lesandre

Bonsoir Charles, As-tu une solution par rapport à ce pb qui parait insoluble? Merci à toi, Le sandre

Bonsoir Charles, J'ai suivi les instructions. - Durant SmitFraudFix: plusieurs fois le message "acces a la base de registre non autorisee par votre administrateur" apres avoir presse sur o Toujours la meme fenetre qui apparait regulierement (voir post precedent STP) Ci-apres, les rapports. A bientot et merci encore, Le sandre SmitFraudFix v2.232 Rapport fait à 21:25:48,76, 28/09/2007 Executé à partir de C:\Documents and Settings\Jean-Christophe\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 192.168.200.3 ad.doubleclick.net 192.168.200.3 ad.fastclick.net 192.168.200.3 ads.fastclick.net 192.168.200.3 ar.atwola.com 192.168.200.3 atdmt.com 192.168.200.3 avp.ch 192.168.200.3 avp.com 192.168.200.3 avp.ru 192.168.200.3 awaps.net 192.168.200.3 banner.fastclick.net 192.168.200.3 banners.fastclick.net 192.168.200.3 ca.com 192.168.200.3 click.atdmt.com 192.168.200.3 clicks.atdmt.com 192.168.200.3 customer.symantec.com 192.168.200.3 dispatch.mcafee.com 192.168.200.3 download.mcafee.com 192.168.200.3 downloads-us1.kaspersky-labs.com 192.168.200.3 downloads-us2.kaspersky-labs.com 192.168.200.3 downloads-us3.kaspersky-labs.com 192.168.200.3 downloads1.kaspersky-labs.com 192.168.200.3 downloads2.kaspersky-labs.com 192.168.200.3 downloads3.kaspersky-labs.com 192.168.200.3 downloads4.kaspersky-labs.com 192.168.200.3 engine.awaps.net 192.168.200.3 f-secure.com 192.168.200.3 fastclick.net 192.168.200.3 ftp.avp.ch 192.168.200.3 ftp.downloads1.kaspersky-labs.com 192.168.200.3 ftp.downloads2.kaspersky-labs.com 192.168.200.3 ftp.downloads3.kaspersky-labs.com 192.168.200.3 ftp.f-secure.com 192.168.200.3 ftp.kasperskylab.ru 192.168.200.3 ftp.sophos.com 192.168.200.3 ids.kaspersky-labs.com 192.168.200.3 kaspersky-labs.com 192.168.200.3 kaspersky.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 mast.mcafee.com 192.168.200.3 mcafee.com 192.168.200.3 media.fastclick.net 192.168.200.3 my-etrust.com 192.168.200.3 nai.com 192.168.200.3 networkassociates.com 192.168.200.3 norton.com 192.168.200.3 phx.corporate-ir.net 192.168.200.3 rads.mcafee.com 192.168.200.3 secure.nai.com 192.168.200.3 securityresponse.symantec.com 192.168.200.3 service1.symantec.com 192.168.200.3 sophos.com 192.168.200.3 spd.atdmt.com 192.168.200.3 symantec.com 192.168.200.3 trendmicro.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 us.mcafee.com 192.168.200.3 vil.nai.com 192.168.200.3 viruslist.com 192.168.200.3 viruslist.ru 192.168.200.3 virusscan.jotti.org 192.168.200.3 virustotal.com 192.168.200.3 www.avp.ch 192.168.200.3 www.avp.com 192.168.200.3 www.avp.ru 192.168.200.3 www.awaps.net 192.168.200.3 www.ca.com 192.168.200.3 www.f-secure.com 192.168.200.3 www.fastclick.net 192.168.200.3 www.grisoft.com 192.168.200.3 www.kaspersky-labs.com 192.168.200.3 www.kaspersky.com 192.168.200.3 www.kaspersky.ru 192.168.200.3 www.mcafee.com 192.168.200.3 www.my-etrust.com 192.168.200.3 www.nai.com 192.168.200.3 www.networkassociates.com 192.168.200.3 www.sophos.com 192.168.200.3 www.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 www.trendmicro.com 192.168.200.3 www.viruslist.com 192.168.200.3 www.viruslist.ru 192.168.200.3 www.virustotal.com 192.168.200.3 www3.ca.com »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\printer.exe supprimé C:\WINDOWS\system32\WinAvXX.exe supprimé »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Combofix ComboFix 07-09-18.4 - "Jean-Christophe" 2007-09-28 21:36:01.9 - FAT32x86 Microsoft Windows XP ?dition familiale 5.1.2600.2.1252.1.1036.18.48 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\WinAvXX.exe . ((((((((((((((((((((((((( Files Created from 2007-08-28 to 2007-09-28 ))))))))))))))))))))))))))))))) . 2007-09-22 19:20 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-09-22 19:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier 2007-09-22 19:17 <REP> d-------- C:\WINDOWS\Internet Logs 2007-09-20 21:19 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-19 13:02 <REP> d-------- C:\Program Files\CCleaner 2007-09-19 12:46 <REP> d-------- C:\Program Files\a-squared Free 2007-09-19 10:56 <REP> d-------- C:\Program Files\RegCleaner 2007-09-19 07:26 <REP> d-------- C:\WINDOWS\report 2007-09-19 07:25 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-09-19 07:25 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-09-19 07:25 267,845 --a------ C:\WINDOWS\tsc.exe 2007-09-19 07:25 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-09-19 07:25 <REP> d-------- C:\WINDOWS\AU_Backup 2007-09-19 07:23 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-09-19 07:23 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-09-19 07:23 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Temp 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Log 2007-09-18 22:39 3,398 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-18 21:10 <REP> d-------- C:\Program Files\Navilog1 2007-09-18 20:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Mes documents 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Favoris 2007-09-14 21:08 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-09-14 14:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\WINDOWS 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust 2007-09-01 15:57 1,268 --a------ C:\WINDOWS\mozver.dat . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-28 19:36 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2007-09-28 19:36 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-22 19:19 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-09-22 19:19 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-09-14 21:11 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-09-14 21:11 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-29 17:57 --------- d-------- C:\Program Files\Alwil Software 2007-07-29 17:07 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-07-29 16:24 --------- d-------- C:\Program Files\Realtek Sound Manager 2007-07-29 16:24 --------- d-------- C:\Program Files\AvRack 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\Real 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\InterTrust 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\ICQ 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\FUJIFILM 2007-07-19 08:58 3583488 --------- C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2005-07-21 15:12 457 --a------ C:\Program Files\INSTALL.LOG . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-09-23 09:09 C:\WINDOWS\SOUNDMAN.EXE] "Disk Monitor"="C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe" [2003-06-18 11:57] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 22:05] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-11 22:02] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-06-24 15:16] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-08-06 21:12] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32] "ExtraFilmHemmaAgent"="C:\Program Files\Extrafilm FotoFacil\Agent.exe" [2006-10-03 09:40] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "NetAppel"="C:\program files\netappel\netappel.exe" [2007-09-15 13:19] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify] PCANotify.dll 2003-05-29 11:00 8704 C:\WINDOWS\system32\PCANotify.dll R3 C4C_BSC2;C4C_BSC2;C:\WINDOWS\system32\DRIVERS\C4C_BSC2.sys R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S2 vdo_326d-6b44;vdo_326d-6b44;\??\C:\WINDOWS\system32\vdo_326d-6b44.sys S3 PIXMC10;JVC Communication PIX-MC10 Driver;C:\WINDOWS\system32\Drivers\pixmc10c.sys S3 PIXMC10A;JVC PIX-MC10 Audio Capture;C:\WINDOWS\system32\Drivers\pixmc10a.sys S3 PIXMC10V;JVC PIX-MC10 Video Capture;C:\WINDOWS\system32\Drivers\pixmc10v.sys S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-28 21:39:42 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-28 21:41:42 C:\ComboFix-quarantined-files.txt ... 2007-09-28 21:41 C:\ComboFix2.txt ... 2007-09-23 09:04 C:\ComboFix3.txt ... 2007-09-22 19:51 . --- E O F ---

Re, OK pour l'acces sur site Antivirus maintenant MAIS je ne trouve pas le fichier: j'ai meme fait une recherche sur tout le PC et aucune trace de ce fichier vdo_etc... (j'ai bien sur fait apparaitre tous les fichiers en suivant ta procedure) Voici le rapport demande: Merci, Lesandre Rapport WinPFind3: WinPFind3 logfile created on: 23/09/2007 20:51:30 WinPFind3U by OldTimer - Version 1.0.42 Folder = C:\Documents and Settings\Jean-Christophe\Bureau\WinPFind3u\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 7.0.5730.11) 255,48 Mb Total Physical Memory | 46,42 Mb Available Physical Memory | 18,17% Memory free 620,44 Mb Paging File | 219,09 Mb Available in Paging File | 35,31% Paging File free Paging file location(s): C:\pagefile.sys 384 768; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111,76 Gb Total Space | 20,68 Gb Free Space | 18,50% Space Free D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Computer Name: JCV46 Current User Name: Jean-Christophe Logged in as Administrator. Current Boot Mode: Normal [Processes - Non-Microsoft Only] a2service.exe -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.345 | Size = 217208 bytes | Modified Date = 19/09/2007 12:48:20 | Attr = ] aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 2 | Size = 566616 bytes | Modified Date = 14/09/2007 21:11:40 | Attr = ] agent.exe -> %ProgramFiles%\Extrafilm FotoFacil\Agent.exe -> [Ver = 1, 0, 0, 1 | Size = 323584 bytes | Modified Date = 03/10/2006 09:40:34 | Attr = ] apdproxy.exe -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.2.0.77764 | Size = 63712 bytes | Modified Date = 09/03/2007 11:09:58 | Attr = ] ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 79224 bytes | Modified Date = 06/09/2007 12:06:10 | Attr = ] ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 243064 bytes | Modified Date = 06/09/2007 12:05:42 | Attr = ] ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 132472 bytes | Modified Date = 06/09/2007 12:06:04 | Attr = ] ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 345464 bytes | Modified Date = 06/09/2007 12:04:44 | Attr = ] aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 16248 bytes | Modified Date = 06/09/2007 11:54:58 | Attr = ] ati2evxx.exe -> %System32%\ati2evxx.exe -> [Ver = | Size = 303104 bytes | Modified Date = 20/07/2003 10:17:50 | Attr = ] avgas.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 11:25:42 | Attr = ] cdac11ba.exe -> %System32%\drivers\CDAC11BA.EXE -> C-Dilla Ltd [Ver = 4.11.050 | Size = 39936 bytes | Modified Date = 02/10/2004 22:11:36 | Attr = ] ctsvccda.exe -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13/12/1999 03:01:00 | Attr = ] disk_monitor.exe -> %ProgramFiles%\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe -> Neodio Corp. [Ver = 1.7.5.617 | Size = 466944 bytes | Modified Date = 18/06/2003 11:57:40 | Attr = ] dragdiag.exe -> %ProgramFiles%\Thomson\SpeedTouch USB\dragdiag.exe -> THOMSON Telecom Belgium [Ver = 301.0.0.12 | Size = 866816 bytes | Modified Date = 26/01/2004 11:38:38 | Attr = ] ftrtsvc.exe -> %System32%\FTRTSVC.exe -> France Telecom [Ver = 11.0 (4) | Size = 40960 bytes | Modified Date = 23/08/2004 14:49:56 | Attr = ] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 14:31:10 | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 4.9.0.17 | Size = 331776 bytes | Modified Date = 24/06/2005 15:16:26 | Attr = ] ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 4.9.0.17 | Size = 278528 bytes | Modified Date = 24/06/2005 15:16:42 | Attr = ] jusched.exe -> %ProgramFiles%\Java\j2re1.4.2_05\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 03/06/2004 22:05:08 | Attr = ] netappel.exe -> %ProgramFiles%\NetAppel\NetAppel.exe -> NetAppel [Ver = 3, 2, 437, 0 | Size = 7145008 bytes | Modified Date = 15/09/2007 13:19:32 | Attr = ] nsl.exe -> %ProgramFiles%\lotus\notes\nsl.exe -> IBM Corp [Ver = 7.0.00.5226 | Size = 17408 bytes | Modified Date = 15/08/2005 05:40:14 | Attr = ] nslsvice.exe -> %ProgramFiles%\lotus\notes\nslsvice.exe -> IBM Corp [Ver = 7.0.00.5226 | Size = 7680 bytes | Modified Date = 15/08/2005 05:40:14 | Attr = ] printer.exe -> %System32%\printer.