Probleme internet explorer/msn

D-Nasty -  
 D-Nasty -
Voila j'ai un probleme avec internet explorer et msn.Le truc c'est que ie déconne et est très lent mais je connais la cause de ce probleme (sur a 90%) çà doit venir du logiciel "hide ip platinium" que j'avais installé. Je l'ai donc désinstallé mais rien n'y fait mes problemes sont toujours présents. C'est peut etre dut a un virus présent sur le pc alors j'ai fais un scan de virus avec avast mais çà n'a rien donné. Si quelqu'un pouvait me donner un coup de mains çà seait pas de refus...
Configuration: Windows XP
Firefox 2.0.0.6

9 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    scan avec des antiespions (en mode sans échec):

    spybot :

    https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html

    voir demo d utilisation (merci Balltrap)
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

    AD AWARE:
    https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html
    ---------------------

    utilise pour supprimer tes traces

    CCLEANER: (lance un nettoyage et répare erreurs) sans la barre yahoo

    https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
    -----------------------

    colle le rapport d'un scan en ligne
    avec un des suivants:

    bitdefender en ligne :
    http://www.bitdefender.fr/scan_fr/scan8/ie.html

    Panda en ligne :
    http://pandasoftware.fr

    scan en ligne firefox

    https://www.trendmicro.com/fr_fr/business.html

    si tout c'est bien passé, désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)
    ------------------

    si ca persiste

    colle un rapport hijackthis
    https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

    manuel :

    https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
    0
  2. D-Nasty
     
    Alors j'ai fais tout ce que tu m'a dis mais y a toujours le probleme je mets ci-dessous le rapport hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 23:28:50, on 05/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\WINDOWS\system32\TDispVol.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Orbitdownloader\orbitdm.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Orbitdownloader\orbitnet.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Mohamed\LOCALS~1\Temp\Rar$EX00.125\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 217.141.251.202:80
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKCU\..\Run: [mfcd list] C:\DOCUME~1\Mohamed\APPLIC~1\PINGBA~1\Team Enc.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [NudgeMania] C:\Program Files\NudgeMania\NudgeMania.exe
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{79CB474B-27AB-4E53-9B81-41A778EC9446}: NameServer = 192.168.1.1,213.36.80.1
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    que disait le rapport du scan en ligne?

    __________________

    Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
    Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
    • Redémarre ton ordinateur
    • Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
    • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
    • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
    • Choisis ton compte.
    Déroule la liste des instructions ci-dessous :
    • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    • Appuie sur Y pour commencer le processus de nettoyage.
    • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
    • Appuie sur une touche pour redémarrer le PC.
    • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
    • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
    • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

    ------------------------------------------------------

    combofix (colle le rapport)

    http://mickael.barroux.free.fr/securite/combofix.php

    ________________

    Colle le rapport :
    Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.

    • Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
    • Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
    • Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.

    http://kerio.probb.fr/tuto-Clean-h37.html

    _______________

    refais un scan en lmigne et colle moi le rapport cette fois

    dis tes pbs

    recolle hijackthis
    0
  4. D-Nasty
     
    Donc pour ce qui est des scan en ligne avec panda il veut pas se charger (reste bloqué au moment de l'update 0%) et pour housecall launch il avait commencer le scan et mozilla s'est bloquer et s'est arreter tout seul....
    Bref j'ai quand meme fait le reste et voici les résultats:

    Combofix

    ComboFix 07-08-04.3 - "Mohamed" 2007-08-06 11:51:51.1 [GMT 2:00] - NTFS
    Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.Vrai
    * Created a new restore point

    ((((((((((((((((((((((((( Files Created from 2007-07-06 to 2007-08-06 )))))))))))))))))))))))))))))))

