.0.cat 11518 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_58_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_58_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 25064 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_59_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_59_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15358 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB905866~31bf3856ad364e35~amd64~~6.0.35.0.cat 10834 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_61_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 22688 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_62_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 13280 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_64_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15358 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_66_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12676 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_67_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_68_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15664 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_69_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 14198 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12700 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB947562~31bf3856ad364e35~amd64~~6.0.1.1.cat 26428 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB952069~31bf3856ad364e35~amd64~~6.0.1.0.cat 100632 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB954366~31bf3856ad364e35~amd64~~6.0.1.3.cat 29360 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB956572~31bf3856ad364e35~amd64~~6.0.1.5.cat 35940 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB961371~31bf3856ad364e35~amd64~~6.0.1.4.cat 10834 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB968816~31bf3856ad364e35~amd64~~6.0.1.1.cat 97892 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB970710~31bf3856ad364e35~amd64~~6.0.1.1.cat 11994 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB972036~31bf3856ad364e35~amd64~~6.0.2.0.cat 12010 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB973525~31bf3856ad364e35~amd64~~6.0.1.3.cat 9323 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB973565~31bf3856ad364e35~amd64~~6.0.1.0.cat 10238 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB974306~31bf3856ad364e35~amd64~~6.0.1.2.cat 21466 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB974455~31bf3856ad364e35~amd64~~6.0.1.0.cat 289664 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB975467~31bf3856ad364e35~amd64~~6.0.1.0.cat 10849 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_82_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11806 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_83_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 13562 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_83_for_KB958483~31bf3856ad364e35~amd64~~6.0.1.2.cat 10845 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_84_for_KB952154~31bf3856ad364e35~amd64~~6.0.2.0.cat 11518 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_84_for_KB958481~31bf3856ad364e35~amd64~~6.0.1.0.cat 15723 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15004 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 17479 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB969947~31bf3856ad364e35~amd64~~6.0.1.0.cat 10253 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB970238~31bf3856ad364e35~amd64~~6.0.1.0.cat 34695 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB971486~31bf3856ad364e35~amd64~~6.0.1.1.cat 9905 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB971657~31bf3856ad364e35~amd64~~6.0.1.0.cat 10238 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB973507~31bf3856ad364e35~amd64~~6.0.1.1.cat 13696 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB974571~31bf3856ad364e35~amd64~~6.0.1.3.cat 13609 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_90_for_KB958483~31bf3856ad364e35~amd64~~6.0.1.2.cat 27261 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_93_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 14182 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_94_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 31695 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_95_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11798 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB958483~31bf3856ad364e35~amd64~~6.0.1.2.cat 10845 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB968816~31bf3856ad364e35~amd64~~6.0.1.1.cat 75079 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB970710~31bf3856ad364e35~amd64~~6.0.1.1.cat 19646 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866_client_0~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866_client_1~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866_client_2~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866_client~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB937287_client_0~31bf3856ad364e35~amd64~~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Anytime-Upgrade-HomePremium-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Anytime-Upgrade-HomePremium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10169 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Backup-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10781 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Backup-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 13034 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 20319 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-BRCpl-Premium-LanguagePack-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9589 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 1462632 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WMI-SNMP-Provider-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9895 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WMI-SNMP-Provider-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11667 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WMPNetworkSharingService-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10765 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WMPNetworkSharingService-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 37664 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Help-AnytimeUpgrade-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Help-AnytimeUpgrade-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 8703 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MovieMaker-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 12239 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MovieMaker-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 17773 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MSMQ-Client-Home-Premium-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11329 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MSMQ-Client-Home-Premium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 28985 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948590_client_0~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948590_client_1~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948590_client~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948590~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948881_client_0~31bf3856ad364e35~amd64~~6.0.1.1.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948881_client_1~31bf3856ad364e35~amd64~~6.0.1.1.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948881_client~31bf3856ad364e35~amd64~~6.0.1.1.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948881~31bf3856ad364e35~amd64~~6.0.1.1.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB950124_client_0~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_43_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 23494 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_46_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB955302~31bf3856ad364e35~amd64~~6.0.1.1.cat 14748 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_50_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_55_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB954211~31bf3856ad364e35~amd64~~6.0.1.4.cat 12976 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB958869~31bf3856ad364e35~amd64~~6.0.1.0.cat 111088 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 23696 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB938464~31bf3856ad364e35~amd64~~6.0.1.5.cat 112687 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB941693~31bf3856ad364e35~amd64~~6.0.1.2.cat 12976 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB947562~31bf3856ad364e35~amd64~~6.0.1.1.cat 26428 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB947864~31bf3856ad364e35~amd64~~6.0.1.0.cat 188974 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB948590~31bf3856ad364e35~amd64~~6.0.1.0.cat 22675 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB950124~31bf3856ad364e35~amd64~~6.0.1.0.cat 12380 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB950125~31bf3856ad364e35~amd64~~6.0.1.0.cat
List'em by g3n-h@ckm@n 1.0.5.6
Thx to Chiquitine29.....