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 06/08/2005 21:12:02 | Attr = ] quickdcf.exe -> %ProgramFiles%\FinePixViewer\QuickDCF.exe -> FUJI PHOTO FILM CO., LTD. [Ver = 5, 0, 0, 2 | Size = 282624 bytes | Modified Date = 05/04/2005 18:01:36 | Attr = ] realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3208 | Size = 180269 bytes | Modified Date = 11/10/2004 22:02:38 | Attr = ] soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.10 | Size = 57344 bytes | Modified Date = 23/09/2003 09:09:00 | Attr = ] vsmon.exe -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 75304 bytes | Modified Date = 21/06/2007 21:54:46 | Attr = ] winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 04/09/2007 10:47:26 | Attr = ] zlclient.exe -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 919016 bytes | Modified Date = 21/06/2007 21:54:46 | Attr = ] [Win32 Services - Non-Microsoft Only] (a2free) a-squared Free Service [Win32_Own | Auto | Running] -> %ProgramFiles%\a-squared Free\a2service.exe -> Emsi Software GmbH [Ver = 3.0.0.345 | Size = 217208 bytes | Modified Date = 19/09/2007 12:48:20 | Attr = ] (aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 2 | Size = 566616 bytes | Modified Date = 14/09/2007 21:11:40 | Attr = ] (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 16248 bytes | Modified Date = 06/09/2007 11:54:58 | Attr = ] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> [Ver = | Size = 303104 bytes | Modified Date = 20/07/2003 10:17:50 | Attr = ] (avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 132472 bytes | Modified Date = 06/09/2007 12:06:04 | Attr = ] (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 243064 bytes | Modified Date = 06/09/2007 12:05:42 | Attr = ] (avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 345464 bytes | Modified Date = 06/09/2007 12:04:44 | Attr = ] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 30/05/2007 14:31:10 | Attr = ] (awhost32) Service Elève pcAnywhere [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\pcAnywhere\awhost32.exe -> Symantec Corporation [Ver = 11.0.0.730 | Size = 106496 bytes | Modified Date = 29/05/2003 11:00:00 | Attr = ] (C-DillaCdaC11BA) C-DillaCdaC11BA [Win32_Own | Auto | Running] -> %System32%\drivers\CDAC11BA.EXE -> C-Dilla Ltd [Ver = 4.11.050 | Size = 39936 bytes | Modified Date = 02/10/2004 22:11:36 | Attr = ] (Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %System32%\CTSVCCDA.EXE -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 44032 bytes | Modified Date = 13/12/1999 03:01:00 | Attr = ] (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 20/08/2004 01:09:52 | Attr = ] (FTRTSVC) France Telecom Routing Table Service [Win32_Own | Auto | Running] -> %System32%\FTRTSVC.exe -> France Telecom [Ver = 11.0 (4) | Size = 40960 bytes | Modified Date = 23/08/2004 14:49:56 | Attr = ] (iPodService) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 4.9.0.17 | Size = 331776 bytes | Modified Date = 24/06/2005 15:16:26 | Attr = ] (Lotus Notes Single Logon) Lotus Notes Single Logon [Win32_Own | Auto | Running] -> %ProgramFiles%\lotus\notes\nslsvice.exe -> IBM Corp [Ver = 7.0.00.5226 | Size = 7680 bytes | Modified Date = 15/08/2005 05:40:14 | Attr = ] (vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> %System32%\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 75304 bytes | Modified Date = 21/06/2007 21:54:46 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 11/06/2007 11:25:42 | Attr = ] Adobe Photo Downloader -> %ProgramFiles%\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe -> Adobe Systems Incorporated [Ver = 3.2.0.77764 | Size = 63712 bytes | Modified Date = 09/03/2007 11:09:58 | Attr = ] Adobe Reader Speed Launcher -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe -> Adobe Systems Incorporated [Ver = 8.0.0.0 | Size = 40048 bytes | Modified Date = 11/05/2007 03:06:32 | Attr = ] avast! -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 79224 bytes | Modified Date = 06/09/2007 12:06:10 | Attr = ] Disk Monitor -> %ProgramFiles%\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe -> Neodio Corp. [Ver = 1.7.5.617 | Size = 466944 bytes | Modified Date = 18/06/2003 11:57:40 | Attr = ] ExtraFilmHemmaAgent -> %ProgramFiles%\Extrafilm FotoFacil\Agent.exe -> [Ver = 1, 0, 0, 1 | Size = 323584 bytes | Modified Date = 03/10/2006 09:40:34 | Attr = ] iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 4.9.0.17 | Size = 278528 bytes | Modified Date = 24/06/2005 15:16:42 | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 06/08/2005 21:12:02 | Attr = ] REGSHAVE -> %ProgramFiles%\REGSHAVE\REGSHAVE.EXE -> FUJI PHOTO FILM CO., LTD. [Ver = 3.0.0.4 | Size = 53248 bytes | Modified Date = 04/02/2002 22:32:10 | Attr = ] SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.10 | Size = 57344 bytes | Modified Date = 23/09/2003 09:09:00 | Attr = ] SpeedTouch USB Diagnostics -> %ProgramFiles%\Thomson\SpeedTouch USB\dragdiag.exe -> THOMSON Telecom Belgium [Ver = 301.0.0.12 | Size = 866816 bytes | Modified Date = 26/01/2004 11:38:38 | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\j2re1.4.2_05\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 03/06/2004 22:05:08 | Attr = ] TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3208 | Size = 180269 bytes | Modified Date = 11/10/2004 22:02:38 | Attr = ] WinAVX -> %System32%\WinAvXX.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] ZoneAlarm Client -> %ProgramFiles%\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 919016 bytes | Modified Date = 21/06/2007 21:54:46 | Attr = ] < OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL -> Installed = 1 -> MAPI -> Installed = 1 -> MSFS -> Installed = 1 -> < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> NetAppel -> %ProgramFiles%\NetAppel\NetAppel.exe -> NetAppel [Ver = 3, 2, 437, 0 | Size = 7145008 bytes | Modified Date = 15/09/2007 13:19:32 | Attr = ] WinAVX -> %System32%\WinAvXX.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] < Common Startup > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage -> -> %AllUsersStartup%\autorun.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] %AllUsersStartup%\Exif Launcher.lnk -> %ProgramFiles%\FinePixViewer\QuickDCF.exe -> FUJI PHOTO FILM CO., LTD. [Ver = 5, 0, 0, 2 | Size = 282624 bytes | Modified Date = 05/04/2005 18:01:36 | Attr = ] < User Startup > -> C:\Documents and Settings\Jean-Christophe\Menu Démarrer\Programmes\Démarrage -> -> %UserStartup%\system.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] < AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> < ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 30/05/2007 14:29:58 | Attr = ] < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> C:\WINDOWS\system32\printer.exe -> %System32%\printer.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> PCANotify -> %System32%\PCANotify.dll -> Symantec Corporation [Ver = 11.0.0.730 | Size = 8704 bytes | Modified Date = 29/05/2003 11:00:00 | Attr = ] < CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoDriveAutoRun -> 67108863 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoDriveTypeAutoRun -> 255 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoControlPanel -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\RUN\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\UNINSTALL\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WINDOWSUPDATE\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WinOldApp\ -> -> < CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoControlPanel -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\\NoWindowsUpdate -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\DISALLOWCPL\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\DISALLOWRUN\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\RESTRICTCPL\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\RESTRICTRUN\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\EXPLORER\RUN\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\UNINSTALL\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WINDOWSUPDATE\ -> -> < HOSTS File > (698 bytes) -> C:\WINDOWS\SYSTEM32\Drivers\etc\hosts -> 127.0.0.1 localhost -> -> < Internet Explorer Settings > -> -> HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome -> HKLM: Main\\Default_Search_URL -> http://www.google.com/ie -> HKLM: Local Page -> C:\windows\system32\blank.htm -> HKLM: Search Page -> http://www.google.com -> HKLM: Start Page -> http://www.google.com -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKCU: Local Page -> C:\windows\system32\blank.htm -> HKCU: Search Bar -> http://www.google.com/ie -> HKCU: Search Page -> http://www.google.com -> HKCU: Start Page -> http://www.google.com -> HKCU: ProxyEnable -> 0 -> < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> msn.com [ - ] -> -> < Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ -> {32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Data - Key not found [MenuText: Console Java (Sun)] -> File not found {e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xporter vers Microsoft Excel -> -> File not found < User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> Wanadoo 6.2 -> IEAKFT -> < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {73767719-2D51-49BC-A421-5C2F73651A61} -> (Carte réseau 1394) -> {81260026-7663-40F1-88CE-7C27A0FBAA76} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) -> {8D0D86C8-075B-488D-A3C0-F7CA1E023D02} -> () -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {09C21411-B9A2-4DE6-8416-4E3B58577BE0} -> France Telecom MDM ActiveX Control - CodeBase = http://minitelweb.minitel.com/imin_data/ocx/MDM.cab -> {166B1BCA-3F9C-11CF-8075-444553540000} -> Shockwave ActiveX Control - CodeBase = http://download.macromedia.com/pub/shockwa...director/sw.cab -> {193C772A-87BE-4B19-A7BB-445B226FE9A1} -> ewidoOnlineScan Control - CodeBase = http://downloads.ewido.net/ewidoOnlineScan.cab -> {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} -> Contrôleur de DownloadManager - CodeBase = http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.0.8.cab -> {6E5E167B-1566-4316-B27F-0DDAB3484CF7} -> Image Uploader Control - CodeBase = http://webalbum.foto.com/NewUploader/ImageUploader4.cab -> {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -> HouseCall Control - CodeBase = http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab -> {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.4.2_05 - CodeBase = http://java.sun.com/update/1.4.2/jinstall-...indows-i586.cab -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -> - CodeBase = http://fpdownload.macromedia.com/get/shock...h/ultrashim.cab -> {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} -> - CodeBase = http://www.extrafilm.fr/net/import/ImageUploader3.cab -> {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} -> IPSUploader4 Control - CodeBase = http://photoservice.fujicolor.de/ips-opdat...PSUploader4.cab -> {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_05 - CodeBase = http://java.sun.com/products/plugin/autodl...indows-i586.cab -> {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -> get_atlcom Class - CodeBase = http://www.adobe.com/products/acrobat/nos/gp.cab -> {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab -> {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} -> Creative Product Registration ActiveX Control Module - CodeBase = http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab -> {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} -> - CodeBase = http://webalbum.foto.com/FUploader/SpeedUploader.cab -> [Registry - Additional Scans - Non-Microsoft Only] < Security Settings > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\System32\svchost.exe -k netsvcs -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> Rpcss; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des fichiers en tâche de fond en utilisant la bande passante du réseau lors de ses périodes d'inactivité. Si le service est arrêté, des fonctionnalités telles que Windows Update et MSN Explorer ne pourront plus télécharger automatiquement des programmes et d'autres informations. Si ce service est désactivé, tous les services qui en dépendent explicitement peuvent présenter des problèmes de transfert de fichiers s'ils ne disposent pas d'un mécanisme sûr de remplacement pour transférer les fichier -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> Root\LEGACY_BITS00 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\System32\svchost.exe -k netsvcs -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Pare-feu Windows / Partage de connexion Internet -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 900 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\i\ -> -> Key not found -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\\Security -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{5D80C184-559B-435E-B9DF-EA7D94A5FEAF} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{24806EA2-17C2-4B00-AE47-907EE1F089D9} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{73767719-2D51-49BC-A421-5C2F73651A61} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{81260026-7663-40F1-88CE-7C27A0FBAA76} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{75B9B6C6-B242-4771-972D-530855D339B1} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{CF3CE4F0-8E80-461F-BEBB-EF6C76682295} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{3DEF0CBF-036D-4D0D-BC8D-AB892F547E4D} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{7D7500E7-A627-458E-B822-2CF005B4C626} -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> Root\LEGACY_SHAREDACCESS00 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k netsvcs -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation de mises à jour Windows critiques. Si le service est désactivé, le système d'exploitation peut être mis à jour manuellement sur le site Web de Windows Update. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> Root\LEGACY_WUAUSERV00 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> < Software Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultExecMenuItems\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultExecMenuItems\\tWhiteList -> Close|GeneralInfo|Quit|FirstPage|PrevPage|NextPage|LastPage|ActualSize|FitPage|FitWidth|FitHeight|SinglePage|OneColumn|TwoPages|TwoColumns|ZoomViewIn|ZoomViewOut|ShowHideBookmarks|ShowHideThumbnails|Print|GoToPage|ZoomTo|GeneralPrefs|SaveAs|FullScreen|OpenOrganizer|Scan|Web2PDF:OpnURL|AcroSendMail:SendMail|Spelling:Check Spelling|PageSetup|Find|FindSearch|GoBack|GoForward|FitVisible|ShowHideToolbarEditing|ShowHideToolbarCommenting|ShowHideToolbarEdit|ShowHideToolbarFile|ShowHideToolbarFind|ShowHideToolbarForms|ShowHideToolbarMeasuring|ShowHideToolbarData|ShowHideToolbarPageDisplay|ShowHideToolbarNavigation|ShowHideToolbarPrintProduction|ShowHideToolbarRedaction|ShowHideToolbarBasicTools|ShowHideToolbarTasks|ShowHideToolbarTypewriter|PropertyToolbar|ShowHideArticles|ShowHideFileAttachment|ShowHideAnnotManager|ShowHideFields|ShowHideOptCont|ShowHideModelTree|ShowHideSignatures|InsertPages|ExtractPages|ReplacePages|DeletePages|CropPages|RotatePages|AddFileAttachment|FindCurrentBookmark|BookmarkShowLocation|GoBackDoc|GoForwardDoc|HelpUserGuide|HelpReader -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchAttachmentPerms\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchAttachmentPerms\\tBuiltInPermList -> version:1|.ade:3|.adp:3|.app:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.exe:3|.fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|.jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3|.mav:3|.maw:3|.mda:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.zip:3|.zlo:3|.zoo:3|.pdf:2|.fdf:2 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchURLPerms\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Acrobat Reader\8.0\FeatureLockdown\cDefaultLaunchURLPerms\\tSchemePerms -> version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:2|file:1 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\MRT\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes -> ADE;ADP;BAS;BAT;CHM;CMD;COM;CPL;CRT;EXE;HLP;HTA;INF;INS;ISP;LNK;MDB;MDE;MSC;MSI;MSP;MST;OCX;PCD;PIF;REG;SCR;SHS;URL;VB;WSC; -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\Description -> Stop the download of this file -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\FriendlyName -> Mdac11.cab -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\SaferFlags -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\HashAlg -> 32771 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemData -> ^«0O•zI‰j HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\LastModified -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemSize -> ; -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\Description -> Stop the download of this file -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\FriendlyName -> mdac20.cab -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\SaferFlags -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\HashAlg -> 32771 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemData -> g°Ô‹4:?