Sujet Précédent Sujet Suivant

XP D VIRUS hacktool.rootkit [WINDOWS/syst32]

Résolu/Fermé
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 - 17 mai 2007 à 11:24
 Utilisateur anonyme - 27 sept. 2007 à 19:09
bonjour à tous !

novice à besoin de votre aide SVP atteint par virus hacktool.rootkit environs 6 fichiers :

détails :
sytem32\ntoskrnl.exe : kernel 5
service en cours d'execution 1
oddyssee 1


stephane
A voir également:

99 réponses

Précédent
Réponse 61 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
17 mai 2007 à 21:00
salut


voici le rapport f secure



Scanning Report
Thursday, May 17, 2007 19:39:28 - 20:57:08
Computer name: BAYARD
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\ D:\


--------------------------------------------------------------------------------

Result: 3 malware found
Tracking Cookie (spyware)
System (Disinfected)
W32/Downloader (virus)
C:\WINDOWS\SYSTEM32\LOGUNIT.SYS (Submitted)
W32/Malware (virus)
C:\WINDOWS\SYSTEM32\HIDEKIT.EXE (Submitted)

--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 64605
System: 6181
Not scanned: 9
Actions:
Disinfected: 1
Renamed: 0
Deleted: 0
None: 2
Submitted: 2
Files not scanned:
C:\HIBERFIL.SYS
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SOFTWAREDISTRIBUTION\EVENTCACHE\{80EFD1A1-C877-438D-ADF7-A73A2C27CB8F}.BIN
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCPD-LC\SYMLCRST.DLL
C:\DOCUMENTS AND SETTINGS\HP_ADMINISTRATEUR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\GOOGLE DESKTOP SEARCH\DBDAM
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MUVEE TECHNOLOGIES\030625\DSCRP\SAMPLE_PICTURE01.JPG.41B2A334.MPD
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02031837543560B8AA0581DA039F8B52_0494E46B-FC3E-495B-8BE7-2A44920A2D0D
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C19E735E12AE28CD96285F0196F33159_0494E46B-FC3E-495B-8BE7-2A44920A2D0D

--------------------------------------------------------------------------------

Options
Scanning engines:
F-Secure Libra: 2.4.2, 2007-05-16
F-Secure AVP: 7.0.171, 2007-05-17
F-Secure Orion: 1.2.37, 2007-05-17
F-Secure Blacklight: 1.0.53
F-Secure Draco: 1.0.35, 2007-05-07
F-Secure Pegasus: 1.19.0, 2007-04-14
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB BAT LNK ANI AVB CEO CMD LSP MAP MHT MIF PDF PHP POT WMF NWS TAR TGZ WSF ZL? {* ZIP JAR ARJ LZH TAR TGZ GZ CAB RAR BZ2 HQX
Use Advanced heuristics

--------------------------------------------------------------------------------

Copyright © 1998-2006 Product support |Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.
0
Réponse 62 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
17 mai 2007 à 22:52
salut !

je crois que tu n'es plus là philo2100 moi je me reconnect demain matin vers 9h !

bon je te souhaite bonne nuit, philo 2100 !!! et merci on continura demain. pour rappel, le rapport est juste au dessus de ce message.

bye

stephane
0
Réponse 63 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 08:51
salut philo 2100!

bien dormi?

bon il est 8h55 je commence un hjt et j'affiche le rapport suite au scan f secure affiché si dessus
0
Réponse 64 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 08:53
voici le log hjt !!!



Logfile of HijackThis v1.99.1
Scan saved at 08:52:15, on 18/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Anti-Virus (tous)\Spyware Doctor\svcntaux.exe
C:\Anti-Virus (tous)\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Anti-Virus (tous)\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\issch.exe
C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Hijackthis\scanner.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SDTray] "C:\Anti-Virus (tous)\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3950fb765cb6428fac4784cd56b6ac2e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3950fb765cb6428fac4784cd56b6ac2e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://stephanebayard.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Anti-Virus (tous)\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Anti-Virus (tous)\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 11:33
RE

voici le hjt après le spybot !!!

je m'occupe du scan pour le hacktool rootkit et te le fait parvenir !!!!


Logfile of HijackThis v1.99.1
Scan saved at 11:30:09, on 18/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\avgas.exe
C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Anti-Virus (tous)\Spyware Doctor\svcntaux.exe
C:\Anti-Virus (tous)\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Anti-Virus (tous)\Spyware Doctor\SDTrayApp.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Hijackthis\scanner.exe.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3950fb765cb6428fac4784cd56b6ac2e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3950fb765cb6428fac4784cd56b6ac2e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://stephanebayard.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Anti-Virus (tous)\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Anti-Virus (tous)\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
0
Réponse 66 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 11:51
ok

je m'occupe de ceci après avoir fini le scan de ceci que tu m'a demander http://www.sysinternals.com/Utilities/RootkitRevealer.html


dit moi si je peu le faire en meme temps sinon pour gagner du temps
0
Réponse 67 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 12:38
salut !!!


J'AI FOTO CELULAR QUI EST REVENU !!!!!!! EH MERDE !