User : nature-pro (Administrateurs) # PC-NATETMIN
Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
Start at: 15:50:11 | 26/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Disabled
C:\ -> Disque fixe local | 582,11 Go (458,96 Go free) [HP] | NTFS
D:\ -> Disque fixe local | 14,06 Go (1,93 Go free) [FACTORY_IMAGE] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\Program Files (x86)\Bonjour\mDNSResponder.exe 1100
C:\Windows\SysWOW64\svchost.exe 1720
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 1764
C:\Windows\SysWOW64\conime.exe 2412
C:\Users\nature-pro\Desktop\List_Killem\List_Kill'em.exe 2552
C:\Windows\SysWOW64\cmd.exe 2676
C:\Users\nature-pro\AppData\Local\Temp\F325.tmp\pv.exe 2376
======================
Cles de demarrage "Run"
======================
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DAEMON Tools Lite REG_SZ "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
EPSON BX300F Series (Copie 1) REG_SZ C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S587B.tmp" /EF "HKCU"
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
hpsysdrv REG_SZ c:\hp\support\hpsysdrv.exe
KBD REG_SZ C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
HP Health Check Scheduler REG_SZ c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
UpdateP2GoShortCut REG_SZ "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
UpdatePDIRShortCut REG_SZ "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
UpdatePSTShortCut REG_SZ "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
TSMAgent REG_SZ "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
CLMLServer for HP TouchSmart REG_SZ "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
DVDAgent REG_SZ "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
SunJavaUpdateSched REG_SZ "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
HP Software Update REG_SZ c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Acrobat Assistant 8.0 REG_SZ "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
<SANS NOM> REG_SZ
Malwarebytes Anti-Malware (reboot) REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
=====================
cles additionnelles
=====================
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
ConsentPromptBehaviorAdmin REG_DWORD 0x2
ConsentPromptBehaviorUser REG_DWORD 0x1
EnableInstallerDetection REG_DWORD 0x1
EnableLUA REG_DWORD 0x1
EnableSecureUIAPaths REG_DWORD 0x1
EnableVirtualization REG_DWORD 0x1
PromptOnSecureDesktop REG_DWORD 0x1
ValidateAdminCodeSignatures REG_DWORD 0x0
dontdisplaylastusername REG_DWORD 0x0
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
scforceoption REG_DWORD 0x0
shutdownwithoutlogon REG_DWORD 0x1
undockwithoutlogon REG_DWORD 0x1
FilterAdministratorToken REG_DWORD 0x0
EnableUIADesktopToggle REG_DWORD 0x0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI
===============
===============
BHO :
======
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3
EapHost : 0x3
Wlansvc : 0x3
SharedAccess : 0x4
windefend : 0x2
wuauserv : 0x2
=========
=========================
Environnement variables :
=========================
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\nature-pro\AppData\Roaming
choix=1
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=PC-NATETMIN
ComSpec=C:\Windows\system32\cmd.exe
DFSTRACINGON=FALSE
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\nature-pro
LOCALAPPDATA=C:\Users\nature-pro\AppData\Local
LOGONSERVER=\\PC-NATETMIN
MSWorksProductCode={3B160861-7250-451E-B5EE-8B92BF30A710}
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\hp\bin\Python
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Pavilion
Platform=HPD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=AMD64 Family 15 Model 107 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6b02
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\NATURE~1\AppData\Local\Temp
TMP=C:\Users\NATURE~1\AppData\Local\Temp
TRACE_FORMAT_SEARCH_PATH=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
USERDOMAIN=PC-natetmin
USERNAME=nature-pro
USERPROFILE=C:\Users\nature-pro
windir=C:\Windows
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
C:\Windows\System32\EXPLORER.exe
C:\Windows\system32\regedit.exe
C:\Users\nature-pro\LOCAL Settings\Temp\cawsonexrm.exe
C:\Users\nature-pro\LOCAL Settings\Temp\nacxwrsoem.exe
C:\Users\nature-pro\LOCAL Settings\Temp\rxamewcnso.exe
C:\Users\nature-pro\LOCAL Settings\Temp\xwsracenmo.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is16F9.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is85B2.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_isB5A8.exe
¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoActiveDesktopChanges"
=====================
Verification Rootkits
=====================
driver loading error catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-26 15:51:13
Windows 6.0.6001 Service Pack 1 WOW64 NTFS
scanning hidden files ...
IPC error: 2 Le fichier spécifié est introuvable.
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 3616 bytes
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 3616 bytes
C:\Windows\System32\ActiveDRV.txt 47 bytes
C:\Windows\System32\esxcwiad.dll 83968 bytes executable
C:\Windows\System32\LocalGroupAdminAdd.log 15 bytes
C:\Windows\System32\Local_LLU.log 49 bytes
C:\Windows\System32\AdobePDF64.dll 35928 bytes executable
C:\Windows\System32\Boot\fr-FR
C:\Windows\System32\brcoinst.dll 19456 bytes executable
C:\Windows\System32\catroot
C:\Windows\System32\catroot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CaptureWizard-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11055 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CaptureWizard-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11925 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 260946 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 816142 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-LanguagePack-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ClipsInTheLibrary-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ClipsInTheLibrary-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9581 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CodecPack-Basic-Encoder-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11039 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-DesktopWindowManager-uDWM-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-DFSR-ClientEdition-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9871 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-DFSR-ClientEdition-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10757 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Disk-Diagnosis-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9589 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Disk-Diagnosis-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10169 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 8123 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GPUPipeline-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8413 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-BRCpl-Premium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9879 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CodecPack-Basic-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14551 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GPUPipeline-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10749 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Indexing-Service-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 13689 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 121675 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-SideShow-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14543 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetFx3-OC-Package~31bf3856ad364e35~amd64~en-US~6.0.6000.16386.cat 27351 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAHP-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 38595 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-CoreClientUAHP-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 23493 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-Customization-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8703 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Help-Customization-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9283 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 13343 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-AddOn-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 65720 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-AddOn-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 120148 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 58211 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-IIS-WebServer-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 82524 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Indexing-Service-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11933 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Links-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8703 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Links-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 8123 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 21341 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 228341 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaCenter-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 24861 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaCenter-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 98375 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 25465 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Basic-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10177 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Basic-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11329 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11353 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 12215 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Client-SideShow-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11643 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetFx3-OC-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 53261 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-NetFx3-OC-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 137938 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpticalMediaDisc-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10177 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpticalMediaDisc-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 124242 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ParentalControls-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 21397 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ParentalControls-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 26053 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-AdhocMeetings-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-Full-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 16919 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-Full-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 22958 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 21349 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 28663 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-Foundation-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 12247 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-Foundation-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 12843 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-XPSServices-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8413 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RasRip-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RasRip-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RDC-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 8413 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RDC-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9879 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RecDisc-SDP-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6001.18000.cat 13280 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RecDisc-SDP-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.cat 18167 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemoteAssistance-Package-Client~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11957 