Ó¼éÜdgó” -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\LastModified -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemSize -> ; -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\Description -> Stop the download of this file -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\FriendlyName -> mdac20_a.cab -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\SaferFlags -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\HashAlg -> 32771 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemData -> 2xÜþøÈ“ÜŠ°Ý„} -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\LastModified -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemSize -> –; -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\Description -> Stop the download of this file -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\FriendlyName -> _msadc10.cab -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\SaferFlags -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\HashAlg -> 32771 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemData -> ½š*ÛBëØV%Mø/g -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\LastModified -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemSize -> å; -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\Description -> Stop the download of this file -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\FriendlyName -> msadc11.cab -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\SaferFlags -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\HashAlg -> 32771 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemData -> 8k_„ìöiÓk•j"À€ -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\LastModified -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemSize -> r; -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\Terminal Services\ -> -> < Software Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\policies\ -> HKEY_CURRENT_USER\Software\Policies\ -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\ -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\AppCompat\ -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\ -> -> [Files/Folders - Created Within 60 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 267964416 bytes | Created Date = 02/01/1601 23:00:00 | Attr = HS] FOUND.000 -> %SystemDrive%\FOUND.000 -> [Folder | Created Date = 29/07/2007 15:25:24 | Attr = HS] FOUND.001 -> %SystemDrive%\FOUND.001 -> [Folder | Created Date = 29/07/2007 15:25:24 | Attr = HS] FOUND.002 -> %SystemDrive%\FOUND.002 -> [Folder | Created Date = 29/07/2007 15:25:24 | Attr = HS] FOUND.003 -> %SystemDrive%\FOUND.003 -> [Folder | Created Date = 29/07/2007 16:38:38 | Attr = HS] FOUND.004 -> %SystemDrive%\FOUND.004 -> [Folder | Created Date = 29/07/2007 16:55:14 | Attr = HS] SmitfraudFix.exe -> %SystemDrive%\SmitfraudFix.exe -> [Ver = | Size = 883694 bytes | Created Date = 18/09/2007 22:31:19 | Attr = ] SmitfraudFix -> %SystemDrive%\SmitfraudFix -> [Folder | Created Date = 18/09/2007 22:08:11 | Attr = ] ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 23/09/2007 07:54:33 | Attr = ] qoobox -> %SystemDrive%\qoobox -> [Folder | Created Date = 20/09/2007 20:19:26 | Attr = ] catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Created Date = 20/09/2007 20:19:12 | Attr = ] PATCH.EXE -> %SystemRoot%\PATCH.EXE -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 286720 bytes | Created Date = 19/09/2007 06:23:15 | Attr = ] UNZIP.DLL -> %SystemRoot%\UNZIP.DLL -> Trend Micro Inc. [Ver = 1.32.0.1000 | Size = 69689 bytes | Created Date = 19/09/2007 06:23:15 | Attr = ] EHome -> %SystemRoot%\EHome -> [Folder | Created Date = 30/07/2007 12:48:56 | Attr = ] NirCmd.exe -> %SystemRoot%\NirCmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 20/09/2007 20:19:12 | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 20/09/2007 20:20:45 | Attr = ] Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Created Date = 22/09/2007 18:17:54 | Attr = ] zllsputility.exe -> %SystemRoot%\zllsputility.exe -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 75248 bytes | Created Date = 22/09/2007 18:19:50 | Attr = ] zllsputility_loc040c.dll -> %SystemRoot%\zllsputility_loc040c.dll -> Zone Labs Inc. [Ver = 5.3.017.000 | Size = 42384 bytes | Created Date = 22/09/2007 18:19:58 | Attr = ] TMUPDATE.DLL -> %SystemRoot%\TMUPDATE.DLL -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 507904 bytes | Created Date = 19/09/2007 06:23:16 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1268 bytes | Created Date = 01/09/2007 14:57:36 | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 21/08/2007 19:28:54 | Attr = ] $NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Created Date = 30/07/2007 12:15:48 | Attr = H ] $NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Created Date = 30/07/2007 12:16:31 | Attr = H ] peernet -> %SystemRoot%\peernet -> [Folder | Created Date = 30/07/2007 12:58:22 | Attr = ] $NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Created Date = 30/07/2007 12:17:21 | Attr = H ] $NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Created Date = 30/07/2007 12:18:14 | Attr = H ] $NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Created Date = 30/07/2007 12:19:03 | Attr = H ] $NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Created Date = 30/07/2007 12:20:08 | Attr = H ] $NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Created Date = 30/07/2007 12:21:20 | Attr = H ] $NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Created Date = 30/07/2007 12:22:04 | Attr = H ] $NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Created Date = 30/07/2007 12:22:57 | Attr = H ] $NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Created Date = 30/07/2007 12:24:02 | Attr = H ] $NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Created Date = 30/07/2007 12:24:59 | Attr = H ] $NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Created Date = 30/07/2007 12:26:02 | Attr = H ] $NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Created Date = 30/07/2007 12:27:03 | Attr = H ] $NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Created Date = 30/07/2007 12:28:24 | Attr = H ] $NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Created Date = 30/07/2007 12:29:42 | Attr = H ] $NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Created Date = 30/07/2007 12:30:44 | Attr = H ] $NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Created Date = 30/07/2007 12:49:00 | Attr = H ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Created Date = 30/07/2007 13:38:08 | Attr = ] ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [Folder | Created Date = 30/07/2007 12:56:10 | Attr = ] provisioning -> %SystemRoot%\provisioning -> [Folder | Created Date = 30/07/2007 12:58:19 | Attr = ] $NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 30/07/2007 13:02:36 | Attr = H ] $NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Created Date = 30/07/2007 13:03:34 | Attr = H ] $NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Created Date = 30/07/2007 13:04:13 | Attr = H ] $NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 30/07/2007 13:04:58 | Attr = H ] $NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Created Date = 30/07/2007 13:05:40 | Attr = H ] $NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 30/07/2007 13:06:18 | Attr = H ] $NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Created Date = 30/07/2007 13:06:56 | Attr = H ] $NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 30/07/2007 13:07:34 | Attr = H ] $NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Created Date = 30/07/2007 13:08:16 | Attr = H ] $NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 30/07/2007 13:08:53 | Attr = H ] $NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 30/07/2007 13:09:32 | Attr = H ] $NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Created Date = 30/07/2007 13:10:09 | Attr = H ] $NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Created Date = 30/07/2007 13:10:49 | Attr = H ] $NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Created Date = 30/07/2007 13:11:28 | Attr = H ] $NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Created Date = 30/07/2007 13:12:07 | Attr = H ] $NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Created Date = 30/07/2007 13:12:53 | Attr = H ] $NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Created Date = 30/07/2007 13:13:31 | Attr = H ] $NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Created Date = 30/07/2007 13:14:10 | Attr = H ] $NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 30/07/2007 13:14:49 | Attr = H ] $NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 30/07/2007 13:15:27 | Attr = H ] $NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 30/07/2007 13:16:08 | Attr = H ] $NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Created Date = 30/07/2007 13:16:49 | Attr = H ] $NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Created Date = 30/07/2007 13:17:26 | Attr = H ] $NtUninstallKB896422$ -> %SystemRoot%\$NtUninstallKB896422$ -> [Folder | Created Date = 30/07/2007 13:18:05 | Attr = H ] $NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 30/07/2007 13:18:43 | Attr = H ] $NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 30/07/2007 13:19:22 | Attr = H ] $NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 30/07/2007 13:20:01 | Attr = H ] $NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 30/07/2007 13:20:45 | Attr = H ] $NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 30/07/2007 13:21:26 | Attr = H ] $NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 30/07/2007 13:22:08 | Attr = H ] $NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Created Date = 30/07/2007 13:22:50 | Attr = H ] $NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 30/07/2007 13:23:34 | Attr = H ] $NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 30/07/2007 13:24:15 | Attr = H ] $NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 30/07/2007 13:24:55 | Attr = H ] $NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Created Date = 30/07/2007 13:25:36 | Attr = H ] $NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 30/07/2007 13:26:19 | Attr = H ] $NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Created Date = 30/07/2007 13:27:02 | Attr = H ] $NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 30/07/2007 13:27:43 | Attr = H ] $NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Created Date = 30/07/2007 13:28:22 | Attr = H ] $NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Created Date = 30/07/2007 13:29:05 | Attr = H ] $NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 30/07/2007 13:29:45 | Attr = H ] $NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 30/07/2007 13:30:27 | Attr = H ] $NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 30/07/2007 13:31:12 | Attr = H ] $NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Created Date = 30/07/2007 13:31:53 | Attr = H ] $NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 30/07/2007 13:32:33 | Attr = H ] $NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 30/07/2007 13:33:14 | Attr = H ] $NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Created Date = 30/07/2007 13:33:55 | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Created Date = 31/07/2007 20:45:42 | Attr = ] $NtUninstallKB885884$ -> %SystemRoot%\$NtUninstallKB885884$ -> [Folder | Created Date = 30/07/2007 14:04:16 | Attr = H ] $NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Created Date = 30/07/2007 14:04:23 | Attr = H ] $NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ -> [Folder | Created Date = 30/07/2007 14:04:27 | Attr = H ] $NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Created Date = 30/07/2007 14:04:42 | Attr = H ] $NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Created Date = 30/07/2007 14:04:49 | Attr = H ] $NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Created Date = 30/07/2007 14:04:53 | Attr = H ] $NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Created Date = 30/07/2007 14:05:00 | Attr = H ] $NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Created Date = 30/07/2007 14:05:05 | Attr = H ] $NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Created Date = 30/07/2007 14:05:10 | Attr = H ] $NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Created Date = 30/07/2007 14:05:14 | Attr = H ] $NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Created Date = 30/07/2007 14:05:18 | Attr = H ] $NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Created Date = 30/07/2007 14:05:23 | Attr = H ] $NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Created