    2007-08-06 11:51 51,200 --a------ C:\WINDOWS\nircmd.exe
    2007-08-06 00:16 <REP> d-------- C:\WINDOWS\system32\Panda Software
    2007-08-05 23:51 <REP> d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Media Player Classic
    2007-08-05 23:00 <REP> d-------- C:\DOCUME~1\Mohamed\.housecall6.6
    2007-08-05 21:57 <REP> d-------- C:\Program Files\Lavasoft
    2007-08-05 21:57 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    2007-08-05 21:56 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2007-08-05 21:37 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    2007-08-05 21:22 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
    2007-08-05 21:22 298,104 --a------ C:\WINDOWS\system32\imon.dll
    2007-08-05 21:22 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
    2007-08-05 21:11 82,258 --a------ C:\WINDOWS\system32\drivers\klin.dat
    2007-08-05 21:11 82,258 --a------ C:\WINDOWS\system32\drivers\klick.dat
    2007-08-05 21:10 3,644,960 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2007-08-05 21:10 20,768 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
    2007-08-05 21:10 <REP> d-------- C:\Program Files\Kaspersky Lab
    2007-08-05 21:10 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
    2007-08-05 19:52 <REP> d-------- C:\WINDOWS\BDOSCAN8
    2007-08-05 17:27 <REP> d-------- C:\Program Files\Google
    2007-08-05 17:27 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    2007-08-05 15:38 <REP> d-------- C:\Program Files\Combined Community Codec Pack
    2007-08-05 15:35 <REP> d-------- C:\Program Files\Real Alternative
    2007-08-05 15:35 <REP> d-------- C:\Program Files\Media Player Classic
    2007-08-05 15:35 <REP> d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Real
    2007-08-05 15:35 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
    2007-08-05 15:31 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
    2007-08-05 15:31 740,442 --a------ C:\WINDOWS\system32\divx.dll
    2007-08-05 15:31 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
    2007-08-05 15:31 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
    2007-08-05 15:31 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2007-08-05 15:31 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
    2007-08-05 15:31 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
    2007-08-05 15:14 <REP> d-------- C:\Program Files\Satsuki Decoder Pack
    2007-08-03 20:43 <REP> d-------- C:\DOCUME~1\Mohamed\Shared
    2007-08-03 20:43 <REP> d-------- C:\DOCUME~1\Mohamed\Incomplete
    2007-08-03 20:42 <REP> d-------- C:\DOCUME~1\Mohamed\APPLIC~1\LimeWire
    2007-07-30 19:42 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
    2007-07-30 19:42 90,112 --a------ C:\WINDOWS\system32\agsaami.dll
    2007-07-30 19:42 610,304 --a------ C:\WINDOWS\system32\agsaamg.dll
    2007-07-30 19:42 53,760 --a------ C:\WINDOWS\system\ppacklib.dll
    2007-07-30 19:42 372,736 --a------ C:\WINDOWS\system32\agsaamc.dll
    2007-07-30 19:42 35 --a------ C:\WINDOWS\system32\winitn.dll
    2007-07-30 19:42 237,568 --a------ C:\WINDOWS\system32\lame_enc.dll
    2007-07-30 19:42 2,535,424 --a------ C:\WINDOWS\system32\agsaamj.dll
    2007-07-30 19:42 196,608 --a------ C:\WINDOWS\system32\maag.dll
    2007-07-30 19:42 1,986,560 --a------ C:\WINDOWS\system32\akll.dll
    2007-07-30 19:42 1,245,184 --a------ C:\WINDOWS\system32\bkll.dll
    2007-07-30 19:42 1,212,416 --a------ C:\WINDOWS\system32\ckll.dll
    2007-07-30 19:42 1 --a------ C:\WINDOWS\tidosr.dll
    2007-07-30 19:42 <REP> d-------- C:\WINDOWS\system32\RMBin
    2007-07-30 19:37 2,995 --a------ C:\WINDOWS\system32\SpoonUninstall-dBPowerAMP Real Audio Encoder R3.dat
    2007-07-30 19:36 164,352 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
    2007-07-30 19:36 <REP> d-------- C:\Program Files\Illustrate
    2007-07-29 20:24 <REP> d-------- C:\Program Files\MSN Messenger
    2007-07-27 19:56 31,232 -r-hs---- C:\WINDOWS\system32\msfDX.dll
    2007-07-27 19:54 <REP> d-------- C:\Program Files\eRightSoft
    2007-07-25 11:46 <REP> d-------- C:\Downloads
    2007-07-24 22:08 <REP> d-------- C:\Program Files\DivX
    2007-07-22 21:35 <REP> d-------- C:\Program Files\UZC Trial
    2007-07-18 22:34 719,872 --a------ C:\WINDOWS\system32\devil.dll
    2007-07-18 22:34 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
    2007-07-18 22:34 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
    2007-07-18 19:21 737,280 --a------ C:\WINDOWS\iun6002.exe
    2007-07-18 19:21 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll
    2007-07-18 19:21 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll
    2007-07-18 19:20 <REP> d-------- C:\WINDOWS\Replay Media Catcher
    2007-07-18 19:20 <REP> d-------- C:\Program Files\Replay Media Catcher
    2007-07-18 19:20 <REP> d-------- C:\Program Files\Replay Converter
    2007-07-18 19:19 <REP> d-------- C:\WINDOWS\FLV Player
    2007-07-08 13:37 <REP> d-------- C:\Program Files\ReflexiveArcade

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-08-06 11:44 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Orbit
    2007-08-06 00:18 49148 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2007-08-06 00:18 2732 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
    2007-08-06 00:10 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Azureus
    2007-08-05 23:08 4584 --a--c--- C:\WINDOWS\mozver.dat
    2007-08-05 15:31 --------- d-------- C:\Program Files\K-Lite Codec Pack
    2007-08-05 15:29 --------- d-------- C:\Program Files\VideoLAN
    2007-08-05 15:05 --------- d-------- C:\Program Files\Fichiers communs\Real
    2007-08-01 19:38 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Propellerhead Software
    2007-07-29 20:26 --------- d-------- C:\Program Files\Messenger Plus! Live
    2007-07-29 18:22 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-07-27 17:22 --------- d-------- C:\Program Files\Orbitdownloader
    2007-07-22 11:56 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\pingbagsmedia
    2007-07-19 13:03 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\fltk.org
    2007-07-17 14:19 4252 --a------ C:\Program Files\momo.txt
    2007-07-05 13:54 5 --a------ C:\Program Files\nomutil.txt
    2007-07-05 12:15 --------- d-------- C:\Program Files\adslTV
    2007-07-04 11:03 --------- d-------- C:\Program Files\Windows Live
    2007-06-30 16:06 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Zen Puzzle Garden
    2007-06-29 19:59 --------- d-------- C:\Program Files\iTunes
    2007-06-29 19:59 --------- d-------- C:\Program Files\iPod
    2007-06-29 19:57 --------- d-------- C:\Program Files\Fichiers communs\Apple
    2007-06-28 22:29 --------- d-------- C:\Program Files\Real
    2007-06-22 14:37 --------- d-------- C:\Program Files\ElcomSoft
    2007-06-21 17:43 --------- d-------- C:\Program Files\TubeSucker
    2007-06-21 17:37 --------- d-------- C:\Program Files\Nuclear Coffee
    2007-06-21 17:17 --------- d-------- C:\Program Files\CamStudio
    2007-06-12 21:18 --------- d-------- C:\Program Files\Opera
    2007-06-12 21:15 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Opera
    2007-06-12 16:12 --------- d-------- C:\Program Files\MIKSOFT
    2007-06-10 16:46 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Radios Media Player
    2007-06-08 23:01 --------- d-------- C:\Program Files\MP3 Player Utilities 3.57
    2007-06-07 13:57 --------- d-------- C:\Program Files\RS P2P Share Spy Demo
    2007-06-06 23:43 --------- d-------- C:\Program Files\Fichiers communs\Ahead
    2007-06-06 23:33 --------- d-------- C:\Program Files\Elaborate Bytes
    2007-06-06 23:25 --------- d-------- C:\Program Files\Jufsoft
    2007-06-06 22:24 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Ahead
    2007-06-06 22:18 --------- d-------- C:\Program Files\Nero
    2007-06-06 22:11 --------- d-------- C:\Program Files\Ahead
    2007-05-30 11:51 0 --a--c--- C:\WINDOWS\nsreg.dat
    2007-05-25 15:57 233472 --a------ C:\WINDOWS\system32\REX Shared Library.dll
    2007-05-22 11:02 163840 --a------ C:\WINDOWS\system32\unrar.dll
    2007-05-19 22:37 206352 --a------ C:\WINDOWS\system32\klogon.dll
    2007-05-19 12:52 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2007-05-16 17:13 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
    2007-05-16 17:13 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
    2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
    2007-05-16 17:13 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2007-05-16 17:13 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
    2007-05-16 17:13 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
    2007-05-14 15:24 394240 --a------ C:\WINDOWS\system32\Smab.dll
    2007-05-08 10:59 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
    2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 13:25]
    "TPSMain"="TPSMain.exe" [2005-08-03 17:09 C:\WINDOWS\system32\TPSMain.exe]
    "THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2006-01-05 15:02]
    "TFncKy"="TFncKy.exe" []
    "TDispVol"="TDispVol.exe" [2005-09-15 15:19 C:\WINDOWS\system32\TDispVol.exe]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-17 01:32]
    "SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 10:24]
    "RTHDCPL"="RTHDCPL.EXE" [2005-12-10 00:49 C:\WINDOWS\RTHDCPL.exe]
    "NDSTray.exe"="NDSTray.exe" []
    "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2004-08-18 12:37]
    "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 12:37]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 11:41]
    "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-10-06 06:20]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 15:43]
    "Alcmtr"="ALCMTR.EXE" []
    "AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 15:29 C:\WINDOWS\agrsmmsg.exe]
    "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 19:19]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 09:14]
    "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-05-19 22:36]
    "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-05 21:21]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "mfcd list"="C:\DOCUME~1\Mohamed\APPLIC~1\PINGBA~1\Team Enc.exe" []
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
    "msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" []
    "NudgeMania"="C:\Program Files\NudgeMania\NudgeMania.exe" []
    "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" []
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-08-05 17:32]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe [2007-05-13 20:44:21]
    RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2007-05-13 12:43:35]