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemovableStorageManagement-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 12545 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemovableStorageManagement-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14027 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SampleContent-Movies-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10733 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SampleContent-Music-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14793 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-ServicingBaseline-HomePremium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 8703 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 13971 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 18353 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10757 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 12803 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SimpleTCP-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SimpleTCP-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9291 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SNMP-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 14293 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SNMP-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 30879 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 12545 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 18638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TabletPC-OC-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 28163 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Client-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Client-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9291 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Server-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10177 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Telnet-Server-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11047 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TFTP-Client-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TFTP-Client-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-VistaServicePack-UninstallRemoval-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6001.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-VistaServicePack-UninstallRemoval-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14503 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat 6106074 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntexe.cat 221046 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat 1052954 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat 1139256 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntprint.cat 19168 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.cat 10701 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem11.cat 8176 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem12.cat 8097 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem13.cat 8097 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem14.cat 8168 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.cat 10806 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_12_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_12_for_KB972036~31bf3856ad364e35~amd64~~6.0.2.0.cat 26637 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_130_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 23253 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_131_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 12026 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_13_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_13_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_13_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 19452 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_140_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 9658 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_143_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 18001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12684 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB950582~31bf3856ad364e35~amd64~~6.0.1.1.cat 12106 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB958483~31bf3856ad364e35~amd64~~6.0.1.2.cat 27261 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB958623~31bf3856ad364e35~amd64~~6.0.1.1.cat 10555 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_17_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_17_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 101163 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_19_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12394 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_19_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12692 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_19_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB905866~31bf3856ad364e35~amd64~~6.0.35.0.cat 10834 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12410 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Printing-XPSServices-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10161 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-RemoteAssistance-Package-Client~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 14019 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Sidebar-Killbits-SDP-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.cat 11218 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-TabletPC-OC-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 73416 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-VistaSP1CEIP-Package~31bf3856ad364e35~amd64~~6.0.6001.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.cat 8097 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem34.cat 10822 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_20_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_21_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_21_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_21_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 13588 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_229_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 16150 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 43050 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12684 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_22_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 27362 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_239_for_KB972145~31bf3856ad364e35~amd64~~6.0.1.5.cat 27377 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_23_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_23_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12402 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_23_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_24_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 15296 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_24_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_24_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 17452 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 15656 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12394 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 20434 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_277_for_KB970653~31bf3856ad364e35~amd64~~6.0.1.0.cat 10500 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_277_for_KB976098~31bf3856ad364e35~amd64~~6.0.1.1.cat 10515 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_27_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_27_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 20272 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_27_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_28_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_28_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 13546 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_28_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12692 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_28_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_293_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 26253 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_296_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 20918 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 28908 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 13588 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 17986 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11814 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11806 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_31_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 13588 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_320_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 7917 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_321_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 7917 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_322_for_KB967723~31bf3856ad364e35~amd64~~6.0.1.7.cat 7917 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_32_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_32_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 43428 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_32_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 15632 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_32_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_35_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_35_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11508 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_35_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_36_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_36_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_36_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 19048 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_36_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_39_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 19514 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_39_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11508 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_39_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB905866~31bf3856ad364e35~amd64~~6.0.35.0.cat 10834 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12394 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_41_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11814 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 27046 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB950582~31bf3856ad364e35~amd64~~6.0.1.1.cat 87382 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_42_for_KB958623~31bf3856ad364e35~amd64~~6.0.1.1.cat 85831 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_43_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_17_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_19_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 36800 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB951376~31bf3856ad364e35~amd64~~6.0.1.1.cat 14184 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB954588~31bf3856ad364e35~amd64~~6.0.1.0.cat 11808 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB959108~31bf3856ad364e35~amd64~~6.0.1.0.cat 17885 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_20_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 370521 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_23_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 16196 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_26_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_29_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-PeerToPeer-AdhocMeetings-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 13423 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_16_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_41_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 53684 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_60_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 22863 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB950124_client_1~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB956391_client_1~31bf3856ad364e35~amd64~~6.0.1.2.cat 8409 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB973540_client_2~31bf3856ad364e35~amd64~~6.0.1.