Date = 30/07/2007 14:05:31 | Attr = H ] $NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Created Date = 30/07/2007 14:05:36 | Attr = H ] $NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Created Date = 30/07/2007 14:05:40 | Attr = H ] $NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Created Date = 30/07/2007 14:05:45 | Attr = H ] $NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Created Date = 30/07/2007 14:05:50 | Attr = H ] $NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Created Date = 30/07/2007 14:05:55 | Attr = H ] $NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ -> [Folder | Created Date = 30/07/2007 14:06:00 | Attr = H ] $NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 30/07/2007 14:06:05 | Attr = H ] $NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 30/07/2007 14:06:11 | Attr = H ] $NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 30/07/2007 14:06:19 | Attr = H ] $NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 30/07/2007 14:06:23 | Attr = H ] $NtUninstallKB904942$ -> %SystemRoot%\$NtUninstallKB904942$ -> [Folder | Created Date = 30/07/2007 14:10:39 | Attr = H ] $NtUninstallKB914440$ -> %SystemRoot%\$NtUninstallKB914440$ -> [Folder | Created Date = 30/07/2007 14:10:46 | Attr = H ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Created Date = 30/07/2007 14:10:48 | Attr = ] $NtUninstallKB915865$ -> %SystemRoot%\$NtUninstallKB915865$ -> [Folder | Created Date = 30/07/2007 14:11:49 | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Created Date = 30/07/2007 14:12:16 | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Created Date = 30/07/2007 14:12:39 | Attr = H ] ie7 -> %SystemRoot%\ie7 -> [Folder | Created Date = 30/07/2007 14:12:55 | Attr = H ] WBEM -> %SystemRoot%\WBEM -> [Folder | Created Date = 30/07/2007 14:14:12 | Attr = ] $NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 30/07/2007 14:14:47 | Attr = H ] $NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Created Date = 30/07/2007 14:14:51 | Attr = H ] $NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 30/07/2007 14:14:56 | Attr = H ] $NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Created Date = 30/07/2007 14:15:01 | Attr = H ] $NtUninstallKB933566$ -> %SystemRoot%\$NtUninstallKB933566$ -> [Folder | Created Date = 30/07/2007 14:15:09 | Attr = H ] $NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 30/07/2007 14:15:17 | Attr = H ] $NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 30/07/2007 14:15:22 | Attr = H ] $NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 30/07/2007 14:15:27 | Attr = H ] $NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ -> [Folder | Created Date = 30/07/2007 14:15:49 | Attr = H ] $NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ -> [Folder | Created Date = 30/07/2007 14:16:03 | Attr = H ] $NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Created Date = 30/08/2007 21:47:55 | Attr = H ] $NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Created Date = 30/08/2007 21:49:09 | Attr = H ] $NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Created Date = 30/08/2007 21:49:13 | Attr = H ] $NtUninstallKB936782_WMP9$ -> %SystemRoot%\$NtUninstallKB936782_WMP9$ -> [Folder | Created Date = 30/08/2007 21:49:35 | Attr = H ] $NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Created Date = 30/08/2007 21:49:41 | Attr = H ] $NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Created Date = 30/08/2007 21:49:46 | Attr = H ] AU_Log -> %SystemRoot%\AU_Log -> [Folder | Created Date = 19/09/2007 06:23:22 | Attr = ] AU_Temp -> %SystemRoot%\AU_Temp -> [Folder | Created Date = 19/09/2007 06:23:23 | Attr = ] GetServer.ini -> %SystemRoot%\GetServer.ini -> [Ver = | Size = 170 bytes | Created Date = 19/09/2007 06:23:23 | Attr = ] VPTNFILE.725 -> %SystemRoot%\VPTNFILE.725 -> [Ver = | Size = 37727661 bytes | Created Date = 19/09/2007 06:25:25 | Attr = ] BPMNT.dll -> %SystemRoot%\BPMNT.dll -> Trend Micro Inc. [Ver = 8.000-1001 | Size = 86094 bytes | Created Date = 19/09/2007 06:25:31 | Attr = ] vsapi32.dll -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.500-1002 | Size = 1163344 bytes | Created Date = 19/09/2007 06:25:31 | Attr = ] hcextoutput.dll -> %SystemRoot%\hcextoutput.dll -> [Ver = | Size = 71749 bytes | Created Date = 19/09/2007 06:25:31 | Attr = ] tsc.exe -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.3.0.1103 | Size = 267845 bytes | Created Date = 19/09/2007 06:25:31 | Attr = ] tsc.ini -> %SystemRoot%\tsc.ini -> [Ver = | Size = 823 bytes | Created Date = 19/09/2007 06:25:31 | Attr = ] tsc.ptn -> %SystemRoot%\tsc.ptn -> [Ver = | Size = 1871245 bytes | Created Date = 19/09/2007 06:25:31 | Attr = ] AU_Backup -> %SystemRoot%\AU_Backup -> [Folder | Created Date = 19/09/2007 06:25:32 | Attr = ] LPT$VPN.725 -> %SystemRoot%\LPT$VPN.725 -> [Ver = | Size = 37727661 bytes | Created Date = 19/09/2007 06:25:51 | Attr = ] report -> %SystemRoot%\report -> [Folder | Created Date = 19/09/2007 06:26:08 | Attr = ] tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 3398 bytes | Created Date = 18/09/2007 21:39:58 | Attr = ] printer.exe -> %System32%\printer.exe -> [Ver = | Size = 7680 bytes | Created Date = 23/09/2007 08:12:25 | Attr = ] vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 58727 bytes | Created Date = 22/09/2007 18:18:31 | Attr = ] moveex.exe -> %System32%\moveex.exe -> [Ver = | Size = 38400 bytes | Created Date = 20/09/2007 20:19:11 | Attr = ] vsdatant.sys -> %System32%\vsdatant.sys -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 394984 bytes | Created Date = 22/09/2007 18:18:31 | Attr = ] vsdata.dll -> %System32%\vsdata.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 83432 bytes | Created Date = 22/09/2007 18:17:54 | Attr = ] vsutil.dll -> %System32%\vsutil.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 472552 bytes | Created Date = 22/09/2007 18:17:53 | Attr = ] vsmonapi.dll -> %System32%\vsmonapi.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 103912 bytes | Created Date = 22/09/2007 18:18:33 | Attr = ] vspubapi.dll -> %System32%\vspubapi.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 275944 bytes | Created Date = 22/09/2007 18:18:33 | Attr = ] vsinit.dll -> %System32%\vsinit.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 157160 bytes | Created Date = 22/09/2007 18:17:54 | Attr = ] vswmi.dll -> %System32%\vswmi.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 46568 bytes | Created Date = 22/09/2007 18:18:37 | Attr = ] vsxml.dll -> %System32%\vsxml.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 99816 bytes | Created Date = 22/09/2007 18:18:34 | Attr = ] aswBoot.exe -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 801144 bytes | Created Date = 29/07/2007 16:57:50 | Attr = ] fr-fr -> %System32%\fr-fr -> [Folder | Created Date = 30/07/2007 14:14:12 | Attr = ] WinAvXX.exe -> %System32%\WinAvXX.exe -> [Ver = | Size = 7680 bytes | Created Date = 23/09/2007 08:12:25 | Attr = ] zpeng24.dll -> %System32%\zpeng24.dll -> Python Software Foundation [Ver = 2.4.2 | Size = 1086952 bytes | Created Date = 22/09/2007 18:18:34 | Attr = ] ZoneLabs -> %System32%\ZoneLabs -> [Folder | Created Date = 22/09/2007 18:18:33 | Attr = ] zlcommdb.dll -> %System32%\zlcommdb.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 71144 bytes | Created Date = 22/09/2007 18:18:52 | Attr = ] zlcomm.dll -> %System32%\zlcomm.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 83432 bytes | Created Date = 22/09/2007 18:18:51 | Attr = ] vsregexp.dll -> %System32%\vsregexp.dll -> Zone Labs, LLC [Ver = 7.0.362.000 | Size = 71144 bytes | Created Date = 22/09/2007 18:18:54 | Attr = ] zllictbl.dat -> %System32%\zllictbl.dat -> [Ver = | Size = 4212 bytes | Created Date = 22/09/2007 18:20:09 | Attr = H ] VFind.exe -> %System32%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 20/09/2007 20:19:11 | Attr = ] libeay32_0.9.6l.dll -> %System32%\libeay32_0.9.6l.dll -> [Ver = | Size = 796048 bytes | Created Date = 22/09/2007 18:18:54 | Attr = ] vsutil_loc040c.dll -> %System32%\vsutil_loc040c.dll -> Zone Labs Inc. [Ver = 5.3.017.000 | Size = 54672 bytes | Created Date = 22/09/2007 18:19:57 | Attr = ] imsinstall_loc040c.dll -> %System32%\imsinstall_loc040c.dll -> [Ver = | Size = 21904 bytes | Created Date = 22/09/2007 18:19:58 | Attr = ] imslsp_install_loc040c.dll -> %System32%\imslsp_install_loc040c.dll -> [Ver = | Size = 17808 bytes | Created Date = 22/09/2007 18:19:58 | Attr = ] actskin4.ocx -> %System32%\actskin4.ocx -> [Ver = 4, 2, 7, 3 | Size = 380928 bytes | Created Date = 29/07/2007 16:57:50 | Attr = ] AvastSS.scr -> %System32%\AvastSS.scr -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 95608 bytes | Created Date = 29/07/2007 16:57:57 | Attr = ] AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 14/09/2007 13:05:17 | Attr = ] klif.sys -> %System32%\drivers\klif.sys -> Kaspersky Lab [Ver = 7.0.0.90 | Size = 119576 bytes | Created Date = 22/09/2007 18:19:03 | Attr = ] kl1.sys -> %System32%\drivers\kl1.sys -> Kaspersky Lab [Ver = 6.1.18.0 | Size = 110360 bytes | Created Date = 22/09/2007 18:19:03 | Attr = ] fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 32 bytes | Created Date = 22/09/2007 18:19:32 | Attr = HS] fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 32 bytes | Created Date = 22/09/2007 18:19:33 | Attr = HS] klick.dat -> %System32%\drivers\klick.dat -> [Ver = | Size = 75932 bytes | Created Date = 22/09/2007 18:19:42 | Attr = ] klin.dat -> %System32%\drivers\klin.dat -> [Ver = | Size = 74396 bytes | Created Date = 22/09/2007 18:19:42 | Attr = ] aswmon.sys -> %System32%\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 92848 bytes | Created Date = 29/07/2007 16:57:55 | Attr = ] aswmon2.sys -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 94416 bytes | Created Date = 29/07/2007 16:57:55 | Attr = ] aavmker4.sys -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 26624 bytes | Created Date = 29/07/2007 16:57:59 | Attr = ] aswTdi.sys -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 42912 bytes | Created Date = 29/07/2007 16:57:59 | Attr = ] aswRdr.sys -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 23152 bytes | Created Date = 29/07/2007 16:58:00 | Attr = ] hosts.20070919-112423.backup -> %System32%\drivers\etc\hosts.20070919-112423.backup -> [Ver = | Size = 3541 bytes | Created Date = 19/09/2007 10:24:23 | Attr = R ] hosts.20070919-113959.backup -> %System32%\drivers\etc\hosts.20070919-113959.backup -> [Ver = | Size = 659 bytes | Created Date = 19/09/2007 10:39:59 | Attr = R ] hosts.20070919-132252.backup -> %System32%\drivers\etc\hosts.20070919-132252.backup -> [Ver = | Size = 627 bytes | Created Date = 19/09/2007 12:22:52 | Attr = R ] Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Created Date = 29/07/2007 16:07:12 | Attr = ] Windows Genuine Advantage -> %AllUsersAppData%\Windows Genuine Advantage -> [Folder | Created Date = 30/07/2007 12:14:56 | Attr = ] Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Created Date = 14/09/2007 13:05:13 | Attr = ] Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Created Date = 18/09/2007 19:54:46 | Attr = ] MailFrontier -> %AllUsersAppData%\MailFrontier -> [Folder | Created Date = 22/09/2007 18:20:20 | Attr = ] Mozilla -> %UserAppData%\Mozilla -> [Folder | Created Date = 21/08/2007 19:28:51 | Attr = ] Grisoft -> %UserAppData%\Grisoft -> [Folder | Created Date = 14/09/2007 13:05:32 | Attr = ] Mozilla -> %LocalAppData%\Mozilla -> [Folder | Created Date = 21/08/2007 19:28:51 | Attr = ] Ma musique -> %AllUsersDocuments%\Ma musique -> [Folder | Created Date = 30/07/2007 13:00:01 | Attr = R ] a-squared -> %UserDocuments%\a-squared -> [Folder | Created Date = 19/09/2007 11:46:29 | Attr = ] avast! Antivirus.lnk -> %AllUsersDesktop%\avast! Antivirus.lnk -> [Ver = | Size = 1613 bytes | Created Date = 29/07/2007 16:58:00 | Attr = ] AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 753 bytes | Created Date = 14/09/2007 13:05:23 | Attr = ] Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1694 bytes | Created Date = 14/09/2007 20:09:39 | Attr = ] Ad-Watch 2007.lnk -> %AllUsersDesktop%\Ad-Watch 2007.lnk -> [Ver = | Size = 1694 bytes | Created Date = 14/09/2007 20:09:40 | Attr = ] Navilog1.lnk -> %AllUsersDesktop%\Navilog1.lnk -> [Ver = | Size = 534 bytes | Created Date = 18/09/2007 20:10:16 | Attr = ] a-squared Free.lnk -> %AllUsersDesktop%\a-squared Free.lnk -> [Ver = | Size = 552 bytes | Created Date = 19/09/2007 11:46:50 | Attr = ] Navilog1.exe -> %UserDesktop%\Navilog1.exe -> @IL-MAFIOSO [Ver = | Size = 544635 bytes | Created Date = 18/09/2007 20:08:31 | Attr = ] RegCleaner.lnk -> %UserDesktop%\RegCleaner.lnk -> [Ver = | Size = 549 bytes | Created Date = 19/09/2007 09:56:21 | Attr = ] Warning.mht -> %UserDesktop%\Warning.mht -> [Ver = | Size = 97695 bytes | Created Date = 19/09/2007 20:53:03 | Attr = ] [4]-Submit_2007-09-20@22.07.zip -> %UserDesktop%\[4]-Submit_2007-09-20@22.07.zip -> [Ver = | Size = 417 bytes | Created Date = 20/09/2007 21:07:37 | Attr = ] HostsXpert -> %UserDesktop%\HostsXpert -> [Folder | Created Date = 23/09/2007 19:43:33 | Attr = ] winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 356045 bytes | Created Date = 23/09/2007 19:48:03 | Attr = ] WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Created Date = 23/09/2007 19:48:49 | Attr = ] autorun.exe -> %AllUsersStartup%\autorun.exe -> [Ver = | Size = 7680 bytes | Created Date = 13/09/2007 10:06:48 | Attr = ] system.exe -> %UserStartup%\system.exe -> [Ver = | Size = 7680 bytes | Created Date = 14/09/2007 12:02:56 | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Created Date = 14/09/2007 20:08:57 | Attr = ] [Files/Folders - Modified Within 60 days] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 267964416 bytes | Modified Date = 23/09/2007 20:36:46 | Attr = HS] FOUND.000 -> %SystemDrive%\FOUND.000 -> [Folder | Modified Date = 29/07/2007 16:25:26 | Attr = HS] FOUND.001 -> %SystemDrive%\FOUND.001 -> [Folder | Modified Date = 29/07/2007 16:25:26 | Attr = HS] FOUND.002 -> %SystemDrive%\FOUND.002 -> [Folder | Modified Date = 29/07/2007 16:25:26 | Attr = HS] NTDETECT.COM -> %SystemDrive%\NTDETECT.COM -> [Ver = | Size = 47564 bytes | Modified Date = 30/07/2007 13:53:20 | Attr = RHS] FOUND.003 -> %SystemDrive%\FOUND.003 -> [Folder | Modified Date = 29/07/2007 17:38:38 | Attr = HS] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 216 bytes | Modified Date = 30/07/2007 14:00:10 | Attr = RHS] FOUND.004 -> %SystemDrive%\FOUND.004 -> [Folder | Modified Date = 29/07/2007 17:55:14 | Attr = HS] SmitfraudFix.exe -> %SystemDrive%\SmitfraudFix.exe -> [Ver = | Size = 883694 bytes | Modified Date = 18/09/2007 23:31:22 | Attr = ] ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 23/09/2007 08:54:34 | Attr = ] qoobox -> %SystemDrive%\qoobox -> [Folder | Modified Date = 20/09/2007 21:19:28 | Attr = ] PATCH.EXE -> %SystemRoot%\PATCH.EXE -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 286720 bytes | Modified Date = 19/09/2007 07:23:16 | Attr = ] UNZIP.DLL -> %SystemRoot%\UNZIP.DLL -> Trend Micro Inc. [Ver = 1.32.0.1000 | Size = 69689 bytes | Modified Date = 19/09/2007 07:23:16 | Attr = ] EHome -> %SystemRoot%\EHome -> [Folder | Modified Date = 30/07/2007 13:48:58 | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 20/09/2007 21:20:46 | Attr = ] Internet Logs -> %SystemRoot%\Internet Logs -> [Folder | Modified Date = 22/09/2007 19:17:56 | Attr = ] TMUPDATE.DLL -> %SystemRoot%\TMUPDATE.DLL -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 507904 bytes | Modified Date = 19/09/2007 07:23:18 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 1268 bytes | Modified Date = 01/09/2007 15:57:38 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 23/09/2007 20:36:48 | Attr = S] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 21/08/2007 20:28:56 | Attr = ] $NtUninstallKB914388_0$ -> %SystemRoot%\$NtUninstallKB914388_0$ -> [Folder | Modified Date = 30/07/2007 13:15:50 | Attr = H ] $NtUninstallKB921883_0$ -> %SystemRoot%\$NtUninstallKB921883_0$ -> [Folder | Modified Date = 30/07/2007 13:16:32 | Attr = H ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 30/07/2007 14:39:08 | Attr = ] peernet -> %SystemRoot%\peernet -> [Folder | Modified Date = 30/07/2007 13:58:24 | Attr = ] $NtUninstallKB917422_0$ -> %SystemRoot%\$NtUninstallKB917422_0$ -> [Folder | Modified Date = 30/07/2007 13:17:22 | Attr = H ] $NtUninstallKB920670_0$ -> %SystemRoot%\$NtUninstallKB920670_0$ -> [Folder | Modified Date = 30/07/2007 13:18:16 | Attr = H ] $NtUninstallKB920683_0$ -> %SystemRoot%\$NtUninstallKB920683_0$ -> [Folder | Modified Date = 30/07/2007 13:19:04 | Attr = H ] $NtUninstallKB921398_0$ -> %SystemRoot%\$NtUninstallKB921398_0$ -> [Folder | Modified Date = 30/07/2007 13:20:10 | Attr = H ] $NtUninstallKB922616_0$ -> %SystemRoot%\$NtUninstallKB922616_0$ -> [Folder | Modified Date = 30/07/2007 13:21:22 | Attr = H ] $NtUninstallKB919007_0$ -> %SystemRoot%\$NtUninstallKB919007_0$ -> [Folder | Modified Date = 30/07/2007 13:22:06 | Attr = H ] $NtUninstallKB920685_0$ -> %SystemRoot%\$NtUninstallKB920685_0$ -> [Folder | Modified Date = 30/07/2007 13:22:58 | Attr = H ] $NtUninstallKB918899-IE6SP1-20060725.123917$ -> %SystemRoot%\$NtUninstallKB918899-IE6SP1-20060725.123917$ -> [Folder | Modified Date = 30/07/2007 13:24:04 | Attr = H ] $NtUninstallKB925486-IE6SP1-20060918.120000$ -> %SystemRoot%\$NtUninstallKB925486-IE6SP1-20060918.120000$ -> [Folder | Modified Date = 30/07/2007 13:25:00 | Attr = H ] $NtUninstallKB923414_0$ -> %SystemRoot%\$NtUninstallKB923414_0$ -> [Folder | Modified Date = 30/07/2007 13:26:04 | Attr = H ] $NtUninstallKB924496_0$ -> %SystemRoot%\$NtUninstallKB924496_0$ -> [Folder | Modified Date = 30/07/2007 13:27:04 | Attr = H ] $NtUninstallKB923191_0$ -> %SystemRoot%\$NtUninstallKB923191_0$ -> [Folder | Modified Date = 30/07/2007 13:28:26 | Attr = H ] $NtUninstallKB924191_0$ -> %SystemRoot%\$NtUninstallKB924191_0$ -> [Folder | Modified Date = 30/07/2007 13:29:44 | Attr = H ] $NtUninstallKB922819_0$ -> %SystemRoot%\$NtUninstallKB922819_0$ -> [Folder | Modified Date = 30/07/2007 13:30:46 | Attr = H ] $NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [Folder | Modified Date = 30/07/2007 13:49:02 | Attr = H ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 30/07/2007 14:38:10 | Attr = ] ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [Folder | Modified Date = 30/07/2007 13:56:12 | Attr = ] provisioning -> %SystemRoot%\provisioning -> [Folder | Modified Date = 30/07/2007 13:58:20 | Attr = ] $NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Modified Date = 30/07/2007 14:02:38 | Attr = H ] $NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Modified Date = 30/07/2007 14:03:36 | Attr = H ] $NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 30/07/2007 14:04:14 | Attr = H ] $NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Modified Date = 30/07/2007 14:05:00 | Attr = H ] $NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Modified Date = 30/07/2007 14:05:42 | Attr = H ] $NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Modified Date = 30/07/2007 14:06:20 | Attr = H ] $NtUninstallKB912919$ -> %SystemRoot%\$NtUninstallKB912919$ -> [Folder | Modified Date = 30/07/2007 14:06:58 | Attr = H ] $NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Modified Date = 30/07/2007 14:07:36 | Attr = H ] $NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 30/07/2007 14:08:18 | Attr = H ] $NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Modified Date = 30/07/2007 14:08:54 | Attr = H ] $NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Modified Date = 30/07/2007 14:09:34 | Attr = H ] $NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 30/07/2007 14:10:10 | Attr = H ] $NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 30/07/2007 14:10:50 | Attr = H ] $NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 30/07/2007 14:11:30 | Attr = H ] $NtUninstallKB888113$ -> %SystemRoot%\$NtUninstallKB888113$ -> [Folder | Modified Date = 30/07/2007 14:12:08 | Attr = H ] $NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 30/07/2007 14:12:54 | Attr = H ] $NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 30/07/2007 14:13:32 | Attr = H ] $NtUninstallKB896424$ -> %SystemRoot%\$NtUninstallKB896424$ -> [Folder | Modified Date = 30/07/2007 14:14:12 | Attr = H ] $NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Modified Date = 30/07/2007 14:14:50 | Attr = H ] $NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Modified Date = 30/07/2007 14:15:28 | Attr = H ] $NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Modified Date = 30/07/2007 14:16:10 | Attr = H ] $NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 30/07/2007 14:16:50 | Attr = H ] $NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 30/07/2007 14:17:28 | Attr = H ] $NtUninstallKB896422$ -> %SystemRoot%\$NtUninstallKB896422$ -> [Folder | Modified Date = 30/07/2007 14:18:06 | Attr = H ] $NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Modified Date = 30/07/2007 14:18:44 | Attr = H ] $NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Modified Date = 30/07/2007 14:19:24 | Attr = H ] $NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Modified Date = 30/07/2007 14:20:02 | Attr = H ] $NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Modified Date = 30/07/2007 14:20:46 | Attr = H ] $NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Modified Date = 30/07/2007 14:21:28 | Attr = H ] $NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Modified Date = 30/07/2007 14:22:10 | Attr = H ] $NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Modified Date = 30/07/2007 14:22:52 | Attr = H ] $NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Modified Date = 30/07/2007 14:23:36 | Attr = H ] $NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Modified Date = 30/07/2007 14:24:16 | Attr = H ] $NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Modified Date = 30/07/2007 14:24:56 | Attr = H ] $NtUninstallKB921883$ -> %SystemRoot%\$NtUninstallKB921883$ -> [Folder | Modified Date = 30/07/2007 14:25:38 | Attr = H ] $NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Modified Date = 30/07/2007 14:26:20 | Attr = H ] $NtUninstallKB917422$ -> %SystemRoot%\$NtUninstallKB917422$ -> [Folder | Modified Date = 30/07/2007 14:27:04 | Attr = H ] $NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Modified Date = 30/07/2007 14:27:44 | Attr = H ] $NtUninstallKB921398$ -> %SystemRoot%\$NtUninstallKB921398$ -> [Folder | Modified Date = 30/07/2007 14:28:24 | Attr = H ] $NtUninstallKB922616$ -> %SystemRoot%\$NtUninstallKB922616$ -> [Folder | Modified Date = 30/07/2007 14:29:06 | Attr = H ] $NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Modified Date = 30/07/2007 14:29:46 | Attr = H ] $NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Modified Date = 30/07/2007 14:30:28 | Attr = H ] $NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Modified Date = 30/07/2007 14:31:14 | Attr = H ] $NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Modified Date = 30/07/2007 14:31:54 | Attr = H ] $NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Modified Date = 30/07/2007 14:32:34 | Attr = H ] $NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Modified Date = 30/07/2007 14:33:16 | Attr = H ] $NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ -> [Folder | Modified Date = 30/07/2007 14:33:56 | Attr = H ] ie7updates -> %SystemRoot%\ie7updates -> [Folder | Modified Date = 31/07/2007 21:45:44 | Attr = ] $NtUninstallKB885884$ -> %SystemRoot%\$NtUninstallKB885884$ -> [Folder | Modified Date = 30/07/2007 15:04:18 | Attr = H ] $NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Modified Date = 30/07/2007 15:04:24 | Attr = H ] $NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ -> [Folder | Modified Date = 30/07/2007 15:04:28 | Attr = H ] $NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Modified Date = 30/07/2007 15:04:44 | Attr = H ] $NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Modified Date = 30/07/2007 15:04:50 | Attr = H ] $NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Modified Date = 30/07/2007 15:04:54 | Attr = H ] $NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Modified Date = 30/07/2007 15:05:02 | Attr = H ] $NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Modified Date = 30/07/2007 15:05:06 | Attr = H ] $NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Modified Date = 30/07/2007 15:05:12 | Attr = H ] $NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Modified Date = 30/07/2007 15:05:16 | Attr = H ] $NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ -> [Folder | Modified Date = 30/07/2007 15:05:20 | Attr = H ] $NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Modified Date = 30/07/2007 15:05:24 | Attr = H ] $NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Modified Date = 30/07/2007 15:05:32 | Attr = H ] $NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Modified Date = 30/07/2007 15:05:38 | Attr = H ] $NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Modified Date = 30/07/2007 15:05:42 | Attr = H ] $NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Modified Date = 30/07/2007 15:05:46 | Attr = H ] $NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Modified Date = 30/07/2007 15:05:52 | Attr = H ] $NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Modified Date = 30/07/2007 15:05:56 | Attr = H ] $NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ -> [Folder | Modified Date = 30/07/2007 15:06:02 | Attr = H ] $NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 30/07/2007 15:06:06 | Attr = H ] $NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 30/07/2007 15:06:12 | Attr = H ] $NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 30/07/2007 15:06:20 | Attr = H ] $NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 30/07/2007 15:06:24 | Attr = H ] $NtUninstallKB904942$ -> %SystemRoot%\$NtUninstallKB904942$ -> [Folder | Modified Date = 30/07/2007 15:10:40 | Attr = H ] $NtUninstallKB914440$ -> %SystemRoot%\$NtUninstallKB914440$ -> [Folder | Modified Date = 30/07/2007 15:10:48 | Attr = H ] network diagnostic -> %SystemRoot%\network diagnostic -> [Folder | Modified Date = 30/07/2007 15:10:50 | Attr = ] $NtUninstallKB915865$ -> %SystemRoot%\$NtUninstallKB915865$ -> [Folder | Modified Date = 30/07/2007 15:11:50 | Attr = H ] $NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [Folder | Modified Date = 30/07/2007 15:12:18 | Attr = H ] $NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [Folder | Modified Date = 30/07/2007 15:12:40 | Attr = H ] ie7 -> %SystemRoot%\ie7 -> [Folder | Modified Date = 30/07/2007 15:12:56 | Attr = H ] WBEM -> %SystemRoot%\WBEM -> [Folder | Modified Date = 30/07/2007 15:14:14 | Attr = ] $NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 30/07/2007 15:14:48 | Attr = H ] $NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Modified Date = 30/07/2007 15:14:52 | Attr = H ] $NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 30/07/2007 15:14:58 | Attr = H ] $NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Modified Date = 30/07/2007 15:15:02 | Attr = H ] $NtUninstallKB933566$ -> %SystemRoot%\$NtUninstallKB933566$ -> [Folder | Modified Date = 30/07/2007 15:15:10 | Attr = H ] $NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 30/07/2007 15:15:18 | Attr = H ] $NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 30/07/2007 15:15:24 | Attr = H ] $NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 30/07/2007 15:15:28 | Attr = H ] $NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ -> [Folder | Modified Date = 30/07/2007 15:15:50 | Attr = H ] $NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ -> [Folder | Modified Date = 30/07/2007 15:16:04 | Attr = H ] $NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Modified Date = 30/08/2007 22:47:56 | Attr = H ] $NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Modified