Sujet Précédent Sujet Suivant

Rootkit

Fermé
appel masqué - 17 mars 2009 à 01:18
 appel masqué - 4 juin 2009 à 08:40
Bonjour,j'ai un rootkit jarrive pa a lenlever avast me previen a chaque demarage kil y a un rootkit ke faire?
A voir également:

85 réponses

Réponse 1 / 85
Utilisateur anonyme
17 mars 2009 à 01:23
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
0
appel masqué
17 mars 2009 à 04:22
merci donc voila le log


Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2009-03-17 14:06:59
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 15 GB (51%) free of 30 GB
Total RAM: 478 MB (35% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-09-01 322368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-01-24 7311360]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-01-24 86016]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-09-08 716800]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-06 81000]
"SMSTray"=C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2006-07-21 126976]
"MAAgent"=C:\Program Files\MarkAny\ContentSafer\MAAgent.exe [2006-06-02 57344]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-02-16 282624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2005-03-14 1057280]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-20 1667584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
C:\WINDOWS\system32\HDAShCut.exe [2004-10-28 61952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kava]
C:\WINDOWS\system32\kavo.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LeechGet]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-02-16 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^DOCUME~1^ALLUSE~1^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2006-03-02 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"=C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 192512]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a484188-edbc-11dd-9bfc-0018f3d45844}]
shell\AutoRun\command - F:\1wod1.com
shell\explore\command - F:\1wod1.com
shell\open\command - F:\1wod1.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0bdb4011-1bcc-11dc-9787-806d6172696f}]
shell\AutoRun\command - mpstxgx.exe
shell\open\command - mpstxgx.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0bdb4012-1bcc-11dc-9787-806d6172696f}]
shell\AutoRun\command - E:\mpstxgx.exe
shell\open\command - E:\mpstxgx.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22cc1ef0-215d-11dc-9a67-0018f3d45844}]
shell\Auto\command - F:\sxs.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23d16920-06b4-11de-9c1f-0018f3d45844}]
shell\AutoRun\command - F:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe
shell\open\command - F:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d131f9c-b2b8-11dd-9b9b-0018f3d45844}]
shell\AutoRun\command - G:\1wod1.com
shell\explore\command - G:\1wod1.com
shell\open\command - G:\1wod1.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39417502-8f6d-11dd-9b41-0018f3d45844}]
shell\AutoRun\command - F:\1wod1.com
shell\explore\command - F:\1wod1.com
shell\open\command - F:\1wod1.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63a50aea-53c5-11dd-9ad1-0018f3d45844}]
shell\AutoRun\command - F:\RECYCLER\S-3-6-22-3434476501-1644491937-600003330-1213\DllSrv.exe
shell\open\command - F:\RECYCLER\S-3-6-22-3434476501-1644491937-600003330-1213\DllSrv.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb1340c0-0884-11de-9c25-0018f3d45844}]
shell\AutoRun\command - G:\1wod1.com
shell\explore\command - G:\1wod1.com
shell\open\command - G:\1wod1.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d639ad44-6db6-11dd-9b10-0018f3d45844}]
shell\AutoRun\command - F:\1wod1.com
shell\explore\command - F:\1wod1.com
shell\open\command - F:\1wod1.com


======List of files/folders created in the last 2 months======

2009-03-17 14:07:00 ----D---- C:\Program Files\trend micro
2009-03-17 14:06:59 ----D---- C:\rsit
2009-03-13 17:18:47 ----D---- C:\Documents and Settings\user\Application Data\Cool Record Edit Pro
2009-03-13 17:15:44 ----D---- C:\Documents and Settings\user\Application Data\Free Sound Recorder
2009-03-13 17:15:15 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2009-03-13 17:15:15 ----A---- C:\WINDOWS\system32\NCTTextToAudio2.dll
2009-03-13 17:15:15 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2009-03-13 17:15:15 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-03-13 17:15:13 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2009-03-13 17:15:12 ----D---- C:\Program Files\Free Sound Recorder
2009-03-11 18:50:44 ----D---- C:\Documents and Settings\user\Application Data\Macromedia
2009-03-11 17:57:38 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2009-03-09 18:41:35 ----D---- C:\Documents and Settings\user\Application Data\Malwarebytes
2009-03-09 18:41:26 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-09 18:41:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-09 10:24:30 ----A---- C:\k8m1l3e9f4n7.exe
2009-03-09 09:44:50 ----RSH---- C:\WINDOWS\system32\mkfght1.dll
2009-03-09 08:39:05 ----RSHD---- C:\RESTORE
2009-03-09 08:38:35 ----RSH---- C:\WINDOWS\system32\otrewe1.dll
2009-03-09 08:37:06 ----RSH---- C:\WINDOWS\system32\mkfght0.dll
2009-02-19 18:13:30 ----D---- C:\Program Files\MarkAny
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\vorbisenc.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\vorbis.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\unicows.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\tg_dump.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\OggDS.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\Ogg.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\muzwmts.dll
2009-02-19 18:13:17 ----A---- C:\WINDOWS\system32\muzapp.exe
2009-02-19 18:13:17 ----A---- C:\WINDOWS\system32\muzapp.dll
2009-02-19 18:13:17 ----A---- C:\WINDOWS\system32\muzaf1.dll
2009-02-19 17:24:56 ----A---- C:\WINDOWS\system32\LAME_MP3.dll
2009-02-19 17:24:55 ----D---- C:\Program Files\Lame MP3 Codec
2009-02-18 22:24:29 ----A---- C:\WINDOWS\IFinst26.exe
2009-02-18 22:24:27 ----D---- C:\Program Files\XviD
2009-02-18 22:22:41 ----A---- C:\WINDOWS\system32\MTXSYNCICON.dll
2009-02-18 22:22:41 ----A---- C:\WINDOWS\system32\MTTELECHIP.dll
2009-02-18 22:22:41 ----A---- C:\WINDOWS\system32\MSFLib.dll
2009-02-18 22:22:41 ----A---- C:\WINDOWS\system32\MSCLib.dll
2009-02-18 22:22:40 ----A---- C:\WINDOWS\system32\MASetupWizard.dll
2009-02-18 22:22:40 ----A---- C:\WINDOWS\system32\MASetupCleaner.exe
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MK_Lyric.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MaXMLProto.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MAMACExtract.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MaJUtilLib.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MaJGUILib.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MACXMLProto.dll
2009-02-18 22:22:30 ----A---- C:\WINDOWS\system32\MaDRM.dll
2009-02-18 22:22:12 ----D---- C:\Program Files\Samsung

======List of files/folders modified in the last 2 months======

2009-03-17 14:07:00 ----D---- C:\Program Files
2009-03-17 14:03:51 ----D---- C:\WINDOWS
2009-03-17 14:00:20 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-17 13:58:39 ----D---- C:\WINDOWS\Temp
2009-03-17 13:12:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-17 13:10:11 ----D---- C:\WINDOWS\system32\drivers
2009-03-17 13:10:09 ----HD---- C:\WINDOWS\inf
2009-03-17 13:06:57 ----D---- C:\Program Files\Mozilla Firefox
2009-03-17 12:10:06 ----D---- C:\WINDOWS\system32
2009-03-17 11:40:26 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-16 12:40:34 ----D---- C:\WINDOWS\Prefetch
2009-03-16 12:09:06 ----D---- C:\Documents and Settings\user\Application Data\Mozilla
2009-03-11 18:53:06 ----D---- C:\WINDOWS\system32\Macromed
2009-03-11 18:50:40 ----D---- C:\Documents and Settings\user\Application Data\Adobe
2009-03-11 18:24:46 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-10 19:22:01 ----D---- C:\WINDOWS\system32\LogFiles
2009-03-09 13:16:04 ----SHD---- C:\RECYCLER
2009-03-09 10:07:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-09 09:44:00 ----A---- C:\WINDOWS\system32\ftp.exe
2009-03-09 08:40:46 ----SD---- C:\Documents and Settings\user\Application Data\Microsoft
2009-03-08 08:37:13 ----SHD---- C:\WINDOWS\Installer
2009-03-08 08:36:53 ----D---- C:\Documents and Settings
2009-03-05 21:05:33 ----A---- C:\WINDOWS\photoprn.ini
2009-03-04 17:22:14 ----SD---- C:\WINDOWS\system32\Microsoft
2009-03-01 00:19:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-02-19 18:13:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-19 16:42:12 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-18 22:10:56 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-06 08:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-03 23:16:10 ----SH---- C:\boot.ini
2009-02-03 23:16:10 ----A---- C:\WINDOWS\win.ini
2009-02-03 23:16:10 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-06 26944]
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-10 43008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-06 51376]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 sdcplh;sdcplh; C:\WINDOWS\System32\drivers\sdcplh.sys [2007-11-27 55168]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-06 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-06 94032]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-06 23152]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-28 138240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-01-24 3535520]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-03-02 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 4c05c5df-0abc-4914-89e2-6b1754281ed8;4c05c5df-0abc-4914-89e2-6b1754281ed8; \??\D:\Player\cds300.dll []
S3 5c846fe9-3f64-4e43-8221-36c5ecd8923f;5c846fe9-3f64-4e43-8221-36c5ecd8923f; \??\D:\Player\cds300.dll []
S3 a2d24089-d72e-4b9d-b420-a7f61ce1e4fe;a2d24089-d72e-4b9d-b420-a7f61ce1e4fe; \??\D:\Player\cds300.dll []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-28 145920]
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\user\LOCALS~1\Temp\mc21.tmp []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-06 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-06 138680]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-01-24 131139]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-06 66872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-06 352920]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 DllSrv Service Controler;DllSrv Service Controler; C:\WINDOWS\system32\drivers\DllSrv.exe [2009-03-09 157696]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-24 918016]

-----------------EOF-----------------
0
Réponse 2 / 85
appel masqué
17 mars 2009 à 04:24
et voila l'info

info.txt logfile of random's system information tool 1.05 2009-03-17 14:07:43

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70800000002}
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Anti-Rootkit Free-->C:\Documents and Settings\user\Mes documents\AVG Anti-Rootkit Free\Uninstall.exe
DVD Region+CSS Free 5.9.7.9-->"C:\Program Files\DVD Region+CSS Free\unins000.exe"
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Free Sound Recorder-->C:\PROGRA~1\FREESO~1\UNWISE.EXE C:\PROGRA~1\FREESO~1\INSTALL.LOG
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFUE.inf
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
Nero 6 Demo-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PhotoPrinter 2.0 LE-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoPrinter LE\Uninst.isu"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
Samsung Media Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe" -l0x40c
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x40c -removeonly
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
YouTUBE (TM) movie downloader-->MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090205-1] (outdated)

System event log

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service DllSrv Service Controler est entré dans l'état : en cours d'exécution.

Record Number: 23387
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7031
Message: Le service DllSrv Service Controler s'est terminé de manière inattendue. Ceci s'est produit 6 fois. L'action corrective suivante va être effectuée dans 3000 millisecondes : Redémarrer le service.

Record Number: 23386
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: erreur
User:

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service DllSrv Service Controler est entré dans l'état : en cours d'exécution.

Record Number: 23385
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7031
Message: Le service DllSrv Service Controler s'est terminé de manière inattendue. Ceci s'est produit 5 fois. L'action corrective suivante va être effectuée dans 3000 millisecondes : Redémarrer le service.

Record Number: 23384
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: erreur
User:

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service DllSrv Service Controler est entré dans l'état : en cours d'exécution.

Record Number: 23383
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: Informations
User:

Application event log

Computer Name: USER-3393F246B5
Event Code: 102
Message: wuaueng.dll (2388) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 2042
Source Name: ESENT
Time Written: 20081030213147.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 100
Message: wuauclt (2388) Le moteur de base de données 5.01.2600.2180 est démarré.

Record Number: 2041
Source Name: ESENT
Time Written: 20081030213147.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 1000
Message: Application défaillante dmc3se.exe, version 1.0.0.0, module défaillant d3d9.dll, version 5.3.2600.2180, adresse de défaillance 0x000a725b.

Record Number: 2040
Source Name: Application Error
Time Written: 20081030202711.000000+660
Event Type: erreur
User:

Computer Name: USER-3393F246B5
Event Code: 4097
Message: L'application, C:\Program Files\CAPCOM\Devil May Cry 3 Special Edition\dmc3se.exe, a généré une erreur d'application
L'erreur s'est produite le 10/30/2008 à 20:27:10.093
L'exception générée était c0000005 à l'adresse 04686B39 (kavo0)

Record Number: 2039
Source Name: DrWatson
Time Written: 20081030202710.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 1000
Message: Application défaillante dmc3se.exe, version 1.0.0.0, module défaillant snd.drv, version 0.0.0.0, adresse de défaillance 0x00011cf8.

Record Number: 2038
Source Name: Application Error
Time Written: 20081030201145.000000+660
Event Type: erreur
User:

Security event log

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : SMB sur TCP

Numéro du port : 445

Protocole : TCP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 28503
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Service de session NetBIOS

Numéro du port : 139

Protocole : TCP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 28502
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Service de datagramme NetBIOS

Numéro du port : 138

Protocole : UDP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 28501
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Nom du service NetBIOS

Numéro du port : 137

Protocole : UDP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 28500
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Nom : Assistance à distance

Chemin d'accès : %windir%\system32\sessmgr.exe

État : Activé

Étendue : Tous les sous-réseaux

Record Number: 28499
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
Réponse 3 / 85
Utilisateur anonyme
17 mars 2009 à 08:42
bonjour :

Telecharge maintenant FindyKill (de Chiquitine29) sur ton bureau :


--> Lance l installation avec les parametres par default

--> Au menu principal,choisi l option 1 (Recherche)

--> Post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
0
Réponse 4 / 85
appel masqué
17 mars 2009 à 09:26
############################## [ FindyKill V4.720 ]

# User : user (Administrateurs) # USER-3393F246B5
# Update on 12/03/09 by Chiquitine29
# Start at: 19:24:17 | 17/03/2009

# AMD Sempron(tm) Processor 3000+
# Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Disabled
# AV : avast! antivirus 4.8.1335 [VPS 090205-1] 4.8.1335 [ Enabled | (!) Outdated ]

# A:\ # Lecteur de disquettes 3 « pouces
# C:\ # Disque fixe local # 29,29 Go (14,91 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque fixe local # 45,23 Go (28,32 Go free) # NTFS
# F:\ # Disque amovible # 969,73 Mo (551,39 Mo free) # FAT

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\drivers\DllSrv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\drivers\DllSrv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers / Dossiers infectieux C:\ ]


################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\system32 ]


################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\.. Application Data ... ]


################## [ Registre / Clés infectieuses ]



################## [ Recherche dans supports amovibles]


# Contenu de l'autorun : C:\autorun.inf

[AutoRun]
;
open=mpstxgx.exe
;0XesJo4ikawwsio74q2rw4swalq
shell\open\Command=mpstxgx.exe


# Contenu de l'autorun : E:\autorun.inf

[AutoRun]
;
open=mpstxgx.exe
;0XesJo4ikawwsio74q2rw4swalq
shell\open\Command=mpstxgx.exe


# Contenu de l'autorun : F:\autorun.inf

[autorun]
open=RECYCLER\S-3-6-22-3434476501-1644491937-600003330-1213\DllSrv.exe
icon=%SystemRoot%\system32\SHELL32.dll,4
action=Open folder to view files
shell\open=Open
shell\open\command=RECYCLER\S-3-6-22-3434476501-1644491937-600003330-1213\DllSrv.exe
shell\open\default=1
# Presence des fichiers :

Found ! [17/03/2009 11:40][-r-hs----] - C:\autorun.inf
Found ! [17/03/2009 11:40][-r-hs----] - E:\autorun.inf
Found ! [17/03/2009 19:24][-rahs----] - F:\autorun.inf

################## [ Registre / Mountpoint2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.720 ! ]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 85
Utilisateur anonyme
17 mars 2009 à 09:33
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir


--> Fais clic droit sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 2 (Suppression)


/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"

/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
0
Réponse 6 / 85
appel masqué
17 mars 2009 à 09:51
############################## [ FindyKill V4.720 ]

# User : user (Administrateurs) # USER-3393F246B5
# Update on 12/03/09 by Chiquitine29
# Start at: 19:44:17 | 17/03/2009

# AMD Sempron(tm) Processor 3000+
# Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Disabled
# AV : avast! antivirus 4.8.1335 [VPS 090205-1] 4.8.1335 [ Enabled | (!) Outdated ]

# A:\ # Lecteur de disquettes 3 « pouces
# C:\ # Disque fixe local # 29,29 Go (14,87 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque fixe local # 45,23 Go (28,32 Go free) # NTFS
# F:\ # Disque amovible # 969,73 Mo (551,39 Mo free) # FAT

############################## [ Active Processes ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\drivers\DllSrv.exe
C:\WINDOWS\system32\drivers\DllSrv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Infected Files / Folders C:\ ]


################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\system32 ]


################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\.. Application Data ... ]


################## [ Registry / Infected keys ]


################## [ Cleaning Removable drives ]

# Deleting files :

Deleted ! - C:\autorun.inf
Deleted ! - E:\autorun.inf
Deleted ! - F:\autorun.inf

################## [ Registry / Mountpoint2 ]

# -> Not found !

################## [ Searching Other Infections ]

# -> Nothing found.

################## [ ! End of Report # FindyKill V4.720 ! ]
0
Réponse 7 / 85
Utilisateur anonyme
17 mars 2009 à 09:53
ok

Passer de Avast à AntiVir :

Désinstalle via Ajout/Suppression de Programmes (si présents) :

* Avast!