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_46_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 225446 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_46_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_47_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_47_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 112912 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_47_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_47_for_KB952154~31bf3856ad364e35~amd64~~6.0.2.0.cat 11518 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_48_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_48_for_KB936330~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 372143 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_48_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12974 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_48_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 13570 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 15328 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB951072~31bf3856ad364e35~amd64~~6.0.2.0.cat 13572 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB970653~31bf3856ad364e35~amd64~~6.0.1.0.cat 10500 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_49_for_KB976098~31bf3856ad364e35~amd64~~6.0.1.1.cat 10515 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_50_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15608 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_50_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_51_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_51_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 14730 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_51_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 24452 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_52_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 32083 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_53_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 36211 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 103913 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_54_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_55_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_56_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15946 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_57_for_KB952154~31bf3856ad364e35~amd64~~6.0.2.0.cat 11518 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_58_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_58_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 25064 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_59_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_59_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15358 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB905866~31bf3856ad364e35~amd64~~6.0.35.0.cat 10834 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_61_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 22688 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_62_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 13280 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_64_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15358 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_66_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12676 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_67_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12104 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_68_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15664 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_69_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 14198 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 12700 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB947562~31bf3856ad364e35~amd64~~6.0.1.1.cat 26428 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB952069~31bf3856ad364e35~amd64~~6.0.1.0.cat 100632 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB954366~31bf3856ad364e35~amd64~~6.0.1.3.cat 29360 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB956572~31bf3856ad364e35~amd64~~6.0.1.5.cat 35940 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB961371~31bf3856ad364e35~amd64~~6.0.1.4.cat 10834 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB968816~31bf3856ad364e35~amd64~~6.0.1.1.cat 97892 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB970710~31bf3856ad364e35~amd64~~6.0.1.1.cat 11994 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB972036~31bf3856ad364e35~amd64~~6.0.2.0.cat 12010 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB973525~31bf3856ad364e35~amd64~~6.0.1.3.cat 9323 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB973565~31bf3856ad364e35~amd64~~6.0.1.0.cat 10238 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB974306~31bf3856ad364e35~amd64~~6.0.1.2.cat 21466 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB974455~31bf3856ad364e35~amd64~~6.0.1.0.cat 289664 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_6_for_KB975467~31bf3856ad364e35~amd64~~6.0.1.0.cat 10849 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_82_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11806 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_83_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 13562 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_83_for_KB958483~31bf3856ad364e35~amd64~~6.0.1.2.cat 10845 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_84_for_KB952154~31bf3856ad364e35~amd64~~6.0.2.0.cat 11518 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_84_for_KB958481~31bf3856ad364e35~amd64~~6.0.1.0.cat 15723 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 15004 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 17479 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB969947~31bf3856ad364e35~amd64~~6.0.1.0.cat 10253 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB970238~31bf3856ad364e35~amd64~~6.0.1.0.cat 34695 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB971486~31bf3856ad364e35~amd64~~6.0.1.1.cat 9905 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB971657~31bf3856ad364e35~amd64~~6.0.1.0.cat 10238 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB973507~31bf3856ad364e35~amd64~~6.0.1.1.cat 13696 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_8_for_KB974571~31bf3856ad364e35~amd64~~6.0.1.3.cat 13609 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_90_for_KB958483~31bf3856ad364e35~amd64~~6.0.1.2.cat 27261 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_93_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 14182 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_94_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 31695 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_95_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 11798 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 24140 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB958483~31bf3856ad364e35~amd64~~6.0.1.2.cat 10845 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB968816~31bf3856ad364e35~amd64~~6.0.1.1.cat 75079 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_9_for_KB970710~31bf3856ad364e35~amd64~~6.0.1.1.cat 19646 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866_client_0~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866_client_1~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866_client_2~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866_client~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB905866~31bf3856ad364e35~amd64~~6.0.35.0.cat 7902 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB937287_client_0~31bf3856ad364e35~amd64~~6.0.1.18000.cat 10638 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Anytime-Upgrade-HomePremium-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Anytime-Upgrade-HomePremium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 10169 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Backup-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10781 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Backup-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 13034 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 20319 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-BRCpl-Premium-LanguagePack-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9589 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 1462632 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WMI-SNMP-Provider-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9895 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WMI-SNMP-Provider-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 11667 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WMPNetworkSharingService-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 10765 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-WMPNetworkSharingService-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 37664 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Help-AnytimeUpgrade-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 9001 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MobilePC-Help-AnytimeUpgrade-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 8703 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MovieMaker-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 12239 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MovieMaker-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 17773 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MSMQ-Client-Home-Premium-Package~31bf3856ad364e35~amd64~fr-FR~6.0.6000.16386.cat 11329 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MSMQ-Client-Home-Premium-Package~31bf3856ad364e35~amd64~~6.0.6000.16386.cat 28985 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948590_client_0~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948590_client_1~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948590_client~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948590~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948881_client_0~31bf3856ad364e35~amd64~~6.0.1.1.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948881_client_1~31bf3856ad364e35~amd64~~6.0.1.1.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948881_client~31bf3856ad364e35~amd64~~6.0.1.1.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB948881~31bf3856ad364e35~amd64~~6.0.1.1.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB950124_client_0~31bf3856ad364e35~amd64~~6.0.1.0.cat 10640 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_43_for_KB936330~31bf3856ad364e35~amd64~~6.0.1.18000.cat 23494 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_46_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB955302~31bf3856ad364e35~amd64~~6.0.1.1.cat 14748 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_50_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_55_for_KB935509~31bf3856ad364e35~amd64~~6.0.1.9.cat 12396 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB937286~31bf3856ad364e35~amd64~fr-FR~6.0.1.18000.cat 11516 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB954211~31bf3856ad364e35~amd64~~6.0.1.4.cat 12976 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_5_for_KB958869~31bf3856ad364e35~amd64~~6.0.1.0.cat 111088 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB938371~31bf3856ad364e35~amd64~~6.0.2.27.cat 23696 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB938464~31bf3856ad364e35~amd64~~6.0.1.5.cat 112687 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB941693~31bf3856ad364e35~amd64~~6.0.1.2.cat 12976 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB947562~31bf3856ad364e35~amd64~~6.0.1.1.cat 26428 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB947864~31bf3856ad364e35~amd64~~6.0.1.0.cat 188974 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB948590~31bf3856ad364e35~amd64~~6.0.1.0.cat 22675 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB950124~31bf3856ad364e35~amd64~~6.0.1.0.cat 12380 bytes
C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB950125~31bf3856ad364e35~amd64~~6.0.1.0.cat
Utilisateur anonyme
26 nov. 2009 à 16:12
26 nov. 2009 à 16:12
▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),
mais cette fois-ci :
▶ choisis l'option 2 = Mode Destruction
laisse travailler l'outil.