    R1 meiudf;meiudf;C:\WINDOWS\system32\Drivers\meiudf.sys
    R1 nod32drv;nod32drv;C:\WINDOWS\system32\drivers\nod32drv.sys
    R1 SCDEmu;SCDEmu;C:\WINDOWS\system32\drivers\SCDEmu.sys
    R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol;C:\WINDOWS\system32\DRIVERS\netdevio.sys
    R2 s24trans;Transport RLAN;C:\WINDOWS\system32\DRIVERS\s24trans.sys
    R3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
    R3 E100B;Intel(R) PRO Network Connection Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys
    R3 Iviaspi;IVI ASPI Shell;C:\WINDOWS\system32\drivers\iviaspi.sys
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys
    R3 sdbus;sdbus;C:\WINDOWS\system32\DRIVERS\sdbus.sys
    R3 SynTP;Synaptics TouchPad Driver;C:\WINDOWS\system32\DRIVERS\SynTP.sys
    R3 tifm21;tifm21;C:\WINDOWS\system32\drivers\tifm21.sys
    R3 TVALD;Toshiba Mobile PC Service;C:\WINDOWS\system32\DRIVERS\NBSMI.sys
    R3 Tvs;TOSHIBA Virtual Sound with SRS technologies;C:\WINDOWS\system32\DRIVERS\Tvs.sys
    R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver;C:\WINDOWS\system32\DRIVERS\w39n51.sys
    S3 odserv;Microsoft Office Diagnostics Service;"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE"
    S3 ovt530;Webcam Classic;C:\WINDOWS\system32\Drivers\ov530vid.sys
    S3 sffdisk;Pilote de classe de stockage SFF;C:\WINDOWS\system32\DRIVERS\sffdisk.sys
    S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus;C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
    S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys
    S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{283d515a-05f9-11dc-8b39-00a0d149d412}]
    AutoRun\command- F:\setup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{768eeb66-362b-11dc-8bd6-00a0d149d412}]
    Auto\command- F:\AdobeR.exe e
    AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

    Contents of the 'Scheduled Tasks' folder
    2007-06-25 13:50:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe

    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-08-06 11:56:20
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-08-06 11:57:48

    --- E O F ---

    SDFix

    SDFix: Version 1.96

    Run by Mohamed on 06/08/2007 at 12:13

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\DOCUME~1\Mohamed\Bureau\SDFix

    Safe Mode:
    Checking Services:

    Restoring Windows Registry Values
    Restoring Windows Default Hosts File
    Restoring Missing Security Center Service
    Restoring Missing SharedAccess Service

    Rebooting...

    Normal Mode:
    Checking Files:

    No Trojan Files Found

    Removing Temp Files...

    ADS Check:

    C:\WINDOWS
    No streams found.

    C:\WINDOWS\system32
    No streams found.

    C:\WINDOWS\system32\svchost.exe
    No streams found.

    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.

    Final Check:

    Remaining Services:
    ------------------

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    Remaining Files:
    ---------------

    Files with Hidden Attributes:

    C:\Program Files\eRightSoft\SUPER\cygwin1.dll
    C:\Program Files\eRightSoft\SUPER\cygz.dll
    C:\Program Files\eRightSoft\SUPER\_Setup.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll
    C:\Program Files\Replay Converter\cygz.dll
    C:\WINDOWS\system32\flvDX.dll
    C:\WINDOWS\system32\msfDX.dll
    C:\Program Files\eRightSoft\SUPER\Setup.exe
    C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

    Finished

    Clean

    06/08/2007 a 12:32:51,45

    *** Recherche des fichiers dans C:

    *** Recherche des fichiers dans C:\WINDOWS\

    *** Recherche des fichiers dans C:\WINDOWS\system32
    C:\WINDOWS\system32\SpoonUninstall.exe FOUND

    *** Recherche des fichiers dans C:\Program Files
    *** Fin du rapport !

    Script execute en mode sans echec
    Rapport clean par Malekal_morte - http://www.malekal.com
    Script execute en mode sans echec 06/08/2007 a 12:33:45,92