voici le resultat scan hacktool.rootkit
je fais ce que tu m'a dit maintenant




HKLM\SECURITY\Policy\Secrets\SAC* 10/10/2005 14:47 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 10/10/2005 14:47 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 18/05/2007 11:41 80 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\PCTools\Spyware Doctor\AUXSVCSTAT 18/05/2007 11:41 22 bytes Data mismatch between Windows API and raw hive data.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@www.commentcamarche[2].txt 18/05/2007 12:20 114 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Cookies\hp_administrateur@www.commentcamarche[3].txt 18/05/2007 11:34 115 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\1093397129@x01[1] 18/05/2007 11:59 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\1096668199@x01[1] 18/05/2007 12:11 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\1101880018@x01[1] 18/05/2007 11:54 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\1193694956@x01[1] 18/05/2007 11:56 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\1474844752@x01[1] 18/05/2007 12:17 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\1659072971@x01[1] 18/05/2007 12:00 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\1804935467@x01[1] 18/05/2007 12:18 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads.htm 18/05/2007 12:18 2.10 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[10].htm 18/05/2007 12:14 2.04 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[11].htm 18/05/2007 12:17 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[2].htm 18/05/2007 11:51 1.88 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[3].htm 18/05/2007 11:51 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[4].htm 18/05/2007 11:54 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[5].htm 18/05/2007 11:59 2.05 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[6].htm 18/05/2007 12:03 2.05 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[7].htm 18/05/2007 12:04 1.90 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[8].htm 18/05/2007 12:04 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ads[9].htm 18/05/2007 12:10 2.05 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\ajout[2].htm 18/05/2007 12:17 26.34 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\evaluer[1].htm 18/05/2007 12:17 1.00 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\hit[2].gif 18/05/2007 11:54 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\hit[3].gif 18/05/2007 11:56 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\hit[4].gif 18/05/2007 11:57 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\hit[5].gif 18/05/2007 12:00 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\hit[6].gif 18/05/2007 12:00 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\hit[7].gif 18/05/2007 12:11 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\hit[8].gif 18/05/2007 12:18 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\imgad[2].png 18/05/2007 11:46 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\imgad[3].png 18/05/2007 12:00 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\imgad[4].png 18/05/2007 12:03 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\imgad[5].png 18/05/2007 12:10 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\imgad[6].png 18/05/2007 12:17 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\LearnMode[1] 18/05/2007 12:20 1.92 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\SecurityCheck[1] 18/05/2007 12:20 1.18 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\statusTabBgBottom[1] 18/05/2007 12:20 289 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\statusTabSeparator[1] 18/05/2007 12:20 854 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0VM6F5IF\warning_wht[1] 18/05/2007 12:20 1.02 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\1263286004@x01[1] 18/05/2007 11:59 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\1282598734@x01[1] 18/05/2007 12:10 305 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\1307206743@x01[1] 18/05/2007 12:00 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\1349562345@x01[1] 18/05/2007 11:51 305 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\1555294240@x01[1] 18/05/2007 11:57 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\1793303174@x01[1] 18/05/2007 12:17 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\ads[3].htm 18/05/2007 11:57 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\ads[4].htm 18/05/2007 12:00 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\ads[5].htm 18/05/2007 12:14 1.88 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\ads[6].htm 18/05/2007 12:17 1.86 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\ads[7].htm 18/05/2007 12:17 1.95 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\affich-2998513-xp-d-virus-hacktool-rootkit-windows-syst32[1].htm 18/05/2007 12:20 260.81 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\affich-3003519-xp-d-virus-hacktool-rootkit-windows-syst32[1].htm 18/05/2007 12:03 31.35 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\ajout[1].htm 18/05/2007 11:51 26.41 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\ajout[2].htm 18/05/2007 12:00 26.09 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\BackgroundOK[1] 18/05/2007 12:20 15.89 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\btn96x22set[1] 18/05/2007 12:20 2.89 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\empty[1].gif 18/05/2007 11:28 43 bytes Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\evaluer[2].htm 18/05/2007 12:06 1.00 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\evaluer[3].htm 18/05/2007 12:17 488 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\forum-7-virus-securite[1].htm 18/05/2007 11:28 102.20 KB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\forum-7-virus-securite[2].htm 18/05/2007 12:17 102.58 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\hit[2].gif 18/05/2007 11:46 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\hit[3].gif 18/05/2007 11:51 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\hit[4].gif 18/05/2007 11:51 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\hit[5].gif 18/05/2007 11:59 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\hit[6].gif 18/05/2007 12:03 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\hit[7].gif 18/05/2007 12:03 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\hit[8].gif 18/05/2007 12:10 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\hit[9].gif 18/05/2007 12:20 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\imgad[2].png 18/05/2007 11:57 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\imgad[3].png 18/05/2007 11:59 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\imgad[4].png 18/05/2007 12:00 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\imgad[5].png 18/05/2007 12:03 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\imgad[6].png 18/05/2007 12:04 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\imgad[7].png 18/05/2007 12:14 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\imgad[8].png 18/05/2007 12:15 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\imgad[9].png 18/05/2007 12:17 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\NewStatus[1] 18/05/2007 12:20 73.88 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\spacer[1] 18/05/2007 12:20 67 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\SymButton[1] 18/05/2007 12:20 3.87 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QBCKMN7L\up_disabled[1].gif 18/05/2007 11:45 832 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\10036[1] 18/05/2007 12:20 23.97 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\1094364763@x01[1] 18/05/2007 12:03 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\1099058360@x01[1] 18/05/2007 12:00 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\1314839211@x01[1] 18/05/2007 12:14 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\1539728106@x01[1] 18/05/2007 11:51 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\1842897516@x01[1] 18/05/2007 12:03 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\1921435174@x01[1] 18/05/2007 11:46 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\1974056296@x01[1] 18/05/2007 12:04 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\ads[4].htm 18/05/2007 11:46 2.09 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\ads[5].htm 18/05/2007 11:55 2.08 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\ads[6].htm 18/05/2007 11:56 2.08 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\ads[7].htm 18/05/2007 11:57 2.05 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\ads[8].htm 18/05/2007 12:00 1.90 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\ads[9].htm 18/05/2007 12:20 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\affich-2998513-xp-d-virus-hacktool-rootkit-windows-syst32[2].htm 18/05/2007 11:33 237.23 KB Visible in Windows API, but not in MFT or directory index.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\affich-3003492-xp-d-virus-hacktool-rootkit-windows-syst32[1].htm 18/05/2007 12:00 33.52 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\affich-3003529-xp-d-virus-hacktool-rootkit-windows-syst32[1].htm 18/05/2007 12:20 35.91 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\ajout[1].htm 18/05/2007 11:59 26.21 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\down_enabled[1].gif 18/05/2007 11:45 833 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\empty[2].gif 18/05/2007 12:20 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\evaluer[2].htm 18/05/2007 11:53 1.00 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\evaluer[3].htm 18/05/2007 11:59 1.00 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\evaluer[4].htm 18/05/2007 12:06 488 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\hit[3].gif 18/05/2007 12:04 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\hit[4].gif 18/05/2007 12:14 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\hit[5].gif 18/05/2007 12:17 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\hit[6].gif 18/05/2007 12:17 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\hit[7].gif 18/05/2007 12:17 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\imgad[10].png 18/05/2007 12:20 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\imgad[3].png 18/05/2007 11:55 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\imgad[4].png 18/05/2007 11:57 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\imgad[5].png 18/05/2007 11:59 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\imgad[6].png 18/05/2007 12:04 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\imgad[7].png 18/05/2007 12:11 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\imgad[8].png 18/05/2007 12:14 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\imgad[9].png 18/05/2007 12:17 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\shared[1] 18/05/2007 12:20 30.66 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\statusHints[1] 18/05/2007 12:20 362 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\statusTabBg[1] 18/05/2007 12:20 322 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\R1J620QQ\xmlStrings[1] 18/05/2007 12:20 20.24 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1033817175@x01[1] 18/05/2007 12:15 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1172237451@x01[1] 18/05/2007 11:55 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1235598629@x01[1] 18/05/2007 12:20 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1249450947@x01[1] 18/05/2007 12:17 305 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1278278547@x01[1] 18/05/2007 12:20 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1350387455@x01[1] 18/05/2007 12:14 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1543212051@x01[1] 18/05/2007 12:17 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1851020937@x01[1] 18/05/2007 12:04 307 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\1888778849@x01[1] 18/05/2007 11:57 306 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\ads[3].htm 18/05/2007 11:59 1.87 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\ads[4].htm 18/05/2007 12:00 2.09 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\ads[5].htm 18/05/2007 12:03 2.05 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\ads[6].htm 18/05/2007 12:11 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\ads[7].htm 18/05/2007 12:15 2.07 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\ads[8].htm 18/05/2007 12:20 2.05 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\ajout[1].htm 18/05/2007 12:04 26.13 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\ajout[2].htm 18/05/2007 12:14 26.40 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\check_wht[1] 18/05/2007 12:20 1.19 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\evaluer[3].htm 18/05/2007 11:53 488 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\evaluer[4].htm 18/05/2007 11:59 488 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[10].gif 18/05/2007 12:17 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[11].gif 18/05/2007 12:20 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[3].gif 18/05/2007 11:55 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[4].gif 18/05/2007 11:57 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[5].gif 18/05/2007 11:59 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[6].gif 18/05/2007 12:00 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[7].gif 18/05/2007 12:04 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[8].gif 18/05/2007 12:14 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\hit[9].gif 18/05/2007 12:15 43 bytes Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\imgad[3].png 18/05/2007 11:51 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\imgad[4].png 18/05/2007 11:51 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\imgad[5].png 18/05/2007 11:54 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\imgad[6].png 18/05/2007 11:56 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\imgad[7].png 18/05/2007 12:00 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\imgad[8].png 18/05/2007 12:18 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\imgad[9].png 18/05/2007 12:20 2.71 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\nis2005[1] 18/05/2007 12:20 3.27 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\resource[1] 18/05/2007 12:20 13.83 KB Hidden from Windows API.
C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TI6B5RPW\statusTabBgTop[1] 18/05/2007 12:20 294 bytes Hidden from Windows API.
C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20070517.073\vscanmsx.dat 18/05/2007 12:07 2.02 KB Hidden from Windows API.
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0894NAV~.TMP 18/05/2007 12:08 0 bytes Hidden from Windows API.
C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll 27/03/2007 23:20 252.00 KB Visible in Windows API, but not in MFT or directory index.
C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll 27/03/2007 23:20 111.50 KB Visible in Windows API, but not in MFT or directory index.
D: 01/01/1601 02:00 0 bytes Error mounting volume
0
Réponse 68 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 15:30
salut !