en fin de scan un rapport s'ouvre , ferme-le puis redemarre
▶ colle le contenu dans ta reponse
ensuite :
########### [ Option 1 ( Recherche ) ]
▶ Télécharge FindyKill de Chiquitine29 sur ton bureau :
https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
! Déconnecte toi et ferme toutes applications en cours !
▶ Double clique (clic droit "en tant qu'administrateur" pour Vista) sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
mais cette fois-ci :
▶ choisis l'option 2 = Mode Destruction
laisse travailler l'outil.
en fin de scan un rapport s'ouvre , ferme-le puis redemarre
▶ colle le contenu dans ta reponse
ensuite :
########### [ Option 1 ( Recherche ) ]
▶ Télécharge FindyKill de Chiquitine29 sur ton bureau :
https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
! Déconnecte toi et ferme toutes applications en cours !
▶ Double clique (clic droit "en tant qu'administrateur" pour Vista) sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Voilà pour List&Kill'em, le rapport après Destruction :
Kill'em by g3n-h@ckm@n 1.0.5.6
User : nature-pro () # PC-NATETMIN
Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
Start at: 16:21:13 | 26/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 582,11 Go (458,89 Go free) [HP] | NTFS
D:\ -> Disque fixe local | 14,06 Go (1,93 Go free) [FACTORY_IMAGE] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\Users\nature-pro\Desktop\List_Killem\List_Kill'em.exe 1140
C:\Windows\SysWOW64\cmd.exe 1164
C:\Users\nature-pro\AppData\Local\Temp\1831.tmp\pv.exe 1436
Fichiers analysés :
=================
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Windows\System32\EXPLORER.exe"
"C:\Windows\system32\regedit.exe"
C:\Users\nature-pro\LOCAL Settings\Temp\cawsonexrm.exe
C:\Users\nature-pro\LOCAL Settings\Temp\nacxwrsoem.exe
C:\Users\nature-pro\LOCAL Settings\Temp\rxamewcnso.exe
C:\Users\nature-pro\LOCAL Settings\Temp\xwsracenmo.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is16F9.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is85B2.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_isB5A8.exe
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :
Quarantaine :
cawsonexrm.exe.Kill'em
nacxwrsoem.exe.Kill'em
rxamewcnso.exe.Kill'em
xwsracenmo.exe.Kill'em
_is16F9.exe.Kill'em
Kill'em by g3n-h@ckm@n 1.0.5.6
User : nature-pro () # PC-NATETMIN
Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
Start at: 16:21:13 | 26/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 582,11 Go (458,89 Go free) [HP] | NTFS
D:\ -> Disque fixe local | 14,06 Go (1,93 Go free) [FACTORY_IMAGE] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\Users\nature-pro\Desktop\List_Killem\List_Kill'em.exe 1140
C:\Windows\SysWOW64\cmd.exe 1164
C:\Users\nature-pro\AppData\Local\Temp\1831.tmp\pv.exe 1436
Fichiers analysés :
=================
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Windows\System32\EXPLORER.exe"
"C:\Windows\system32\regedit.exe"
C:\Users\nature-pro\LOCAL Settings\Temp\cawsonexrm.exe
C:\Users\nature-pro\LOCAL Settings\Temp\nacxwrsoem.exe
C:\Users\nature-pro\LOCAL Settings\Temp\rxamewcnso.exe
C:\Users\nature-pro\LOCAL Settings\Temp\xwsracenmo.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is16F9.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is85B2.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_isB5A8.exe
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :
Quarantaine :
cawsonexrm.exe.Kill'em
nacxwrsoem.exe.Kill'em
rxamewcnso.exe.Kill'em
xwsracenmo.exe.Kill'em
_is16F9.exe.Kill'em
Utilisateur anonyme
26 nov. 2009 à 16:38
26 nov. 2009 à 16:38
manque un bout ^^
Et voici le rapport de findy Kill :
############################## | FindyKill V5.020 |
# User : nature-pro (Administrateurs) # PC-NATETMIN
# Update on 26/11/2009 by Chiquitine29
# Start at: 16:29:16 | 26/11/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com
# AMD Athlon(tm) Dual Core Processor 4450e
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 582,11 Go (458,88 Go free) [HP] # NTFS
# D:\ # Disque fixe local # 14,06 Go (1,93 Go free) [FACTORY_IMAGE] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque CD-ROM
############################## | Processus actifs |
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Windows\SysWOW64\conime.exe
################## | C: |
################## | C:\Windows |
################## | C:\Windows\system32 |
################## | C:\Windows\system32\drivers |
################## | C:\Users\nature-pro\AppData\Roaming |
################## | Autres detections ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# Uac : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 3 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.020 ! |
############################## | FindyKill V5.020 |
# User : nature-pro (Administrateurs) # PC-NATETMIN
# Update on 26/11/2009 by Chiquitine29
# Start at: 16:29:16 | 26/11/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com
# AMD Athlon(tm) Dual Core Processor 4450e
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 582,11 Go (458,88 Go free) [HP] # NTFS
# D:\ # Disque fixe local # 14,06 Go (1,93 Go free) [FACTORY_IMAGE] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque CD-ROM
############################## | Processus actifs |
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Windows\SysWOW64\conime.exe
################## | C: |
################## | C:\Windows |
################## | C:\Windows\system32 |
################## | C:\Windows\system32\drivers |
################## | C:\Users\nature-pro\AppData\Roaming |
################## | Autres detections ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# Uac : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 3 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.020 ! |
Oui effectivement, il manque le dernier bout du rapport précédent de List&Kill'em, que voici :
Que penses-tu de tout cela? Pour ma part, j'ai l'impression que c'est OK, non?