Télécharge et exécute le Désinstalleur d'Avast!.:

Ceci effacera la majorité des traces du produit Avast! d'Alwil Software.

Télécharge Ccleaner sur ton Bureau. :

* Clique sur "download the latest version"
* Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

* Lance le Nettoyage
* Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

plus de precision sur la configuration de ccleaner te seront donnees plus tard


tuto : Comment utiliser CCleaner.
***************

Télécharge Antivir en Francais ou :Antivir en Francais sur ton Bureau.:



* Double clique sur l'exécutable téléchargé pour lancer l'installation.
* À la fin de l'installation, clique sur Finish.
* Ouvre Antivir, assure-toi qu’il soit bien à jour !
* Dans l'onglet Protection Locale, choisis Contrôler.
* Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
* Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
* Poste moi le rapport généré : Pour cela, clique sur l'onglet Aperçu, puis choisis Rapports, tu trouveras son rapport..
* Sélectionne le rapport et clique sur l'icône "Afficher le fichier de rapport du rapport sélectionné.


Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

Pourquoi changer ? :Avast Vs Antivir

Tuto Antivir: Comment installer et utiliser AntiVir.



Configuration de Antivir (Merci Nico) :

clic droit sur son icone dans la barre des taches et séléctionner Configurer Antivir.

cocher la case : Mode Expert.

=> Cliquer sur Scanner dans le volet de gauche :

> Dans "Fichiers" séléctionner Tous les fichiers.

> Dans procédure de recherche, cocher Autoriser l'arrêt, et dans "priorité scanner" séléctionner Elevé.

> Dans "Autres réglages" cocher toutes les cases.

NE SURTOUT PAS OUBLIER LA RECHERCHE DES ROOTKIT QUI EST TRES IMPORTANTE !

=> Cliquer sur "Recherche" dans le volet de gauche et appliquer les mêmes paramètres que précédemment.

=> Dérouler "Recherche" en cliquant sur le +. Cliquer sur "Heuristique" :

> Cocher "Heuristique de MacroVirus" et "Heuristique fichier Win32" avec degré d'indentification ELEVE !

=> Dans le volet de gauche, dérouler "Guard" puis dérouler "Recherche" :

> Cocher "Heuristique de MacroVirus" et "Heuristique fichier Win32" avec degré d'identification ELEVE !




0
Réponse 8 / 85
appel masqué
18 mars 2009 à 09:02
je pourré pa te posté le raport vu ke antivir reste planté sur un cheval de troi et un fichier indésirable ke je n'arive pa a éfacé le cheval de troi est dans c:/documents and settings/user/local settings/temp/loa6.tmp et le fichier indesirable dans c:/windows/system32/drivers/Dllsrv.exe a chaque foi antivir me prévien tou les 2 second a peu pré, donc le scan narrive pa jusko bou ke faire?
0
Réponse 9 / 85
appel masqué
18 mars 2009 à 09:07
j retir se ke g di il continu le scan
0
Réponse 10 / 85
appel masqué
18 mars 2009 à 10:15
Avira AntiVir Personal
Date de création du fichier de rapport : mercredi 18 mars 2009 19:36

La recherche porte sur 1305356 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 2) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : user
Nom de l'ordinateur :USER-3393F246B5

Informations de version :
BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 17/11/2008 22:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 03:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 02:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 03/07/2008 21:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 01:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 07:29:33
ANTIVIR2.VDF : 7.1.2.152 749568 Bytes 11/03/2009 07:29:38
ANTIVIR3.VDF : 7.1.2.183 189952 Bytes 17/03/2009 07:30:05
Version du moteur: 8.2.0.116
AEVDF.DLL : 8.1.1.0 106868 Bytes 18/03/2009 07:32:17
AESCRIPT.DLL : 8.1.1.63 364923 Bytes 18/03/2009 07:32:10
AESCN.DLL : 8.1.1.8 127346 Bytes 18/03/2009 07:31:42
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 03:58:38
AEPACK.DLL : 8.1.3.10 397686 Bytes 18/03/2009 07:31:34
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 18/03/2009 07:31:13
AEHEUR.DLL : 8.1.0.104 1634679 Bytes 18/03/2009 07:30:54
AEHELP.DLL : 8.1.2.2 119158 Bytes 18/03/2009 07:30:48
AEGEN.DLL : 8.1.1.29 336245 Bytes 18/03/2009 07:30:39
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 00:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 18/03/2009 07:30:14
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 00:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 08/07/2008 22:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 15/05/2008 23:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 02:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 01:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 11/02/2008 22:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 02:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 07:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 02:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 02:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 03/07/2008 21:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 00:08:43

Configuration pour la recherche actuelle :
Nom de la tâche..................: Recherche de Rootkits
Fichier de configuration.........: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Documentation....................: élevé
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Recherche dans les programmes actifs: arrêt
Recherche en cours sur l'enregistrement: arrêt
Recherche de Rootkits............: marche
Fichier mode de recherche........: Tous les fichiers
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: élevé
Paramètres étendus de recherche..: 0x00300922

Début de la recherche : mercredi 18 mars 2009 19:36

La recherche d'objets cachés commence.
HKEY_USERS\S-1-5-21-527237240-1004336348-725345543-1004\Software\SecuROM\License information\datasecu
[INFO] L'entrée d'enregistrement n'est pas visible.
HKEY_USERS\S-1-5-21-527237240-1004336348-725345543-1004\Software\SecuROM\License information\rkeysecu
[INFO] L'entrée d'enregistrement n'est pas visible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\BITS\stateindex
[INFO] L'entrée d'enregistrement n'est pas visible.
'315335' objets ont été contrôlés, '3' objets cachés ont été trouvés.