voici HJT APRES avoir fixer certains élélments et un AVG pour rendre le bouclier inactif


Logfile of HijackThis v1.99.1
Scan saved at 15:24:22, on 18/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\avgas.exe
C:\Hijackthis\scanner.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3950fb765cb6428fac4784cd56b6ac2e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3950fb765cb6428fac4784cd56b6ac2e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://stephanebayard.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
0
Réponse 69 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 16:30
salut !!!

alors qu'est ce qui cloche ???
0
Réponse 70 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 17:53
SALUT !

dernier HJT


KEL VIRUS IL Y A ??? ROOTKIT est il TOUJOURS PRESENT !!!

JE CROIS QUE FOTO CELULAR EST REVENU !!! j'attends une confirmation


Logfile of HijackThis v1.99.1
Scan saved at 17:48:58, on 18/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Hijackthis\scanner.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3950fb765cb6428fac4784cd56b6ac2e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3950fb765cb6428fac4784cd56b6ac2e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://stephanebayard.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
0
Réponse 71 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 18:51
18/05/2007 a 18:48:30,25

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
0
Réponse 72 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 19:39
RE



voici le rapport hacktool rootkit




HKLM\SECURITY\Policy\Secrets\SAC* 10/10/2005 14:47 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 10/10/2005 14:47 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 18/05/2007 18:54 80 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\TracesProcessed 18/05/2007 18:53 4 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\TracesSuccessful 18/05/2007 18:53 4 bytes Data mismatch between Windows API and raw hive data.
C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20070518.019\vscanmsx.dat 18/05/2007 19:17 2.02 KB Hidden from Windows API.
C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll 27/03/2007 23:20 252.00 KB Visible in Windows API, but not in MFT or directory index.
C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll 27/03/2007 23:20 111.50 KB Visible in Windows API, but not in MFT or directory index.
C:\WINDOWS\Debug\UserMode\userenv.log 18/05/2007 19:15 214 bytes Hidden from Windows API.
D: 01/01/1601 02:00 0 bytes Error mounting volume
0
Réponse 73 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 19:41
OK

JE FAIT LE SCAN BITDEFENDER

ET JE TE JOINT LE RAPPORT ENSUITE MERCI !!
0
Réponse 74 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 19:56
RE

VOICI LE RAPPORT SCAN BIT DEFENDER







//-----------------------------------------------------------------
//
// Product: BitDefender 8 Free Edition
// Version: 8.0
//
// Created on: 18/05/2007 19:48:41
//
//-----------------------------------------------------------------


Statistics

Scan path : C:\WINDOWS\system32\
Folders : 277
Files : 9093
Archives : 31
Packed files : 401
Identified viruses : 2
Infected files : 2
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 2
Renamed files : 0
I/O errors : 12
Scan time : 00:03:35
Scan speed (files/sec) : 42

Virus definitions : 507004
Scan plugins : 14
Archive plugins : 38
Unpack plugins : 6
Mail plugins : 6
System plugins : 1

Scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Scan options
[X] Enable warnings
[X] Enable heuristics
[X] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report

Summary:

C:\WINDOWS\system32\dllcache\se_fudeu.exe Infected BehavesLike:Win32.ExplorerHijack
C:\WINDOWS\system32\dllcache\se_fudeu.exe Disinfection failed
C:\WINDOWS\system32\dllcache\se_fudeu.exe Moved
C:\WINDOWS\system32\logunit.sys Infected Win32.Worm.Agent.X
C:\WINDOWS\system32\logunit.sys Disinfection failed
C:\WINDOWS\system32\logunit.sys Moved