Kill'em by g3n-h@ckm@n 1.0.5.6
User : nature-pro () # PC-NATETMIN
Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
Start at: 16:21:13 | 26/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 582,11 Go (458,89 Go free) [HP] | NTFS
D:\ -> Disque fixe local | 14,06 Go (1,93 Go free) [FACTORY_IMAGE] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\Users\nature-pro\Desktop\List_Killem\List_Kill'em.exe 1140
C:\Windows\SysWOW64\cmd.exe 1164
C:\Users\nature-pro\AppData\Local\Temp\1831.tmp\pv.exe 1436
Fichiers analysés :
=================
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Windows\System32\EXPLORER.exe"
"C:\Windows\system32\regedit.exe"
C:\Users\nature-pro\LOCAL Settings\Temp\cawsonexrm.exe
C:\Users\nature-pro\LOCAL Settings\Temp\nacxwrsoem.exe
C:\Users\nature-pro\LOCAL Settings\Temp\rxamewcnso.exe
C:\Users\nature-pro\LOCAL Settings\Temp\xwsracenmo.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is16F9.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is85B2.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_isB5A8.exe
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :
Quarantaine :
cawsonexrm.exe.Kill'em
nacxwrsoem.exe.Kill'em
rxamewcnso.exe.Kill'em
xwsracenmo.exe.Kill'em
_is16F9.exe.Kill'em
_is85B2.exe.Kill'em
_isB5A8.exe.Kill'em
====================
Fichiers hosts nettoyés
====================
¤¤¤¤¤¤¤¤¤¤ C:\Windows\Prefetch
AgAppLaunch.db
AgCx_S1_S-1-5-21-3846326564-3962006720-2315158884-1000.snp.db
AgCx_SC1.db
AgCx_SC1.db.trx
AgCx_SC3_5707C6445C724855.db
AgGlFaultHistory.db
AgGlFgAppHistory.db
AgGlGlobalHistory.db
AgGlUAD_P_S-1-5-21-3846326564-3962006720-2315158884-1000.db
AgGlUAD_S-1-5-21-3846326564-3962006720-2315158884-1000.db
AgRobust.db
Layout.ini
NTOSBOOT-B00DFAAD.pf
PfSvPerfStats.bin
ReadyBoot
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Que penses-tu de tout cela? Pour ma part, j'ai l'impression que c'est OK, non?
Kill'em by g3n-h@ckm@n 1.0.5.6
User : nature-pro () # PC-NATETMIN
Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
Start at: 16:21:13 | 26/11/2009
Contact : g3n-h@ckm@n sur CCM
AMD Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled
C:\ -> Disque fixe local | 582,11 Go (458,89 Go free) [HP] | NTFS
D:\ -> Disque fixe local | 14,06 Go (1,93 Go free) [FACTORY_IMAGE] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
C:\Users\nature-pro\Desktop\List_Killem\List_Kill'em.exe 1140
C:\Windows\SysWOW64\cmd.exe 1164
C:\Users\nature-pro\AppData\Local\Temp\1831.tmp\pv.exe 1436
Fichiers analysés :
=================
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :
"C:\Windows\System32\EXPLORER.exe"
"C:\Windows\system32\regedit.exe"
C:\Users\nature-pro\LOCAL Settings\Temp\cawsonexrm.exe
C:\Users\nature-pro\LOCAL Settings\Temp\nacxwrsoem.exe
C:\Users\nature-pro\LOCAL Settings\Temp\rxamewcnso.exe
C:\Users\nature-pro\LOCAL Settings\Temp\xwsracenmo.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is16F9.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_is85B2.exe
C:\Users\nature-pro\LOCAL Settings\Temp\_isB5A8.exe
¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :
Quarantaine :
cawsonexrm.exe.Kill'em
nacxwrsoem.exe.Kill'em
rxamewcnso.exe.Kill'em
xwsracenmo.exe.Kill'em
_is16F9.exe.Kill'em
_is85B2.exe.Kill'em
_isB5A8.exe.Kill'em
====================
Fichiers hosts nettoyés
====================
¤¤¤¤¤¤¤¤¤¤ C:\Windows\Prefetch
AgAppLaunch.db
AgCx_S1_S-1-5-21-3846326564-3962006720-2315158884-1000.snp.db
AgCx_SC1.db
AgCx_SC1.db.trx
AgCx_SC3_5707C6445C724855.db
AgGlFaultHistory.db
AgGlFgAppHistory.db
AgGlGlobalHistory.db
AgGlUAD_P_S-1-5-21-3846326564-3962006720-2315158884-1000.db
AgGlUAD_S-1-5-21-3846326564-3962006720-2315158884-1000.db
AgRobust.db
Layout.ini
NTOSBOOT-B00DFAAD.pf
PfSvPerfStats.bin
ReadyBoot
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Utilisateur anonyme
26 nov. 2009 à 16:48
26 nov. 2009 à 16:48
ok :
########### [ Option 2 ( Suppression ) ]
▶ Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
▶ Relance "FindyKill" (clic droit "en tant qu'administrateur" pour Vista): au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]
▶ Le pc va redémarrer automatiquement ...
▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !
▶ Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
########### [ Option 2 ( Suppression ) ]
▶ Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
▶ Relance "FindyKill" (clic droit "en tant qu'administrateur" pour Vista): au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]
▶ Le pc va redémarrer automatiquement ...
▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !
▶ Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
OK, c'est fait, j'ai procédé à la destruction avce FindyKill.
Je te transmets le rapport :
Qu'en penses-tu? merci de ta réponse
############################## | FindyKill V5.020 |
# User : nature-pro (Administrateurs) # PC-NATETMIN
# Update on 26/11/2009 by Chiquitine29
# Start at: 16:53:30 | 26/11/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com
# AMD Athlon(tm) Dual Core Processor 4450e
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 582,11 Go (458,88 Go free) [HP] # NTFS
# D:\ # Disque fixe local # 14,06 Go (1,93 Go free) [FACTORY_IMAGE] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque CD-ROM
############################## | Processus actifs |
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\SysWOW64\runonce.exe
C:\Windows\SysWOW64\conime.exe
################## | C: |
################## | C:\Windows |
Supprimé ! C:\Windows\Prefetch\WINUPGRO.EXE-CCC1740C.pf
################## | C:\Windows\system32 |
################## | C:\Windows\system32\drivers |
################## | C:\Users\nature-pro\AppData\Roaming |
################## | Autres suppressions ... |
################## | Temporary Internet Files |
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher1420\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher1476\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher2264\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher2512\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher264\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher2964\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3060\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3400\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3484\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3688\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3964\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher620\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher784\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher848\RTPatch\patch.exe
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Mode sans echec : OK
# Affichage des fichiers cachés : OK
# Uac : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | PEH ... |
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.020 ! |
Je te transmets le rapport :
Qu'en penses-tu? merci de ta réponse
############################## | FindyKill V5.020 |
# User : nature-pro (Administrateurs) # PC-NATETMIN
# Update on 26/11/2009 by Chiquitine29
# Start at: 16:53:30 | 26/11/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com
# AMD Athlon(tm) Dual Core Processor 4450e
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 64-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 582,11 Go (458,88 Go free) [HP] # NTFS
# D:\ # Disque fixe local # 14,06 Go (1,93 Go free) [FACTORY_IMAGE] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque CD-ROM
############################## | Processus actifs |
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\SysWOW64\runonce.exe
C:\Windows\SysWOW64\conime.exe
################## | C: |
################## | C:\Windows |
Supprimé ! C:\Windows\Prefetch\WINUPGRO.EXE-CCC1740C.pf
################## | C:\Windows\system32 |
################## | C:\Windows\system32\drivers |
################## | C:\Users\nature-pro\AppData\Roaming |
################## | Autres suppressions ... |
################## | Temporary Internet Files |
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher1420\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher1476\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher2264\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher2512\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher264\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher2964\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3060\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3400\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3484\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3688\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher3964\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher620\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher784\RTPatch\patch.exe
Supprimé ! C:\Users\NATURE~1\AppData\Local\Temp\Patcher\Patcher848\RTPatch\patch.exe
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Mode sans echec : OK
# Affichage des fichiers cachés : OK
# Uac : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | PEH ... |
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.020 ! |
Utilisateur anonyme
26 nov. 2009 à 17:08
26 nov. 2009 à 17:08
refais rsit stp
OK RSIT fait (par contre ça a été hyper vite, et je n'ai pas de deuxième fichier info.txt. est-ce normal? )
voici le rapport :
Logfile of random's system information tool 1.06 (written by random/random)
Run by nature-pro at 2009-11-26 17:10:08
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 470 GB (79%) free of 596 GB
Total RAM: 3838 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:10:09, on 26/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Users\nature-pro\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\nature-pro.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EPSON BX300F Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S587B.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
voici le rapport :
Logfile of random's system information tool 1.06 (written by random/random)
Run by nature-pro at 2009-11-26 17:10:08
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 470 GB (79%) free of 596 GB
Total RAM: 3838 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:10:09, on 26/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Users\nature-pro\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\nature-pro.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EPSON BX300F Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_S587B.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
Utilisateur anonyme
26 nov. 2009 à 17:46
26 nov. 2009 à 17:46
▶ Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.
▶ Télécharge OTM (OldTimer) sur ton Bureau :
▶ clic droit "executer en tant qu'administrateur" sur OTM.exe afin de le lancer.
▶ Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"HP Software Update"=-
""=-
:files
C:\ProgramData\0506753
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
*Le nom du rapport correspond au moment de sa création : date_heure.log
▶ Télécharge OTM (OldTimer) sur ton Bureau :
▶ clic droit "executer en tant qu'administrateur" sur OTM.exe afin de le lancer.
▶ Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"HP Software Update"=-
""=-
:files
C:\ProgramData\0506753
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
*Le nom du rapport correspond au moment de sa création : date_heure.log
pardon pour le retard, mais j'ai été interrompu
C'est fait avec OTM. Voici le rapport, j'espère qu'on est bientôt au bout , rassure-moi!!....