La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:'
C:\
ARKE.tmp
[RESULTAT] Contient le modèle de détection du dropper DR/Delphi.Gen
[AVERTISSEMENT] Erreur lors de la création d'une copie de sécurité du fichier. Le fichier n'a pas été supprimé. Code d'erreur : 26003
[AVERTISSEMENT] Impossible de supprimer le fichier!
[REMARQUE] Tentative en cours d'exécuter l'action à l'aide de la bibliothèque ARK.
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4bdad22c.qua' !
AUTOEXEC.BAT
boot.ini
Bootfont.bin
CONFIG.SYS
FindyKill.txt
INSTALL.LOG
IO.SYS
k8m1l3e9f4n7.exe
MSDOS.SYS
NTDETECT.COM
ntldr
pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmdata03.sqm
sqmdata04.sqm
sqmdata05.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm
sqmnoopt03.sqm
sqmnoopt04.sqm
sqmnoopt05.sqm
UNWISE.EXE
[0] Type d'archive: RSRC
--> Object
--> Object
C:\Documents and Settings\All Users\Application Data\
desktop.ini
C:\Documents and Settings\All Users\Application Data\Adobe\Acrobat\7.0\Replicate\Security\
directories.acrodata
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.1.1.5\
QuickTime.msi
C:\Documents and Settings\All Users\Application Data\Apple Computer\iTunes\SC Info\
SC Info.txt
C:\Documents and Settings\All Users\Application Data\Apple Computer\QuickTime\
QuickTime.qtp
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\
addr_file.html
AVWIN.INI
update.conf
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\EVENTDB\
avevtdb.dbe
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\
classic-nt-fr.info
master.idx
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\INFECTED\
48890ea4.qua
49f0a58c.qua
49f0a5ac.qua
49f0a5ca.qua
49f0a5fc.qua
49f0a61a.qua
49f0a62c.qua
49f0a754.qua
49f0ac35.qua
49f1a585.qua
49f2a573.qua
4a0bb373.qua
4a21a63b.qua
4a21a64d.qua
4a21aafe.qua
4a21ab01.qua
4a21ab03.qua
4a21ab05.qua
4a21ab08.qua
4a21ab11.qua
4a21ab12.qua
4a2ca57b.qua
4a2caff3.qua
4a2ead35.qua
4a30ae13.qua
4a30afbc.qua
4a32a5bf.qua
4a32a5c2.qua
4a32a5cf.qua
4a32a5d0.qua
4a32a5d2.qua
4a32a607.qua
4a32a60a.qua
4a32a60e.qua
4a32a61d.qua
4a32af91.qua
4bdad22c.qua
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\
produpd.avj
scanjob.avj
startupd.avj
updjob.avj
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\LOGFILES\
avguard.log
AVSCAN-20090318-183727-ABAB6392.LOG
AVSCAN-20090318-193654-A4A2720F.LOG
sched.log
setup.log
Upd-2009-03-18-18-28-00.log
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\
folder.avp
rootkit.avp
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\REPORTS\
643580d3.avl
ba225406.avl
C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVSCAN-20090318-193654-A4A24BA2\
002_006_ntuser.dat
002_007_usrclass.dat
002_default
002_software
002_system
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\
iPower.txt
ipower_1.txt
new.css
start.htm
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\dynamic\english\dv-entertainment\images\products\
dvd5.gif
pp2.gif
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\dynamic\english\event_2003\tic-tac-toe\images\
120x90.gif
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\english\dv-entertainment\images\
close.gif
heading-tutorials.gif
line-vertical-dots.gif
popup-bg.gif
popup-down.gif
popup-top.gif
whatisit-01.gif
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\english\dv-entertainment\images\banners\
i-power-01.gif
i-power-02.gif
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\english\dv-entertainment\images\links\
link-off_02.gif
link-off_04.gif
link-off_06.gif
link-off_07.gif
link-on_02.gif
link-on_04.gif
link-on_06.gif
link-on_07.gif
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\english\dv-entertainment\images\products\
dir.jpg
mshow.jpg
vcr.jpg
vlm.jpg
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\english\dv-entertainment\update-img\
bg-right.jpg
buy-update.gif
go.gif
index-top.gif
newsletter.gif
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\english\e-training\
e-training-css.css
C:\Documents and Settings\All Users\Application Data\CyberLink\PowerDVD\HTML\english\new_top\images\
arrow_2.gif
bottom_bg.gif
bottom_left.gif
bottom_right.gif
top_1.gif
top_2.gif
top_3.gif
C:\Documents and Settings\All Users\Application Data\DVD Shrink\
Analysis Results.3364bdd9
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\
ignore.dat
news.txt
rules.ref
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\
282a9fe766f51eaf08830686e83be2bb_ad301fa9-95bc-410c-a926-0a38d6ac75f3
2e9394b50d446b3f5def6845b3ee7f6c_ad301fa9-95bc-410c-a926-0a38d6ac75f3
31791066ddb4bef5795a8d7b596a386f_ad301fa9-95bc-410c-a926-0a38d6ac75f3
4cc43f46b67c8d49e82d01073cd9a96f_ad301fa9-95bc-410c-a926-0a38d6ac75f3
5b97eda1120d126033ac6a66af28cd1d_ad301fa9-95bc-410c-a926-0a38d6ac75f3
97d6f4f16f12caa19021f039b8a7f7f9_ad301fa9-95bc-410c-a926-0a38d6ac75f3
c3e58e776f94b7a23fc092364dc4d58c_ad301fa9-95bc-410c-a926-0a38d6ac75f3
e090b866e8cd8cb37689a8b98c24d316_ad301fa9-95bc-410c-a926-0a38d6ac75f3
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18\
6d14e4b1d8ca773bab785d1be032546e_ad301fa9-95bc-410c-a926-0a38d6ac75f3
d42cc0c3858a58db2db37658219e6400_ad301fa9-95bc-410c-a926-0a38d6ac75f3
C:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\
ppcrlconfig.dll
C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\
DefaultStore_59R.bin
UserMigratedStore_59R.bin
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\
sharedaccess.ini
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\
qmgr0.dat
qmgr1.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\
DocumentRepository.ico
MySharePoints.ico
MySite.ico
SharePointPortalSite.ico
SharePointTeamSite.ico
C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\
OPA12.BAK
opa12.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\
guest.bmp
Invité.bmp
user.bmp
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\Default Pictures\
airplane.bmp
astronaut.bmp
ball.bmp
beach.bmp
butterfly.bmp
car.bmp
cat.bmp
chess.bmp
dirt bike.bmp
dog.bmp
drip.bmp
duck.bmp
fish.bmp
frog.bmp
guitar.bmp
horses.bmp
kick.bmp
lift-off.bmp
palm tree.bmp
pink flower.bmp
red flower.bmp
skater.bmp
snowflake.bmp
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{1D165DCB-8D9E-4D24-B371-CE6BB631BA50}\PlayTasks\0\
Jouer.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{1D165DCB-8D9E-4D24-B371-CE6BB631BA50}\PlayTasks\1\
Enregistrer.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{1D165DCB-8D9E-4D24-B371-CE6BB631BA50}\PlayTasks\2\
LisezMoi.txt.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{1D165DCB-8D9E-4D24-B371-CE6BB631BA50}\PlayTasks\3\
Manuel du jeu.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{1D165DCB-8D9E-4D24-B371-CE6BB631BA50}\PlayTasks\4\
Outil de diagnostique.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{1D165DCB-8D9E-4D24-B371-CE6BB631BA50}\SupportTasks\0\
Page d'accueil.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{1D165DCB-8D9E-4D24-B371-CE6BB631BA50}\SupportTasks\1\
Aide technique.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{762BCA5F-BEEF-48F0-8EDE-166628A9029F}\PlayTasks\0\
Jouer.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{762BCA5F-BEEF-48F0-8EDE-166628A9029F}\PlayTasks\1\
Enregistrer.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{762BCA5F-BEEF-48F0-8EDE-166628A9029F}\PlayTasks\2\
LisezMoi.txt.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{762BCA5F-BEEF-48F0-8EDE-166628A9029F}\PlayTasks\3\
Manuel du jeu.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{762BCA5F-BEEF-48F0-8EDE-166628A9029F}\PlayTasks\4\
Outil de diagnostique.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{762BCA5F-BEEF-48F0-8EDE-166628A9029F}\SupportTasks\0\
Page d'accueil.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{762BCA5F-BEEF-48F0-8EDE-166628A9029F}\SupportTasks\1\
Aide technique.lnk
C:\Documents and Settings\All Users\Application Data\Microsoft Help\
Hx.hxn
Hx_1036_MKWD_K.HxW
Hx_1036_MKWD_NamedURL.HxW
Hx_1036_MTOC_Hx.HxH
Hx_1036_MValidator.HxD
Hx_1036_MValidator.Lck
MS.EXCEL.12.1036.hxn
MS.EXCEL.DEV.12.1036.hxn
MS.GRAPH.12.1036.hxn
MS.INFOPATH.12.1036.hxn
MS.INFOPATHEDITOR.12.1036.hxn
MS.MSACCESS.12.1036.hxn
MS.MSACCESS.DEV.12.1036.hxn
MS.MSE.12.1036.hxn
MS.MSE_LEGACY.12.1036.hxn
MS.MSPUB.12.1036.hxn
MS.MSPUB.DEV.12.1036.hxn
MS.MSTORE.12.1036.hxn
MS.OIS.12.1036.hxn
MS.OUTLOOK.12.1036.hxn
MS.OUTLOOK.DEV.12.1036.hxn
MS.POWERPNT.12.1036.hxn
MS.POWERPNT.DEV.12.1036.hxn
MS.RIBBON.12.1036.hxn
MS.SETLANG.12.1036.hxn
MS.VBE.DEV.12.1036.hxn
MS.WINWORD.12.1036.hxn
MS.WINWORD.12.1036_1036_MKWD_F.HxW
MS.WINWORD.12.1036_1036_MKWD_K.HxW
MS.WINWORD.12.1036_1036_MTOC_WINWORD_COL.HxH
MS.WINWORD.12.1036_1036_MValidator.HxD
MS.WINWORD.12.1036_1036_MValidator.Lck
MS.WINWORD.DEV.12.1036.hxn
nslist.hxl
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\
collection.ini
ipxml.xml
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\
04B3EC9B2B5945A1B7AFC5FAFC297401_icon48.png
04B3EC9B2B5945A1B7AFC5FAFC297401_more.jpg
1163D2B46CC742E5A3CC9E4157887751_icon24.png
1163D2B46CC742E5A3CC9E4157887751_icon48.png
1163D2B46CC742E5A3CC9E4157887751_more.jpg
1D5BFC86FB85431BA61248FDB2467411_icon24.png
1D5BFC86FB85431BA61248FDB2467411_icon48.png
1D5BFC86FB85431BA61248FDB2467411_more.jpg
255C51D095C54906957414065F77891F_icon24.png
255C51D095C54906957414065F77891F_icon48.png
255C51D095C54906957414065F77891F_more.jpg
309A3493ECA544CA8B9BCF7A7010A687_icon48.png
40E74BFD69174D7FB489C85D9E586824_icon24.png
40E74BFD69174D7FB489C85D9E586824_icon48.png
40E74BFD69174D7FB489C85D9E586824_more.jpg
70A769DCB31D4D59AE936EAC08D29EE4_icon24.png
70A769DCB31D4D59AE936EAC08D29EE4_icon48.png
70A769DCB31D4D59AE936EAC08D29EE4_more.jpg
7B5560BB781B40259A06350E9B643B6E_icon24.png
7B5560BB781B40259A06350E9B643B6E_icon48.png
7B5560BB781B40259A06350E9B643B6E_more.jpg
823837D034CA4FC58C73C7108F00081E_icon24.png
823837D034CA4FC58C73C7108F00081E_icon48.png
823837D034CA4FC58C73C7108F00081E_more.jpg
903CB56BA52F42478957BE8314837A86_icon24.png
903CB56BA52F42478957BE8314837A86_icon48.png
903CB56BA52F42478957BE8314837A86_more.jpg
906D8ACBEDCF4F9ABA608DE65965F0A9_icon48.png
906D8ACBEDCF4F9ABA608DE65965F0A9_more.jpg
90F9407DF16A48EAA743527F2C290774_icon24.png
90F9407DF16A48EAA743527F2C290774_icon48.png
90F9407DF16A48EAA743527F2C290774_more.jpg
949EE48A2F8C4069AEF3E13209CA7141_icon24.png
949EE48A2F8C4069AEF3E13209CA7141_icon48.png
949EE48A2F8C4069AEF3E13209CA7141_more.jpg
98A0BBBC7A784F6286AC9B44E1803EAA_icon48.png
98A0BBBC7A784F6286AC9B44E1803EAA_more.jpg
A5D98C699A4049D0A43C1136F38B1B07_icon48.png
A5D98C699A4049D0A43C1136F38B1B07_more.jpg
A64E72D796E944EBA048AA1312AC2827_icon48.png
C528FFB1B9EC473792CF67849E25EDB6_icon24.png
C528FFB1B9EC473792CF67849E25EDB6_icon48.png
C528FFB1B9EC473792CF67849E25EDB6_more.jpg
D7E0BD9120244BECAFE569CC68AACC75.png
D7E0BD9120244BECAFE569CC68AACC75_icon48.png
D7E0BD9120244BECAFE569CC68AACC75_more.jpg
E12C95FCBD1240FEAE314D89676CA6F8_icon48.png
E12C95FCBD1240FEAE314D89676CA6F8_more.jpg
F35E193DC3E84933B83DE961D9AC33BF_icon24.png
F35E193DC3E84933B83DE961D9AC33BF_icon48.png
F35E193DC3E84933B83DE961D9AC33BF_more.jpg
~Please do not delete files from this folder
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\Categories\
Business.png
Collaboration.png
Community.png
Expression.png
Featured.png
GameChannel.png
GreetingCards.png
Manage.png
MostPopular.png
MyPlugins.png
New.png
Productivity.png
RemoteAccess.png
Utilities.png
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\
collection.ini
Game List.swf
[0] Type d'archive: SWC
--> Object
Handler.png
HandlerInfo.dat
icon24.png
icon48.png
ipxml.xml
Local.png
named_strings.mlsxml
PickGame.htm
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\
01E408B224F44A85B5C58CEAFA619E53_icon48.png
01E408B224F44A85B5C58CEAFA619E53_thumb135x80.jpg
164368FE9051439A8E8FB3FE5730FC7C_icon48.png
164368FE9051439A8E8FB3FE5730FC7C_thumb135x80.jpg
2E06D5039B734EE8A1244F34184BD499_icon48.png
2E06D5039B734EE8A1244F34184BD499_thumb135x80.jpg
4F1BD5DFF96D4A6E8765C9CDBC7E132E_icon48.png
4F1BD5DFF96D4A6E8765C9CDBC7E132E_thumb135x80.jpg
6BD422D51C4342F2B6B8AB37C42AA17B_icon48.png
6BD422D51C4342F2B6B8AB37C42AA17B_thumb135x80.jpg
7FF10FD1D9E1467181402A0155363CB2_icon24.png
7FF10FD1D9E1467181402A0155363CB2_icon48.png
7FF10FD1D9E1467181402A0155363CB2_more.jpg
7FF10FD1D9E1467181402A0155363CB2_more.png
7FF10FD1D9E1467181402A0155363CB2_thumb135x80.jpg
8CA38853EAF74A618812B5185704FA72_icon48.png
8CA38853EAF74A618812B5185704FA72_thumb135x80.jpg
ABC0C93967AD43098E0382FD5EA9DFE1_icon48.png
ABC0C93967AD43098E0382FD5EA9DFE1_thumb135x80.jpg
C5094D21049946CC8CCB397AAB28817A_icon48.png
C5094D21049946CC8CCB397AAB28817A_thumb135x80.jpg
C7D94334204347AEBB0F776ED21C7F29_icon48.png
C7D94334204347AEBB0F776ED21C7F29_thumb135x80.jpg
DE3FAACAE2834545AADAAE424244F5D8_icon48.png
DE3FAACAE2834545AADAAE424244F5D8_thumb135x80.jpg
EB659AD2FCC647F38E82982293E1663C_icon48.png
EB659AD2FCC647F38E82982293E1663C_thumb135x80.jpg
EF40E569ACCA4FA3A41083BA475C2102_icon24.png
EF40E569ACCA4FA3A41083BA475C2102_icon48.png
EF40E569ACCA4FA3A41083BA475C2102_more.jpg
EF40E569ACCA4FA3A41083BA475C2102_more.png
EF40E569ACCA4FA3A41083BA475C2102_thumb135x80.jpg
~Please do not delete files from this folder
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\
Configuration.ini
Statistics.ini
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\
Bots.sbe
Cookies.sbe
FileExt.sbe
Links.sbe
Single.sbe
SystemInternals.sbe
UpdateDL.sbe
WaitFor.sbe
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\
Checks.090224-1857.log
Checks.090224-1907.txt
Checks.090226-2044.log
Checks.090226-2044.txt
Checks.090307-2024.log
Checks.090307-2025.log
Checks.090307-2025.txt
Checks.090307-2032.txt
Checks.090309-0926.log
Checks.090309-0934.txt
Checks.090309-1006.log
Checks.090309-1006.txt
Checks.090309-1056.log
Checks.090309-1112.txt
Checks.090309-1214.log
Checks.090309-1216.log
Checks.090309-1216.txt
Checks.090309-1220.txt
Checks.090309-2351.log
Checks.090309-2351.txt
Checks.090310-2103.log
Checks.090310-2104.txt
Checks.090311-1750.log
Checks.090311-1753.txt
Fixes.090224-1938.txt
Fixes.090307-2037.txt
Fixes.090309-0934.txt
Fixes.090309-1006.txt
Fixes.090309-1113.txt
Fixes.090309-1220.txt
Include errors.log
Update downloads.log
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\
Overview.ini
C:\Documents and Settings\All Users\Application Data\Ulead Systems\
ulead32.ini
C:\Documents and Settings\All Users\Application Data\Ulead Systems\Ulead Burn.Now\1.5\
U32BASE.CFG
U32FILE.CFG
UBS.ini
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage\data\
data.dat
C:\Documents and Settings\All Users\Documents\
desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\
Desktop.ini
C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\12722B\
01_Music_auto_rated_at_5_stars.wpl
02_Music_added_in_the_last_month.wpl
03_Music_rated_at_4_or_5_stars.wpl
04_Music_played_in_the_last_month.wpl
05_Pictures_taken_in_the_last_month.wpl
06_Pictures_rated_4_or_5_stars.wpl
07_TV_recorded_in_the_last_week.wpl
08_Video_rated_at_4_or_5_stars.wpl
09_Music_played_the_most.wpl
10_All_Music.wpl
11_All_Pictures.wpl
12_All_Video.wpl
C:\Documents and Settings\All Users\Documents\Ma musique\Échantillons de musique\
AlbumArtSmall.jpg
AlbumArt_{E201F44C-B9E2-490F-9ED7-0976E9DA2EA5}_Large.jpg
AlbumArt_{E201F44C-B9E2-490F-9ED7-0976E9DA2EA5}_Small.jpg
AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Large.jpg
AlbumArt_{EFFDEB51-C913-4EE1-8B2A-C80112057955}_Small.jpg
desktop.ini
Folder.jpg
Nouvelles histoires (le blues de l'autoroute).wma
Symphonie n° 9 de Beethoven (scherzo).wma
Thumbs.db
C:\Documents and Settings\All Users\Documents\Mes images\
Desktop.ini
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\
Collines.jpg
Coucher de soleil.jpg
desktop.ini
Hiver.jpg
Nénuphars.jpg
Thumbs.db
C:\Documents and Settings\All Users\Documents\Mes vidéos\
Desktop.ini
C:\Documents and Settings\All Users\DRM\
drmstore.hds
DRMv1.bak
DRMv1.key
drmv2.lic
drmv2.sst
migration.log
v3ks.bla
v3ks.sec
C:\Documents and Settings\All Users\DRM\Cache\
Indiv01.tmp
C:\Documents and Settings\All Users\Menu Démarrer\
Catalogue Windows.lnk
Configurer les programmes par défaut.lnk
desktop.ini
Windows Update.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\
Adobe Reader 7.0.lnk
desktop.ini
Windows Live Messenger.lnk
Windows Messenger.lnk
Windows Movie Maker.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\
Calculatrice.lnk
desktop.ini
Paint.lnk
WordPad.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Accessibilité\
Assistant Accessibilité.lnk
desktop.ini
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\
Assistant Configuration du réseau.lnk
Assistant Nouvelle connexion.lnk
Assistant Réseau sans fil.lnk
Connexion Bureau à distance.lnk
Connexions réseau.lnk
desktop.ini
HyperTerminal.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Divertissement\
Contrôle du volume.lnk
desktop.ini
Magnétophone.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Outils système\
Activation de Windows.lnk
Assistant Transfert de fichiers et de paramètres.lnk
Centre de sécurité.lnk
desktop.ini
Défragmenteur de disque.lnk
Informations système.lnk
Nettoyage de disque.lnk
Restauration du système.lnk
Table des caractères.lnk
Tâches planifiées.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVir PersonalEdition Classic\
Aide AntiVir.lnk
Avira AntiVir Personal sur Internet.lnk
Démarrer Avira AntiVir Personal.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ArcSoft PhotoPrinter LE\
PhotoPrinter 2.0 LE.lnk
ReadMe.lnk
Register & Upgrade.lnk
Uninstall.lnk
Visit PhotoIsland.com.lnk
Web Services.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG Anti-Rootkit Free\
AVG Anti-Rootkit Free.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CyberLink PowerDVD\
Aide de PowerDVD.lnk
Diagnostique système.lnk
Désinstallez PowerDVD.lnk
Inscription en ligne.lnk
Lisezmoi.lnk
PowerDVD.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DVD Region+CSS Free\
DVD Region+CSS Free Help.lnk
DVD Region+CSS Free Online.lnk
DVD Region+CSS Free.lnk
Uninstall DVD Region+CSS Free.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
desktop.ini
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux\
Atout Pique sur Internet.lnk
Backgammon sur Internet.lnk
Dame de pique sur Internet.lnk
Dame de Pique.lnk
desktop.ini
Démineur.lnk
Freecell.lnk
Jeu de dames sur Internet.lnk
Pinball.lnk
Reversi sur Internet.lnk
Solitaire.lnk
Spider Solitaire.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\
Désinstaller Malwarebytes' Anti-Malware.lnk
Malwarebytes' Anti-Malware Help.lnk
Malwarebytes' Anti-Malware.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office\
Microsoft Office Access 2007.lnk
Microsoft Office Excel 2007.lnk
Microsoft Office InfoPath 2007.lnk
Microsoft Office Outlook 2007.lnk
Microsoft Office PowerPoint 2007.lnk
Microsoft Office Publisher 2007.lnk
Microsoft Office Word 2007.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office\Outils Microsoft Office\
Bibliothèque multimédia Microsoft.lnk
Certificat numérique pour les projets VBA.lnk
Microsoft Office 2007 Paramètres de langue.lnk
Microsoft Office Diagnostics.lnk
Microsoft Office Picture Manager.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox\
Mozilla Firefox (Mode sans échec).lnk
Mozilla Firefox.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\
Nero StartSmart.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\Manuels d'Utilisation\
Nero BackItUp [Aide en anglais].lnk
Nero BackItUp [Aide en français].lnk