Scanned files

C:\=>Master Boot Record OK
C:\=>Primary partition 1 (Active) OK
C:\=>Primary partition 2 OK
C:\WINDOWS\system32\$ncsp$.inf OK
C:\WINDOWS\system32\$winnt$.inf OK
C:\WINDOWS\system32\1033\dwintl.dll OK
C:\WINDOWS\system32\1036\dwintl.dll OK
C:\WINDOWS\system32\12520437.cpx OK
C:\WINDOWS\system32\12520850.cpx OK
C:\WINDOWS\system32\24wwxsp1.txt OK
C:\WINDOWS\system32\34CoInstaller.dll OK
C:\WINDOWS\system32\6to4svc.dll OK
C:\WINDOWS\system32\aaaamon.dll OK
C:\WINDOWS\system32\aaclient.dll OK
C:\WINDOWS\system32\access.cpl OK
C:\WINDOWS\system32\acctres.dll OK
C:\WINDOWS\system32\accwiz.exe OK
C:\WINDOWS\system32\acelpdec.ax OK
C:\WINDOWS\system32\acledit.dll OK
C:\WINDOWS\system32\aclui.dll OK
C:\WINDOWS\system32\activeds.dll OK
C:\WINDOWS\system32\activeds.tlb OK
C:\WINDOWS\system32\ActiveSkin.ocx OK
C:\WINDOWS\system32\actmovie.exe OK
C:\WINDOWS\system32\actxprxy.dll OK
C:\WINDOWS\system32\admparse.dll OK
C:\WINDOWS\system32\adptif.dll OK
C:\WINDOWS\system32\adsldp.dll OK
C:\WINDOWS\system32\adsldpc.dll OK
C:\WINDOWS\system32\adsmsext.dll OK
C:\WINDOWS\system32\adsnds.dll OK
C:\WINDOWS\system32\adsnt.dll OK
C:\WINDOWS\system32\adsnw.dll OK
C:\WINDOWS\system32\advapi32.dll OK
C:\WINDOWS\system32\advpack.dll OK
C:\WINDOWS\system32\advpack.dll.mui OK
C:\WINDOWS\system32\ahui.exe OK
C:\WINDOWS\system32\alg.exe OK
C:\WINDOWS\system32\alrsvc.dll OK
C:\WINDOWS\system32\ALSNDMGR.CPL OK
C:\WINDOWS\system32\amcompat.tlb OK
C:\WINDOWS\system32\amstream.dll OK
C:\WINDOWS\system32\ansi.sys OK
C:\WINDOWS\system32\apcups.dll OK
C:\WINDOWS\system32\append.exe OK
C:\WINDOWS\system32\apphelp.dll OK
C:\WINDOWS\system32\appmgmts.dll OK
C:\WINDOWS\system32\appmgr.dll OK
C:\WINDOWS\system32\appwiz.cpl OK
C:\WINDOWS\system32\arp.exe OK
C:\WINDOWS\system32\asctrls.ocx OK
C:\WINDOWS\system32\asferror.dll OK
C:\WINDOWS\system32\asr_fmt.exe OK
C:\WINDOWS\system32\asr_ldm.exe OK
C:\WINDOWS\system32\asr_pfu.exe OK
C:\WINDOWS\system32\asycfilt.dll OK
C:\WINDOWS\system32\at.exe OK
C:\WINDOWS\system32\ati2cqag.dll OK
C:\WINDOWS\system32\ati2dvag.dll OK
C:\WINDOWS\system32\ati2edxx.dll OK
C:\WINDOWS\system32\ati2evxx.dll OK
C:\WINDOWS\system32\ati2evxx.exe OK
C:\WINDOWS\system32\Ati2mdxx.exe OK
C:\WINDOWS\system32\ati3duag.dll OK
C:\WINDOWS\system32\ATIDDC.DLL OK
C:\WINDOWS\system32\ATIDEMGR.dll OK
C:\WINDOWS\system32\atifglpf.xml OK
C:\WINDOWS\system32\atiicdxx.dat OK
C:\WINDOWS\system32\atiiiexx.dll OK
C:\WINDOWS\system32\atikvmag.dll OK
C:\WINDOWS\system32\atioglx1.dll OK
C:\WINDOWS\system32\atioglxx.dll OK
C:\WINDOWS\system32\atipdlxx.dll OK
C:\WINDOWS\system32\atitvo32.dll OK
C:\WINDOWS\system32\ativcoxx.dll OK
C:\WINDOWS\system32\ativvaxx.dll OK
C:\WINDOWS\system32\atkctrs.dll OK
C:\WINDOWS\system32\atl.dll OK
C:\WINDOWS\system32\atl71.dll OK
C:\WINDOWS\system32\atmadm.exe OK
C:\WINDOWS\system32\atmfd.dll OK
C:\WINDOWS\system32\atmlib.dll OK
C:\WINDOWS\system32\atmpvcno.dll OK
C:\WINDOWS\system32\atrace.dll OK
C:\WINDOWS\system32\attrib.exe OK
C:\WINDOWS\system32\audiodev.dll OK
C:\WINDOWS\system32\audiosrv.dll OK
C:\WINDOWS\system32\auditusr.exe OK
C:\WINDOWS\system32\authz.dll OK
C:\WINDOWS\system32\autochk.exe OK
C:\WINDOWS\system32\autoconv.exe OK
C:\WINDOWS\system32\autodisc.dll OK
C:\WINDOWS\system32\AUTOEXEC.NT OK
C:\WINDOWS\system32\autofmt.exe OK
C:\WINDOWS\system32\autolfn.exe OK
C:\WINDOWS\system32\avicap.dll OK
C:\WINDOWS\system32\avicap32.dll OK
C:\WINDOWS\system32\avifil32.dll OK
C:\WINDOWS\system32\avifile.dll OK
C:\WINDOWS\system32\avmeter.dll OK
C:\WINDOWS\system32\avtapi.dll OK
C:\WINDOWS\system32\avwav.dll OK
C:\WINDOWS\system32\axaltocm.dll OK
C:\WINDOWS\system32\basecsp.dll OK
C:\WINDOWS\system32\basesrv.dll OK
C:\WINDOWS\system32\batmeter.dll OK
C:\WINDOWS\system32\batt.dll OK
C:\WINDOWS\system32\bcbmm.dll OK
C:\WINDOWS\system32\bcbsmp50.bpl OK
C:\WINDOWS\system32\bcsprsrc.dll OK
C:\WINDOWS\system32\BdaPlgIn.ax OK
C:\WINDOWS\system32\bfc42.dll OK
C:\WINDOWS\system32\bfc42d.dll OK
C:\WINDOWS\system32\bidispl.dll OK
C:\WINDOWS\system32\bios1.rom OK
C:\WINDOWS\system32\bios4.rom OK
C:\WINDOWS\system32\bios4.rom=>REMOVED_NULLS OK
C:\WINDOWS\system32\bitsprx2.dll OK
C:\WINDOWS\system32\bitsprx3.dll OK
C:\WINDOWS\system32\blackbox.dll OK
C:\WINDOWS\system32\blastcln.exe OK
C:\WINDOWS\system32\bootcfg.exe OK
C:\WINDOWS\system32\bootok.exe OK
C:\WINDOWS\system32\bootvid.dll OK
C:\WINDOWS\system32\bootvrfy.exe OK
C:\WINDOWS\system32\bopomofo.uce OK
C:\WINDOWS\system32\borlndmm.dll OK
C:\WINDOWS\system32\browselc.dll OK
C:\WINDOWS\system32\browser.dll OK
C:\WINDOWS\system32\browseui.dll OK
C:\WINDOWS\system32\browsewm.dll OK
C:\WINDOWS\system32\bthci.dll OK
C:\WINDOWS\system32\bthprops.cpl OK
C:\WINDOWS\system32\bthserv.dll OK
C:\WINDOWS\system32\btpanui.dll OK
C:\WINDOWS\system32\cabinet.dll OK
C:\WINDOWS\system32\cabview.dll OK
C:\WINDOWS\system32\cacls.exe OK
C:\WINDOWS\system32\calc.exe OK
C:\WINDOWS\system32\camocx.dll OK
C:\WINDOWS\system32\capesnpn.dll OK
C:\WINDOWS\system32\capicom.dll OK
C:\WINDOWS\system32\cards.dll OK
C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\1.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\basecsp.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\codecs10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\DRM10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\FP4.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IDNMitigationAPIs.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IMS.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB873339.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB883667.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885250.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885835.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885836.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB886185.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB887472.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB887742.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB887998.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888111WXPSP2.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888113.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888302.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888795.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890175.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890859.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB891593.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB891781.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB892050.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893066.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893357.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893756.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893803v2_wxp.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB895961.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896358.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896422.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896423.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896424.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896428.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB898461.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899337.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899510.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899587.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899591.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB900325.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB900485.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB900725.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB901017.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB901214.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB902400.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB902841.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB903157.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB904706.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB904942.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905414.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905749.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905915.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB906569.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB908250.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB908519.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB908531.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB910393.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB910437.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911280.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911562.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911927.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB912024.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB912919.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB913580.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB913800.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914388.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914389.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB915865.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB916595.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917344.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917422.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917734.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917953.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918118.