    Microsoft Windows XP [version 5.1.2600]

    *** Suppression des fichiers dans C:

    *** Suppression des fichiers dans C:\WINDOWS\

    *** Suppression des fichiers dans C:\WINDOWS\system32
    tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe

    *** Suppression des fichiers dans C:\Program Files

    *** Suppression des clefs du registre effectuee..
    *** Fin du rapport !

    Hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 13:11:47, on 06/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\WINDOWS\system32\TDispVol.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Orbitdownloader\orbitdm.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Orbitdownloader\orbitnet.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\DOCUME~1\Mohamed\LOCALS~1\Temp\Rar$EX00.141\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 217.141.251.202:80
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKCU\..\Run: [mfcd list] C:\DOCUME~1\Mohamed\APPLIC~1\PINGBA~1\Team Enc.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [NudgeMania] C:\Program Files\NudgeMania\NudgeMania.exe
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{79CB474B-27AB-4E53-9B81-41A778EC9446}: NameServer = 192.168.1.1,213.36.80.1
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    scan avec
    bit defender free et colle le rapport

    https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html

    _________________

    smit fraud fix (colle le rapport)

    http://telechargement.zebulon.fr/smitfraudfix.html

    2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

    3/ puis refaire comme en 2/ mais selectionne l'option 2 et appuyer sur entrée pour commencer la desinfection. lorsque le programme demande si tu veut nettoyer le registre metsoui en tapant 0 et entrée

    --------------
    télécharger sur le bureau
    Navilog.zip
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    = Double-Clic navilog1.zip
    = Extraire tout sur le bureau
    = Double-Clic navilog1 qui est sur le bureau
    = Appuyer sur une touche jusqu' arriver aux options
    = Choisir option 1

    __________________

    mets a jour java

    https://www.java.com/fr/

    _____________

    recolle hijackthis
    0
  7. D-Nasty
     
    Bitdefender

    //-----------------------------------------------------------------
    //
    // Product: BitDefender 8 Free Edition
    // Version: 8.0
    //
    // Created on: 06/08/2007 17:42:47
    //
    //-----------------------------------------------------------------

    Statistics

    Scan path : C:\WINDOWS\system32\
    Folders : 277
    Files : 6830
    Archives : 22
    Packed files : 337
    Identified viruses : 0
    Infected files : 0
    Warnings : 0
    Suspect files : 0
    Disinfected files : 0
    Deleted files : 0
    Copied files : 0
    Moved files : 0
    Renamed files : 0
    I/O errors : 20
    Scan time : 00:03:41
    Scan speed (files/sec) : 30

    Virus definitions : 689841
    Scan plugins : 14
    Archive plugins : 38
    Unpack plugins : 6
    Mail plugins : 6
    System plugins : 1

    Scan options

    Detection
    [X] Scan boot sectors
    [X] Scan archives
    [X] Scan packed files
    [X] Scan email

    File mask
    [ ] Programs
    [X] All files
    [ ] User defined extensions:
    [ ] Exclude extensions: ;

    Action

    Infected objects
    [ ] Ignore
    [X] Disinfect
    [ ] Delete
    [ ] Copy to quarantine
    [ ] Move to quarantine
    [ ] Rename
    [ ] Prompt user

    Second action
    [ ] Ignore
    [ ] Delete
    [ ] Copy to quarantine
    [X] Move to quarantine
    [ ] Rename
    [ ] Prompt user

    Scan options
    [X] Enable warnings
    [X] Enable heuristics
    [X] Show all files in log
    [X] Report file: vscan.log
    [ ] Append to existing report

