Sujet Précédent Sujet Suivant

Probleme internet explorer/msn

D-Nasty -  
 D-Nasty -
Voila j'ai un probleme avec internet explorer et msn.Le truc c'est que ie déconne et est très lent mais je connais la cause de ce probleme (sur a 90%) çà doit venir du logiciel "hide ip platinium" que j'avais installé. Je l'ai donc désinstallé mais rien n'y fait mes problemes sont toujours présents. C'est peut etre dut a un virus présent sur le pc alors j'ai fais un scan de virus avec avast mais çà n'a rien donné. Si quelqu'un pouvait me donner un coup de mains çà seait pas de refus...
A voir également:

9 réponses

Réponse 1 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
scan avec des antiespions (en mode sans échec):

spybot :

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html

voir demo d utilisation (merci Balltrap)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

AD AWARE:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html
---------------------

utilise pour supprimer tes traces

CCLEANER: (lance un nettoyage et répare erreurs) sans la barre yahoo

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-----------------------

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

scan en ligne firefox

https://www.trendmicro.com/fr_fr/business.html

si tout c'est bien passé, désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)
------------------

si ca persiste

colle un rapport hijackthis
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
0
Réponse 2 / 9
D-Nasty
 
Alors j'ai fais tout ce que tu m'a dis mais y a toujours le probleme je mets ci-dessous le rapport hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 23:28:50, on 05/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Mohamed\LOCALS~1\Temp\Rar$EX00.125\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 217.141.251.202:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [mfcd list] C:\DOCUME~1\Mohamed\APPLIC~1\PINGBA~1\Team Enc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NudgeMania] C:\Program Files\NudgeMania\NudgeMania.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79CB474B-27AB-4E53-9B81-41A778EC9446}: NameServer = 192.168.1.1,213.36.80.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 3 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
que disait le rapport du scan en ligne?

__________________

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

------------------------------------------------------

combofix (colle le rapport)

http://mickael.barroux.free.fr/securite/combofix.php

________________

Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.

• Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
• Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
• Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.

http://kerio.probb.fr/tuto-Clean-h37.html

_______________

refais un scan en lmigne et colle moi le rapport cette fois

dis tes pbs

recolle hijackthis
0
Réponse 4 / 9
D-Nasty
 
Donc pour ce qui est des scan en ligne avec panda il veut pas se charger (reste bloqué au moment de l'update 0%) et pour housecall launch il avait commencer le scan et mozilla s'est bloquer et s'est arreter tout seul....
Bref j'ai quand meme fait le reste et voici les résultats:

Combofix

ComboFix 07-08-04.3 - "Mohamed" 2007-08-06 11:51:51.1 [GMT 2:00] - NTFS
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.Vrai
* Created a new restore point

((((((((((((((((((((((((( Files Created from 2007-07-06 to 2007-08-06 )))))))))))))))))))))))))))))))

2007-08-06 11:51 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-06 00:16 <REP> d-------- C:\WINDOWS\system32\Panda Software
2007-08-05 23:51 <REP> d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Media Player Classic
2007-08-05 23:00 <REP> d-------- C:\DOCUME~1\Mohamed\.housecall6.6
2007-08-05 21:57 <REP> d-------- C:\Program Files\Lavasoft
2007-08-05 21:57 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-08-05 21:56 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-08-05 21:37 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-05 21:22 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-08-05 21:22 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-08-05 21:22 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-08-05 21:11 82,258 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-08-05 21:11 82,258 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-08-05 21:10 3,644,960 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-08-05 21:10 20,768 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-08-05 21:10 <REP> d-------- C:\Program Files\Kaspersky Lab
2007-08-05 21:10 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
2007-08-05 19:52 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-08-05 17:27 <REP> d-------- C:\Program Files\Google
2007-08-05 17:27 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-08-05 15:38 <REP> d-------- C:\Program Files\Combined Community Codec Pack
2007-08-05 15:35 <REP> d-------- C:\Program Files\Real Alternative
2007-08-05 15:35 <REP> d-------- C:\Program Files\Media Player Classic
2007-08-05 15:35 <REP> d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Real
2007-08-05 15:35 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
2007-08-05 15:31 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-08-05 15:31 740,442 --a------ C:\WINDOWS\system32\divx.dll
2007-08-05 15:31 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-08-05 15:31 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-08-05 15:31 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-08-05 15:31 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-08-05 15:31 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-08-05 15:14 <REP> d-------- C:\Program Files\Satsuki Decoder Pack
2007-08-03 20:43 <REP> d-------- C:\DOCUME~1\Mohamed\Shared
2007-08-03 20:43 <REP> d-------- C:\DOCUME~1\Mohamed\Incomplete
2007-08-03 20:42 <REP> d-------- C:\DOCUME~1\Mohamed\APPLIC~1\LimeWire
2007-07-30 19:42 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2007-07-30 19:42 90,112 --a------ C:\WINDOWS\system32\agsaami.dll
2007-07-30 19:42 610,304 --a------ C:\WINDOWS\system32\agsaamg.dll
2007-07-30 19:42 53,760 --a------ C:\WINDOWS\system\ppacklib.dll
2007-07-30 19:42 372,736 --a------ C:\WINDOWS\system32\agsaamc.dll
2007-07-30 19:42 35 --a------ C:\WINDOWS\system32\winitn.dll
2007-07-30 19:42 237,568 --a------ C:\WINDOWS\system32\lame_enc.dll
2007-07-30 19:42 2,535,424 --a------ C:\WINDOWS\system32\agsaamj.dll
2007-07-30 19:42 196,608 --a------ C:\WINDOWS\system32\maag.dll
2007-07-30 19:42 1,986,560 --a------ C:\WINDOWS\system32\akll.dll
2007-07-30 19:42 1,245,184 --a------ C:\WINDOWS\system32\bkll.dll
2007-07-30 19:42 1,212,416 --a------ C:\WINDOWS\system32\ckll.dll
2007-07-30 19:42 1 --a------ C:\WINDOWS\tidosr.dll
2007-07-30 19:42 <REP> d-------- C:\WINDOWS\system32\RMBin
2007-07-30 19:37 2,995 --a------ C:\WINDOWS\system32\SpoonUninstall-dBPowerAMP Real Audio Encoder R3.dat
2007-07-30 19:36 164,352 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2007-07-30 19:36 <REP> d-------- C:\Program Files\Illustrate
2007-07-29 20:24 <REP> d-------- C:\Program Files\MSN Messenger
2007-07-27 19:56 31,232 -r-hs---- C:\WINDOWS\system32\msfDX.dll
2007-07-27 19:54 <REP> d-------- C:\Program Files\eRightSoft
2007-07-25 11:46 <REP> d-------- C:\Downloads
2007-07-24 22:08 <REP> d-------- C:\Program Files\DivX
2007-07-22 21:35 <REP> d-------- C:\Program Files\UZC Trial
2007-07-18 22:34 719,872 --a------ C:\WINDOWS\system32\devil.dll
2007-07-18 22:34 318,976 --a------ C:\WINDOWS\system32\avisynth.dll
2007-07-18 22:34 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-07-18 19:21 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-07-18 19:21 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll
2007-07-18 19:21 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll
2007-07-18 19:20 <REP> d-------- C:\WINDOWS\Replay Media Catcher
2007-07-18 19:20 <REP> d-------- C:\Program Files\Replay Media Catcher
2007-07-18 19:20 <REP> d-------- C:\Program Files\Replay Converter
2007-07-18 19:19 <REP> d-------- C:\WINDOWS\FLV Player
2007-07-08 13:37 <REP> d-------- C:\Program Files\ReflexiveArcade