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918439.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB919007.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920213.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920342.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920670.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920683.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920685.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920872.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB922582.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB922819.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923191.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923414.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923689.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923694.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923723.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923980.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924191.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924270.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924496.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924667.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925398.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925720.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925766.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925876.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925902.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926239.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926251.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926255.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926436.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB927779.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB927802.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928090-IE7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928090.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928255.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928843.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929338.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929399.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929969.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB930178.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB930916.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931261.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931768-IE7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931784.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931836.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB932168.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB935448.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\mediactr.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MPPRE10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSCompPackV1.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSMSGS.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn9.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSTSWEB.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\netfx.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NLSDownlevelMapping.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NTPRINT.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem11.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem12.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem13.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem14.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem17.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem18.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem19.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem20.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem21.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem22.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem23.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem24.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem25.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem26.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem27.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem28.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem29.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem30.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem31.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem32.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem33.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem34.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem35.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem36.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem37.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem38.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem39.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem4.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem40.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem41.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem42.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem43.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem44.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem45.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem46.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem47.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem48.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem49.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem50.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem51.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem52.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem53.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem54.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem55.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem56.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem57.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem58.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem59.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem60.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem61.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem62.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem63.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem64.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem65.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem66.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem67.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem68.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem69.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem70.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem71.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem72.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem73.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem74.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem75.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem77.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem78.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem79.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem80.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem81.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem82.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem83.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem84.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem9.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\plus.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\PresentationFontCache.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sonic.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\SP2.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\tabletpc.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WGA.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WgaNotify.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIC.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMDM10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmerrenu.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMFDist11.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMFSDK10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmp11.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WPD10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Wudf01000.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\XpsEPSC.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\XPSEPSCLP.cat OK
C:\WINDOWS\system32\CatRoot2\dberr.txt OK
C:\WINDOWS\system32\CatRoot2\edb.chk OK
C:\WINDOWS\system32\CatRoot2\edb.chk=>REMOVED_NULLS OK
C:\WINDOWS\system32\CatRoot2\edb.log OK
C:\WINDOWS\system32\CatRoot2\edb000B2.log OK
C:\WINDOWS\system32\CatRoot2\edb000B3.log OK
C:\WINDOWS\system32\CatRoot2\res1.log OK
C:\WINDOWS\system32\CatRoot2\res2.log OK
C:\WINDOWS\system32\CatRoot2\tmp.edb OK
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb OK
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb OK
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\catsrv.dll OK
C:\WINDOWS\system32\catsrvps.dll OK
C:\WINDOWS\system32\catsrvut.dll OK
C:\WINDOWS\system32\cc3250.dll OK
C:\WINDOWS\system32\cc3250mt.dll OK
C:\WINDOWS\system32\ccfgnt.dll OK
C:\WINDOWS\system32\cdfview.dll OK
C:\WINDOWS\system32\cdm.dll OK
C:\WINDOWS\system32\cdmodem.dll OK
C:\WINDOWS\system32\cdosys.dll OK
C:\WINDOWS\system32\cdplayer.exe.manifest OK
C:\WINDOWS\system32\certcli.dll OK