    Scanned files

    C:\=>Master Boot Record OK
    C:\=>Primary partition 1 (Active) OK
    C:\WINDOWS\system32\ OK
    C:\WINDOWS\system32\$ncsp$.inf OK
    C:\WINDOWS\system32\$winnt$.inf OK
    C:\WINDOWS\system32\1025\ OK
    C:\WINDOWS\system32\1028\ OK
    C:\WINDOWS\system32\1031\ OK
    C:\WINDOWS\system32\1033\ OK
    C:\WINDOWS\system32\1033\dwintl.dll OK
    C:\WINDOWS\system32\1036\ OK
    C:\WINDOWS\system32\1036\dwintl.dll OK
    C:\WINDOWS\system32\1037\ OK
    C:\WINDOWS\system32\1041\ OK
    C:\WINDOWS\system32\1042\ OK
    C:\WINDOWS\system32\1054\ OK
    C:\WINDOWS\system32\12520437.cpx OK
    C:\WINDOWS\system32\12520850.cpx OK
    C:\WINDOWS\system32\2052\ OK
    C:\WINDOWS\system32\3076\ OK
    C:\WINDOWS\system32\3com_dmi\ OK
    C:\WINDOWS\system32\6to4svc.dll OK
    C:\WINDOWS\system32\aaaamon.dll OK
    C:\WINDOWS\system32\aac_parser.ax OK
    C:\WINDOWS\system32\ac3DX.ax OK
    C:\WINDOWS\system32\ac3filter.acm OK
    C:\WINDOWS\system32\access.cpl OK
    C:\WINDOWS\system32\acctres.dll OK
    C:\WINDOWS\system32\accwiz.exe OK
    C:\WINDOWS\system32\acelpdec.ax OK
    C:\WINDOWS\system32\acledit.dll OK
    C:\WINDOWS\system32\aclui.dll OK
    C:\WINDOWS\system32\activeds.dll OK
    C:\WINDOWS\system32\activeds.tlb OK
    C:\WINDOWS\system32\actmovie.exe OK
    C:\WINDOWS\system32\actskn43.ocx OK
    C:\WINDOWS\system32\actskn45.ocx OK
    C:\WINDOWS\system32\actxprxy.dll OK
    C:\WINDOWS\system32\admparse.dll OK
    C:\WINDOWS\system32\adptif.dll OK
    C:\WINDOWS\system32\adsldp.dll OK
    C:\WINDOWS\system32\adsldpc.dll OK
    C:\WINDOWS\system32\adsmsext.dll OK
    C:\WINDOWS\system32\adsnt.dll OK
    C:\WINDOWS\system32\advapi32.dll OK
    C:\WINDOWS\system32\advpack.dll OK
    C:\WINDOWS\system32\advpack.dll.mui OK
    C:\WINDOWS\system32\agsaamc.dll OK
    C:\WINDOWS\system32\agsaamg.dll OK
    C:\WINDOWS\system32\agsaami.dll OK
    C:\WINDOWS\system32\agsaamj.dll OK
    C:\WINDOWS\system32\ahui.exe OK
    C:\WINDOWS\system32\akll.dll OK
    C:\WINDOWS\system32\alg.exe OK
    C:\WINDOWS\system32\alrsvc.dll OK
    C:\WINDOWS\system32\ALSndMgr.Cpl OK
    C:\WINDOWS\system32\amcompat.tlb OK
    C:\WINDOWS\system32\amstream.dll OK
    C:\WINDOWS\system32\ansi.sys OK
    C:\WINDOWS\system32\apcups.dll OK
    C:\WINDOWS\system32\append.exe OK
    C:\WINDOWS\system32\apphelp.dll OK
    C:\WINDOWS\system32\appwiz.cpl OK
    C:\WINDOWS\system32\arp.exe OK
    C:\WINDOWS\system32\asctrls.ocx OK
    C:\WINDOWS\system32\asferror.dll OK
    C:\WINDOWS\system32\asycfilt.dll OK
    C:\WINDOWS\system32\at.exe OK
    C:\WINDOWS\system32\ati2cqag.dll OK
    C:\WINDOWS\system32\ati2dvag.dll OK
    C:\WINDOWS\system32\ati2edxx.dll OK
    C:\WINDOWS\system32\ati2evxx.dll OK
    C:\WINDOWS\system32\ati2evxx.exe OK
    C:\WINDOWS\system32\Ati2mdxx.exe OK
    C:\WINDOWS\system32\ati3duag.dll OK
    C:\WINDOWS\system32\ATIDDC.DLL OK
    C:\WINDOWS\system32\ATIDEMGR.dll OK
    C:\WINDOWS\system32\atifglpf.xml OK
    C:\WINDOWS\system32\atiicdxx.dat OK
    C:\WINDOWS\system32\atiiiexx.dll OK
    C:\WINDOWS\system32\atikvmag.dll OK
    C:\WINDOWS\system32\atioglx1.dll OK
    C:\WINDOWS\system32\atioglxx.dll OK
    C:\WINDOWS\system32\atipdlxx.dll OK
    C:\WINDOWS\system32\atitvo32.dll OK
    C:\WINDOWS\system32\ativcoxx.dll OK
    C:\WINDOWS\system32\ativvaxx.dll OK
    C:\WINDOWS\system32\atkctrs.dll OK
    C:\WINDOWS\system32\atl.dll OK
    C:\WINDOWS\system32\atl71.dll OK
    C:\WINDOWS\system32\atmadm.exe OK
    C:\WINDOWS\system32\atmfd.dll OK
    C:\WINDOWS\system32\atmlib.dll OK
    C:\WINDOWS\system32\atmpvcno.dll OK
    C:\WINDOWS\system32\atrace.dll OK
    C:\WINDOWS\system32\attrib.exe OK
    C:\WINDOWS\system32\audiodev.dll OK
    C:\WINDOWS\system32\audiosrv.dll OK
    C:\WINDOWS\system32\auditusr.exe OK
    C:\WINDOWS\system32\authz.dll OK
    C:\WINDOWS\system32\autochk.exe OK
    C:\WINDOWS\system32\autoconv.exe OK
    C:\WINDOWS\system32\autodisc.dll OK
    C:\WINDOWS\system32\AUTOEXEC.NT OK
    C:\WINDOWS\system32\autofmt.exe OK
    C:\WINDOWS\system32\autolfn.exe OK
    C:\WINDOWS\system32\AVCDX.ax OK
    C:\WINDOWS\system32\avicap.dll OK
    C:\WINDOWS\system32\avicap32.dll OK
    C:\WINDOWS\system32\avifil32.dll OK
    C:\WINDOWS\system32\avifile.dll OK
    C:\WINDOWS\system32\avisynth.dll OK
    C:\WINDOWS\system32\avmeter.dll OK
    C:\WINDOWS\system32\AVSredirect.dll OK
    C:\WINDOWS\system32\avtapi.dll OK
    C:\WINDOWS\system32\avwav.dll OK
    C:\WINDOWS\system32\basesrv.dll OK
    C:\WINDOWS\system32\batmeter.dll OK
    C:\WINDOWS\system32\batt.dll OK
    C:\WINDOWS\system32\bidispl.dll OK
    C:\WINDOWS\system32\bios1.rom OK
    C:\WINDOWS\system32\bios4.rom OK
    C:\WINDOWS\system32\bios4.rom=>REMOVED_NULLS OK
    C:\WINDOWS\system32\bitsprx2.dll OK
    C:\WINDOWS\system32\bitsprx3.dll OK
    C:\WINDOWS\system32\bkll.dll OK
    C:\WINDOWS\system32\blackbox.dll OK
    C:\WINDOWS\system32\blastcln.exe OK
    C:\WINDOWS\system32\bootok.exe OK
    C:\WINDOWS\system32\bootvid.dll OK
    C:\WINDOWS\system32\bootvrfy.exe OK
    C:\WINDOWS\system32\bopomofo.uce OK
    C:\WINDOWS\system32\browselc.dll OK
    C:\WINDOWS\system32\browser.dll OK
    C:\WINDOWS\system32\browseui.dll OK
    C:\WINDOWS\system32\browsewm.dll OK
    C:\WINDOWS\system32\bthci.dll OK
    C:\WINDOWS\system32\bthprops.cpl OK
    C:\WINDOWS\system32\bthserv.dll OK
    C:\WINDOWS\system32\btpanui.dll OK
    C:\WINDOWS\system32\BuzzingBee.wav OK
    C:\WINDOWS\system32\cabinet.dll OK
    C:\WINDOWS\system32\cabview.dll OK
    C:\WINDOWS\system32\cacls.exe OK
    C:\WINDOWS\system32\calc.exe OK
    C:\WINDOWS\system32\camocx.dll OK
    C:\WINDOWS\system32\capesnpn.dll OK
    C:\WINDOWS\system32\capicom.dll OK
    C:\WINDOWS\system32\cards.dll OK
    C:\WINDOWS\system32\CatRoot\ OK
    C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\ OK
    C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\TimeStamp OK
    C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\WLSetup.cat OK
    C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ OK
    C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\klim5.cat OK
    C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\1.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\945gm.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\codecs10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\dmi_pci.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\DRM10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\FP4.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ich7core.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ich7ide.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ich7usb.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IDNMitigationAPIs.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie7.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IMS.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB873333.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB873339.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB884018.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885250.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885835.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885836.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885855.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB886185.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB887472.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888111WXPSP2.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888113.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888302.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB889673.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890046.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890175.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890859.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB891781.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB892130.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893056.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893066.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893357.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893756.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893803v2_wxp.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB894391.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB894871.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB895200.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896256.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896358.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896422.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896423.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896424.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896428.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896688.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB898458.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB898461.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899587.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899589.