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-06 11:44 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Orbit
2007-08-06 00:18 49148 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-08-06 00:18 2732 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-08-06 00:10 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Azureus
2007-08-05 23:08 4584 --a--c--- C:\WINDOWS\mozver.dat
2007-08-05 15:31 --------- d-------- C:\Program Files\K-Lite Codec Pack
2007-08-05 15:29 --------- d-------- C:\Program Files\VideoLAN
2007-08-05 15:05 --------- d-------- C:\Program Files\Fichiers communs\Real
2007-08-01 19:38 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Propellerhead Software
2007-07-29 20:26 --------- d-------- C:\Program Files\Messenger Plus! Live
2007-07-29 18:22 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-27 17:22 --------- d-------- C:\Program Files\Orbitdownloader
2007-07-22 11:56 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\pingbagsmedia
2007-07-19 13:03 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\fltk.org
2007-07-17 14:19 4252 --a------ C:\Program Files\momo.txt
2007-07-05 13:54 5 --a------ C:\Program Files\nomutil.txt
2007-07-05 12:15 --------- d-------- C:\Program Files\adslTV
2007-07-04 11:03 --------- d-------- C:\Program Files\Windows Live
2007-06-30 16:06 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Zen Puzzle Garden
2007-06-29 19:59 --------- d-------- C:\Program Files\iTunes
2007-06-29 19:59 --------- d-------- C:\Program Files\iPod
2007-06-29 19:57 --------- d-------- C:\Program Files\Fichiers communs\Apple
2007-06-28 22:29 --------- d-------- C:\Program Files\Real
2007-06-22 14:37 --------- d-------- C:\Program Files\ElcomSoft
2007-06-21 17:43 --------- d-------- C:\Program Files\TubeSucker
2007-06-21 17:37 --------- d-------- C:\Program Files\Nuclear Coffee
2007-06-21 17:17 --------- d-------- C:\Program Files\CamStudio
2007-06-12 21:18 --------- d-------- C:\Program Files\Opera
2007-06-12 21:15 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Opera
2007-06-12 16:12 --------- d-------- C:\Program Files\MIKSOFT
2007-06-10 16:46 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Radios Media Player
2007-06-08 23:01 --------- d-------- C:\Program Files\MP3 Player Utilities 3.57
2007-06-07 13:57 --------- d-------- C:\Program Files\RS P2P Share Spy Demo
2007-06-06 23:43 --------- d-------- C:\Program Files\Fichiers communs\Ahead
2007-06-06 23:33 --------- d-------- C:\Program Files\Elaborate Bytes
2007-06-06 23:25 --------- d-------- C:\Program Files\Jufsoft
2007-06-06 22:24 --------- d-------- C:\DOCUME~1\Mohamed\APPLIC~1\Ahead
2007-06-06 22:18 --------- d-------- C:\Program Files\Nero
2007-06-06 22:11 --------- d-------- C:\Program Files\Ahead
2007-05-30 11:51 0 --a--c--- C:\WINDOWS\nsreg.dat
2007-05-25 15:57 233472 --a------ C:\WINDOWS\system32\REX Shared Library.dll
2007-05-22 11:02 163840 --a------ C:\WINDOWS\system32\unrar.dll
2007-05-19 22:37 206352 --a------ C:\WINDOWS\system32\klogon.dll
2007-05-19 12:52 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-05-16 17:13 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:13 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:13 683520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:13 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:13 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-05-14 15:24 394240 --a------ C:\WINDOWS\system32\Smab.dll
2007-05-08 10:59 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2006-05-03 09:06:54 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 13:25]
"TPSMain"="TPSMain.exe" [2005-08-03 17:09 C:\WINDOWS\system32\TPSMain.exe]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2006-01-05 15:02]
"TFncKy"="TFncKy.exe" []
"TDispVol"="TDispVol.exe" [2005-09-15 15:19 C:\WINDOWS\system32\TDispVol.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-17 01:32]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 10:24]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-10 00:49 C:\WINDOWS\RTHDCPL.exe]
"NDSTray.exe"="NDSTray.exe" []
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2004-08-18 12:37]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 12:37]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 11:41]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-10-06 06:20]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 15:43]
"Alcmtr"="ALCMTR.EXE" []
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 15:29 C:\WINDOWS\agrsmmsg.exe]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 19:19]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 09:14]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-05-19 22:36]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-05 21:21]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mfcd list"="C:\DOCUME~1\Mohamed\APPLIC~1\PINGBA~1\Team Enc.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" []
"NudgeMania"="C:\Program Files\NudgeMania\NudgeMania.exe" []
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-08-05 17:32]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe [2007-05-13 20:44:21]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2007-05-13 12:43:35]