Nero Burning ROM [Aide en anglais].lnk
Nero Burning ROM [Aide en français].lnk
Nero Cover Designer [Aide en anglais].lnk
Nero Cover Designer [Aide en français].lnk
Nero Express [Aide en anglais].lnk
Nero Express [Aide en français].lnk
Nero SoundTrax [Aide en anglais].lnk
Nero SoundTrax [Aide en français].lnk
Nero Wave Editor [Aide en anglais].lnk
Nero Wave Editor [Aide en français].lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\Nero 6 Demo\
Nero BackItUp.lnk
Nero Burning ROM.lnk
Nero Cover Designer.lnk
Nero Express.lnk
Nero ImageDrive.lnk
Nero SoundTrax.lnk
Nero Wave Editor.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\Nero Toolkit\
Nero CD-DVD Speed.lnk
Nero DriveSpeed.lnk
Nero InfoTool.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration\
Analyseur de performances.lnk
desktop.ini
Gestion de l'ordinateur.lnk
Observateur d'événements.lnk
Services de composants.lnk
Services.lnk
Sources de données (ODBC).lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PhotoFiltre\
Désinstaller PhotoFiltre.lnk
Informations sur PhotoFiltre.lnk
Informations sur PhotoMasque.lnk
PhotoFiltre.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime\
Désinstaller QuickTime.lnk
PictureViewer.lnk
QuickTime Player.lnk
À propos de QuickTime.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Samsung\Samsung Media Studio 5\
Samsung Media Studio5.lnk
Uninstall Samsung Media Studio 5.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SoundMAX\
Aide.lnk
AudioWizard.lnk
Panneau de configuration.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spybot - Search & Destroy\
Spybot - Search & Destroy.lnk
Uninstall Spybot - Search & Destroy.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN\
Documentation.lnk
Release Notes.lnk
VideoLAN Website.lnk
VLC media player.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN\Quick Settings\
Reset VLC media player preferences and cache files.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN\Quick Settings\Audio\
Set Audio mode to DirectX (default).lnk
Set Audio mode to Waveout.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN\Quick Settings\Interface\
Set Main Interface to Skinnable.lnk
Set Main Interface to wxWidgets (default).lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN\Quick Settings\Video\
Set Video mode to Direct3D (no hardware acceleration).lnk
Set Video mode to Direct3D.lnk
Set Video mode to DirectX (no hardware acceleration).lnk
Set Video mode to DirectX (no video overlay).lnk
Set Video mode to DirectX.lnk
Set Video mode to OpenGL.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\XviD\
Configure Decoder.lnk
Configure Encoder.lnk
INet-Doom9's XviD Forum.lnk
INet-Koepi's Homepage (Updates).lnk
INet-XviD Homepage.lnk
Koepi's OGMCalc.lnk
Nic's FourCC changer.lnk
Nic's MiniCalc.lnk
Release Notes.lnk
Some quantization matrices.lnk
StatsReader 2.1.lnk
StatsReader Notes.lnk
Uninstall XviD.lnk
Vidc.Cleaner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\YouTUBE (TM) movie downloader\
FENERIS tech.lnk
Uninstall YouTUBE (TM) movie downloader.lnk
YouTubeDownloader.lnk
C:\Documents and Settings\Default User\
NTUSER.DAT
NtUser.dat.LOG
C:\Documents and Settings\Default User\Application Data\
desktop.ini
C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\
brndlog.bak
brndlog.txt
C:\Documents and Settings\Default User\Cookies\
index.dat
C:\Documents and Settings\Default User\Local Settings\
desktop.ini
C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Media Player\
CurrentDatabase_59R.wmdb
C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows Media\9.0\
WMSDKNS.DTD
WMSDKNS.XML
C:\Documents and Settings\Default User\Local Settings\Historique\
desktop.ini
C:\Documents and Settings\Default User\Local Settings\Historique\History.IE5\
desktop.ini
index.dat
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\
desktop.ini
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\
desktop.ini
index.dat
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\CVETOLAX\
desktop.ini
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OGLJWKX2\
desktop.ini
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\P9NCTK4O\
desktop.ini
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\Q3EJETKZ\
desktop.ini
C:\Documents and Settings\Default User\Menu Démarrer\
desktop.ini
C:\Documents and Settings\Default User\Menu Démarrer\Programmes\
Assistance à distance.lnk
desktop.ini
C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Accessoires\
Assistant Compatibilité des programmes.lnk
Bloc-notes.lnk
desktop.ini
Explorateur Windows.lnk
Invite de commandes.lnk
Synchroniser.lnk
Visite guidée de Windows XP.lnk
C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Accessoires\Accessibilité\
Clavier visuel.lnk
desktop.ini
Gestionnaire d'utilitaires.lnk
Loupe.lnk
C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Accessoires\Divertissement\
desktop.ini
C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\
desktop.ini
C:\Documents and Settings\Default User\Modèles\
amipro.sam
excel.xls
excel4.xls
lotus.wk4
powerpnt.ppt
presenta.shw
quattro.wb2
sndrec.wav
winword.doc
winword2.doc
wordpfct.wpd
wordpfct.wpg
C:\Documents and Settings\Default User\SendTo\
Bureau (créer un raccourci).DeskLink
desktop.ini
Destinataire.MAPIMail
Dossier compressé.ZFSendToTarget
C:\Documents and Settings\Invité\
NTUSER.DAT
NtUser.dat.LOG
ntuser.ini
C:\Documents and Settings\Invité\Application Data\
desktop.ini
C:\Documents and Settings\Invité\Application Data\Microsoft\CryptnetUrlCache\Content\
A44F4E7CB3133FF765C39A53AD8FCFDD
C:\Documents and Settings\Invité\Application Data\Microsoft\CryptnetUrlCache\MetaData\
A44F4E7CB3133FF765C39A53AD8FCFDD
C:\Documents and Settings\Invité\Application Data\Microsoft\Internet Explorer\
brndlog.bak
brndlog.txt
Desktop.htt
C:\Documents and Settings\Invité\Application Data\Microsoft\Internet Explorer\Quick Launch\
Bureau.scf
desktop.ini
Démarrer Internet Explorer.lnk
C:\Documents and Settings\Invité\Application Data\Microsoft\Protect\
CREDHIST
C:\Documents and Settings\Invité\Application Data\Microsoft\Protect\S-1-5-21-527237240-1004336348-725345543-501\
db01718a-81de-4b9d-811c-be12aeed04bb
Preferred
C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\
pluginreg.dat
profiles.ini
C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\uo7tgcps.default\
bookmarks.bak
bookmarks.html
cert8.db
compatibility.ini
compreg.dat
cookies.txt
extensions.cache
extensions.ini
extensions.rdf
formhistory.dat
history.dat
key3.db
kf.txt
localstore.rdf
mimeTypes.rdf
prefs.js
search.rdf
search.sqlite
secmod.db
signons.txt
urlclassifier2.sqlite
xpti.dat
C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\uo7tgcps.default\bookmarkbackups\
bookmarks-2009-03-09.html
C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\uo7tgcps.default\chrome\
userChrome-example.css
userContent-example.css
C:\Documents and Settings\Invité\Application Data\vlc\
vlcrc
C:\Documents and Settings\Invité\Application Data\vlc\cache\
CACHEDIR.TAG
plugins-04041e.dat
C:\Documents and Settings\Invité\Bureau\
Internet Explorer.lnk
mes documents.lnk
Poste de travail.lnk
Raccourci vers Internet.lnk
Windows Media Player.lnk
Windows Messenger.lnk
C:\Documents and Settings\Invité\Bureau\Ma musique\
Desktop.ini
Échantillons de musique.lnk
C:\Documents and Settings\Invité\Bureau\Mes images\
Desktop.ini
Échantillons d'images.lnk
C:\Documents and Settings\Invité\Cookies\
index.dat
C:\Documents and Settings\Invité\Favoris\
Desktop.ini
C:\Documents and Settings\Invité\Favoris\Liens\
Personnaliser les liens.url
C:\Documents and Settings\Invité\Favoris\Sites Web Microsoft\
Internet Explorer 7 - Présentation rapide.url
Site Internet Explorer sur Microsoft.com.url
Windows Marketplace.url
C:\Documents and Settings\Invité\Local Settings\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Application Data\
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
IconCache.db
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Feeds Cache\
desktop.ini
index.dat
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Feeds Cache\4PA0ZZZ6\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Feeds Cache\L35HHUI9\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Feeds Cache\L7NQOM78\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Feeds Cache\PJZKSBZ5\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Internet Explorer\
brndlog.bak
brndlog.txt
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Media Player\
CurrentDatabase_59R.wmdb
wmdbexport.xml
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Windows\
UsrClass.dat
UsrClass.dat.LOG
C:\Documents and Settings\Invité\Local Settings\Application Data\Microsoft\Windows Media\9.0\
WMSDKNS.DTD
WMSDKNS.XML
C:\Documents and Settings\Invité\Local Settings\Application Data\Mozilla\Firefox\Profiles\uo7tgcps.default\
XPC.mfl
XUL.mfl
C:\Documents and Settings\Invité\Local Settings\Application Data\Mozilla\Firefox\Profiles\uo7tgcps.default\Cache\
0C814697d01
529EEA03d01
62BCB5B0d01
664B068Dd01
788A5D1Ad01
8FACC0CDd01
9845C983d01
C9A39FD4d01
E188692Ed01
E721F560d01
_CACHE_001_
_CACHE_002_
_CACHE_003_
_CACHE_MAP_
C:\Documents and Settings\Invité\Local Settings\Historique\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Historique\History.IE5\
desktop.ini
index.dat
C:\Documents and Settings\Invité\Local Settings\Historique\History.IE5\MSHist012009030920090310\
index.dat
C:\Documents and Settings\Invité\Local Settings\Temp\
wmsetup.log
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5\
desktop.ini
index.dat
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5\CVETOLAX\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5\OGLJWKX2\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5\P9NCTK4O\
desktop.ini
C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5\Q3EJETKZ\
desktop.ini
C:\Documents and Settings\Invité\Menu Démarrer\
desktop.ini
C:\Documents and Settings\Invité\Menu Démarrer\Programmes\
Assistance à distance.lnk
desktop.ini
Outlook Express.lnk
C:\Documents and Settings\Invité\Menu Démarrer\Programmes\Accessoires\
Assistant Compatibilité des programmes.lnk
Bloc-notes.lnk
Carnet d'adresses.lnk
desktop.ini
Explorateur Windows.lnk
Invite de commandes.lnk
Synchroniser.lnk
Visite guidée de Windows XP.lnk
C:\Documents and Settings\Invité\Menu Démarrer\Programmes\Accessoires\Accessibilité\
Clavier visuel.lnk
desktop.ini
Gestionnaire d'utilitaires.lnk
Loupe.lnk
C:\Documents and Settings\Invité\Menu Démarrer\Programmes\Accessoires\Divertissement\
desktop.ini
C:\Documents and Settings\Invité\Menu Démarrer\Programmes\Accessoires\Outils système\
Internet Explorer (sans module complémentaire).lnk
C:\Documents and Settings\Invité\Menu Démarrer\Programmes\Démarrage\
desktop.ini
C:\Documents and Settings\Invité\Mes documents\
desktop.ini
C:\Documents and Settings\Invité\Modèles\
amipro.sam
excel.xls
excel4.xls
lotus.wk4
powerpnt.ppt
presenta.shw
quattro.wb2
sndrec.wav
winword.doc
winword2.doc
wordpfct.wpd
wordpfct.wpg
C:\Documents and Settings\Invité\Recent\
Desktop.ini
Symphonie n° 9 de Beethoven (scherzo).lnk
Échantillons de musique.lnk
C:\Documents and Settings\Invité\SendTo\
Bureau (créer un raccourci).DeskLink
desktop.ini
Destinataire.MAPIMail
Dossier compressé.ZFSendToTarget
Mes documents.mydocs
C:\Documents and Settings\LocalService\
NTUSER.DAT
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
ntuser.dat.LOG
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
ntuser.ini
C:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\
udhisapi.dll
C:\Documents and Settings\LocalService\Cookies\
index.dat
C:\Documents and Settings\LocalService\Local Settings\
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\
wpdlog00.sqm
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\
UsrClass.dat
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
UsrClass.dat.LOG
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\LocalService\Local Settings\Historique\
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\
desktop.ini
index.dat
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\
index.dat
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\
desktop.ini
index.dat
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\3YI5C3UQ\
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\CBEAHXYY\
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\H1CBQA5W\
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\U7DDHFGA\
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\
desktop.ini
index.dat
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\
desktop.ini
index.dat
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0XAZKT67\
c1234[1].exe
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0XY7C1UJ\
desktop.ini
number[1].asp
wpad[1].dat
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8PE7KHMR\
desktop.ini
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8PMFC5AB\
desktop.ini
C:\Documents and Settings\NetworkService\
NTUSER.DAT
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
ntuser.dat.LOG
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
ntuser.ini
C:\Documents and Settings\NetworkService\Cookies\
index.dat
C:\Documents and Settings\NetworkService\Local Settings\
desktop.ini
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\
UsrClass.dat
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
UsrClass.dat.LOG
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\NetworkService\Local Settings\Historique\
desktop.ini
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\
desktop.ini
index.dat
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\
desktop.ini
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\
desktop.ini
index.dat
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\09U9V4YB\
desktop.ini
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\9JFG72XB\
desktop.ini
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MORLL7A7\
desktop.ini
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YNGT832P\
desktop.ini
C:\Documents and Settings\user\
.fonts.cache-1
NTUSER.DAT
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
ntuser.dat.LOG
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
ntuser.ini
C:\Documents and Settings\user\.gimp-2.2\
colorrc
controllerrc
documents
menurc
parasiterc
pluginrc
sessionrc
templaterc
themerc
toolrc
unitrc
C:\Documents and Settings\user\Application Data\
AVSDVDPlayer.m3u
desktop.ini
C:\Documents and Settings\user\Application Data\Adobe\Acrobat\7.0\
AdobeCMapFnt07.lst
AdobeSysFnt07.lst
JSADM.exv
UserCache.bin
C:\Documents and Settings\user\Application Data\Adobe\Acrobat\7.0\Collab\
RSS
C:\Documents and Settings\user\Application Data\Adobe\Acrobat\7.0\JavaScripts\
glob.settings.js
C:\Documents and Settings\user\Application Data\Adobe\Acrobat\7.0\Preferences\
AutoFillDefaults.dat
defaultHeuristics.dat
C:\Documents and Settings\user\Application Data\Adobe\Acrobat\7.0\Updater\
udlog.txt
udstore.js
C:\Documents and Settings\user\Application Data\Apple Computer\iTunes\
iTunesPrefs.xml
C:\Documents and Settings\user\Application Data\Cool Record Edit Pro\
Favorite.dat
MRUList.dat
Shortcut.dat
system.dat
C:\Documents and Settings\user\Application Data\dvdcss\
CACHEDIR.TAG
C:\Documents and Settings\user\Application Data\Free Sound Recorder\
frsystem.dat
C:\Documents and Settings\user\Application Data\Macromedia\Flash Player\#SharedObjects\3ERNKU6S\broadcast.piximedia.fr\
piximedia.sol
C:\Documents and Settings\user\Application Data\Macromedia\Flash Player\#SharedObjects\3ERNKU6S\static.youporn.com\
com.etology.flvplayer.sol
C:\Documents and Settings\user\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\
settings.sol
C:\Documents and Settings\user\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#broadcast.piximedia.fr\
settings.sol
C:\Documents and Settings\user\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.youporn.com\
settings.sol
C:\Documents and Settings\user\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\
mbam-log-2009-03-17 (12-08-53).txt
C:\Documents and Settings\user\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\
BACKUP1.80623
BACKUP4.31275
QUAR1.80623
C:\Documents and Settings\user\Application Data\Microsoft\Clip Organizer\
mstore10.mgc
Offic10.MGC
C:\Documents and Settings\user\Application Data\Microsoft\CryptnetUrlCache\Content\
0897206B35294097C3660E62BCDB227C
2BF68F4714092295550497DD56F57004
3C19F8F5C2A69BEC912EF5B953293907
3C83474D61E624A4F9844DF935AFE217
60E31627FDA0A46932B0E5948949F2A5
696F3DE637E6DE85B458996D49D759AD
71644221AC231DBD2359C18EBB2118DC
7B2238AACCEDC3F1FFE8E7EB5F575EC9
A44F4E7CB3133FF765C39A53AD8FCFDD
A8FABA189DB7D25FBA7CAC806625FD30
C571B417AAF1F617555A0486AB3F5361
E6024EAC88E6B6165D49FE3C95ADD735
C:\Documents and Settings\user\Application Data\Microsoft\CryptnetUrlCache\MetaData\
0897206B35294097C3660E62BCDB227C
2BF68F4714092295550497DD56F57004
3C19F8F5C2A69BEC912EF5B953293907
3C83474D61E624A4F9844DF935AFE217
60E31627FDA0A46932B0E5948949F2A5
696F3DE637E6DE85B458996D49D759AD
71644221AC231DBD2359C18EBB2118DC
7B2238AACCEDC3F1FFE8E7EB5F575EC9
A44F4E7CB3133FF765C39A53AD8FCFDD
A8FABA189DB7D25FBA7CAC806625FD30
C571B417AAF1F617555A0486AB3F5361
E6024EAC88E6B6165D49FE3C95ADD735
C:\Documents and Settings\user\Application Data\Microsoft\Crypto\RSA\S-1-5-21-527237240-1004336348-725345543-1004\
f58155b4b1d5a524ca0261c3ee99fb50_ad301fa9-95bc-410c-a926-0a38d6ac75f3
C:\Documents and Settings\user\Application Data\Microsoft\Document Building Blocks\1036\
Building Blocks.dotx
[0] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> word/_rels/document.xml.rels
--> word/document.xml
--> word/footnotes.xml
--> word/footer3.xml
--> word/header3.xml
--> word/endnotes.xml
--> word/theme/theme1.xml
--> word/media/image4.gif
--> word/media/image5.jpeg
--> word/media/image6.gif
--> word/media/image7.gif
--> word/media/image3.gif
--> word/media/image2.jpeg
--> word/media/image1.jpeg
--> word/glossary/document.xml
--> word/settings.xml
--> word/glossary/_rels/document.xml.rels
--> word/glossary/settings.xml
--> docProps/app.xml
--> word/webSettings.xml
--> docProps/custom.xml
--> word/fontTable.xml
--> word/styles.xml
--> word/glossary/fontTable.xml
--> word/glossary/styles.xml
--> word/glossary/webSettings.xml
--> docProps/core.xml
C:\Documents and Settings\user\Application Data\Microsoft\HTML Help\
hh.dat
[0] Type d'archive: CHM
--> /Program Files/Alwil Software/Avast4/French/Help/ChecklistSimple.chm/avast! - simple
--> /WINDOWS/super.chm/Main
--> /WINDOWS/Help/wordpad.chm/windefault
--> /WINDOWS/Help/mshearts.chm/windefault
--> /Program Files/DVD Region+CSS Free/DVDRegionFree.chm/DVDRegionFree
--> /WINDOWS/Help/wmp11.chm/main
--> /WINDOWS/Help/sol.chm/windefault
--> /WINDOWS/Help/NTHelp.chm/windefault
--> /WINDOWS/Help/freecell.chm/windefault
--> /Program Files/Spybot - Search & Destroy/Help/English.chm/$Lee
--> /Program Files/Alwil Software/Avast4/French/Help/Help.chm/default
--> /WINDOWS/Help/iexplore.chm/iedefault
--> /DOCUME~1/user/LOCALS~1/Temp/Rᅢᄅpertoire temporaire 2 pour RootkitRevealer.zip/RootkitRevealer.chm/NewWindow
--> /PROGRA~1/FREESO~1/user.chm/win
C:\Documents and Settings\user\Application Data\Microsoft\IdentityCRL\production\
ppcrlconfig.dll
C:\Documents and Settings\user\Application Data\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\
ARPPRODUCTICON.exe
C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\
brndlog.bak
brndlog.txt
Desktop.htt
C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\