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899591.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB900485.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB900725.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB901017.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB901214.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB902400.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB904706.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB904942.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905414.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905749.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB908519.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB908531.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB910437.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911280.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911562.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911564.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911927.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB912945.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB913580.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914388.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914389.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914440.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB915865.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB916595.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917344.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917422.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917953.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918118.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918439.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB919007.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920213.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920670.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920683.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920685.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920872.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB922582.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB922819.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923191.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923414.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923694.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923723.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923980.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924191.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924270.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924496.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924667.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925398.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925902.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926239.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926255.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926436.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB927779.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB927802.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB927891.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928090-IE7.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928255.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928843.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929123.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929399.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929969.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB930178.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB930916.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931261.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931768-IE7.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931768.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931784.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931836.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB932168.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB933566-IE7.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB935448.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB935839.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB935840.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB936357.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MPCD10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MPPRE10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MPSTUB10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSCompPackV1.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSMSGS.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn7.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn9.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSTSWEB.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NLSDownlevelMapping.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NTPRINT.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem12.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem14.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem19.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem20.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem21.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem22.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem23.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem24.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem25.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem4.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem9.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\SP2.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\startoc.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WgaNotify.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMDM10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmerrenu.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMFDist11.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMFSDK10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMP10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmp11.cat OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMSET10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WPD10.CAT OK
    C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Wudf01000.cat OK
    C:\WINDOWS\system32\CatRoot2\ OK
    C:\WINDOWS\system32\CatRoot2\dberr.txt OK
    C:\WINDOWS\system32\CatRoot2\edb.chk OK
    C:\WINDOWS\system32\CatRoot2\edb.log OK
    C:\WINDOWS\system32\CatRoot2\edb0007A.log OK
    C:\WINDOWS\system32\CatRoot2\res1.log OK
    C:\WINDOWS\system32\CatRoot2\res2.log OK
    C:\WINDOWS\system32\CatRoot2\tmp.edb OK
    C:\WINDOWS\system32\CatRoot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\ OK
    C:\WINDOWS\system32\CatRoot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\catdb OK
    C:\WINDOWS\system32\CatRoot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\TimeStamp OK
    C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ OK
    C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb OK
    C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp OK
    C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ OK
    C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb OK
    C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp OK
    C:\WINDOWS\system32\catsrv.dll OK
    C:\WINDOWS\system32\catsrvps.dll OK
    C:\WINDOWS\system32\catsrvut.dll OK
    C:\WINDOWS\system32\ccfgnt.dll OK
    C:\WINDOWS\system32\cdfview.dll OK
    C:\WINDOWS\system32\cdm.dll OK
    C:\WINDOWS\system32\cdmodem.dll OK
    C:\WINDOWS\system32\cdosys.dll OK
    C:\WINDOWS\system32\cdplayer.exe.manifest OK
    C:\WINDOWS\system32\certcli.dll OK
    C:\WINDOWS\system32\certmgr.dll OK
    C:\WINDOWS\system32\certmgr.msc OK
    C:\WINDOWS\system32\cewmdm.dll OK
    C:\WINDOWS\system32\cfgbkend.dll OK
    C:\WINDOWS\system32\cfgmgr32.dll OK
    C:\WINDOWS\system32\charmap.exe OK
    C:\WINDOWS\system32\Chaînes.scf OK
    C:\WINDOWS\system32\ChCfg.exe OK
    C:\WINDOWS\system32\chcp.com OK
    C:\WINDOWS\system32\chkdsk.exe OK
    C:\WINDOWS\system32\chkntfs.exe OK
    C:\WINDOWS\system32\ciadmin.dll OK
    C:\WINDOWS\system32\ciadv.msc OK
    C:\WINDOWS\system32\cic.dll OK
    C:\WINDOWS\system32\cidaemon.exe OK
    C:\WINDOWS\system32\ciodm.dll OK
    C:\WINDOWS\system32\cisvc.exe OK
    C:\WINDOWS\system32\ckcnv.exe OK
    C:\WINDOWS\system32\ckll.dll OK
    C:\WINDOWS\system32\clb.dll OK
    C:\WINDOWS\system32\clbcatex.dll OK
    C:\WINDOWS\system32\clbcatq.dll OK
    C:\WINDOWS\system32\cleanmgr.exe OK
    C:\WINDOWS\system32\cliconf.chm OK