C:\WINDOWS\system32\certmgr.dll OK
C:\WINDOWS\system32\certmgr.msc OK
C:\WINDOWS\system32\cewmdm.dll OK
C:\WINDOWS\system32\cfgbkend.dll OK
C:\WINDOWS\system32\cfgmgr32.dll OK
C:\WINDOWS\system32\charmap.exe OK
C:\WINDOWS\system32\Chaînes.scf OK
C:\WINDOWS\system32\chcp.com OK
C:\WINDOWS\system32\chkdsk.exe OK
C:\WINDOWS\system32\chkntfs.exe OK
C:\WINDOWS\system32\CHODDI.SYS OK
C:\WINDOWS\system32\ciadmin.dll OK
C:\WINDOWS\system32\ciadv.msc OK
C:\WINDOWS\system32\cic.dll OK
C:\WINDOWS\system32\cidaemon.exe OK
C:\WINDOWS\system32\ciodm.dll OK
C:\WINDOWS\system32\cipher.exe OK
C:\WINDOWS\system32\cisvc.exe OK
C:\WINDOWS\system32\ckcnv.exe OK
C:\WINDOWS\system32\clb.dll OK
C:\WINDOWS\system32\clbcatex.dll OK
C:\WINDOWS\system32\clbcatq.dll OK
C:\WINDOWS\system32\cleanmgr.exe OK
C:\WINDOWS\system32\cliconf.chm OK
C:\WINDOWS\system32\cliconf.chm=>/#SYSTEM OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_apple.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_apple.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx1.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx1.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx2.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx2.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_multi.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_multi.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_namedpipes.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_namedpipes.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_others.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_others.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_tcpip.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_tcpip.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_vines.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_vines.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_alias.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_alias.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_dblib.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_dblib.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_general.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_general.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_netlib.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_netlib.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_add_(or_edit)_via_library_configuration.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_add_(or_edit)_via_library_configuration.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_appletalk_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_appletalk_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_banyan_vines_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_banyan_vines_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_alias_a_client_to_an_alternate_pipe.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_alias_a_client_to_an_alternate_pipe.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_check_the_library_version_numbers.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_check_the_library_version_numbers.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_use_the_windows_sockets_net.2d.library_.28.windows.2d_.or_windows_nt.2d.based_clients.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_use_the_windows_sockets_net.2d.library_.28.windows.2d_.or_windows_nt.2d.based_clients.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_verify_that_sql_server_is_listening_on_appletalk_and_can_accept_a_client_connection.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_verify_that_sql_server_is_listening_on_appletalk_and_can_accept_a_client_connection.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_add_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_add_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_check_the_odbc_sql_server_driver_version_.28.windows_95.2d.based_clients.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_check_the_odbc_sql_server_driver_version_.28.windows_95.2d.based_clients.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_a_nonstandard_network_protocol.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_a_nonstandard_network_protocol.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_appletalk_network_protocol.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_appletalk_network_protocol.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_banyan_vines_network_protocol.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_banyan_vines_network_protocol.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_nwlink_ipx.2f.spx_network_protocol.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_nwlink_ipx.2f.spx_network_protocol.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_via_network_library_(client_network_utility).htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_via_network_library_(client_network_utility).htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_create_an_alias_for_a_specific_server_name_to_use_the_multi.2d.protocol_net.2d.library.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_create_an_alias_for_a_specific_server_name_to_use_the_multi.2d.protocol_net.2d.library.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_delete_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_delete_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_edit_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_edit_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_set_db.2d.library_conversion_preference.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_set_db.2d.library_conversion_preference.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_start_the_sql_client_configuration_utility_.28.windows_nt.2d_.or_windows_95.2d_.based_client.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_start_the_sql_client_configuration_utility_.28.windows_nt.2d_.or_windows_95.2d_.based_client.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_managing_clients.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_managing_clients.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_multiprotocol_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_multiprotocol_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_named_pipes_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_named_pipes_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_nwlink_ipx!spx_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_nwlink_ipx!spx_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_sql_server_2000_copyright_and_disclaimer.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_sql_server_2000_copyright_and_disclaimer.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_tcp!ip_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_tcp!ip_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_topic_unavailable_in_help.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_topic_unavailable_in_help.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_via_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_via_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_what_is_microsoft_sql_server_client_configurationy.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_what_is_microsoft_sql_server_client_configurationy.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/plus.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/coUA.css OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/coUA_Ex.css OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/coUA_Print.css OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/mailto.css OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/mailto.js OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/mailto.js=>(JAVASCRIPT 1) OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/mailto.js=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/mailto.js=>(JAVASCRIPT 3) OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/shared.js OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/banner.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/banner2.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/banner_.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/banner_2.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/caution.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/coC.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/coCb.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/coE.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/coEb.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/elle.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/glossaryclick.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/glossaryCold.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/glossaryHot.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/important.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/keybrd.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/mailto.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/mailto_.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/mailto_c.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/note.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/relglyph.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/relglyph_.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/relglyph_c.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/shortcutclick.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/shortcutcold.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/shortcuthot.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/spacer.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/tip.gif OK