R1 meiudf;meiudf;C:\WINDOWS\system32\Drivers\meiudf.sys
R1 nod32drv;nod32drv;C:\WINDOWS\system32\drivers\nod32drv.sys
R1 SCDEmu;SCDEmu;C:\WINDOWS\system32\drivers\SCDEmu.sys
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol;C:\WINDOWS\system32\DRIVERS\netdevio.sys
R2 s24trans;Transport RLAN;C:\WINDOWS\system32\DRIVERS\s24trans.sys
R3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
R3 E100B;Intel(R) PRO Network Connection Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys
R3 Iviaspi;IVI ASPI Shell;C:\WINDOWS\system32\drivers\iviaspi.sys
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys
R3 sdbus;sdbus;C:\WINDOWS\system32\DRIVERS\sdbus.sys
R3 SynTP;Synaptics TouchPad Driver;C:\WINDOWS\system32\DRIVERS\SynTP.sys
R3 tifm21;tifm21;C:\WINDOWS\system32\drivers\tifm21.sys
R3 TVALD;Toshiba Mobile PC Service;C:\WINDOWS\system32\DRIVERS\NBSMI.sys
R3 Tvs;TOSHIBA Virtual Sound with SRS technologies;C:\WINDOWS\system32\DRIVERS\Tvs.sys
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver;C:\WINDOWS\system32\DRIVERS\w39n51.sys
S3 odserv;Microsoft Office Diagnostics Service;"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE"
S3 ovt530;Webcam Classic;C:\WINDOWS\system32\Drivers\ov530vid.sys
S3 sffdisk;Pilote de classe de stockage SFF;C:\WINDOWS\system32\DRIVERS\sffdisk.sys
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus;C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{283d515a-05f9-11dc-8b39-00a0d149d412}]
AutoRun\command- F:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{768eeb66-362b-11dc-8bd6-00a0d149d412}]
Auto\command- F:\AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

Contents of the 'Scheduled Tasks' folder
2007-06-25 13:50:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-06 11:56:20
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-06 11:57:48

--- E O F ---

SDFix

SDFix: Version 1.96

Run by Mohamed on 06/08/2007 at 12:13

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\Mohamed\Bureau\SDFix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...

Normal Mode:
Checking Files:

No Trojan Files Found

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Remaining Files:
---------------

Files with Hidden Attributes:

C:\Program Files\eRightSoft\SUPER\cygwin1.dll
C:\Program Files\eRightSoft\SUPER\cygz.dll
C:\Program Files\eRightSoft\SUPER\_Setup.dll
C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll
C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll
C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll
C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll
C:\Program Files\Replay Converter\cygz.dll
C:\WINDOWS\system32\flvDX.dll
C:\WINDOWS\system32\msfDX.dll
C:\Program Files\eRightSoft\SUPER\Setup.exe
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

Finished

Clean

06/08/2007 a 12:32:51,45

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\SpoonUninstall.exe FOUND

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 06/08/2007 a 12:33:45,92

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe

*** Suppression des fichiers dans C:\Program Files

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !

Hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 13:11:47, on 06/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Azureus\Azureus.exe
C:\DOCUME~1\Mohamed\LOCALS~1\Temp\Rar$EX00.141\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 217.141.251.202:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [mfcd list] C:\DOCUME~1\Mohamed\APPLIC~1\PINGBA~1\Team Enc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NudgeMania] C:\Program Files\NudgeMania\NudgeMania.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoDLDivXWebPlayerInstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79CB474B-27AB-4E53-9B81-41A778EC9446}: NameServer = 192.168.1.1,213.36.80.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
scan avec
bit defender free et colle le rapport

https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html

_________________

smit fraud fix (colle le rapport)

http://telechargement.zebulon.fr/smitfraudfix.html

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

3/ puis refaire comme en 2/ mais selectionne l'option 2 et appuyer sur entrée pour commencer la desinfection. lorsque le programme demande si tu veut nettoyer le registre metsoui en tapant 0 et entrée

--------------
télécharger sur le bureau
Navilog.zip
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