AntiVir PE Classic.lnk
CCleaner.lnk
Cool Record Edit Pro.lnk
Corbeille.lnk
desktop.ini
Démarrer Internet Explorer.lnk
FindyKill.lnk
Free Sound Recorder.lnk
image.lnk
Ma musique.lnk
Malwarebytes' Anti-Malware.lnk
Mes documents.lnk
Mes vidéos.lnk
Mozilla Firefox.lnk
Nero StartSmart.lnk
Poste de travail.lnk
QuickTime Player.lnk
Spybot - Search & Destroy.lnk
Windows Live Messenger.lnk
Windows Media Player.lnk
C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\UserData\
index.dat
C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\UserData\N02KDMJ8\
Tdy58[1].xml
C:\Documents and Settings\user\Application Data\Microsoft\Office\
CLView12.pip
Excel12.pip
fbc8.tmp
MSO0127.acl
MSO1036.acl
MSOut12.pip
OrgDB12.pip
PowerP12.pip
Word12.pip
C:\Documents and Settings\user\Application Data\Microsoft\Protect\
CREDHIST
C:\Documents and Settings\user\Application Data\Microsoft\Protect\S-1-5-21-527237240-1004336348-725345543-1004\
10054774-4d4e-4868-8847-372b54c958f4
32286275-3e46-47b2-b04e-c6e77eb061ad
3c4ca2b0-fca2-4a3d-aafb-98d6e752afb3
43830dd6-269a-4867-ad29-0aba303e6513
4f0c7ced-1a7c-4f89-a76b-23922d66733a
fd1635e2-523d-4fea-a8a3-5aab4817035c
Preferred
C:\Documents and Settings\user\Application Data\Microsoft\Templates\
Normal.dotm
[0] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> word/_rels/document.xml.rels
--> word/document.xml
--> word/theme/theme1.xml
--> word/settings.xml
--> word/glossary/settings.xml
--> word/glossary/_rels/document.xml.rels
--> word/glossary/document.xml
--> word/fontTable.xml
--> docProps/app.xml
--> word/webSettings.xml
--> word/styles.xml
--> word/glossary/fontTable.xml
--> word/glossary/webSettings.xml
--> word/glossary/styles.xml
--> docProps/core.xml
C:\Documents and Settings\user\Application Data\Microsoft\UProof\
CUSTOM.DIC
ExcludeDictionaryEN0409.lex
ExcludeDictionaryEN0809.lex
ExcludeDictionaryFR040c.lex
C:\Documents and Settings\user\Application Data\Microsoft\Windows\Themes\
Custom.theme
C:\Documents and Settings\user\Application Data\Microsoft\Word\
ListGal.dat
C:\Documents and Settings\user\Application Data\Mozilla\Firefox\
pluginreg.dat
profiles.ini
C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Crash Reports\
InstallTime2008120122
UserID
C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lr1216v7.default\
blocklist.xml
bookmarks.bak
bookmarks.html
bookmarks.html.sbsd.bak
cert8.db
compatibility.ini
compreg.dat
content-prefs.sqlite
cookies.sqlite
downloads.sqlite
extensions.cache
extensions.ini
extensions.rdf
formhistory.sqlite
key3.db
kf.txt
localstore.rdf
mimeTypes.rdf
permissions.sqlite
places.sqlite
pluginreg.dat
prefs.js
search.rdf
search.sqlite
secmod.db
signons2.txt
signons3.txt
urlclassifier2.sqlite
urlclassifierkey3.txt
webappsstore.sqlite
xpti.dat
C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lr1216v7.default\bookmarkbackups\
bookmarks-2009-03-13.html
bookmarks-2009-03-14.html
bookmarks-2009-03-16.html
bookmarks-2009-03-16.json
bookmarks-2009-03-17.json
bookmarks-2009-03-18.json
C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\lr1216v7.default\chrome\
userChrome-example.css
userContent-example.css
C:\Documents and Settings\user\Application Data\SecuROM\UserData\
readme.txt
securom_v7_01.bak
securom_v7_01.dat
securom_v7_01.tmp
ЃϵϳЅЂϿϽϯІχϯπρϴϱЄϱЃϵϳЅ
ЃϵϳЅЂϿϽϯІχϯπρЂϻϵЉЃϵϳЅ
C:\Documents and Settings\user\Application Data\Skype\
shared.lck
shared.xml
C:\Documents and Settings\user\Application Data\Spore\
EditorSaves.package
GraphicsCache.package
Planets.package
Pollination.package
RigblockInfo.package
C:\Documents and Settings\user\Application Data\Spore\Games\Game0\
EditorOfflineUser.db
GGEUserData.dat
lastSave.pld
Markhe.spo
planetRecords.pkp
planetRecords.pkt
PlanetScripts.pld
snapshot.spo
stars.db
terre.spo
C:\Documents and Settings\user\Application Data\Spore\Games\Game0.old\
complete
GGEUserData.dat
Markhe.spo
planetRecords.pkp
planetscripts.pld
snapshot.spo
stars.db
terre.spo
valid
C:\Documents and Settings\user\Application Data\Spore\Preferences\
login.prop
Preferences.prop
C:\Documents and Settings\user\Application Data\Spore\Temp\
SP1223641113.evt
C:\Documents and Settings\user\Application Data\Ulead Systems\Ulead Burn.Now\1.5\
BurnStar.INI
C:\Documents and Settings\user\Application Data\vlc\
vlcrc
C:\Documents and Settings\user\Application Data\vlc\cache\
CACHEDIR.TAG
plugins-04041e.dat
C:\Documents and Settings\user\Contacts\
Desktop.ini
C:\Documents and Settings\user\Contacts\ichiki.31.dante@live.fr\
1D019B2E-E547-490A-94D0-822C5DB21
0
Réponse 11 / 85
appel masqué
18 mars 2009 à 10:19
--> ASPECT.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> ORIEL.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideMasters/slideMaster1.xml
--> MEDIAN.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/presentation.xml
--> theme/_rels/presentation.xml.rels
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/media/image1.jpeg
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/theme/themeThumbnail.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/media/image2.jpeg
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> VERVE.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> TECHNIC.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/theme/_rels/themeManager.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> docProps/thumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideMasters/slideMaster1.xml
--> theme/slideLayouts/slideLayout5.xml
--> URBAN.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideMasters/slideMaster1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout6.xml
--> FOUNDRY.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideMasters/slideMaster1.xml
--> OPULENT.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/_rels/slideLayout1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideMasters/slideMaster1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout7.xml
--> EQUITY.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> CIVIC.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/presentation.xml
--> theme/_rels/presentation.xml.rels
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/media/image1.jpeg
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/theme/themeThumbnail.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/media/image2.jpeg
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> theme/slideLayouts/slideLayout7.xml
--> FLOW.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideMasters/slideMaster1.xml
--> SOLSTICE.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> APEX.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> MODULE.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> METRO.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideMasters/slideMaster1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout5.xml
--> PAPER.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/presentation.xml
--> theme/_rels/presentation.xml.rels
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/media/image1.jpeg
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/theme/themeThumbnail.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/media/image2.jpeg
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> ORIGIN.THMX
[1] Type d'archive: ZIP
--> [Content_Types].xml
--> _rels/.rels
--> theme/_rels/presentation.xml.rels
--> theme/presentation.xml
--> theme/slideLayouts/_rels/slideLayout11.xml.rels
--> theme/slideMasters/_rels/slideMaster1.xml.rels
--> theme/slideLayouts/slideLayout10.xml
--> theme/slideLayouts/slideLayout8.xml
--> theme/slideLayouts/slideLayout9.xml
--> theme/slideLayouts/slideLayout1.xml
--> theme/slideLayouts/slideLayout4.xml
--> theme/slideLayouts/slideLayout2.xml
--> theme/slideLayouts/slideLayout6.xml
--> theme/slideLayouts/slideLayout7.xml
--> theme/slideLayouts/slideLayout5.xml
--> theme/theme/_rels/theme1.xml.rels
--> theme/theme/themeManager.xml
--> theme/theme/theme1.xml
--> theme/media/image1.jpeg
--> docProps/thumbnail.jpeg
--> theme/theme/themeThumbnail.jpeg
--> theme/theme/auxiliaryThemeThumbnail.jpeg
--> theme/theme/_rels/themeManager.xml.rels
--> theme/slideLayouts/slideLayout11.xml
--> theme/slideLayouts/slideLayout3.xml
--> theme/slideMasters/slideMaster1.xml
--> OARTCONV.DLL
--> OFFDIAG.EXE_0001
--> OFFICEBUTTON.GIF_0001
--> OFFICELOGO.GIF_0001
--> ODSERV.EXE_0001
--> OGL.DLL
--> OFFICE.ODF
--> OMSXP32.DLL
--> OMSMAIN.DLL
--> ORGCHART.EXE
--> OLSIDESHOW.DLL
--> OLCTLPOL.DLL
--> OLCTLPOL.CFG
--> SSGEN.DLL
--> MLCFG32.CPL_0001
--> CNFNOT32.EXE_0004
--> CONTAB32.DLL
--> DUMPSTER.DLL
--> EMSMDB32.DLL_0005
--> BJABLR32.DLL
--> EMABLT32.DLL
--> OLMAPI32.DLL
--> MSPST32.DLL_0004
--> PSTPRX32.DLL
--> SCANOST.EXE
--> SCNPST32.DLL
--> SCNPST64.DLL
--> SCANPST.EXE_0002
--> YAHOOPL.XML
--> YAHOOCA.XML
--> YAHOOUK.XML
--> WANS.XML
--> YAHOONO.XML
--> YAHOOPH.XML
--> BTI.XML
--> YAHOOKR.XML
--> YAHOOIT.XML
--> NLROGERS.XML
--> YAHOOJP.XML
--> SWBELL.XML
--> YAHOODK.XML
--> FLASH.XML
--> YAHOOAU.XML
--> YAHOODE.XML
--> YAHOOES.XML
--> ROGERS.XML
--> PRODIGY.XML
--> YAHOO.XML
--> YAHOOBR.XML
--> YAHOOMY.XML
--> YAHOOIN.XML
--> TALK21.XML
--> YAHOOSG.XML
--> SNET.XML
--> NVBELL.XML
--> YAHOONZ.XML
--> YAHOOHK.XML
--> YAHOOSE.XML
--> YAHOOIE.XML
--> YAHOOFR.XML
--> SBCGLOB.XML
--> YAHOOAR.XML
--> AMERNET.XML
--> YAHOOVN.XML
--> YAHOOCN.XML
--> YAHOOMX.XML
--> YAHOOID.XML
--> BTO.XML
--> PACBELL.XML
--> YAHOOTW.XML
--> YAHOOCJP.XML
--> YAHOOTH.XML
--> OUTLPOL.DLL
--> OUTLPOL.CFG
--> PPTPOL.DLL
--> PPTPOL.CFG
--> PPSLAX.DLL
--> MYSL.ICO
--> MSPTLS.DLL_0001
--> EMAIL.XML
--> POSTCNEW.XML
--> QPNEW.XML
--> BIZCNEW.XML
--> GIFT.XML
--> NEWSNEW.XML
--> FLYERNEW.XML
--> ENVNEW.XML
--> PROGRAM.XML
--> QP.XML
--> EMAILNEW.XML
--> ENVELOPE.XML
--> NEWS.XML
--> CALENDAR.XML
--> GREETING.XML
--> WITHCOMP.XML
--> SIGN.XML
--> AD.XML
--> INVITE.XML
--> MAIN.XML
--> CATALOG.XML
--> CATNEW.XML
--> CERT.XML
--> WORDREP.XML
--> LETTHEAD.XML
--> RESUME.XML
--> POSTCARD.XML
--> LETTHNEW.XML
--> BANNER.XML
--> BROCHURE.XML
--> BIZFORM.XML
--> FOLDPROJ.XML
--> BIZCARD.XML
--> WEBPAGE.XML
--> LABEL.XML
--> MENU.XML
--> BROCHNEW.XML
--> FLYER.XML
--> WEBNEW.XML
--> QP.DPV
--> CATALOG.DPV
--> WORDREP.DPV
--> ENVELOPE.DPV
--> CALENDAR.DPV
--> BROCHURE.DPV
--> LABEL.DPV
--> FLYER.DPV
--> GREETING.DPV
--> WEBPAGE.DPV
--> BIZCARD.DPV
--> LETTHEAD.DPV
--> POSTCARD.DPV
--> EMAIL.DPV
--> NEWS.DPV
--> INVITE.DPV
--> BIZFORM.DPV
--> FOLDPROJ.DPV
--> AD.DPV
--> MENU.DPV
--> BANNER.DPV
--> WITHCOMP.DPV
--> PROGRAM.DPV
--> SIGN.DPV
--> GIFT.DPV
--> RESUME.DPV
--> CERT.DPV
--> DGWEBPQT.DPV
--> DGPUNCT.DPV
--> DGTOC.DPV
--> DGCHKBRD.DPV
--> DGNAVBAR.DPV
--> DGPICCAP.DPV
--> DGBOXES.DPV
--> DGZIP.DPV
--> DGSIDEBR.DPV
--> DGTEAR.DPV
--> DGWEBHD.DPV
--> DGMASTHD.DPV
--> DGCOUPON.DPV
--> DGCAL.DPV
--> DGATNGET.DPV
--> DGDOTS.DPV
--> DGACCBAR.DPV
--> DGWEBSBR.DPV
--> DGLOGO.DPV
--> DGMARQ.DPV
--> DGREPFRM.DPV
--> DGPQUOT.DPV
--> DGACCBOX.DPV
--> DGBORDER.DPV
--> DGBARBLL.DPV
--> DGWEBCAL.DPV
--> DGWEBBTN.DPV
--> DGAD.DPV
--> DGLINACC.DPV
--> DGCOUPON.XML
--> DGWEBPQT.XML
--> DGACCBOX.XML
--> DGCHKBRD.XML
--> DGBARBLL.XML
--> DGAD.XML
--> DGCAL.XML
--> DGLOGO.XML
--> DGWEBCAL.XML
--> DGTOC.XML
--> DGWEBHD.XML
--> DGWEBAD.XML
--> DGMASTHD.XML
--> DGWEBBTN.XML
--> DGPICCAP.XML
--> DGZIPC.XML
--> DGMAIN.XML
--> DGPUNCT.XML
--> DGBORDER.XML
--> DGACCBAR.XML
--> DGDOTS.XML
--> DGSIDEBR.XML
--> DGWEBREF.XML
--> DGNAVBAR.XML
--> DGATNGET.XML
--> DGLINACC.XML
--> DGREPFRM.XML
--> DGTEAR.XML
--> DGPQUOT.XML
--> DGMARQ.XML
--> DGWEBSBR.XML
--> DGBOXES.XML
--> PUBPOL.DLL
--> PUBPOL.CFG
--> OFFRHD.DLL
--> MSSOAP30.DLL
--> WISC30.DLL
--> PORTCONN.DLL
--> COLLIMP.DLL
--> VPREVIEW.EXE
--> VVIEWDWG.DLL
--> VVIEWER.DLL
--> AUTHOR2XML.XSL
--> AUTHOR2STRING.XSL
--> AUTHOR.XSL
--> TAG.XSL
--> TITLE.XSL
--> YEAR.XSL
--> GOSTTITLE.XSL
--> GOSTNAME.XSL
--> TURABIAN.XSL
--> ISO690NMERICAL.XSL
--> MLA.XSL
--> GB.XSL
--> APA.XSL
--> SIST02.XSL
--> CHICAGO.XSL
--> ISO690.XSL
--> WWLIB.DLL
--> MML2OMML.XSL
--> OMML2MML.XSL
--> WORDPOL.DLL
--> WORDPOL.CFG
--> WRD12CNV.DLL
--> WRD12EXE.EXE
--> WRD12PXY.CNV
--> WRD12CVR.DLL
--> IPDESIGN.DLL
--> IPEDITOR.DLL
--> INFOPATH.PIP
--> IPDMCTRL.DLL
--> IPOMPERM.DLL
--> IPFORMCT.DLL
--> IPOLK.DLL
--> IPFRMCTL.DLL
--> IPOMSEC.DLL
--> IPOMHOST.DLL
--> IPOMINT.DLL
--> IPOMSHRD.DLL
--> IPOMSHDG.DLL
--> IPOMSHDG.XML
--> IPOMSHRR.XML
--> IPOMSHRR.DLL
--> IPTARGET.DLL
--> IPCLRWRP.DLL
--> IPPIAPOL.DLL
--> IPPIAPOL.CFG
--> IPIRM.XML
--> IPIRMV.XML
--> REGFORM.EXE
[1] Type d'archive: RSRC
--> Object
--> Object
--> Object
--> Object
--> Object
--> Object
--> Object
--> Object
--> Object
--> IPVSTA.DLL
--> IPXMLPOL.DLL
--> IPXMLPOL.CFG
--> XL12CNV.EXE
--> XLCPRTID.XML
--> XL12CNVP.DLL
--> OFFOWC.DLL
--> OSE.EXE
--> coloader_tlb_2________.3643236F_FC70_11D3_A536_0090278A1BB8
--> coloader_dll_2_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_pdm_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mdm_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> ansi_atl80.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
--> ul_ATL80.dll.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
--> manifest.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
--> catalog.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
--> ul_manifest.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
--> ul_catalog.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
--> ATL80.dll.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
--> nosxs_ATL80.dll.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
--> ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> manifest.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> catalog.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> ul_manifest.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> ul_catalog.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> msvcp80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> msvcm80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> ul_msvcp80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> ul_msvcm80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> nosxs_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> nosxs_msvcp80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> nosxs_msvcm80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
--> ul_mfc80CHS.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> manifest.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> catalog.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_manifest.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_catalog.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80CHS.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80CHT.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80ESP.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80ENU.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80DEU.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80FRA.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80ITA.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80JPN.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> mfc80KOR.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfc80CHT.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfc80ESP.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfc80ENU.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfc80DEU.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfc80FRA.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfc80ITA.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfc80JPN.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfc80KOR.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80CHS.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80CHT.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80ESP.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80ENU.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80DEU.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80FRA.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80ITA.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80JPN.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> nosxs_mfc80KOR.dll.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
--> ul_mfcm80.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> manifest.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> catalog.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> ul_manifest.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> ul_catalog.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> mfcm80.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> mfc80u.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> mfc80.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> mfcm80u.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> ul_mfc80u.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> ul_mfc80.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> ul_mfcm80u.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> nosxs_mfcm80.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> nosxs_mfc80u.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> nosxs_mfc80.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> nosxs_mfcm80u.dll.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
--> ul_manifest.66332652_9C28_58B1_FF1F_C8B3B9A1E18E
--> manifest.66332652_9C28_58B1_FF1F_C8B3B9A1E18E
--> catalog.66332652_9C28_58B1_FF1F_C8B3B9A1E18E
--> ul_catalog.66332652_9C28_58B1_FF1F_C8B3B9A1E18E
--> ul_manifest.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E
--> manifest.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E
--> catalog.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E
--> ul_catalog.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E
--> ul_manifest.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E
--> manifest.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E
--> catalog.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E
--> ul_catalog.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E
--> ul_manifest.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E
--> manifest.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E
--> catalog.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E
--> ul_catalog.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E
--> FL_msdbg2_dll_____X86.3643236F_FC70_11D3_A536_9320CF055186
--> FL_scriptle2_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_sdm2_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_cpdejit_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsdebug_dll_____X86.3643236F_FC70_11D3_A536_9320CF055186