Date = 30/08/2007 22:49:10 | Attr = H ] $NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Modified Date = 30/08/2007 22:49:14 | Attr = H ] $NtUninstallKB936782_WMP9$ -> %SystemRoot%\$NtUninstallKB936782_WMP9$ -> [Folder | Modified Date = 30/08/2007 22:49:36 | Attr = H ] $NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Modified Date = 30/08/2007 22:49:42 | Attr = H ] $NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Modified Date = 30/08/2007 22:49:48 | Attr = H ] AU_Log -> %SystemRoot%\AU_Log -> [Folder | Modified Date = 19/09/2007 07:23:24 | Attr = ] AU_Temp -> %SystemRoot%\AU_Temp -> [Folder | Modified Date = 19/09/2007 07:23:24 | Attr = ] GetServer.ini -> %SystemRoot%\GetServer.ini -> [Ver = | Size = 170 bytes | Modified Date = 19/09/2007 07:23:24 | Attr = ] VPTNFILE.725 -> %SystemRoot%\VPTNFILE.725 -> [Ver = | Size = 37727661 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] BPMNT.dll -> %SystemRoot%\BPMNT.dll -> Trend Micro Inc. [Ver = 8.000-1001 | Size = 86094 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] vsapi32.dll -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.500-1002 | Size = 1163344 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] hcextoutput.dll -> %SystemRoot%\hcextoutput.dll -> [Ver = | Size = 71749 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] tsc.exe -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.3.0.1103 | Size = 267845 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] tsc.ini -> %SystemRoot%\tsc.ini -> [Ver = | Size = 823 bytes | Modified Date = 19/09/2007 07:26:32 | Attr = ] tsc.ptn -> %SystemRoot%\tsc.ptn -> [Ver = | Size = 1871245 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] AU_Backup -> %SystemRoot%\AU_Backup -> [Folder | Modified Date = 19/09/2007 07:25:32 | Attr = ] LPT$VPN.725 -> %SystemRoot%\LPT$VPN.725 -> [Ver = | Size = 37727661 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] report -> %SystemRoot%\report -> [Folder | Modified Date = 19/09/2007 07:26:10 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 23/09/2007 20:37:06 | Attr = H ] tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 3398 bytes | Modified Date = 23/09/2007 09:09:34 | Attr = ] printer.exe -> %System32%\printer.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 14/09/2007 12:59:40 | Attr = ] vsconfig.xml -> %System32%\vsconfig.xml -> [Ver = | Size = 58727 bytes | Modified Date = 23/09/2007 20:37:42 | Attr = ] perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 39992 bytes | Modified Date = 30/07/2007 15:21:32 | Attr = ] perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 311604 bytes | Modified Date = 30/07/2007 15:21:32 | Attr = ] perfc00C.dat -> %System32%\perfc00C.dat -> [Ver = | Size = 48616 bytes | Modified Date = 30/07/2007 15:21:32 | Attr = ] perfh00C.dat -> %System32%\perfh00C.dat -> [Ver = | Size = 367658 bytes | Modified Date = 30/07/2007 15:21:32 | Attr = ] aswBoot.exe -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 801144 bytes | Modified Date = 06/09/2007 12:09:50 | Attr = ] fr-fr -> %System32%\fr-fr -> [Folder | Modified Date = 30/07/2007 15:14:14 | Attr = ] WinAvXX.exe -> %System32%\WinAvXX.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] ZoneLabs -> %System32%\ZoneLabs -> [Folder | Modified Date = 22/09/2007 19:18:34 | Attr = ] zllictbl.dat -> %System32%\zllictbl.dat -> [Ver = | Size = 4212 bytes | Modified Date = 22/09/2007 19:22:28 | Attr = H ] vdo_g.ini -> %System32%\vdo_g.ini -> [Ver = | Size = 22657 bytes | Modified Date = 29/07/2007 17:58:14 | Attr = ] FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 173872 bytes | Modified Date = 30/07/2007 15:17:48 | Attr = ] PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 775034 bytes | Modified Date = 30/07/2007 15:21:30 | Attr = ] AvastSS.scr -> %System32%\AvastSS.scr -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 95608 bytes | Modified Date = 06/09/2007 12:00:08 | Attr = ] CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 3121 bytes | Modified Date = 13/09/2007 09:58:16 | Attr = ] NSDriver.sys -> %System32%\drivers\NSDriver.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 9344 bytes | Modified Date = 14/09/2007 21:11:58 | Attr = ] AWRTRD.sys -> %System32%\drivers\AWRTRD.sys -> Lavasoft AB [Ver = 7.0.1.3 | Size = 8320 bytes | Modified Date = 14/09/2007 21:11:56 | Attr = ] fidbox.dat -> %System32%\drivers\fidbox.dat -> [Ver = | Size = 32 bytes | Modified Date = 23/09/2007 12:33:46 | Attr = HS] fidbox.idx -> %System32%\drivers\fidbox.idx -> [Ver = | Size = 32 bytes | Modified Date = 23/09/2007 12:33:46 | Attr = HS] klick.dat -> %System32%\drivers\klick.dat -> [Ver = | Size = 75932 bytes | Modified Date = 22/09/2007 19:19:44 | Attr = ] klin.dat -> %System32%\drivers\klin.dat -> [Ver = | Size = 74396 bytes | Modified Date = 22/09/2007 19:19:44 | Attr = ] aswmon.sys -> %System32%\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 92848 bytes | Modified Date = 06/09/2007 12:05:26 | Attr = ] aswmon2.sys -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 94416 bytes | Modified Date = 06/09/2007 12:05:10 | Attr = ] aavmker4.sys -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 26624 bytes | Modified Date = 06/09/2007 12:00:54 | Attr = ] aswTdi.sys -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 42912 bytes | Modified Date = 06/09/2007 12:02:20 | Attr = ] aswRdr.sys -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1043.0 | Size = 23152 bytes | Modified Date = 06/09/2007 12:03:02 | Attr = ] hosts.20070919-112423.backup -> %System32%\drivers\etc\hosts.20070919-112423.backup -> [Ver = | Size = 3541 bytes | Modified Date = 19/09/2007 11:24:24 | Attr = R ] hosts.20070919-113959.backup -> %System32%\drivers\etc\hosts.20070919-113959.backup -> [Ver = | Size = 659 bytes | Modified Date = 19/09/2007 11:24:24 | Attr = R ] hosts.20070919-132252.backup -> %System32%\drivers\etc\hosts.20070919-132252.backup -> [Ver = | Size = 627 bytes | Modified Date = 19/09/2007 11:40:00 | Attr = R ] Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Modified Date = 29/07/2007 17:07:14 | Attr = ] Windows Genuine Advantage -> %AllUsersAppData%\Windows Genuine Advantage -> [Folder | Modified Date = 30/07/2007 13:14:58 | Attr = ] Grisoft -> %AllUsersAppData%\Grisoft -> [Folder | Modified Date = 14/09/2007 14:05:14 | Attr = ] Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 18/09/2007 20:54:48 | Attr = ] MailFrontier -> %AllUsersAppData%\MailFrontier -> [Folder | Modified Date = 22/09/2007 19:20:22 | Attr = ] Mozilla -> %UserAppData%\Mozilla -> [Folder | Modified Date = 21/08/2007 20:28:52 | Attr = ] Grisoft -> %UserAppData%\Grisoft -> [Folder | Modified Date = 14/09/2007 14:05:34 | Attr = ] GDIPFONTCACHEV1.DAT -> %LocalAppData%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 35680 bytes | Modified Date = 30/07/2007 14:44:34 | Attr = ] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 46592 bytes | Modified Date = 16/09/2007 16:36:34 | Attr = ] Mozilla -> %LocalAppData%\Mozilla -> [Folder | Modified Date = 21/08/2007 20:28:52 | Attr = ] Ma musique -> %AllUsersDocuments%\Ma musique -> [Folder | Modified Date = 30/07/2007 14:00:02 | Attr = R ] Mes images -> %UserDocuments%\Mes images -> [Folder | Modified Date = 31/07/2007 07:26:08 | Attr = R ] Ma musique -> %UserDocuments%\Ma musique -> [Folder | Modified Date = 31/07/2007 07:26:08 | Attr = R ] desktop.ini -> %UserDocuments%\desktop.ini -> [Ver = | Size = 123 bytes | Modified Date = 31/07/2007 07:26:08 | Attr = HS] a-squared -> %UserDocuments%\a-squared -> [Folder | Modified Date = 19/09/2007 12:46:30 | Attr = ] avast! Antivirus.lnk -> %AllUsersDesktop%\avast! Antivirus.lnk -> [Ver = | Size = 1613 bytes | Modified Date = 29/07/2007 17:58:02 | Attr = ] AVG Anti-Spyware.lnk -> %AllUsersDesktop%\AVG Anti-Spyware.lnk -> [Ver = | Size = 753 bytes | Modified Date = 14/09/2007 14:05:24 | Attr = ] Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1694 bytes | Modified Date = 14/09/2007 21:09:40 | Attr = ] Ad-Watch 2007.lnk -> %AllUsersDesktop%\Ad-Watch 2007.lnk -> [Ver = | Size = 1694 bytes | Modified Date = 14/09/2007 21:09:42 | Attr = ] Navilog1.lnk -> %AllUsersDesktop%\Navilog1.lnk -> [Ver = | Size = 534 bytes | Modified Date = 18/09/2007 21:10:18 | Attr = ] a-squared Free.lnk -> %AllUsersDesktop%\a-squared Free.lnk -> [Ver = | Size = 552 bytes | Modified Date = 19/09/2007 12:46:52 | Attr = ] Lecteur Windows Media.lnk -> %UserDesktop%\Lecteur Windows Media.lnk -> [Ver = | Size = 690 bytes | Modified Date = 18/09/2007 19:32:24 | Attr = ] Navilog1.exe -> %UserDesktop%\Navilog1.exe -> @IL-MAFIOSO [Ver = | Size = 544635 bytes | Modified Date = 18/09/2007 21:08:32 | Attr = ] RegCleaner.lnk -> %UserDesktop%\RegCleaner.lnk -> [Ver = | Size = 549 bytes | Modified Date = 19/09/2007 13:01:02 | Attr = ] Warning.mht -> %UserDesktop%\Warning.mht -> [Ver = | Size = 97695 bytes | Modified Date = 19/09/2007 21:53:06 | Attr = ] [4]-Submit_2007-09-20@22.07.zip -> %UserDesktop%\[4]-Submit_2007-09-20@22.07.zip -> [Ver = | Size = 417 bytes | Modified Date = 20/09/2007 22:07:38 | Attr = ] HostsXpert -> %UserDesktop%\HostsXpert -> [Folder | Modified Date = 23/09/2007 20:43:34 | Attr = ] winpfind3u.exe -> %UserDesktop%\winpfind3u.exe -> [Ver = | Size = 356045 bytes | Modified Date = 23/09/2007 20:48:06 | Attr = ] WinPFind3u -> %UserDesktop%\WinPFind3u -> [Folder | Modified Date = 23/09/2007 20:48:50 | Attr = ] autorun.exe -> %AllUsersStartup%\autorun.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] system.exe -> %UserStartup%\system.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 14/09/2007 21:08:58 | Attr = ] [File String Scan - Non-Microsoft Only] PTech , -> %SystemDrive%\xscan.txt -> [Ver = | Size = 59069437 bytes | Modified Date = 19/09/2007 10:35:34 | Attr = ] UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.500-1002 | Size = 1163344 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] UPX! , UPX0 , -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.3.0.1103 | Size = 267845 bytes | Modified Date = 19/09/2007 07:25:32 | Attr = ] UPX0 , -> %System32%\printer.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.03 | Size = 10435072 bytes | Modified Date = 23/09/2003 09:09:00 | Attr = ] PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41131 bytes | Modified Date = 28/08/2001 20:00:00 | Attr = ] winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 28/08/2001 20:00:00 | Attr = ] UPX! , UPX0 , -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1043, 0 | Size = 801144 bytes | Modified Date = 06/09/2007 12:09:50 | Attr = ] UPX0 , -> %System32%\WinAvXX.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] PEC2 , PECompact2 , -> %System32%\DivX.dll -> DivXNetworks, Inc. [Ver = 5.2.1.1338 | Size = 716800 bytes | Modified Date = 27/10/2004 00:13:24 | Attr = ] UPX0 , -> %System32%\dllcache\NT5IIS.CAT -> [Ver = | Size = 809394 bytes | Modified Date = 28/08/2001 20:00:00 | Attr = ] PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 04/08/2004 07:41:38 | Attr = ] UPX! , -> %System32%\drivers\mrk.exe -> [Ver = | Size = 94262 bytes | Modified Date = 14/10/2003 21:30:48 | Attr = ] WSUD , -> %UserDocuments%\img001.bmp -> [Ver = | Size = 2749158 bytes | Modified Date = 09/06/2006 19:27:14 | Attr = ] UPX0 , -> %AllUsersStartup%\autorun.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] UPX0 , -> %UserStartup%\system.exe -> [Ver = | Size = 7680 bytes | Modified Date = 13/09/2007 11:06:42 | Attr = ] < End of report >

Re, ==> Une precision: je n'ai toujours pas acces au parametre de config, gestionnaire des taches... Donc il doit toujours rester une saloperie en quelque part. Merci, Lesandre

Re, Et voici les infos demandees: Fichier demandant l'acces a Internet durant Combofix: NirCmd.cfexe Fenetre revenant sans arret (ttes les 2-3 minutes): /////// (petite fenetre window type avec croix banche sur fond rouge en haut a gauche de la fenetre) - Voici son texte exact Windows Security Alert Warning! Potential Spyware Operation! Your computer is making unauthorized copies of your system and Internet files. Run full scan now to pervent any unathorised access to your files! Click YES to download spyware remover ... Oui Non /////// Internet OK (c'etait ma faute) Rapports ci-apres (j'ai fait un combofix ce matin). Merci encore, Lesandre Rapport SmitFraudFix de ce matin: SmitFraudFix v2.227 Rapport fait à 9:09:29,03, 23/09/2007 Executé à partir de C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 192.168.200.3 ad.doubleclick.net 192.168.200.3 ad.fastclick.net 192.168.200.3 ads.fastclick.net 192.168.200.3 ar.atwola.com 192.168.200.3 atdmt.com 192.168.200.3 avp.ch 192.168.200.3 avp.com 192.168.200.3 avp.ru 192.168.200.3 awaps.net 192.168.200.3 banner.fastclick.net 192.168.200.3 banners.fastclick.net 192.168.200.3 ca.com 192.168.200.3 click.atdmt.com 192.168.200.3 clicks.atdmt.com 192.168.200.3 customer.symantec.com 192.168.200.3 dispatch.mcafee.com 192.168.200.3 download.mcafee.com 192.168.200.3 downloads-us1.kaspersky-labs.com 192.168.200.3 downloads-us2.kaspersky-labs.com 192.168.200.3 downloads-us3.kaspersky-labs.com 192.168.200.3 downloads1.kaspersky-labs.com 192.168.200.3 downloads2.kaspersky-labs.com 192.168.200.3 downloads3.kaspersky-labs.com 192.168.200.3 downloads4.kaspersky-labs.com 192.168.200.3 engine.awaps.net 192.168.200.3 f-secure.com 192.168.200.3 fastclick.net 192.168.200.3 ftp.avp.ch 192.168.200.3 ftp.downloads1.kaspersky-labs.com 192.168.200.3 ftp.downloads2.kaspersky-labs.com 192.168.200.3 ftp.downloads3.kaspersky-labs.com 192.168.200.3 ftp.f-secure.com 192.168.200.3 ftp.kasperskylab.ru 192.168.200.3 ftp.sophos.com 192.168.200.3 ids.kaspersky-labs.com 192.168.200.3 kaspersky-labs.com 192.168.200.3 kaspersky.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 mast.mcafee.com 192.168.200.3 mcafee.com 192.168.200.3 media.fastclick.net 192.168.200.3 my-etrust.com 192.168.200.3 nai.com 192.168.200.3 networkassociates.com 192.168.200.3 norton.com 192.168.200.3 phx.corporate-ir.net 192.168.200.3 rads.mcafee.com 192.168.200.3 secure.nai.com 192.168.200.3 securityresponse.symantec.com 192.168.200.3 service1.symantec.com 192.168.200.3 sophos.com 192.168.200.3 spd.atdmt.com 192.168.200.3 symantec.com 192.168.200.3 trendmicro.