C:\WINDOWS\system32\cliconf.chm=>/Basics/warning.gif OK
C:\WINDOWS\system32\cliconf.chm=>/cliconf.hhc OK
C:\WINDOWS\system32\cliconf.chm=>/#WINDOWS OK
C:\WINDOWS\system32\cliconf.chm=>/#IVB OK
C:\WINDOWS\system32\cliconf.chm=>/$WWKeywordLinks/Property OK
C:\WINDOWS\system32\cliconf.chm=>/$WWAssociativeLinks/Property OK
C:\WINDOWS\system32\cliconf.chm=>/$OBJINST OK
C:\WINDOWS\system32\cliconf.chm=>/$FIftiMain OK
C:\WINDOWS\system32\cliconf.chm=>/#IDXHDR OK
C:\WINDOWS\system32\cliconf.chm=>/#TOCIDX OK
C:\WINDOWS\system32\cliconf.chm=>/#TOPICS OK
C:\WINDOWS\system32\cliconf.chm=>/#URLTBL OK
C:\WINDOWS\system32\cliconf.chm=>/#URLSTR OK
C:\WINDOWS\system32\cliconf.chm=>/#STRINGS OK
C:\WINDOWS\system32\cliconfg.dll OK
C:\WINDOWS\system32\cliconfg.exe OK
C:\WINDOWS\system32\cliconfg.rll OK
C:\WINDOWS\system32\clipbrd.exe OK
C:\WINDOWS\system32\clipsrv.exe OK
C:\WINDOWS\system32\clusapi.dll OK
C:\WINDOWS\system32\cmcfg32.dll OK
C:\WINDOWS\system32\cmd.exe OK
C:\WINDOWS\system32\cmdial32.dll OK
C:\WINDOWS\system32\cmdl32.exe OK
C:\WINDOWS\system32\cmdlib.wsc OK
C:\WINDOWS\system32\cmdlib.wsc=>(VBSCRIPT 1) OK
C:\WINDOWS\system32\cmmgr32.hlp OK
C:\WINDOWS\system32\cmmon32.exe OK
C:\WINDOWS\system32\cmos.ram OK
C:\WINDOWS\system32\cmpbk32.dll OK
C:\WINDOWS\system32\cmprops.dll OK
C:\WINDOWS\system32\cmsetACL.dll OK
C:\WINDOWS\system32\cmstp.exe OK
C:\WINDOWS\system32\cmutil.dll OK
C:\WINDOWS\system32\cnbjmon.dll OK
C:\WINDOWS\system32\cnetcfg.dll OK
C:\WINDOWS\system32\cnvfat.dll OK
C:\WINDOWS\system32\colbact.dll OK
C:\WINDOWS\system32\Com\comadmin.dll OK
C:\WINDOWS\system32\Com\comempty.dat OK
C:\WINDOWS\system32\Com\comexp.msc OK
C:\WINDOWS\system32\Com\comrepl.exe OK
C:\WINDOWS\system32\Com\comrereg.exe OK
C:\WINDOWS\system32\Com\mtsadmin.tlb OK
C:\WINDOWS\system32\comaddin.dll OK
C:\WINDOWS\system32\comcat.dll OK
C:\WINDOWS\system32\comctl32.dll OK
C:\WINDOWS\system32\comctl32.ocx OK
C:\WINDOWS\system32\comdlg32.dll OK
C:\WINDOWS\system32\comm.drv OK
C:\WINDOWS\system32\command.com OK
C:\WINDOWS\system32\commdlg.dll OK
C:\WINDOWS\system32\comp.exe OK
C:\WINDOWS\system32\compact.exe OK
C:\WINDOWS\system32\compatUI.dll OK
C:\WINDOWS\system32\compmgmt.msc OK
C:\WINDOWS\system32\compobj.dll OK
C:\WINDOWS\system32\compstui.dll OK
C:\WINDOWS\system32\comrepl.dll OK
C:\WINDOWS\system32\comres.dll OK
C:\WINDOWS\system32\comsnap.dll OK
C:\WINDOWS\system32\comsvcs.dll OK
C:\WINDOWS\system32\comuid.dll OK
C:\WINDOWS\system32\config\ACEEvent.evt OK
C:\WINDOWS\system32\config\AppEvent.Evt OK
C:\WINDOWS\system32\config\default OK
C:\WINDOWS\system32\config\default.LOG OK
C:\WINDOWS\system32\config\default.sav OK
C:\WINDOWS\system32\config\IntelDH.evt OK
C:\WINDOWS\system32\config\Internet.evt OK
C:\WINDOWS\system32\config\Media Ce.evt OK
C:\WINDOWS\system32\config\SAM OK
C:\WINDOWS\system32\config\SAM.LOG OK
C:\WINDOWS\system32\config\SecEvent.Evt OK
C:\WINDOWS\system32\config\SECURITY OK
C:\WINDOWS\system32\config\SECURITY.LOG OK
C:\WINDOWS\system32\config\software OK
C:\WINDOWS\system32\config\software.LOG OK
C:\WINDOWS\system32\config\software.sav OK
C:\WINDOWS\system32\config\SysEvent.Evt OK
C:\WINDOWS\system32\config\system OK
C:\WINDOWS\system32\config\system.LOG OK
C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Address Book\Administrateur.wab OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Address Book\Administrateur.wab~ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.0.3705\security.config OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.0.3705\security.config.cch OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.0.3705\security.config.old OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config.cch OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2BBA88436E92E1ABCED8E68D74DC5B38 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\CFC456E7E410D69E2C6F3E2DB75C7DB3 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BBA88436E92E1ABCED8E68D74DC5B38 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\B8CC409ACDBF2A2FE04C56F2875B1FD6 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\CFC456E7E410D69E2C6F3E2DB75C7DB3 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Desktop.htt OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Desktop.htt=>(JAVASCRIPT 1) OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Desktop.htt=>(JAVASCRIPT 6) OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk=>C:\Program Files\Internet Explorer\IEXPLORE.EXE OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk=>C:\WINDOWS\ehome\ehshell.exe OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk=>C:\Program Files\Real\RealPlayer\realplay.exe OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\CREDHIST OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\S-1-5-21-1409082233-1078081533-682003330-500\c6dea64b-c82a-4328-88bf-18a2280a2aa5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\S-1-5-21-1409082233-1078081533-682003330-500\Preferred OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Real\Msg\Category.dat OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Real\Msg\Messages.dat OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Real\Msg\SCategory.dat OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Real\RealPlayer\ErrorLogs\CDBurning.log OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Real\RealPlayer\ErrorLogs\GenDevices.log OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Real\RealPlayer\ErrorLogs\pdgenctnomad.log OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Real\RealPlayer\ErrorLogs\pdgenwmdm.log OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Real\rnadmin\rnsystem.dat OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Symantec\PendingAlertsQueue.log OK
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Guide des stations de radio.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Hotmail.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Personnaliser les liens.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Windows Media.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Windows.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\MSN.com.url OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\MCInstaller.exe.c95982a.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\regasm.exe.11f1da13.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\RegAsm.exe.ca35bcc8.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\RegisterMCEApp.exe.19d07aaf.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\SetupMCL.exe.cacc9309.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\SL62.tmp.124d7965.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ATI\ACE\Profiles.xml OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\IconCache.db OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.DTD OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.XML OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Works\Portfolio\wsbsamp.wsb OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\1036.MST OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB) OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>other.zip OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>other.zip=>lib/charsets.pack OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>other.zip=>lib/ext/localedata.pack OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_de.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_es.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_fr.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_it.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_ja.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_ko.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_sv.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_zh_CN.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>LICENSE_zh_TW.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>bin/eula.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/audio/soundbank.gm OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/cmm/PYCC.pf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightDemiBold.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightDemiItalic.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightItalic.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightRegular.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaSansDemiBold.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaTypewriterBold.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaTypewriterRegular.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/awt.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/axbridge.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/client/jvm.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/client/Xusage.txt OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/cmm.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/dcpr.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/deploy.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/dt_shmem.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/dt_socket.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/fontmanager.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/hpi.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/hprof.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded CAB)=>core1.zip=>bin/instrument.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}\J2SE Runtime Environment 5.0 Update 5.msi=>(Embedded C
0
Réponse 75 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 20:37
RE