= Double-Clic navilog1.zip
= Extraire tout sur le bureau
= Double-Clic navilog1 qui est sur le bureau
= Appuyer sur une touche jusqu' arriver aux options
= Choisir option 1

__________________

mets a jour java

https://www.java.com/fr/

_____________

recolle hijackthis
0
Réponse 6 / 9
D-Nasty
 
Bitdefender

//-----------------------------------------------------------------
//
// Product: BitDefender 8 Free Edition
// Version: 8.0
//
// Created on: 06/08/2007 17:42:47
//
//-----------------------------------------------------------------

Statistics

Scan path : C:\WINDOWS\system32\
Folders : 277
Files : 6830
Archives : 22
Packed files : 337
Identified viruses : 0
Infected files : 0
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 0
Renamed files : 0
I/O errors : 20
Scan time : 00:03:41
Scan speed (files/sec) : 30

Virus definitions : 689841
Scan plugins : 14
Archive plugins : 38
Unpack plugins : 6
Mail plugins : 6
System plugins : 1

Scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Scan options
[X] Enable warnings
[X] Enable heuristics
[X] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report

Scanned files

C:\=>Master Boot Record OK
C:\=>Primary partition 1 (Active) OK
C:\WINDOWS\system32\ OK
C:\WINDOWS\system32\$ncsp$.inf OK
C:\WINDOWS\system32\$winnt$.inf OK
C:\WINDOWS\system32\1025\ OK
C:\WINDOWS\system32\1028\ OK
C:\WINDOWS\system32\1031\ OK
C:\WINDOWS\system32\1033\ OK
C:\WINDOWS\system32\1033\dwintl.dll OK
C:\WINDOWS\system32\1036\ OK
C:\WINDOWS\system32\1036\dwintl.dll OK
C:\WINDOWS\system32\1037\ OK
C:\WINDOWS\system32\1041\ OK
C:\WINDOWS\system32\1042\ OK
C:\WINDOWS\system32\1054\ OK
C:\WINDOWS\system32\12520437.cpx OK
C:\WINDOWS\system32\12520850.cpx OK
C:\WINDOWS\system32\2052\ OK
C:\WINDOWS\system32\3076\ OK
C:\WINDOWS\system32\3com_dmi\ OK
C:\WINDOWS\system32\6to4svc.dll OK
C:\WINDOWS\system32\aaaamon.dll OK
C:\WINDOWS\system32\aac_parser.ax OK
C:\WINDOWS\system32\ac3DX.ax OK
C:\WINDOWS\system32\ac3filter.acm OK
C:\WINDOWS\system32\access.cpl OK
C:\WINDOWS\system32\acctres.dll OK
C:\WINDOWS\system32\accwiz.exe OK
C:\WINDOWS\system32\acelpdec.ax OK
C:\WINDOWS\system32\acledit.dll OK
C:\WINDOWS\system32\aclui.dll OK
C:\WINDOWS\system32\activeds.dll OK
C:\WINDOWS\system32\activeds.tlb OK
C:\WINDOWS\system32\actmovie.exe OK
C:\WINDOWS\system32\actskn43.ocx OK
C:\WINDOWS\system32\actskn45.ocx OK
C:\WINDOWS\system32\actxprxy.dll OK
C:\WINDOWS\system32\admparse.dll OK
C:\WINDOWS\system32\adptif.dll OK
C:\WINDOWS\system32\adsldp.dll OK
C:\WINDOWS\system32\adsldpc.dll OK
C:\WINDOWS\system32\adsmsext.dll OK
C:\WINDOWS\system32\adsnt.dll OK
C:\WINDOWS\system32\advapi32.dll OK
C:\WINDOWS\system32\advpack.dll OK
C:\WINDOWS\system32\advpack.dll.mui OK
C:\WINDOWS\system32\agsaamc.dll OK
C:\WINDOWS\system32\agsaamg.dll OK
C:\WINDOWS\system32\agsaami.dll OK
C:\WINDOWS\system32\agsaamj.dll OK
C:\WINDOWS\system32\ahui.exe OK
C:\WINDOWS\system32\akll.dll OK
C:\WINDOWS\system32\alg.exe OK
C:\WINDOWS\system32\alrsvc.dll OK
C:\WINDOWS\system32\ALSndMgr.Cpl OK
C:\WINDOWS\system32\amcompat.tlb OK
C:\WINDOWS\system32\amstream.dll OK
C:\WINDOWS\system32\ansi.sys OK
C:\WINDOWS\system32\apcups.dll OK
C:\WINDOWS\system32\append.exe OK
C:\WINDOWS\system32\apphelp.dll OK
C:\WINDOWS\system32\appwiz.cpl OK
C:\WINDOWS\system32\arp.exe OK
C:\WINDOWS\system32\asctrls.ocx OK
C:\WINDOWS\system32\asferror.dll OK
C:\WINDOWS\system32\asycfilt.dll OK
C:\WINDOWS\system32\at.exe OK
C:\WINDOWS\system32\ati2cqag.dll OK
C:\WINDOWS\system32\ati2dvag.dll OK
C:\WINDOWS\system32\ati2edxx.dll OK
C:\WINDOWS\system32\ati2evxx.dll OK
C:\WINDOWS\system32\ati2evxx.exe OK
C:\WINDOWS\system32\Ati2mdxx.exe OK
C:\WINDOWS\system32\ati3duag.dll OK
C:\WINDOWS\system32\ATIDDC.DLL OK
C:\WINDOWS\system32\ATIDEMGR.dll OK
C:\WINDOWS\system32\atifglpf.xml OK
C:\WINDOWS\system32\atiicdxx.dat OK
C:\WINDOWS\system32\atiiiexx.dll OK
C:\WINDOWS\system32\atikvmag.dll OK
C:\WINDOWS\system32\atioglx1.dll OK
C:\WINDOWS\system32\atioglxx.dll OK
C:\WINDOWS\system32\atipdlxx.dll OK
C:\WINDOWS\system32\atitvo32.dll OK
C:\WINDOWS\system32\ativcoxx.dll OK
C:\WINDOWS\system32\ativvaxx.dll OK
C:\WINDOWS\system32\atkctrs.dll OK
C:\WINDOWS\system32\atl.dll OK
C:\WINDOWS\system32\atl71.dll OK
C:\WINDOWS\system32\atmadm.exe OK
C:\WINDOWS\system32\atmfd.dll OK
C:\WINDOWS\system32\atmlib.dll OK
C:\WINDOWS\system32\atmpvcno.dll OK
C:\WINDOWS\system32\atrace.dll OK
C:\WINDOWS\system32\attrib.exe OK
C:\WINDOWS\system32\audiodev.dll OK
C:\WINDOWS\system32\audiosrv.dll OK
C:\WINDOWS\system32\auditusr.exe OK
C:\WINDOWS\system32\authz.dll OK
C:\WINDOWS\system32\autochk.exe OK
C:\WINDOWS\system32\autoconv.exe OK
C:\WINDOWS\system32\autodisc.dll OK
C:\WINDOWS\system32\AUTOEXEC.NT OK
C:\WINDOWS\system32\autofmt.exe OK
C:\WINDOWS\system32\autolfn.exe OK
C:\WINDOWS\system32\AVCDX.ax OK
C:\WINDOWS\system32\avicap.dll OK
C:\WINDOWS\system32\avicap32.dll OK
C:\WINDOWS\system32\avifil32.dll OK
C:\WINDOWS\system32\avifile.dll OK
C:\WINDOWS\system32\avisynth.dll OK
C:\WINDOWS\system32\avmeter.dll OK
C:\WINDOWS\system32\AVSredirect.dll OK
C:\WINDOWS\system32\avtapi.dll OK
C:\WINDOWS\system32\avwav.dll OK
C:\WINDOWS\system32\basesrv.dll OK
C:\WINDOWS\system32\batmeter.dll OK
C:\WINDOWS\system32\batt.dll OK
C:\WINDOWS\system32\bidispl.dll OK
C:\WINDOWS\system32\bios1.rom OK
C:\WINDOWS\system32\bios4.rom OK
C:\WINDOWS\system32\bios4.rom=>REMOVED_NULLS OK
C:\WINDOWS\system32\bitsprx2.dll OK
C:\WINDOWS\system32\bitsprx3.dll OK
C:\WINDOWS\system32\bkll.dll OK
C:\WINDOWS\system32\blackbox.dll OK
C:\WINDOWS\system32\blastcln.exe OK
C:\WINDOWS\system32\bootok.exe OK
C:\WINDOWS\system32\bootvid.dll OK
C:\WINDOWS\system32\bootvrfy.exe OK
C:\WINDOWS\system32\bopomofo.uce OK
C:\WINDOWS\system32\browselc.dll OK
C:\WINDOWS\system32\browser.dll OK
C:\WINDOWS\system32\browseui.dll OK
C:\WINDOWS\system32\browsewm.dll OK
C:\WINDOWS\system32\bthci.dll OK
C:\WINDOWS\system32\bthprops.cpl OK
C:\WINDOWS\system32\bthserv.dll OK
C:\WINDOWS\system32\btpanui.dll OK
C:\WINDOWS\system32\BuzzingBee.wav OK
C:\WINDOWS\system32\cabinet.dll OK
C:\WINDOWS\system32\cabview.dll OK
C:\WINDOWS\system32\cacls.exe OK
C:\WINDOWS\system32\calc.exe OK
C:\WINDOWS\system32\camocx.dll OK
C:\WINDOWS\system32\capesnpn.dll OK
C:\WINDOWS\system32\capicom.dll OK
C:\WINDOWS\system32\cards.dll OK
C:\WINDOWS\system32\CatRoot\ OK
C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\ OK
C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\CatRoot\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\WLSetup.cat OK
C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ OK
C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\klim5.cat OK
C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\1.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\945gm.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\codecs10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\dmi_pci.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\DRM10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\FP4.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ich7core.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ich7ide.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ich7usb.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IDNMitigationAPIs.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IMS.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB873333.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB873339.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB884018.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885250.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885835.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885836.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB885855.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB886185.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB887472.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888111WXPSP2.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888113.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888302.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB889673.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890046.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890175.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB890859.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB891781.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB892130.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893056.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893066.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893357.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893756.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893803v2_wxp.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB894391.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB894871.