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
C:\ProgramData\0506753 folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: nature-pro
->Temp folder emptied: 1405041538 bytes
->Temporary Internet Files folder emptied: 25225930 bytes
->Java cache emptied: 9325642 bytes
->FireFox cache emptied: 60093934 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
Windows Temp folder emptied: 8141825 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33109 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1438,04 mb
OTM by OldTimer - Version 3.1.2.0 log created on 11262009_180837
Files moved on Reboot...
C:\Users\nature-pro\AppData\Local\Temp\ppcrlui_3160_2 moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QQEL393B\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IS53T1YF\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53J08FS5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01O7SE7E\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.
Registry entries deleted on Reboot...
C'est fait avec OTM. Voici le rapport, j'espère qu'on est bientôt au bout , rassure-moi!!....
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
C:\ProgramData\0506753 folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: nature-pro
->Temp folder emptied: 1405041538 bytes
->Temporary Internet Files folder emptied: 25225930 bytes
->Java cache emptied: 9325642 bytes
->FireFox cache emptied: 60093934 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
Windows Temp folder emptied: 8141825 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33109 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1438,04 mb
OTM by OldTimer - Version 3.1.2.0 log created on 11262009_180837
Files moved on Reboot...
C:\Users\nature-pro\AppData\Local\Temp\ppcrlui_3160_2 moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QQEL393B\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IS53T1YF\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53J08FS5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01O7SE7E\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Utilisateur anonyme
26 nov. 2009 à 18:41
26 nov. 2009 à 18:41
ok mets MBAM à jour , redemarre en mode sans echec et fais un scan complet stp
Alors, j'ai mis à jour Mbytes et scan complet en mode sans échec.
Résultats ci-dessous :
(PS : je lirais la suite demain, je dois quitter maintenant. je te remercie pour ton aide précieuse, j'espère arriver avec tout ça arriver à un bon résultat !!... Bye à demain)
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3238
Windows 6.0.6001 Service Pack 1 (Safe Mode)
26/11/2009 19:23:52
mbam-log-2009-11-26 (19-23-52).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 322835
Temps écoulé: 33 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Kill'em\cawsonexrm.exe.Kill'em (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Kill'em\nacxwrsoem.exe.Kill'em (Virus.Virut) -> Quarantined and deleted successfully.
C:\Kill'em\rxamewcnso.exe.Kill'em (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Kill'em\xwsracenmo.exe.Kill'em (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\nature-pro\AppData\Local\VirtualStore\Windows\SysWOW64\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\_OTM\MovedFiles\11262009_180837\C_ProgramData\0506753\WS0506.exe (Rogue.WindowsEnterpriseDefender) -> Quarantined and deleted successfully.
Résultats ci-dessous :
(PS : je lirais la suite demain, je dois quitter maintenant. je te remercie pour ton aide précieuse, j'espère arriver avec tout ça arriver à un bon résultat !!... Bye à demain)
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3238
Windows 6.0.6001 Service Pack 1 (Safe Mode)
26/11/2009 19:23:52
mbam-log-2009-11-26 (19-23-52).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 322835
Temps écoulé: 33 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Kill'em\cawsonexrm.exe.Kill'em (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Kill'em\nacxwrsoem.exe.Kill'em (Virus.Virut) -> Quarantined and deleted successfully.
C:\Kill'em\rxamewcnso.exe.Kill'em (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Kill'em\xwsracenmo.exe.Kill'em (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\nature-pro\AppData\Local\VirtualStore\Windows\SysWOW64\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\_OTM\MovedFiles\11262009_180837\C_ProgramData\0506753\WS0506.exe (Rogue.WindowsEnterpriseDefender) -> Quarantined and deleted successfully.
Utilisateur anonyme
26 nov. 2009 à 19:48
26 nov. 2009 à 19:48
bon .....
▶ essaies de telecharger le logiciels d'un autre PC et de le graver (les cles usb s'infectant trop facilement)(prends un cdrw)
___________________________________________________
▶ Télécharge Dr Web CureIt sur ton Bureau :
▶ redemarre en mode sans échec
▶- Double clique (clic droit "en tant qu'admin" sous Vista) <drweb-cureit.exe> et ensuite clique sur <Analyse>;
▶- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
▶- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
▶- De retour à la fenêtre principale : clique pour activer <Analyse complète>
▶- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
▶- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
▶- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
▶- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
▶- Ferme Dr.Web Cureit
▶- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
▶- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
▶ essaies de telecharger le logiciels d'un autre PC et de le graver (les cles usb s'infectant trop facilement)(prends un cdrw)
___________________________________________________
▶ Télécharge Dr Web CureIt sur ton Bureau :
▶ redemarre en mode sans échec
▶- Double clique (clic droit "en tant qu'admin" sous Vista) <drweb-cureit.exe> et ensuite clique sur <Analyse>;
▶- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
▶- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
▶- De retour à la fenêtre principale : clique pour activer <Analyse complète>
▶- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
▶- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
▶- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
▶- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
▶- Ferme Dr.Web Cureit
▶- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
▶- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
26 nov. 2009 à 12:40
Merci de ton intérêt. je t'envoie le rapport Malwarebytes :
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 6.0.6001 Service Pack 1 (Safe Mode)
25/11/2009 17:42:58
mbam-log-2009-11-25 (17-42-58).txt
Type de recherche: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 336861
Temps écoulé: 36 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\ProgramData\33472423 (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\nature-pro\Local Settings\Application Data\bniuidpk_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\nature-pro\Local Settings\Application Data\bniuidpk.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\nature-pro\Local Settings\Application Data\bniuidpk.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\nature-pro\Downloads\Live-Player_setup.exe (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\ProgramData\33472423\33472423.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
J'attends ton avis, merci beaucoup
A+