    C:\WINDOWS\system32\cliconf.chm=>/#SYSTEM OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_apple.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_apple.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx1.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx1.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx2.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx2.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_multi.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_multi.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_namedpipes.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_namedpipes.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_others.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_others.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_tcpip.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_tcpip.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_vines.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_add_vines.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_alias.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_alias.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_dblib.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_dblib.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_general.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_general.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_netlib.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/idh_netlib.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_add_(or_edit)_via_library_configuration.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_add_(or_edit)_via_library_configuration.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_appletalk_protocol_default_value_setup.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_appletalk_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_banyan_vines_protocol_default_value_setup.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_banyan_vines_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_alias_a_client_to_an_alternate_pipe.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_alias_a_client_to_an_alternate_pipe.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_check_the_library_version_numbers.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_check_the_library_version_numbers.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_use_the_windows_sockets_net.2d.library_.28.windows.2d_.or_windows_nt.2d.based_clients.29.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_use_the_windows_sockets_net.2d.library_.28.windows.2d_.or_windows_nt.2d.based_clients.29.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_verify_that_sql_server_is_listening_on_appletalk_and_can_accept_a_client_connection.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_verify_that_sql_server_is_listening_on_appletalk_and_can_accept_a_client_connection.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_add_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_add_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_check_the_odbc_sql_server_driver_version_.28.windows_95.2d.based_clients.29.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_check_the_odbc_sql_server_driver_version_.28.windows_95.2d.based_clients.29.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_a_nonstandard_network_protocol.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_a_nonstandard_network_protocol.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_appletalk_network_protocol.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_appletalk_network_protocol.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_banyan_vines_network_protocol.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_banyan_vines_network_protocol.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_nwlink_ipx.2f.spx_network_protocol.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_nwlink_ipx.2f.spx_network_protocol.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_via_network_library_(client_network_utility).htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_via_network_library_(client_network_utility).htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_create_an_alias_for_a_specific_server_name_to_use_the_multi.2d.protocol_net.2d.library.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_create_an_alias_for_a_specific_server_name_to_use_the_multi.2d.protocol_net.2d.library.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_delete_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_delete_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_edit_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
    C:\WINDOWS\system32\cliconf.chm=>/_how_to_edit_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
    C:\WINDOWS\system32\cliconfg.dll OK
    C:\WINDOWS\system32\cliconfg.exe OK
    C:\WINDOWS\system32\cliconfg.rll OK
    C:\WINDOWS\system32\clipbrd.exe OK
    C:\WINDOWS\system32\clipsrv.exe OK
    C:\WINDOWS\system32\clusapi.dll OK
    C:\WINDOWS\system32\cmcfg32.dll OK
    C:\WINDOWS\system32\cmd.exe OK
    C:\WINDOWS\system32\cmdial32.dll OK
    C:\WINDOWS\system32\cmdl32.exe OK
    C:\WINDOWS\system32\CMDLGFR.DLL OK
    C:\WINDOWS\system32\CmdLineExt.dll OK
    C:\WINDOWS\system32\cmmgr32.hlp OK
    C:\WINDOWS\system32\cmmon32.exe OK
    C:\WINDOWS\system32\cmos.ram OK
    C:\WINDOWS\system32\cmpbk32.dll OK
    C:\WINDOWS\system32\cmprops.dll OK
    C:\WINDOWS\system32\cmsetACL.dll OK
    C:\WINDOWS\system32\cmstp.exe OK
    C:\WINDOWS\system32\cmutil.dll OK
    C:\WINDOWS\system32\cnbjmon.dll OK
    C:\WINDOWS\system32\cnetcfg.dll OK
    C:\WINDOWS\system32\cnvfat.dll OK
    C:\WINDOWS\system32\colbact.dll OK
    C:\WINDOWS\system32\Com\ OK
    C:\WINDOWS\system32\Com\comadmin.dll OK
    C:\WINDOWS\system32\Com\comempty.dat OK
    C:\WINDOWS\system32\Com\comexp.msc OK
    C:\WINDOWS\system32\Com\comrepl.exe OK
    C:\WINDOWS\system32\Com\comrereg.exe OK
    C:\WINDOWS\system32\Com\mtsadmin.tlb OK
    C:\WINDOWS\system32\comaddin.dll OK
    C:\WINDOWS\system32\comcat.dll OK
    C:\WINDOWS\system32\comctl32.dll OK
    C:\WINDOWS\system32\comctl32.ocx OK
    C:\WINDOWS\system32\comdlg32.dll OK
    C:\WINDOWS\system32\Comdlg32.ocx OK
    C:\WINDOWS\system32\comm.drv OK
    C:\WINDOWS\system32\command.com OK
    C:\WINDOWS\system32\commdlg.dll OK
    C:\WINDOWS\system32\comp.exe OK
    C:\WINDOWS\system32\compact.exe OK
    C:\WINDOWS\system32\compatUI.dll OK
    C:\WINDOWS\system32\compmgmt.msc OK
    C:\WINDOWS\system32\compobj.dll OK
    C:\WINDOWS\system32\compstui.dll OK
    C:\WINDOWS\system32\comrepl.dll OK
    C:\WINDOWS\system32\comres.dll OK
    C:\WINDOWS\system32\comsnap.dll OK
    C:\WINDOWS\system32\comsvcs.dll OK
    C:\WINDOWS\system32\comuid.dll OK
    C:\WINDOWS\system32\config\ OK
    C:\WINDOWS\system32\config\ACEEvent.evt OK
    C:\WINDOWS\system32\config\Antiviru.evt OK
    C:\WINDOWS\system32\config\Antivirus.Evt OK
    C:\WINDOWS\system32\config\AppEvent.Evt OK
    C:\WINDOWS\system32\config\default OK
    C:\WINDOWS\system32\config\default.LOG OK
    C:\WINDOWS\system32\config\default.sav OK
    C:\WINDOWS\system32\config\Internet.evt OK
    C:\WINDOWS\system32\config\ODiag.evt OK
    C:\WINDOWS\system32\config\OSession.evt OK
    C:\WINDOWS\system32\config\SAM OK
    C:\WINDOWS\system32\config\SAM.LOG OK
    C:\WINDOWS\system32\config\SecEvent.Evt OK
    C:\WINDOWS\system32\config\SECURITY OK
    C:\WINDOWS\system32\config\SECURITY.LOG OK
    C:\WINDOWS\system32\config\software OK
    C:\WINDOWS\system32\config\software.LOG OK
    C:\WINDOWS\system32\config\software.sav OK
    C:\WINDOWS\system32\config\SysEvent.Evt OK
    C:\WINDOWS\system32\config\system OK
    C:\WINDOWS\system32\config\system.LOG OK
    C:\WINDOWS\system32\config\system.sav OK
    C:\WINDOWS\system32\config\systemprofile\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\AdobeCMapFnt07.lst OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\AdobeSysFnt07.lst OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\Collab\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\Collab\RSS OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\JavaScripts\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js=>(unicode) OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\Preferences\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\UserCache.bin OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\ATI\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\ATI\ACE\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Identities\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Identities\{2956981E-2B7C-4E68-AB54-66B9FB287981}\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Intel\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Intel\Wireless\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.1.4322\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config.cch OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015=>authroot.stl OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\CFC456E7E410D69E2C6F3E2DB75C7DB3 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E891C648621A40AC7F773694A17FE76C OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\CFC456E7E410D69E2C6F3E2DB75C7DB3 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E891C648621A40AC7F773694A17FE76C OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Crypto\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Crypto\RSA\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\HTML Help\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\HTML Help\hh.dat OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\HTML Help\hh.dat=>/Program Files/Sonic/RecordNow!