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB895200.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896256.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896358.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896422.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896423.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896424.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896428.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB896688.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB898458.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB898461.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899587.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899589.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB899591.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB900485.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB900725.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB901017.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB901214.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB902400.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB904706.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB904942.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905414.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905749.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB908519.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB908531.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB910437.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911280.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911562.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911564.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911927.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB912945.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB913580.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914388.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914389.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914440.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB915865.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB916595.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917344.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917422.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917953.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918118.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918439.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB919007.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920213.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920670.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920683.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920685.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920872.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB922582.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB922819.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923191.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923414.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923694.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923723.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923980.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924191.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924270.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924496.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924667.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925398.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925902.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926239.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926255.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926436.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB927779.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB927802.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB927891.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928090-IE7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928255.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB928843.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929123.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929399.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB929969.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB930178.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB930916.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931261.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931768-IE7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931768.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931784.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB931836.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB932168.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB933566-IE7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB935448.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB935839.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB935840.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB936357.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MPCD10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MPPRE10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MPSTUB10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSCompPackV1.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSMSGS.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn7.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn9.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSTSWEB.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NLSDownlevelMapping.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NTPRINT.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem12.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem14.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem19.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem20.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem21.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem22.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem23.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem24.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem25.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem4.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem9.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\SP2.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\startoc.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WgaNotify.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMDM10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmerrenu.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMFDist11.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMFSDK10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMP10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmp11.cat OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMSET10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WPD10.CAT OK
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Wudf01000.cat OK
C:\WINDOWS\system32\CatRoot2\ OK
C:\WINDOWS\system32\CatRoot2\dberr.txt OK
C:\WINDOWS\system32\CatRoot2\edb.chk OK
C:\WINDOWS\system32\CatRoot2\edb.log OK
C:\WINDOWS\system32\CatRoot2\edb0007A.log OK
C:\WINDOWS\system32\CatRoot2\res1.log OK
C:\WINDOWS\system32\CatRoot2\res2.log OK
C:\WINDOWS\system32\CatRoot2\tmp.edb OK
C:\WINDOWS\system32\CatRoot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\ OK
C:\WINDOWS\system32\CatRoot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\catdb OK
C:\WINDOWS\system32\CatRoot2\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ OK
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb OK
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ OK
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb OK
C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp OK
C:\WINDOWS\system32\catsrv.dll OK
C:\WINDOWS\system32\catsrvps.dll OK
C:\WINDOWS\system32\catsrvut.dll OK
C:\WINDOWS\system32\ccfgnt.dll OK
C:\WINDOWS\system32\cdfview.dll OK
C:\WINDOWS\system32\cdm.dll OK
C:\WINDOWS\system32\cdmodem.dll OK
C:\WINDOWS\system32\cdosys.dll OK
C:\WINDOWS\system32\cdplayer.exe.manifest OK
C:\WINDOWS\system32\certcli.dll OK
C:\WINDOWS\system32\certmgr.dll OK
C:\WINDOWS\system32\certmgr.msc OK
C:\WINDOWS\system32\cewmdm.dll OK
C:\WINDOWS\system32\cfgbkend.dll OK
C:\WINDOWS\system32\cfgmgr32.dll OK
C:\WINDOWS\system32\charmap.exe OK
C:\WINDOWS\system32\Chaînes.scf OK
C:\WINDOWS\system32\ChCfg.exe OK
C:\WINDOWS\system32\chcp.com OK
C:\WINDOWS\system32\chkdsk.exe OK
C:\WINDOWS\system32\chkntfs.exe OK
C:\WINDOWS\system32\ciadmin.dll OK
C:\WINDOWS\system32\ciadv.msc OK
C:\WINDOWS\system32\cic.dll OK
C:\WINDOWS\system32\cidaemon.exe OK
C:\WINDOWS\system32\ciodm.dll OK
C:\WINDOWS\system32\cisvc.exe OK