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142112________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142114________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142773_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142774_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142776_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142768_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_System_AddIn_dll_142778_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142111_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142113_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTAProject_dll_142118_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142116_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTAClientPkg_dll_142120_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTADTEProvider_tlb_142129________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsta_exe_config_142122________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsta_exe_manifest_142124________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsta_prf_142125________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTA_vssettings_142128________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsta_ico_142186________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTADTEProvider_Interop_dll_142135_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTADTEProvider_Interop_dll_142131_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTADTEProvider_dll_142134_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTADTEProvider_dll_142130_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsta_exe_142123_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vstamnu_dll_142126_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTARemotingServer_tlb_142138________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142483_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142136_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142137_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_System_AddIn_Contract_dll_142486_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_System_Automation_Runtime_dll_142141_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Tools_Applicatio_142142_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_atl70_dll_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_atl70_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_schema_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_service_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_disco_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Compsvcspkg_dll_____X86.3643236F_FC70_11D3_A536_9320CF055186
--> FL_msvcr71_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msvcr70_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msvcp70_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_CSSMetaDataSchema_xml_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_csspkg_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> dao.dll.D0DF3458_A845_11D3_8D0A_0050046416B9
--> FL_ctxmsc_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ctxwiz_opn_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ctxmac_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ctxwiz_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ctxhelp_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ctxtrain_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ctxdoc_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ctxtrain_cls_gif________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_context_html________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_def_ctx_xml________.3643236F_FC70_11D3_A536_9320CF055186
--> FL_xsdschema_xsd________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_nscp40_xsd________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_nsc40dom_tlb________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_html40_xsd________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_htm40dom_tlb________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_htm32dom_tlb________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_asp_xsd________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_adrotator_xsd________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_wshmeta_xsd________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_html32_xsd________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_htmdlgs_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_tridsn_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_htmed_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> mscomctl.dll.D0DF3458_A845_11D3_8D0A_0050046416B9
--> stdole_dll_5_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> stdole_dll_4_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> Microsoft_stdformat_dll_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_stdformat_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> Microsoft_mshtml_dll_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_mshtml_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> msdatasrc_dll_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msdatasrc_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> adodb_dll_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_adodb_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSTeamCore_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vstlbinf_dll_____X86.3643236F_FC70_11D3_A536_9320CF055186
--> FL_Visualui_TTF________.3643236F_FC70_11D3_A536_9320CF055186
--> FL_cmddef_dll_____X86.3643236F_FC70_11D3_A536_9320CF055186
--> FL_msenv_dll_____X86.3643236F_FC70_11D3_A536_9320CF055186
--> FL_vsbrowse_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_al_urt_config_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_al_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_AxImp_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_VSContentInstall_133635_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_VSContentInstall_133634_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSContentInstaller_exe_118327_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_topband_jpg________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_watermark_uddi_jpg________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_watermark_jpg________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Compsvcspkg_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> Visualui_TTF_1________.3643236F_FC70_11D3_A536_0090278A1BB8
--> cmddef_dll_3_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_custsat_dll_113793_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> msenv_dll_3_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vslog_dll_113791_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_WizardFramework_dll_114528_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_WizardFrameworkVS_dll_114523_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_contextp_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msenvp_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_TextMgrP_dll_127743_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Zip_dll_118328_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_WizardFramework_dll_122546_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msenv2p_dll_74877_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msenv80p_dll_99825_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_microsoft_visualstudio_commonide_dll_73729_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSCryptoInfo_dll_118326_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VsLogP_dll_112099_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsext_olb________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vshelp_tlb________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dte_olb_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dte80_olb_66832_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vshelp80_tlb_103585_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsmso_olb_109238_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Visualui_TTF________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msenv_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_cmddef_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_TemplateWizardIn_134968_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_ExportTemplate_d_118333_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_TemplateWizard_d_134969_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_TemplateWizardIn_134970_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_WizardFramework_dll_114516_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_WizardFrameworkVS_dll_114520_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_cscodemodelextensibility_tlb_127755________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_Vsa_dll_141616________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_Data_ConnectionUI_Dialog_dll_111251_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_Data_ConnectionUI_dll_111250_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> VSWizardFramework_DLL_2_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Configuration_dl_66782_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_ConfigurationUI__66791_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> microsoft.visualstudio.designer.interfaces_dll_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Design_dll_66783_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Package_Language_91915_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Windows_Forms_dl_66786_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_microsoft_visualstudio_dll_80044_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ProjectAggregator_dll_116250_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_UserControlTestContainer_exe_103441_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Shell_dll_66851_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Shell_Design_dll_66852_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dexplore_prf_81002________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dexplore_exe_manifest_93351________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dexplmnu_dll_74904_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dexplore_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dexplore_urt_config_80059_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dirprj_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_extensibility_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> extensibility_dll_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dteproperties_tlb_80994________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_def_ctx_xml________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_envdte80_dll_74860_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_envdte80_dll_74859_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_stdole_dll_120562_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dte_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> envdte_dll_2_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_gacutil_exe_config________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vssln_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ildasm_exe_config________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_lc_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Shell_dll_134983_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_ProjectAggregato_116251_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_ManagedInterface_109376_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_MSBuildConversion_dll_67854_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_Build_Conversion_dll_134718_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mscorcfg_msc_132199________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mscormmc11_cfg_132202________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mscorcfg_dll_132200_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mscorcfg_dll_133588_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mscormmc11_dll_132201_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> mscoree_lib_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_CommandBars_dll_109236_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_CommandBars_dll_109235_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_hxvz_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> restempl_rct_1________.3643236F_FC70_11D3_A536_0090278A1BB8
--> bitmap_bmp_3________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_NewFileItemsEX_VSDIR_113429________.3643236F_FC70_11D3_A536_0090278A1BB8
--> cursor_cur_2________.3643236F_FC70_11D3_A536_0090278A1BB8
--> icon_ico_3________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_compluslm_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_RequiredPermissions_dll_93392_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_PEVerify_exe_config________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_PEVerify_exe_config_142184________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_PEVerify_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_PEVerify_exe_142183_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ResGen_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_sgen_exe_94980_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_dsref80_dll_101364_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_CapiCom_dll_141190_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_signtool_exe_102951_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> MS.VS.vspGridControl.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspSmo.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspSmoEnum.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspSqlEnum.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspConnectionInfo.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspBatchParser.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspWmiEnum.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspServiceBrokerEnum.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspSqlTDiagM.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> MS.VS.vspRegSvrEnum.dll.27F9E354_F6F7_44D7_9637_42C9575D0C37
--> FL_TlbExp_exe_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_TlbRef_dll_91955_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> TlbImp_exe_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vstlbinf_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msvb7_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msvbprj_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VBCodeModelExtensibility_tlb_118357________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_DirControl_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_CSharp_Options_d_92880_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_CSharp_Services__81071_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_csformatui_dll_76089_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mscspkg_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_cscompee_dll_66417_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_csiface_tlb_96884________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vcsharpextensibilitylib_tlb_102952________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_csproj_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VsWebSite_Interop_dll_107305_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VsWebSite_Interop_dll_122119_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vdt70_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Viddbpkg_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_DataTools_dll_74681_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_DataTools_Intero_74682_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_MakeZipExe_exe_134934_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_ToolBoxControlIn_133954_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_ZipExeStub_exe_134932_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Data_Interop_dll_81209_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Data_dll_81208_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_coloader80_dll_128691_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_coloader80_tlb_128927_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_cpde_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Debugger_dll_93167_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Debugger_DataSet_93196_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msenc71_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_encmgr_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msdis150_dll_72778_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mspdb71_dll_2_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mspdbcore_dll_92167_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_mspdbsrv_exe_92168_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_shmetapdb_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsdebug_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_microsoft_msxml_dll_74908_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VSDesigner_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Editors_dll_73559_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsprojhostproc_tlb_74438_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_sqldbg_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_VSHelp_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_VSHelp_dll_106668_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_VSHelp80_dll_103586_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_VSHelp80_dll_106669_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_HostingProcess_U_119583_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_HostingProcess_U_119581_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_HostingProcess_U_119584_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_HostingProcess_U_119582_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vshost_exe_72659_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vshost32_exe_107776_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Debugger_Interop_d_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_microsoft_visualstudio_shell_interop_8__73678_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_microsoft_visualstudio_textmanager_inte_73679_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_OLE_Interop_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_Shell_Interop_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_Microsoft_VisualStudio_TextManager_Intero_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vslangproj2_olb_134945_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSLangProj2_dll_93705_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSLangProj2_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSLangProj80_dll_96424_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vslangproj80_olb_134946_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSLangProj80_dll_96423_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vslangproj_olb_134944_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSLangProj_dll_93704_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> VSLangProj_dll_1_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSLauncher_exe_manifest_134937________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_msenvico_dll_107782_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSFileHandler_dll_99812_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VSLauncher_exe_99813_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_custsat_dll_81006_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vslog_dll_113994_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vsp_dll_134444_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vcwiz_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_VxExtensibilitylib2_tlb________.3643236F_FC70_11D3_A536_0090278A1BB8
--> FL_vxext
0
Réponse 12 / 85
appel masqué
18 mars 2009 à 10:42
je v essayé de refaire un scan demain parce ke la g pa le temp mé le rappor est un pe lent vu ke g poster pour linstan moin du quart du raport
0
Réponse 13 / 85
Utilisateur anonyme
18 mars 2009 à 15:31
hello :