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 us.mcafee.com 192.168.200.3 vil.nai.com 192.168.200.3 viruslist.com 192.168.200.3 viruslist.ru 192.168.200.3 virusscan.jotti.org 192.168.200.3 virustotal.com 192.168.200.3 www.avp.ch 192.168.200.3 www.avp.com 192.168.200.3 www.avp.ru 192.168.200.3 www.awaps.net 192.168.200.3 www.ca.com 192.168.200.3 www.f-secure.com 192.168.200.3 www.fastclick.net 192.168.200.3 www.grisoft.com 192.168.200.3 www.kaspersky-labs.com 192.168.200.3 www.kaspersky.com 192.168.200.3 www.kaspersky.ru 192.168.200.3 www.mcafee.com 192.168.200.3 www.my-etrust.com 192.168.200.3 www.nai.com 192.168.200.3 www.networkassociates.com 192.168.200.3 www.sophos.com 192.168.200.3 www.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 www.trendmicro.com 192.168.200.3 www.viruslist.com 192.168.200.3 www.viruslist.ru 192.168.200.3 www.virustotal.com 192.168.200.3 www3.ca.com »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Rapport Combofix de ce matin: ComboFix 07-09-20.1 - "Jean-Christophe" 2007-09-23 8:57:07.8 - FAT32x86 Microsoft Windows XP ?dition familiale 5.1.2600.2.1252.1.1036.18.64 [GMT 2:00] * Created a new restore point FILE:: C:\WINDOWS\system32\WinAvXX.exe C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\systems.txt C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe C:\Documents and Settings\Jean-Christophe\Menu Démarrer\Programmes\Démarrage\system.exe C:\WINDOWS\system32\vtr.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\WinAvXX.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-23 to 2007-09-23 )))))))))))))))))))))))))))))))))))) . 2007-09-22 19:20 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-09-22 19:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier 2007-09-22 19:17 <REP> d-------- C:\WINDOWS\Internet Logs 2007-09-20 21:19 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-19 13:02 <REP> d-------- C:\Program Files\CCleaner 2007-09-19 12:46 <REP> d-------- C:\Program Files\a-squared Free 2007-09-19 10:56 <REP> d-------- C:\Program Files\RegCleaner 2007-09-19 07:26 <REP> d-------- C:\WINDOWS\report 2007-09-19 07:25 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-09-19 07:25 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-09-19 07:25 267,845 --a------ C:\WINDOWS\tsc.exe 2007-09-19 07:25 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-09-19 07:25 <REP> d-------- C:\WINDOWS\AU_Backup 2007-09-19 07:23 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-09-19 07:23 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-09-19 07:23 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Temp 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Log 2007-09-18 23:31 883,694 --a------ C:\SmitfraudFix.exe 2007-09-18 23:08 <REP> d-------- C:\SmitfraudFix 2007-09-18 22:39 3,398 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-18 21:10 <REP> d-------- C:\Program Files\Navilog1 2007-09-18 20:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Mes documents 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Favoris 2007-09-14 21:08 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-09-14 14:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\WINDOWS 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust 2007-09-01 15:57 1,268 --a------ C:\WINDOWS\mozver.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-22 21:52 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2007-09-22 21:52 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-22 19:19 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-09-22 19:19 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-09-14 21:11 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-09-14 21:11 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-29 17:57 --------- d-------- C:\Program Files\Alwil Software 2007-07-29 17:07 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-07-29 16:24 --------- d-------- C:\Program Files\Realtek Sound Manager 2007-07-29 16:24 --------- d-------- C:\Program Files\AvRack 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\Real 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\InterTrust 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\ICQ 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\FUJIFILM 2007-07-26 17:25 --------- d-------- C:\DOCUME~1\OLGA\APPLIC~1\WebCallDirect 2007-07-19 08:58 3583488 --------- C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-27 15:24 823808 --------- C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 15:24 671232 --------- C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 15:24 477696 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 15:24 193024 --------- C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 15:24 1152000 --------- C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 15:23 27648 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 15:22 132608 --------- C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2005-07-21 15:12 457 --a------ C:\Program Files\INSTALL.LOG . ((((((((((((((((((((((((((((( snapshot_2007-09-20_212949.73 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 75,248 2007-06-21 19:54:48 C:\WINDOWS\zllsputility.exe ----a-w 42,384 2007-06-21 19:55:32 C:\WINDOWS\zllsputility_loc040c.dll ----a-w 394,984 2007-06-21 19:54:52 C:\WINDOWS\system32\vsdatant.sys ----a-w 83,432 2007-06-21 19:54:30 C:\WINDOWS\system32\vsdata.dll ----a-w 472,552 2007-06-21 19:54:34 C:\WINDOWS\system32\vsutil.dll ----a-w 103,912 2007-06-21 19:54:32 C:\WINDOWS\system32\vsmonapi.dll ----a-w 275,944 2007-06-21 19:54:32 C:\WINDOWS\system32\vspubapi.dll ----a-w 157,160 2007-06-21 19:54:32 C:\WINDOWS\system32\vsinit.dll ----a-w 46,568 2007-06-21 19:54:34 C:\WINDOWS\system32\vswmi.dll ----a-w 99,816 2007-06-21 19:54:34 C:\WINDOWS\system32\vsxml.dll ----a-w 1,086,952 2007-06-21 19:54:40 C:\WINDOWS\system32\zpeng24.dll ----a-w 71,144 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcommdb.dll ----a-w 83,432 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcomm.dll ----a-w 71,144 2007-06-21 19:54:32 C:\WINDOWS\system32\vsregexp.dll ----a-w 11,264 2004-04-27 02:40:52 C:\WINDOWS\system32\SpOrder.dll ----a-w 212,480 2006-12-01 03:20:32 C:\WINDOWS\system32\swxcacls.exe ----a-w 370,688 2006-11-29 15:21:30 C:\WINDOWS\system32\swsc.exe ----a-w 796,048 2007-06-21 19:54:26 C:\WINDOWS\system32\libeay32_0.9.6l.dll ----a-w 54,672 2007-06-21 19:55:30 C:\WINDOWS\system32\vsutil_loc040c.dll ----a-w 21,904 2007-06-21 19:55:28 C:\WINDOWS\system32\imsinstall_loc040c.dll ----a-w 17,808 2007-06-21 19:55:28 C:\WINDOWS\system32\imslsp_install_loc040c.dll ----a-w 119,576 2007-05-30 22:03:50 C:\WINDOWS\system32\drivers\klif.sys ----a-w 110,360 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\kl1.sys ----a-w 79,336 2007-06-21 19:54:30 C:\WINDOWS\system32\ZoneLabs\vsdb.dll ----a-w 75,304 2007-06-21 19:54:46 C:\WINDOWS\system32\ZoneLabs\vsmon.exe ----a-w 2,024,936 2007-06-21 19:54:32 C:\WINDOWS\system32\ZoneLabs\vsmondll.dll ----a-w 456,168 2007-06-21 19:54:28 C:\WINDOWS\system32\ZoneLabs\ssleay32.dll ----a-w 108,008 2007-06-21 19:54:30 C:\WINDOWS\system32\ZoneLabs\vsavpro.dll ----a-w 1,345,000 2007-06-21 19:54:32 C:\WINDOWS\system32\ZoneLabs\vsruledb.dll ----a-w 128,480 2007-06-21 19:54:24 C:\WINDOWS\system32\ZoneLabs\fbl.dll ----a-w 38,376 2007-06-21 19:54:26 C:\WINDOWS\system32\ZoneLabs\featuremap.dll ----a-w 120,296 2007-06-21 19:54:36 C:\WINDOWS\system32\ZoneLabs\zlupdate.dll ----a-w 833,520 2006-10-28 01:03:16 C:\WINDOWS\system32\ZoneLabs\updating.dll ----a-w 177,640 2007-06-21 19:54:36 C:\WINDOWS\system32\ZoneLabs\zlparser.dll ----a-w 173,544 2007-06-21 19:54:28 C:\WINDOWS\system32\ZoneLabs\scheduler.dll ----a-w 243,176 2007-06-21 19:54:34 C:\WINDOWS\system32\ZoneLabs\vsvault.dll ----a-w 714,472 2007-06-11 10:43:50 C:\WINDOWS\system32\ZoneLabs\qrbase.dll ----a-w 79,344 2007-06-21 19:54:36 C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll ----a-w 366,112 2007-06-21 19:54:24 C:\WINDOWS\system32\ZoneLabs\av.dll ----a-w 503,875 2006-09-04 18:59:14 C:\WINDOWS\system32\ZoneLabs\upd_core.dll ----a-w 286,787 2007-01-11 15:31:06 C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll ----a-w 321,016 2007-06-21 19:54:26 C:\WINDOWS\system32\ZoneLabs\imsecure.dll ----a-w 378,344 2007-06-21 19:54:36 C:\WINDOWS\system32\ZoneLabs\zlsre.dll ----a-w 788,200 2007-06-11 10:43:52 C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll ----a-w 1,496,808 2007-06-11 10:43:56 C:\WINDOWS\system32\ZoneLabs\srescan.dll ----a-w 2,432,259 2007-01-11 09:12:08 C:\WINDOWS\system32\ZoneLabs\spyware.dat ----a-w 2,432,259 2007-01-11 09:12:08 C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat ----a-w 50,416 2007-06-11 10:44:10 C:\WINDOWS\system32\ZoneLabs\srescan.sys ----a-w 99,816 2007-06-21 19:54:24 C:\WINDOWS\system32\ZoneLabs\camupd.dll ----a-w 144,936 2007-06-21 19:54:46 C:\WINDOWS\system32\ZoneLabs\updclient.exe ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll ----a-w 46,480 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll ----a-w 198,032 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll ----a-w 75,152 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll ----a-w 21,904 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll ----a-w 17,808 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll ----a-w 26,000 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll ----a-w 17,808 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll ----a-w 813,568 2004-01-30 10:35:08 C:\WINDOWS\system32\ZoneLabs\dbghelp.dll ----a-w 26,000 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll ----a-w 1,361,296 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll ----a-w 71,056 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll ----a-w 288,144 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll ----a-w 152,976 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll ----a-w 30,184 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll ----a-w 30,216 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll ----a-w 3,229,176 2007-06-21 19:56:18 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll ----a-w 210,432 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll ----a-w 118,784 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe ----a-w 258,048 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll ----a-w 38,400 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll ----a-w 184,320 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll ----a-w 208,960 2006-09-19 21:12:14 C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll ----a-w 90,112 2007-05-30 22:03:22 C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll ----a-w 548,864 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll ----a-w 626,688 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll ----a-w 77,824 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll ----a-w 110,592 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll ----a-w 331,776 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll ----a-w 1,093,632 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll ----a-w 200,704 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll ----a-w 65,248 2007-05-30 22:03:30 C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat ----a-w 21,568 2006-06-30 12:47:36 C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll ----a-w 16,384 2007-09-23 06:46:20 C:\WINDOWS\Temp\Perflib_Perfdata_6c8.dat . ----a-w 40,960 2006-01-09 08:36:06 C:\WINDOWS\system32\swsc.exe ----a-w 79,360 2006-12-01 04:20:34 C:\WINDOWS\system32\swxcacls.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-09-23 09:09 C:\WINDOWS\SOUNDMAN.EXE] "Disk Monitor"="C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe" [2003-06-18 11:57] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 22:05] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-11 22:02] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-06-24 15:16] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-08-06 21:12] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32] "ExtraFilmHemmaAgent"="C:\Program Files\Extrafilm FotoFacil\Agent.exe" [2006-10-03 09:40] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "NetAppel"="C:\program files\netappel\netappel.exe" [2007-09-15 13:19] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify] PCANotify.dll 2003-05-29 11:00 8704 C:\WINDOWS\system32\PCANotify.dll R3 C4C_BSC2;C4C_BSC2;C:\WINDOWS\system32\DRIVERS\C4C_BSC2.sys R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S2 vdo_326d-6b44;vdo_326d-6b44;\??\C:\WINDOWS\system32\vdo_326d-6b44.sys S3 PIXMC10;JVC Communication PIX-MC10 Driver;C:\WINDOWS\system32\Drivers\pixmc10c.sys S3 PIXMC10A;JVC PIX-MC10 Audio Capture;C:\WINDOWS\system32\Drivers\pixmc10a.sys S3 PIXMC10V;JVC PIX-MC10 Video Capture;C:\WINDOWS\system32\Drivers\pixmc10v.sys S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-23 09:01:49 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-23 9:04:00 C:\ComboFix-quarantined-files.txt ... 2007-09-23 09:04 C:\ComboFix3.txt ... 2007-09-22 19:42 C:\ComboFix2.txt ... 2007-09-22 19:51 . --- E O F ---

Salut, Je te fais tout cela et reviens vers toi avec toutes les infos demandées. Je n'avais plus accés au tuto après redémarrage et je n'ai ouvert qu'Internet Explorer sur le FW. Merci encore, JC