C:\WINDOWS\system32\ckcnv.exe OK
C:\WINDOWS\system32\ckll.dll OK
C:\WINDOWS\system32\clb.dll OK
C:\WINDOWS\system32\clbcatex.dll OK
C:\WINDOWS\system32\clbcatq.dll OK
C:\WINDOWS\system32\cleanmgr.exe OK
C:\WINDOWS\system32\cliconf.chm OK
C:\WINDOWS\system32\cliconf.chm=>/#SYSTEM OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_apple.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_apple.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx1.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx1.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx2.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_ipxspx2.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_multi.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_multi.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_namedpipes.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_namedpipes.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_others.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_others.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_tcpip.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_tcpip.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_vines.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_add_vines.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_alias.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_alias.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_dblib.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_dblib.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_general.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_general.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/idh_netlib.htm OK
C:\WINDOWS\system32\cliconf.chm=>/idh_netlib.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_add_(or_edit)_via_library_configuration.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_add_(or_edit)_via_library_configuration.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_appletalk_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_appletalk_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_banyan_vines_protocol_default_value_setup.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_banyan_vines_protocol_default_value_setup.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_alias_a_client_to_an_alternate_pipe.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_alias_a_client_to_an_alternate_pipe.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_check_the_library_version_numbers.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_check_the_library_version_numbers.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_use_the_windows_sockets_net.2d.library_.28.windows.2d_.or_windows_nt.2d.based_clients.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_use_the_windows_sockets_net.2d.library_.28.windows.2d_.or_windows_nt.2d.based_clients.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_verify_that_sql_server_is_listening_on_appletalk_and_can_accept_a_client_connection.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_helphow_to_verify_that_sql_server_is_listening_on_appletalk_and_can_accept_a_client_connection.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_add_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_add_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_check_the_odbc_sql_server_driver_version_.28.windows_95.2d.based_clients.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_check_the_odbc_sql_server_driver_version_.28.windows_95.2d.based_clients.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_a_nonstandard_network_protocol.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_a_nonstandard_network_protocol.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_appletalk_network_protocol.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_appletalk_network_protocol.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_banyan_vines_network_protocol.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_banyan_vines_network_protocol.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_nwlink_ipx.2f.spx_network_protocol.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_nwlink_ipx.2f.spx_network_protocol.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_via_network_library_(client_network_utility).htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_configure_a_client_to_use_the_via_network_library_(client_network_utility).htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_create_an_alias_for_a_specific_server_name_to_use_the_multi.2d.protocol_net.2d.library.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_create_an_alias_for_a_specific_server_name_to_use_the_multi.2d.protocol_net.2d.library.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_delete_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_delete_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_edit_a_network_protocol_configuration_.28.client_configuration_utility.29.htm OK
C:\WINDOWS\system32\cliconf.chm=>/_how_to_edit_a_network_protocol_configuration_.28.client_configuration_utility.29.htm=>(JAVASCRIPT 2) OK
C:\WINDOWS\system32\cliconfg.dll OK
C:\WINDOWS\system32\cliconfg.exe OK
C:\WINDOWS\system32\cliconfg.rll OK
C:\WINDOWS\system32\clipbrd.exe OK
C:\WINDOWS\system32\clipsrv.exe OK
C:\WINDOWS\system32\clusapi.dll OK
C:\WINDOWS\system32\cmcfg32.dll OK
C:\WINDOWS\system32\cmd.exe OK
C:\WINDOWS\system32\cmdial32.dll OK
C:\WINDOWS\system32\cmdl32.exe OK
C:\WINDOWS\system32\CMDLGFR.DLL OK
C:\WINDOWS\system32\CmdLineExt.dll OK
C:\WINDOWS\system32\cmmgr32.hlp OK
C:\WINDOWS\system32\cmmon32.exe OK
C:\WINDOWS\system32\cmos.ram OK
C:\WINDOWS\system32\cmpbk32.dll OK
C:\WINDOWS\system32\cmprops.dll OK
C:\WINDOWS\system32\cmsetACL.dll OK
C:\WINDOWS\system32\cmstp.exe OK
C:\WINDOWS\system32\cmutil.dll OK
C:\WINDOWS\system32\cnbjmon.dll OK
C:\WINDOWS\system32\cnetcfg.dll OK
C:\WINDOWS\system32\cnvfat.dll OK
C:\WINDOWS\system32\colbact.dll OK
C:\WINDOWS\system32\Com\ OK
C:\WINDOWS\system32\Com\comadmin.dll OK
C:\WINDOWS\system32\Com\comempty.dat OK
C:\WINDOWS\system32\Com\comexp.msc OK
C:\WINDOWS\system32\Com\comrepl.exe OK
C:\WINDOWS\system32\Com\comrereg.exe OK
C:\WINDOWS\system32\Com\mtsadmin.tlb OK
C:\WINDOWS\system32\comaddin.dll OK
C:\WINDOWS\system32\comcat.dll OK
C:\WINDOWS\system32\comctl32.dll OK
C:\WINDOWS\system32\comctl32.ocx OK
C:\WINDOWS\system32\comdlg32.dll OK
C:\WINDOWS\system32\Comdlg32.ocx OK
C:\WINDOWS\system32\comm.drv OK
C:\WINDOWS\system32\command.com OK
C:\WINDOWS\system32\commdlg.dll OK
C:\WINDOWS\system32\comp.exe OK
C:\WINDOWS\system32\compact.exe OK
C:\WINDOWS\system32\compatUI.dll OK
C:\WINDOWS\system32\compmgmt.msc OK
C:\WINDOWS\system32\compobj.dll OK
C:\WINDOWS\system32\compstui.dll OK
C:\WINDOWS\system32\comrepl.dll OK
C:\WINDOWS\system32\comres.dll OK
C:\WINDOWS\system32\comsnap.dll OK
C:\WINDOWS\system32\comsvcs.dll OK
C:\WINDOWS\system32\comuid.dll OK
C:\WINDOWS\system32\config\ OK
C:\WINDOWS\system32\config\ACEEvent.evt OK
C:\WINDOWS\system32\config\Antiviru.evt OK
C:\WINDOWS\system32\config\Antivirus.Evt OK
C:\WINDOWS\system32\config\AppEvent.Evt OK
C:\WINDOWS\system32\config\default OK
C:\WINDOWS\system32\config\default.LOG OK
C:\WINDOWS\system32\config\default.sav OK
C:\WINDOWS\system32\config\Internet.evt OK
C:\WINDOWS\system32\config\ODiag.evt OK
C:\WINDOWS\system32\config\OSession.evt OK
C:\WINDOWS\system32\config\SAM OK
C:\WINDOWS\system32\config\SAM.LOG OK
C:\WINDOWS\system32\config\SecEvent.Evt OK
C:\WINDOWS\system32\config\SECURITY OK
C:\WINDOWS\system32\config\SECURITY.LOG OK
C:\WINDOWS\system32\config\software OK
C:\WINDOWS\system32\config\software.LOG OK
C:\WINDOWS\system32\config\software.sav OK
C:\WINDOWS\system32\config\SysEvent.Evt OK
C:\WINDOWS\system32\config\system OK
C:\WINDOWS\system32\config\system.LOG OK
C:\WINDOWS\system32\config\system.sav OK
C:\WINDOWS\system32\config\systemprofile\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\AdobeCMapFnt07.lst OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\AdobeSysFnt07.lst OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\Collab\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\Collab\RSS OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\JavaScripts\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js=>(unicode) OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\Preferences\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe\Acrobat\7.0\UserCache.bin OK