Télécharge Superantispyware (SAS)

Choisis "enregistrer" et enregistre-le sur ton bureau.

Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

Créé une icône sur le bureau.

Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

- Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
- Sous Configuration and Preferences, clique sur le bouton "Preferences"
- Clique sur l'onglet "Scanning Control "
- Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining
- Laisse les autres lignes décochées.

- Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

- Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

Dans la colonne de gauche, coche C:\Fixed Drive.

Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"

Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

Pour recopier les informations sur le forum, fais ceci :

- après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
- Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
- Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.

- Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

- Copie son contenu dans ta réponse.


Regarde bien le tuto SUPERAntiSpyware il est très bien expliqué.





0
Réponse 14 / 85
appel masqué
20 mars 2009 à 09:46
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 03/20/2009 at 07:19 PM

Application Version : 4.25.1014

Core Rules Database Version : 3806
Trace Rules Database Version: 1761

Scan type : Complete Scan
Total Scan Time : 00:16:31

Memory items scanned : 475
Memory threats detected : 0
Registry items scanned : 4662
Registry threats detected : 0
File items scanned : 3528
File threats detected : 36

Adware.Tracking Cookie
C:\Documents and Settings\user\Cookies\user@serving-sys[2].txt
C:\Documents and Settings\user\Cookies\user@bs.serving-sys[1].txt
C:\Documents and Settings\Invité\Cookies\invité@3479.stats.misstrends[2].txt
C:\Documents and Settings\Invité\Cookies\invité@1123.stats.misstrends[2].txt
C:\Documents and Settings\Invité\Cookies\invité@flvtools.spacash[2].txt
C:\Documents and Settings\Invité\Cookies\invité@citedusexe[2].txt
C:\Documents and Settings\Invité\Cookies\invité@acces-adulte[2].txt
C:\Documents and Settings\Invité\Cookies\invité@mrsexe[2].txt
C:\Documents and Settings\Invité\Cookies\invité@www.gigatopsexe[1].txt
C:\Documents and Settings\Invité\Cookies\invité@aimfar.solution.weborama[1].txt
C:\Documents and Settings\Invité\Cookies\invité@eas.apm.emediate[2].txt
C:\Documents and Settings\Invité\Cookies\invité@bs.serving-sys[2].txt
C:\Documents and Settings\Invité\Cookies\invité@weborama[1].txt
C:\Documents and Settings\Invité\Cookies\invité@879.stats.misstrends[2].txt
C:\Documents and Settings\Invité\Cookies\invité@www.rabbitfinder[1].txt
C:\Documents and Settings\Invité\Cookies\invité@doubleclick[2].txt
C:\Documents and Settings\Invité\Cookies\invité@top-adulte[2].txt
C:\Documents and Settings\Invité\Cookies\invité@xiti[1].txt
C:\Documents and Settings\Invité\Cookies\invité@ideal-sexe[2].txt
C:\Documents and Settings\Invité\Cookies\invité@www.sexegaulois[2].txt
C:\Documents and Settings\Invité\Cookies\invité@1217.stats.misstrends[1].txt
C:\Documents and Settings\Invité\Cookies\invité@revsci[1].txt
C:\Documents and Settings\Invité\Cookies\invité@nextag[2].txt
C:\Documents and Settings\Invité\Cookies\invité@cetelem.solution.weborama[2].txt
C:\Documents and Settings\Invité\Cookies\invité@www.mister-sexe-gratuit[2].txt
C:\Documents and Settings\Invité\Cookies\invité@803.stats.misstrends[1].txt
C:\Documents and Settings\Invité\Cookies\invité@msnportal.112.2o7[1].txt
C:\Documents and Settings\Invité\Cookies\invité@smartadserver[1].txt
C:\Documents and Settings\Invité\Cookies\invité@foufounette.acces-adulte[1].txt
C:\Documents and Settings\Invité\Cookies\invité@accesporno[1].txt
C:\Documents and Settings\Invité\Cookies\invité@bluestreak[1].txt
C:\Documents and Settings\Invité\Cookies\invité@ad.yieldmanager[2].txt
C:\Documents and Settings\Invité\Cookies\invité@atdmt[1].txt
C:\Documents and Settings\Invité\Cookies\invité@www.citedusexe[1].txt
C:\Documents and Settings\Invité\Cookies\invité@serving-sys[2].txt
C:\Documents and Settings\Invité\Cookies\invité@www.gros-penis[1].txt
0
Réponse 15 / 85
Utilisateur anonyme
20 mars 2009 à 16:18
ok salut renvoie le log.txt de rsit stp (nouvelle analyse)
0
Réponse 16 / 85
appel masqué
20 mars 2009 à 22:49
info.txt logfile of random's system information tool 1.05 2009-03-17 14:07:43

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70800000002}
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Anti-Rootkit Free-->C:\Documents and Settings\user\Mes documents\AVG Anti-Rootkit Free\Uninstall.exe
DVD Region+CSS Free 5.9.7.9-->"C:\Program Files\DVD Region+CSS Free\unins000.exe"
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Free Sound Recorder-->C:\PROGRA~1\FREESO~1\UNWISE.EXE C:\PROGRA~1\FREESO~1\INSTALL.LOG
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFUE.inf
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
Nero 6 Demo-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PhotoPrinter 2.0 LE-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoPrinter LE\Uninst.isu"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
Samsung Media Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe" -l0x40c
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x40c -removeonly
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
YouTUBE (TM) movie downloader-->MsiExec.exe /X{2F8BE445-D14C-40E2-AF62-E43539FD1500}

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090205-1] (outdated)

System event log

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service DllSrv Service Controler est entré dans l'état : en cours d'exécution.

Record Number: 23387
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7031
Message: Le service DllSrv Service Controler s'est terminé de manière inattendue. Ceci s'est produit 6 fois. L'action corrective suivante va être effectuée dans 3000 millisecondes : Redémarrer le service.

Record Number: 23386
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: erreur
User:

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service DllSrv Service Controler est entré dans l'état : en cours d'exécution.

Record Number: 23385
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7031
Message: Le service DllSrv Service Controler s'est terminé de manière inattendue. Ceci s'est produit 5 fois. L'action corrective suivante va être effectuée dans 3000 millisecondes : Redémarrer le service.

Record Number: 23384
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: erreur
User:

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service DllSrv Service Controler est entré dans l'état : en cours d'exécution.

Record Number: 23383
Source Name: Service Control Manager
Time Written: 20090310192322.000000+660
Event Type: Informations
User:

Application event log

Computer Name: USER-3393F246B5
Event Code: 102
Message: wuaueng.dll (2388) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 2042
Source Name: ESENT
Time Written: 20081030213147.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 100
Message: wuauclt (2388) Le moteur de base de données 5.01.2600.2180 est démarré.

Record Number: 2041
Source Name: ESENT
Time Written: 20081030213147.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 1000
Message: Application défaillante dmc3se.exe, version 1.0.0.0, module défaillant d3d9.dll, version 5.3.2600.2180, adresse de défaillance 0x000a725b.

Record Number: 2040
Source Name: Application Error
Time Written: 20081030202711.000000+660
Event Type: erreur
User:

Computer Name: USER-3393F246B5
Event Code: 4097
Message: L'application, C:\Program Files\CAPCOM\Devil May Cry 3 Special Edition\dmc3se.exe, a généré une erreur d'application
L'erreur s'est produite le 10/30/2008 à 20:27:10.093
L'exception générée était c0000005 à l'adresse 04686B39 (kavo0)

Record Number: 2039
Source Name: DrWatson
Time Written: 20081030202710.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 1000
Message: Application défaillante dmc3se.exe, version 1.0.0.0, module défaillant snd.drv, version 0.0.0.0, adresse de défaillance 0x00011cf8.

Record Number: 2038
Source Name: Application Error
Time Written: 20081030201145.000000+660
Event Type: erreur
User:

Security event log

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : SMB sur TCP

Numéro du port : 445

Protocole : TCP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 28503
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Service de session NetBIOS

Numéro du port : 139

Protocole : TCP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 28502
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Service de datagramme NetBIOS

Numéro du port : 138

Protocole : UDP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 28501
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Nom du service NetBIOS

Numéro du port : 137

Protocole : UDP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 28500
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Nom : Assistance à distance

Chemin d'accès : %windir%\system32\sessmgr.exe

État : Activé

Étendue : Tous les sous-réseaux

Record Number: 28499
Source Name: Security
Time Written: 20090312185454.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
Réponse 17 / 85
appel masqué
20 mars 2009 à 22:52
Logfile of random's system information tool 1.05 (written by random/random)
Run by user at 2009-03-21 08:39:35
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 15 GB (49%) free of 30 GB
Total RAM: 478 MB (30% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-09-01 322368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-01-24 7311360]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-01-24 86016]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-09-08 716800]
"SMSTray"=C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2006-07-21 126976]
"MAAgent"=C:\Program Files\MarkAny\ContentSafer\MAAgent.exe [2006-06-02 57344]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-02-16 282624]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2005-03-14 1057280]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-20 1667584]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-02-17 1830128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
C:\WINDOWS\system32\HDAShCut.exe [2004-10-28 61952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kava]
C:\WINDOWS\system32\kavo.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LeechGet]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-02-16 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^DOCUME~1^ALLUSE~1^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2006-03-02 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"=C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 192512]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a484188-edbc-11dd-9bfc-0018f3d45844}]
shell\AutoRun\command - F:\1wod1.com
shell\explore\command - F:\1wod1.com
shell\open\command - F:\1wod1.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22cc1ef0-215d-11dc-9a67-0018f3d45844}]
shell\Auto\command - F:\sxs.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23d16920-06b4-11de-9c1f-0018f3d45844}]
shell\AutoRun\command - F:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe
shell\open\command - F:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d131f9c-b2b8-11dd-9b9b-0018f3d45844}]
shell\AutoRun\command - G:\1wod1.com
shell\explore\command - G:\1wod1.com
shell\open\command - G:\1wod1.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39417502-8f6d-11dd-9b41-0018f3d45844}]
shell\AutoRun\command - F:\1wod1.com
shell\explore\command - F:\1wod1.com
shell\open\command - F:\1wod1.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63a50aea-53c5-11dd-9ad1-0018f3d45844}]
shell\AutoRun\command - F:\RECYCLER\S-3-6-22-3434476501-1644491937-600003330-1213\DllSrv.exe
shell\open\command - F:\RECYCLER\S-3-6-22-3434476501-1644491937-600003330-1213\DllSrv.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb1340c0-0884-11de-9c25-0018f3d45844}]
shell\AutoRun\command - G:\1wod1.com
shell\explore\command - G:\1wod1.com
shell\open\command - G:\1wod1.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d639ad44-6db6-11dd-9b10-0018f3d45844}]
shell\AutoRun\command - F:\1wod1.com
shell\explore\command - F:\1wod1.com
shell\open\command - F:\1wod1.com