problème je ne trouve que :

C:\WINDOWS\assembly\

PAS LE GAC_32

\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\

ET NI CECI
System.EnterpriseServices.dll


CECI JE LE TROUVE OU ?
System.EnterpriseServices.Wrapper.dll




http://www.virustotal.com/en/virustotalx.html
(Parcourir/ en haut de la page) puis tu fais send/tu colles le rapport.
0
Réponse 76 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 20:57
J'ai trouvé le fichier mais dans 2 endroits :

c:\windows\winsxs\x86_System.entreprisesServices_bO3f5f7f11d50a3a_2.0.0.0__x-ww_7d5f3790

ET

C/\windows\Microsoft.NET\Framework\v2.0.50727

Lequel je prends ??

Désolé, mais ça fatigue
0
Réponse 77 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 21:26
RE


ma recherche pour :

pas de CONFLICT.1 dans le log
cible ceci aussi,:
http://www.virustotal.com/en/virustotalx.html


C:\WINDOWS\Downloaded Program Files\CONFLICT.1

donne ceci pour l'instant:


C:\WINDOWS\Downloaded Program Files\ PLUS RIEN APRES

Quand je fais une recherche par explorer en demandant de trouver CONFLICT.1 = il me donne comme réponse :

Symantec AntiVirus scanner

et

Symantec RuFSI Utility Class
dans C:\WINDOWS\Downloaded Program Files

Dans les Propriétés de ces deux fichier, il indique comme dépendance : Endommagé
0
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
18 mai 2007 à 22:18
ok,
tu ciblera ceci:
System.EnterpriseServices.Wrapper.dll
dans
C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
http://www.virustotal.com/en/virustotalx.html
(Parcourir/ en haut de la page) puis tu fais send/tu colles le rapport.
0
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37 > steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014
18 mai 2007 à 22:20
J'ai trouvé le fichier mais dans 2 endroits :

c:\windows\winsxs\x86_System.entreprisesServices_bO3f5f7f11d50a3a_2.0.0.0__x-ww_7d5f3790

ET

C/\windows\Microsoft.NET\Framework\v2.0.50727

Lequel je prends ??
0
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37 > steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014
18 mai 2007 à 22:21
ma recherche pour :

pas de CONFLICT.1 dans le log
cible ceci aussi,:
http://www.virustotal.com/en/virustotalx.html


C:\WINDOWS\Downloaded Program Files\CONFLICT.1

donne ceci pour l'instant:


C:\WINDOWS\Downloaded Program Files\ PLUS RIEN APRES

Quand je fais une recherche par explorer en demandant de trouver CONFLICT.1 = il me donne comme réponse :

Symantec AntiVirus scanner

et

Symantec RuFSI Utility Class
dans C:\WINDOWS\Downloaded Program Files

Dans les Propriétés de ces deux fichier, il indique comme dépendance : Endommagé
0
Réponse 78 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
19 mai 2007 à 00:20
SALUT !!


RECHERCHE 1 à la base :
tu ciblera ceci:
System.EnterpriseServices.Wrapper.dll
dans C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

TROUVER 1
\windows\winsxs\x86_System.entreprisesServices_bO3f5f7f11d50a3a_2.0.0.0__x-ww_7d5f3790

RAPPORT 1 :
0 bytes size received / Se ha recibido un archivo vacio


TROUVER 2
C/\windows\Microsoft.NET\Framework\v2.0.50727

RAPPORT 2 :
PAS DE RAPPORT EMIS



MAIS APRES UNE RELECTURE JE L'AI RETROUVER DANS

le rapport hacktool rootkit du vendredi 18 mai 2007 à 19:39:31


HKLM\SECURITY\Policy\Secrets\SAC* 10/10/2005 14:47 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 10/10/2005 14:47 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed 18/05/2007 18:54 80 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\TracesProcessed 18/05/2007 18:53 4 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\TracesSuccessful 18/05/2007 18:53 4 bytes Data mismatch between Windows API and raw hive data.
C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20070518.019\vscanmsx.dat 18/05/2007 19:17 2.02 KB Hidden from Windows API.
C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll 27/03/2007 23:20 252.00 KB Visible in Windows API, but not in MFT or directory index.
C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll 27/03/2007 23:20 111.50 KB Visible in Windows API, but not in MFT or directory index.
C:\WINDOWS\Debug\UserMode\userenv.log 18/05/2007 19:15 214 bytes Hidden from Windows API.
D: 01/01/1601 02:00 0 bytes Error mounting volume







RECHERCHE 2 à la base :
pas de CONFLICT.1 dans le log
cible ceci aussi,:
http://www.virustotal.com/en/virustotalx.html
C:\WINDOWS\Downloaded Program Files\CONFLICT.1

RESULTAT DE LA RECHERCHE :
C:\WINDOWS\Downloaded Program Files\CONFLICT.1

donne ceci pour l'instant:
C:\WINDOWS\Downloaded Program Files\ PLUS RIEN APRES

Quand je fais une recherche par explorer en demandant de trouver CONFLICT.1 = il me donne comme réponse :

Symantec AntiVirus scanner
et
Symantec RuFSI Utility Class
dans C:\WINDOWS\Downloaded Program Files

Dans les Propriétés de ces deux fichier, il indique comme dépendance : Endommagé


TROUVER 1
Symantec AntiVirus scanner
RAPPORT 1 :
PAS DE RAPPORT EMIS


TROUVER 2
Symantec RuFSI Utility Class
RAPPORT 2 :
PAS DE RAPPORT EMIS
0
Réponse 79 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
19 mai 2007 à 00:26
RE !!!


A TOUT A L'HEURE J'ESPERE !!

VOICI MON DERNIER HJT ET JE VAIS ME COUCHER

A + TARD ET MERCI ENCORE POUR TON AIDE PRECIEUSE !!!!!!



Logfile of HijackThis v1.99.1
Scan saved at 00:19:10, on 19/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Hijackthis\scanner.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Hijackthis\AVG Anti- Spyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3950fb765cb6428fac4784cd56b6ac2e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3950fb765cb6428fac4784cd56b6ac2e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://stephanebayard.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
0
Réponse 80 / 99
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
19 mai 2007 à 10:50
RE

MOINS NOVICE MAIS IL ME SEMBLAIT BIEN QU4IL FALLAIT QUE 1 ANTI VIRUS



JE ME D2BARRASSE DE BIT DEFENDER ALORS ?
0