C:\WINDOWS\system32\config\systemprofile\Application Data\ATI\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\ATI\ACE\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Identities\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Identities\{2956981E-2B7C-4E68-AB54-66B9FB287981}\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Intel\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Intel\Wireless\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.1.4322\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CLR Security Config\v1.1.4322\security.config.cch OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015=>authroot.stl OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\CFC456E7E410D69E2C6F3E2DB75C7DB3 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E891C648621A40AC7F773694A17FE76C OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\CFC456E7E410D69E2C6F3E2DB75C7DB3 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E891C648621A40AC7F773694A17FE76C OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Crypto\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Crypto\RSA\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\HTML Help\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\HTML Help\hh.dat OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\HTML Help\hh.dat=>/Program Files/Sonic/RecordNow!/RecordNow.chm/TriPane OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Desktop.htt OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Desktop.htt=>(unicode) OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\MMC\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\CREDHIST OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\S-1-5-21-220523388-1788223648-682003330-1003\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\S-1-5-21-220523388-1788223648-682003330-1003\c50a1d8f-245d-44d5-bb50-e29201eddba7 OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\S-1-5-21-220523388-1788223648-682003330-1003\Preferred OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Windows\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Windows\Themes\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Windows\Themes\Custom.theme OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Sonic\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Sonic\RecordNow!\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\Sonic\RecordNow!\Favorites\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\pcdiag\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\pcdiag\v3.0\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\pcdiag\v3.0\Logs\ OK
C:\WINDOWS\system32\config\systemprofile\Application Data\toshiba\pcdiag\v3.0\wbeminfo.log OK
C:\WINDOWS\system32\config\systemprofile\Bureau\ OK
C:\WINDOWS\system32\config\systemprofile\Cookies\ OK
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat OK
C:\WINDOWS\system32\config\systemprofile\Favoris\ OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Desktop.ini OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Guide des stations de radio.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\ OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Hotmail.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Personnaliser les liens.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Windows Media.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens\Windows.url OK
C:\WINDOWS\system32\config\systemprofile\Favoris\MSN.com.url OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\7.0\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\7.0\Cache\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\7.0\Cache\AcroFnt07.lst OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Acrobat\7.0\Cache\Search70\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Color\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe\Color\ACECache4.lst OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\SL153.tmp.6db21d8.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ApplicationHistory\SL230.tmp.e4e830d8.ini OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ATI\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ATI\ACE\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\ATI\ACE\Profiles.xml OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\IconCache.db OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\CD Burning\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.DTD OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.XML OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Toshiba\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Toshiba\BluetoothStack\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Toshiba\BluetoothStack\V1.0\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\ OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\1036.MST OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB) OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>other.zip OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>other.zip=>lib/charsets.pack OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>other.zip=>lib/ext/localedata.pack OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_de.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_es.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_fr.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_it.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_ja.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_ko.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_sv.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_zh_CN.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>LICENSE_zh_TW.rtf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>bin/eula.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/audio/soundbank.gm OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/cmm/PYCC.pf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightDemiBold.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightDemiItalic.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightItalic.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaBrightRegular.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaSansDemiBold.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaTypewriterBold.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>extra.zip=>lib/fonts/LucidaTypewriterRegular.ttf OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/awt.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/axbridge.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/client/jvm.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/client/Xusage.txt OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/cmm.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/dcpr.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/deploy.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/dt_shmem.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/dt_socket.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/fontmanager.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/hpi.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/hprof.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/instrument.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/ioser12.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/j2pkcs11.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jaas_nt.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/java.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/java.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/javacpl.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/javaw.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/JavaWebStart.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/javaws.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/java_crw_demo.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jawt.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/JdbcOdbc.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jdwp.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpeg.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpicom32.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpicpl32.cpl OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpiexp32.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpinscp.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpioji.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jpishare.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jsound.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jsoundds.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jucheck.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/jusched.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/keytool.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/kinit.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/klist.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/ktab.exe OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/management.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/net.dll OK
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150040}\J2SE Runtime Environment 5.0 Update 4.msi=>(Embedded CAB)=>core1.zip=>bin/nio.dll OK
C:\WINDOWS\system32\config\systemprofile\Loc
0
Réponse 7 / 9
D-Nasty
 