======List of files/folders created in the last 2 months======

2009-03-21 08:39:36 ----D---- C:\Program Files\trend micro
2009-03-20 18:51:43 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-20 18:51:33 ----D---- C:\Program Files\SUPERAntiSpyware
2009-03-20 18:51:33 ----D---- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
2009-03-18 18:27:12 ----D---- C:\Program Files\Avira
2009-03-18 18:27:12 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-03-18 17:41:01 ----D---- C:\Program Files\CCleaner
2009-03-17 19:44:15 ----A---- C:\FindyKill.txt
2009-03-17 14:06:59 ----D---- C:\rsit
2009-03-13 17:18:47 ----D---- C:\Documents and Settings\user\Application Data\Cool Record Edit Pro
2009-03-13 17:15:44 ----D---- C:\Documents and Settings\user\Application Data\Free Sound Recorder
2009-03-13 17:15:15 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2009-03-13 17:15:15 ----A---- C:\WINDOWS\system32\NCTTextToAudio2.dll
2009-03-13 17:15:15 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2009-03-13 17:15:15 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2009-03-13 17:15:14 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-03-13 17:15:13 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2009-03-13 17:15:12 ----D---- C:\Program Files\Free Sound Recorder
2009-03-11 18:50:44 ----D---- C:\Documents and Settings\user\Application Data\Macromedia
2009-03-11 17:57:38 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2009-03-09 18:41:35 ----D---- C:\Documents and Settings\user\Application Data\Malwarebytes
2009-03-09 18:41:26 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-09 18:41:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-09 10:24:30 ----A---- C:\k8m1l3e9f4n7.exe
2009-03-09 09:44:50 ----RSH---- C:\WINDOWS\system32\mkfght1.dll
2009-03-09 08:39:05 ----RSHD---- C:\RESTORE
2009-03-09 08:37:06 ----RSH---- C:\WINDOWS\system32\mkfght0.dll
2009-02-19 18:13:30 ----D---- C:\Program Files\MarkAny
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\vorbisenc.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\vorbis.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\unicows.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\tg_dump.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\OggDS.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\Ogg.dll
2009-02-19 18:13:18 ----A---- C:\WINDOWS\system32\muzwmts.dll
2009-02-19 18:13:17 ----A---- C:\WINDOWS\system32\muzapp.exe
2009-02-19 18:13:17 ----A---- C:\WINDOWS\system32\muzapp.dll
2009-02-19 18:13:17 ----A---- C:\WINDOWS\system32\muzaf1.dll
2009-02-19 17:24:56 ----A---- C:\WINDOWS\system32\LAME_MP3.dll
2009-02-19 17:24:55 ----D---- C:\Program Files\Lame MP3 Codec
2009-02-18 22:24:29 ----A---- C:\WINDOWS\IFinst26.exe
2009-02-18 22:24:27 ----D---- C:\Program Files\XviD
2009-02-18 22:22:41 ----A---- C:\WINDOWS\system32\MTXSYNCICON.dll
2009-02-18 22:22:41 ----A---- C:\WINDOWS\system32\MTTELECHIP.dll
2009-02-18 22:22:41 ----A---- C:\WINDOWS\system32\MSFLib.dll
2009-02-18 22:22:41 ----A---- C:\WINDOWS\system32\MSCLib.dll
2009-02-18 22:22:40 ----A---- C:\WINDOWS\system32\MASetupWizard.dll
2009-02-18 22:22:40 ----A---- C:\WINDOWS\system32\MASetupCleaner.exe
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MK_Lyric.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MaXMLProto.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MAMACExtract.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MaJUtilLib.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MaJGUILib.dll
2009-02-18 22:22:38 ----A---- C:\WINDOWS\system32\MACXMLProto.dll
2009-02-18 22:22:30 ----A---- C:\WINDOWS\system32\MaDRM.dll
2009-02-18 22:22:12 ----D---- C:\Program Files\Samsung

======List of files/folders modified in the last 2 months======

2009-03-21 08:39:36 ----D---- C:\Program Files
2009-03-21 08:39:33 ----D---- C:\WINDOWS\Prefetch
2009-03-21 08:34:05 ----D---- C:\WINDOWS\Temp
2009-03-21 08:30:55 ----D---- C:\Program Files\Mozilla Firefox
2009-03-21 08:25:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-21 08:21:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-20 19:22:44 ----D---- C:\WINDOWS
2009-03-20 19:21:58 ----D---- C:\WINDOWS\system32\LogFiles
2009-03-20 18:51:40 ----SHD---- C:\WINDOWS\Installer
2009-03-20 18:50:51 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-03-20 18:37:41 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-18 19:23:35 ----D---- C:\WINDOWS\system32\drivers
2009-03-18 19:22:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-18 19:21:49 ----D---- C:\WINDOWS\system32
2009-03-17 20:16:27 ----D---- C:\Program Files\Alwil Software
2009-03-17 19:48:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-17 13:10:09 ----HD---- C:\WINDOWS\inf
2009-03-16 12:09:06 ----D---- C:\Documents and Settings\user\Application Data\Mozilla
2009-03-11 18:53:06 ----D---- C:\WINDOWS\system32\Macromed
2009-03-11 18:50:40 ----D---- C:\Documents and Settings\user\Application Data\Adobe
2009-03-11 18:24:46 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-09 13:16:04 ----SHD---- C:\RECYCLER
2009-03-09 10:07:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-09 08:40:46 ----SD---- C:\Documents and Settings\user\Application Data\Microsoft
2009-03-08 08:36:53 ----D---- C:\Documents and Settings
2009-03-05 21:05:33 ----A---- C:\WINDOWS\photoprn.ini
2009-03-04 17:22:14 ----SD---- C:\WINDOWS\system32\Microsoft
2009-03-01 00:19:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-02-19 18:13:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-19 16:42:12 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-02-18 22:10:56 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-03 23:16:10 ----SH---- C:\boot.ini
2009-02-03 23:16:10 ----A---- C:\WINDOWS\win.ini
2009-02-03 23:16:10 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-10 43008]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sdcplh;sdcplh; C:\WINDOWS\System32\drivers\sdcplh.sys [2007-11-27 55168]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-28 138240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-01-24 3535520]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-03-02 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 4c05c5df-0abc-4914-89e2-6b1754281ed8;4c05c5df-0abc-4914-89e2-6b1754281ed8; \??\D:\Player\cds300.dll []
S3 5c846fe9-3f64-4e43-8221-36c5ecd8923f;5c846fe9-3f64-4e43-8221-36c5ecd8923f; \??\D:\Player\cds300.dll []
S3 a2d24089-d72e-4b9d-b420-a7f61ce1e4fe;a2d24089-d72e-4b9d-b420-a7f61ce1e4fe; \??\D:\Player\cds300.dll []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-28 145920]
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\user\LOCALS~1\Temp\mc21.tmp []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-01-24 131139]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-06 66872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 DllSrv Service Controler;DllSrv Service Controler; C:\WINDOWS\system32\drivers\DllSrv.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-24 918016]

-----------------EOF-----------------
0
Réponse 18 / 85
Utilisateur anonyme
20 mars 2009 à 23:48
Branches TOUS tes peripheriques (cle usb , mp3 , etc...) puis :

---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:services


:files
C:\WINDOWS\system32\kavo.exe
G:\1wod1.com
F:\1wod1.com
F:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe
F:\RECYCLER\S-3-6-22-3434476501-1644491937-600003330-1213\DllSrv.exe
C:\Program Files\MarkAny
C:\k8m1l3e9f4n7.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersio­n\Run]]
"SoundMAX"=-
"QuickTime Task"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kava]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a484188-edbc-11dd-9bfc-0018f3d45844}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22cc1ef0-215d-11dc-9a67-0018f3d45844}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23d16920-06b4-11de-9c1f-0018f3d45844}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d131f9c-b2b8-11dd-9b9b-0018f3d45844}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39417502-8f6d-11dd-9b41-0018f3d45844}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63a50aea-53c5-11dd-9ad1-0018f3d45844}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb1340c0-0884-11de-9c25-0018f3d45844}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d639ad44-6db6-11dd-9b10-0018f3d45844}]


:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
appel masqué
21 mars 2009 à 00:18
je desactive ke antivir et je fé coment pour le désactivé?stp
0
Réponse 19 / 85
Utilisateur anonyme
21 mars 2009 à 00:49
clic droit dans la barre des taches sur le parapluie et desctiver la protection residente
0
appel masqué
21 mars 2009 à 01:05
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== FILES ==========
File/Folder C:\WINDOWS\system32\kavo.exe not found.
File/Folder G:\1wod1.com not found.
File/Folder F:\1wod1.com not found.
File/Folder F:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\runshell.exe not found.
F:\RECYCLER\S-3-6-22-3434476501-1644491937-600003330-1213\DllSrv.exe moved successfully.
C:\Program Files\MarkAny\ContentSafer\UpdateClient moved successfully.
C:\Program Files\MarkAny\ContentSafer\Data moved successfully.
C:\Program Files\MarkAny\ContentSafer moved successfully.
C:\Program Files\MarkAny moved successfully.
C:\k8m1l3e9f4n7.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersio­n\Run] not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersio­n\Run] not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kava\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a484188-edbc-11dd-9bfc-0018f3d45844}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22cc1ef0-215d-11dc-9a67-0018f3d45844}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23d16920-06b4-11de-9c1f-0018f3d45844}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d131f9c-b2b8-11dd-9b9b-0018f3d45844}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{39417502-8f6d-11dd-9b41-0018f3d45844}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63a50aea-53c5-11dd-9ad1-0018f3d45844}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb1340c0-0884-11de-9c25-0018f3d45844}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d639ad44-6db6-11dd-9b10-0018f3d45844}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\BITA.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DFC880.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DFC8F3.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DFF9CE.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\user\LOCALS~1\Temp\~DFF9E0.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.9.0 log created on 03212009_105411
0
appel masqué > appel masqué
13 mai 2009 à 07:48
info.txt logfile of random's system information tool 1.06 2009-05-13 16:32:13

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70800000002}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Caesar 3-->C:\WINDOWS\IsUn040c.exe -fC:\SIERRA\Caesar3\Uninst.isu
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Dealio Toolbar v4.0-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
DVD Region+CSS Free 5.9.7.9-->"C:\Program Files\DVD Region+CSS Free\unins000.exe"
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Far Cry-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} /l1036
Free FLV Converter V 6.32-->"C:\Program Files\Free FLV Converter\unins000.exe"
Free Sound Recorder-->C:\PROGRA~1\FREESO~1\UNWISE.EXE C:\PROGRA~1\FREESO~1\INSTALL.LOG
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFUE.inf
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nero 6 Demo-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PhotoPrinter 2.0 LE-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoPrinter LE\Uninst.isu"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
Samsung Media Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe" -l0x40c
Search Settings 1.2.1-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x40c -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: Avira AntiVir PersonalEdition Classic

======System event log======

Computer Name: USER-3393F246B5
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{22240D4A-9243-4831-9D7A-11818F52135F} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 31893
Source Name: Tcpip
Time Written: 20090419162256.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

Record Number: 31892
Source Name: Service Control Manager
Time Written: 20090419161604.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

Record Number: 31891
Source Name: Service Control Manager
Time Written: 20090419161554.000000+660
Event Type: Informations
User: USER-3393F246B5\user

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 31890
Source Name: Service Control Manager
Time Written: 20090419161554.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service Hôte de périphérique universel Plug-and-Play est entré dans l'état : en cours d'exécution.

Record Number: 31889
Source Name: Service Control Manager
Time Written: 20090419161554.000000+660
Event Type: Informations
User:

=====Application event log=====

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP77\A0020194.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5143
Source Name: Avira AntiVir
Time Written: 20090329133009.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP76\A0020188.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5142
Source Name: Avira AntiVir
Time Written: 20090329133007.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP76\A0020176.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5141
Source Name: Avira AntiVir
Time Written: 20090329133004.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP76\A0020163.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5140
Source Name: Avira AntiVir
Time Written: 20090329133003.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP75\A0020156.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5139
Source Name: Avira AntiVir
Time Written: 20090329133001.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

=====Security event log=====

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : SMB sur TCP

Numéro du port : 445

Protocole : TCP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 6563
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Service de session NetBIOS

Numéro du port : 139

Protocole : TCP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 6562
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Service de datagramme NetBIOS

Numéro du port : 138

Protocole : UDP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 6561
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Nom du service NetBIOS

Numéro du port : 137

Protocole : UDP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 6560
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Nom : Assistance à distance

Chemin d'accès : %windir%\system32\sessmgr.exe

État : Activé

Étendue : Tous les sous-réseaux

Record Number: 6559
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
appel masqué
17 mai 2009 à 11:07
info.txt logfile of random's system information tool 1.06 2009-05-13 16:32:13

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70800000002}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Caesar 3-->C:\WINDOWS\IsUn040c.exe -fC:\SIERRA\Caesar3\Uninst.isu
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Dealio Toolbar v4.0-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
DVD Region+CSS Free 5.9.7.9-->"C:\Program Files\DVD Region+CSS Free\unins000.exe"
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Far Cry-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} /l1036
Free FLV Converter V 6.32-->"C:\Program Files\Free FLV Converter\unins000.exe"
Free Sound Recorder-->C:\PROGRA~1\FREESO~1\UNWISE.EXE C:\PROGRA~1\FREESO~1\INSTALL.LOG
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFUE.inf
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mozilla Firefox (3.0.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nero 6 Demo-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PhotoPrinter 2.0 LE-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoPrinter LE\Uninst.isu"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
Samsung Media Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe" -l0x40c
Search Settings 1.2.1-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x40c -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: Avira AntiVir PersonalEdition Classic

======System event log======

Computer Name: USER-3393F246B5
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{22240D4A-9243-4831-9D7A-11818F52135F} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.

Record Number: 31893
Source Name: Tcpip
Time Written: 20090419162256.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

Record Number: 31892
Source Name: Service Control Manager
Time Written: 20090419161604.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

Record Number: 31891
Source Name: Service Control Manager
Time Written: 20090419161554.000000+660
Event Type: Informations
User: USER-3393F246B5\user

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 31890
Source Name: Service Control Manager
Time Written: 20090419161554.000000+660
Event Type: Informations
User:

Computer Name: USER-3393F246B5
Event Code: 7036
Message: Le service Hôte de périphérique universel Plug-and-Play est entré dans l'état : en cours d'exécution.

Record Number: 31889
Source Name: Service Control Manager
Time Written: 20090419161554.000000+660
Event Type: Informations
User:

=====Application event log=====

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP77\A0020194.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5143
Source Name: Avira AntiVir
Time Written: 20090329133009.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP76\A0020188.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5142
Source Name: Avira AntiVir
Time Written: 20090329133007.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP76\A0020176.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5141
Source Name: Avira AntiVir
Time Written: 20090329133004.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP76\A0020163.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5140
Source Name: Avira AntiVir
Time Written: 20090329133003.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\System Volume Information\_restore{BAA8D993-DCC0-4381-8C26-94AC578E9497}\RP75\A0020156.inf
un code suspect avec la désignation 'INF/AutoRun.lk'!

Record Number: 5139
Source Name: Avira AntiVir
Time Written: 20090329133001.000000+660
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

=====Security event log=====

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : SMB sur TCP

Numéro du port : 445

Protocole : TCP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 6563
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Service de session NetBIOS

Numéro du port : 139

Protocole : TCP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 6562
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Service de datagramme NetBIOS

Numéro du port : 138

Protocole : UDP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 6561
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 850
Message: Un port générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Interface : Toutes les interfaces

Nom : Nom du service NetBIOS

Numéro du port : 137

Protocole : UDP

État : Désactivé

Étendue : Sous-réseau local uniquement

Record Number: 6560
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

Computer Name: USER-3393F246B5
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.



Origine de la stratégie : Stratégie locale

Profil utilisé : Standard

Nom : Assistance à distance

Chemin d'accès : %windir%\system32\sessmgr.exe

État : Activé

Étendue : Tous les sous-réseaux

Record Number: 6559
Source Name: Security
Time Written: 20090506154448.000000+660
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
appel masqué
4 juin 2009 à 08:40
désolé pour le retard eh ben je ne sais pas pour le toolbar mais laisse c pas grave je vais sans doute réinstaller windows
0
Réponse 20 / 85
Utilisateur anonyme
21 mars 2009 à 01:12
Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.



Télécharges :
Malwarebytes ou :
Malwarebytes

* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

* Potasses le Tuto pour te familiariser avec le prg :


( cela dis, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0

Discussions similaires

Rootkit détecté par AVG mais ne fait rien?
Hakayami -
hellodu95 -

11 réponses
hacker defender 100 rootkit
andros -
andros -

22 réponses
Avast détecte un rootkit
Marie12345 -
Marie12345 -

2 réponses
win32 Rootkit
Mary -
plopus -

8 réponses
hacktool.rootkit
fabnok -
fabnok -

67 réponses