/RecordNow.chm/TriPane OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Desktop.htt OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Desktop.htt=>(unicode) OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\MMC\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\CREDHIST OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\S-1-5-21-220523388-1788223648-682003330-1003\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\S-1-5-21-220523388-1788223648-682003330-1003\c50a1d8f-245d-44d5-bb50-e29201eddba7 OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\S-1-5-21-220523388-1788223648-682003330-1003\Preferred OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Windows\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Windows\Themes\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Windows\Themes\Custom.theme OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Sonic\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Sonic\RecordNow!\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\Sonic\RecordNow!\Favorites\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\pcdiag\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\pcdiag\v3.0\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\pcdiag\v3.0\Logs\ OK
    C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\pcdiag\v3.0\wbeminfo.log OK
    C:\WINDOWS\system32\config\systemprofile\Bureau\ OK
    C:\WINDOWS\system32\config\systemprofile\Cookies\ OK
    C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\ OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\Desktop.ini OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\Guide des stations de radio.url OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\ OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Hotmail.url OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Personnaliser les liens.url OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Windows Media.url OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Windows.url OK
    C:\WINDOWS\system32\config\systemprofile\Favoris\MSN.com.url OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\7.0\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\7.0\Cache\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\7.0\Cache\AcroFnt07.lst OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\7.0\Cache\Search70\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Color\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Color\ACECache4.lst OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\SL153.tmp.6db21d8.ini OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\SL230.tmp.e4e830d8.ini OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ATI\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ATI\ACE\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ATI\ACE\Profiles.xml OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\IconCache.db OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\CD Burning\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.DTD OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.XML OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Toshiba\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Toshiba\BluetoothStack\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Toshiba\BluetoothStack\V1.0\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\ OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\1036.MST OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB) OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>other.zip OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>other.zip=>lib/charsets.pack OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>other.zip=>lib/ext/localedata.pack OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_de.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_es.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_fr.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_it.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_ja.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_ko.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_sv.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_zh_CN.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_zh_TW.rtf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>bin/eula.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/audio/soundbank.gm OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/cmm/PYCC.pf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightDemiBold.ttf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightDemiItalic.ttf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightItalic.ttf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightRegular.ttf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaSansDemiBold.ttf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaTypewriterBold.ttf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaTypewriterRegular.ttf OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/awt.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/axbridge.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/client/jvm.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/client/Xusage.txt OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/cmm.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/dcpr.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/deploy.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/dt_shmem.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/dt_socket.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/fontmanager.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/hpi.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/hprof.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/instrument.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/ioser12.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/j2pkcs11.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jaas_nt.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/java.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/java.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/javacpl.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/javaw.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/JavaWebStart.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/javaws.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/java_crw_demo.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jawt.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/JdbcOdbc.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jdwp.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpeg.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpicom32.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpicpl32.cpl OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpiexp32.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpinscp.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpioji.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpishare.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jsound.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jsoundds.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jucheck.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jusched.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/keytool.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/kinit.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/klist.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/ktab.exe OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/management.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/net.dll OK
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/nio.dll OK
    C:\WINDOWS\system32\config\systemprofile\Loc
    0
  8. D-Nasty
     
    Je viens de réinstallé le logiciel hide ip platinium et tout est redevenu normal. Qu'est-ce que je dois faire maintenant ? si je le désinstalle j'ai peur que çà redevienne comme avant....
    0
  9. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    smit fraud fix (colle le rapport)

    http://telechargement.zebulon.fr/smitfraudfix.html

    2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

    3/ puis refaire comme en 2/ mais selectionne l'option 2 et appuyer sur entrée pour commencer la desinfection. lorsque le programme demande si tu veut nettoyer le registre metsoui en tapant 0 et entrée

    --------------
    télécharger sur le bureau
    Navilog.zip
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    = Double-Clic navilog1.zip
    = Extraire tout sur le bureau
    = Double-Clic navilog1 qui est sur le bureau
    = Appuyer sur une touche jusqu' arriver aux options
    = Choisir option 1

    __________________

    mets a jour java

    https://www.java.com/fr/

    _____________

    recolle hijackthis
    0
  10. D-Nasty
     
    Probleme résolu... merci quand meme d'avoir voulut m'aider mais y avait pas besoin de faire de recherche de virus car il n'y en avait pas ^^
    0