Je viens de réinstallé le logiciel hide ip platinium et tout est redevenu normal. Qu'est-ce que je dois faire maintenant ? si je le désinstalle j'ai peur que çà redevienne comme avant....
0
Réponse 8 / 9
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
smit fraud fix (colle le rapport)

http://telechargement.zebulon.fr/smitfraudfix.html

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

3/ puis refaire comme en 2/ mais selectionne l'option 2 et appuyer sur entrée pour commencer la desinfection. lorsque le programme demande si tu veut nettoyer le registre metsoui en tapant 0 et entrée

--------------
télécharger sur le bureau
Navilog.zip
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

= Double-Clic navilog1.zip
= Extraire tout sur le bureau
= Double-Clic navilog1 qui est sur le bureau
= Appuyer sur une touche jusqu' arriver aux options
= Choisir option 1

__________________

mets a jour java

https://www.java.com/fr/

_____________

recolle hijackthis
0
Réponse 9 / 9
D-Nasty
 
Probleme résolu... merci quand meme d'avoir voulut m'aider mais y avait pas besoin de faire de recherche de virus car il n'y en avait pas ^^
0

Discussions similaires

App explorer Sa sert a quoi ?
Mada_alpha -
SATS_fr -

1 réponse
FOTOSE (allemagne)
lix -
Yves -

13 réponses