Bonjour Charles, Merci à toi surtout pour ta patience. Procédure suivi pas à pas: nombreuses demandes d'accés à Internet durant Combo: toutes refusées. Plus d'accés à l'internet du tout sur mon PC infecté. Toujours le faux message de pub. Pas d'accés au Getsionnaire de taches, Panneau de config... Merci, JC Voici les rapports: ComboFix: ComboFix 07-09-20.1 - "Jean-Christophe" 2007-09-22 19:44:40.7 - FAT32x86 Microsoft Windows XP ?dition familiale 5.1.2600.2.1252.1.1036.18.53 [GMT 2:00] Command switches used :: C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\CFScript.txt * Created a new restore point FILE:: C:\WINDOWS\system32\WinAvXX.exe C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\systems.txt C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe C:\Documents and Settings\Jean-Christophe\Menu Démarrer\Programmes\Démarrage\system.exe C:\WINDOWS\system32\vtr.dll . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-22 to 2007-09-22 )))))))))))))))))))))))))))))))))))) . 2007-09-22 19:20 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-09-22 19:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier 2007-09-22 19:17 <REP> d-------- C:\WINDOWS\Internet Logs 2007-09-20 21:19 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-19 13:02 <REP> d-------- C:\Program Files\CCleaner 2007-09-19 12:46 <REP> d-------- C:\Program Files\a-squared Free 2007-09-19 10:56 <REP> d-------- C:\Program Files\RegCleaner 2007-09-19 07:26 <REP> d-------- C:\WINDOWS\report 2007-09-19 07:25 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-09-19 07:25 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-09-19 07:25 267,845 --a------ C:\WINDOWS\tsc.exe 2007-09-19 07:25 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-09-19 07:25 <REP> d-------- C:\WINDOWS\AU_Backup 2007-09-19 07:23 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-09-19 07:23 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-09-19 07:23 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Temp 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Log 2007-09-18 23:31 883,694 --a------ C:\SmitfraudFix.exe 2007-09-18 23:08 <REP> d-------- C:\SmitfraudFix 2007-09-18 22:39 3,332 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-18 21:10 <REP> d-------- C:\Program Files\Navilog1 2007-09-18 20:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Mes documents 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Favoris 2007-09-14 21:08 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-09-14 14:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\WINDOWS 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust 2007-09-01 15:57 1,268 --a------ C:\WINDOWS\mozver.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-22 19:23 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2007-09-22 19:23 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-22 19:19 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-09-22 19:19 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-09-14 21:11 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-09-14 21:11 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-29 17:57 --------- d-------- C:\Program Files\Alwil Software 2007-07-29 17:07 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-07-29 16:24 --------- d-------- C:\Program Files\Realtek Sound Manager 2007-07-29 16:24 --------- d-------- C:\Program Files\AvRack 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\Real 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\InterTrust 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\ICQ 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\FUJIFILM 2007-07-26 17:25 --------- d-------- C:\DOCUME~1\OLGA\APPLIC~1\WebCallDirect 2007-07-19 08:58 3583488 --------- C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-27 15:24 823808 --------- C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 15:24 671232 --------- C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 15:24 477696 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 15:24 193024 --------- C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 15:24 1152000 --------- C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 15:23 27648 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 15:22 132608 --------- C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2005-07-21 15:12 457 --a------ C:\Program Files\INSTALL.LOG . ((((((((((((((((((((((((((((( snapshot_2007-09-20_212949.73 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 75,248 2007-06-21 19:54:48 C:\WINDOWS\zllsputility.exe ----a-w 42,384 2007-06-21 19:55:32 C:\WINDOWS\zllsputility_loc040c.dll ----a-w 394,984 2007-06-21 19:54:52 C:\WINDOWS\system32\vsdatant.sys ----a-w 83,432 2007-06-21 19:54:30 C:\WINDOWS\system32\vsdata.dll ----a-w 472,552 2007-06-21 19:54:34 C:\WINDOWS\system32\vsutil.dll ----a-w 103,912 2007-06-21 19:54:32 C:\WINDOWS\system32\vsmonapi.dll ----a-w 275,944 2007-06-21 19:54:32 C:\WINDOWS\system32\vspubapi.dll ----a-w 157,160 2007-06-21 19:54:32 C:\WINDOWS\system32\vsinit.dll ----a-w 46,568 2007-06-21 19:54:34 C:\WINDOWS\system32\vswmi.dll ----a-w 99,816 2007-06-21 19:54:34 C:\WINDOWS\system32\vsxml.dll ----a-w 1,086,952 2007-06-21 19:54:40 C:\WINDOWS\system32\zpeng24.dll ----a-w 71,144 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcommdb.dll ----a-w 83,432 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcomm.dll ----a-w 71,144 2007-06-21 19:54:32 C:\WINDOWS\system32\vsregexp.dll ----a-w 11,264 2004-04-27 02:40:52 C:\WINDOWS\system32\SpOrder.dll ----a-w 212,480 2006-12-01 03:20:32 C:\WINDOWS\system32\swxcacls.exe ----a-w 370,688 2006-11-29 15:21:30 C:\WINDOWS\system32\swsc.exe ----a-w 796,048 2007-06-21 19:54:26 C:\WINDOWS\system32\libeay32_0.9.6l.dll ----a-w 54,672 2007-06-21 19:55:30 C:\WINDOWS\system32\vsutil_loc040c.dll ----a-w 21,904 2007-06-21 19:55:28 C:\WINDOWS\system32\imsinstall_loc040c.dll ----a-w 17,808 2007-06-21 19:55:28 C:\WINDOWS\system32\imslsp_install_loc040c.dll ----a-w 119,576 2007-05-30 22:03:50 C:\WINDOWS\system32\drivers\klif.sys ----a-w 110,360 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\kl1.sys ----a-w 79,336 2007-06-21 19:54:30 C:\WINDOWS\system32\ZoneLabs\vsdb.dll ----a-w 75,304 2007-06-21 19:54:46 C:\WINDOWS\system32\ZoneLabs\vsmon.exe ----a-w 2,024,936 2007-06-21 19:54:32 C:\WINDOWS\system32\ZoneLabs\vsmondll.dll ----a-w 456,168 2007-06-21 19:54:28 C:\WINDOWS\system32\ZoneLabs\ssleay32.dll ----a-w 108,008 2007-06-21 19:54:30 C:\WINDOWS\system32\ZoneLabs\vsavpro.dll ----a-w 1,345,000 2007-06-21 19:54:32 C:\WINDOWS\system32\ZoneLabs\vsruledb.dll ----a-w 128,480 2007-06-21 19:54:24 C:\WINDOWS\system32\ZoneLabs\fbl.dll ----a-w 38,376 2007-06-21 19:54:26 C:\WINDOWS\system32\ZoneLabs\featuremap.dll ----a-w 120,296 2007-06-21 19:54:36 C:\WINDOWS\system32\ZoneLabs\zlupdate.dll ----a-w 833,520 2006-10-28 01:03:16 C:\WINDOWS\system32\ZoneLabs\updating.dll ----a-w 177,640 2007-06-21 19:54:36 C:\WINDOWS\system32\ZoneLabs\zlparser.dll ----a-w 173,544 2007-06-21 19:54:28 C:\WINDOWS\system32\ZoneLabs\scheduler.dll ----a-w 243,176 2007-06-21 19:54:34 C:\WINDOWS\system32\ZoneLabs\vsvault.dll ----a-w 714,472 2007-06-11 10:43:50 C:\WINDOWS\system32\ZoneLabs\qrbase.dll ----a-w 79,344 2007-06-21 19:54:36 C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll ----a-w 366,112 2007-06-21 19:54:24 C:\WINDOWS\system32\ZoneLabs\av.dll ----a-w 503,875 2006-09-04 18:59:14 C:\WINDOWS\system32\ZoneLabs\upd_core.dll ----a-w 286,787 2007-01-11 15:31:06 C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll ----a-w 321,016 2007-06-21 19:54:26 C:\WINDOWS\system32\ZoneLabs\imsecure.dll ----a-w 378,344 2007-06-21 19:54:36 C:\WINDOWS\system32\ZoneLabs\zlsre.dll ----a-w 788,200 2007-06-11 10:43:52 C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll ----a-w 1,496,808 2007-06-11 10:43:56 C:\WINDOWS\system32\ZoneLabs\srescan.dll ----a-w 2,432,259 2007-01-11 09:12:08 C:\WINDOWS\system32\ZoneLabs\spyware.dat ----a-w 2,432,259 2007-01-11 09:12:08 C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat ----a-w 50,416 2007-06-11 10:44:10 C:\WINDOWS\system32\ZoneLabs\srescan.sys ----a-w 99,816 2007-06-21 19:54:24 C:\WINDOWS\system32\ZoneLabs\camupd.dll ----a-w 144,936 2007-06-21 19:54:46 C:\WINDOWS\system32\ZoneLabs\updclient.exe ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll ----a-w 46,480 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll ----a-w 198,032 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll ----a-w 75,152 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll ----a-w 21,904 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll ----a-w 17,808 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll ----a-w 26,000 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll ----a-w 17,808 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll ----a-w 813,568 2004-01-30 10:35:08 C:\WINDOWS\system32\ZoneLabs\dbghelp.dll ----a-w 26,000 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll ----a-w 1,361,296 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll ----a-w 71,056 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll ----a-w 288,144 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll ----a-w 152,976 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll ----a-w 30,184 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll ----a-w 30,216 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll ----a-w 3,229,176 2007-06-21 19:56:18 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll ----a-w 210,432 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll ----a-w 118,784 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe ----a-w 258,048 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll ----a-w 38,400 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll ----a-w 184,320 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll ----a-w 208,960 2006-09-19 21:12:14 C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll ----a-w 90,112 2007-05-30 22:03:22 C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll ----a-w 548,864 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll ----a-w 626,688 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll ----a-w 77,824 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll ----a-w 110,592 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll ----a-w 331,776 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll ----a-w 1,093,632 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll ----a-w 200,704 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll ----a-w 65,248 2007-05-30 22:03:30 C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat ----a-w 21,568 2006-06-30 12:47:36 C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll ----a-w 16,384 2007-09-22 17:24:52 C:\WINDOWS\Temp\Perflib_Perfdata_6b0.dat . ----a-w 40,960 2006-01-09 08:36:06 C:\WINDOWS\system32\swsc.exe ----a-w 79,360 2006-12-01 04:20:34 C:\WINDOWS\system32\swxcacls.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-09-23 09:09 C:\WINDOWS\SOUNDMAN.EXE] "Disk Monitor"="C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe" [2003-06-18 11:57] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 22:05] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-11 22:02] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-06-24 15:16] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-08-06 21:12] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32] "ExtraFilmHemmaAgent"="C:\Program Files\Extrafilm FotoFacil\Agent.exe" [2006-10-03 09:40] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "NetAppel"="C:\program files\netappel\netappel.exe" [2007-09-15 13:19] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify] PCANotify.dll 2003-05-29 11:00 8704 C:\WINDOWS\system32\PCANotify.dll R3 C4C_BSC2;C4C_BSC2;C:\WINDOWS\system32\DRIVERS\C4C_BSC2.sys R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S2 vdo_326d-6b44;vdo_326d-6b44;\??\C:\WINDOWS\system32\vdo_326d-6b44.sys S3 PIXMC10;JVC Communication PIX-MC10 Driver;C:\WINDOWS\system32\Drivers\pixmc10c.sys S3 PIXMC10A;JVC PIX-MC10 Audio Capture;C:\WINDOWS\system32\Drivers\pixmc10a.sys S3 PIXMC10V;JVC PIX-MC10 Video Capture;C:\WINDOWS\system32\Drivers\pixmc10v.sys *Newly Created Service* - SRESCAN *Newly Created Service* - VSMON . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-22 19:49:02 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-22 19:51:14 C:\ComboFix-quarantined-files.txt ... 2007-09-22 19:51 C:\ComboFix3.txt ... 2007-09-21 19:45 C:\ComboFix2.txt ... 2007-09-22 19:42 . --- E O F --- Fix: SmitFraudFix v2.227 Rapport fait à 19:52:45,71, 22/09/2007 Executé à partir de C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\lotus\notes\nslsvice.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Extrafilm FotoFacil\Agent.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\program files\netappel\netappel.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts Fichier hosts corrompu ! 192.168.200.3 download.microsoft.com 192.168.200.3 downloads.microsoft.com 192.168.200.3 go.microsoft.com 192.168.200.3 microsoft.com 192.168.200.3 msdn.microsoft.com 192.168.200.3 office.microsoft.com 192.168.200.3 support.microsoft.com 192.168.200.3 windowsupdate.microsoft.com 192.168.200.3 www.microsoft.com 192.168.200.3 pandasoftware.com 192.168.200.3 www.pandasoftware.com »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-Christophe »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-Christophe\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JEAN-C~1\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Bonjour Charles, Voici le rapport demande. Durant la recherche, j'ai eu trois fois le message, modification de la base de registre impossible. Le gestionnaire de tache n'est plus accessible de nouveau (ainsi que le reste). ;( Merci encore et a bientot, JC Rapport SmitFraudfix: SmitFraudFix v2.225 Rapport fait à 8:27:17,14, 22/09/2007 Executé à partir de C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\lotus\notes\nslsvice.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Extrafilm FotoFacil\Agent.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\program files\netappel\netappel.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Documents and Settings\Jean-Christophe\Menu Démarrer\Programmes\Démarrage\system.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts Fichier hosts corrompu ! 192.168.200.3 download.microsoft.com 192.168.200.3 downloads.microsoft.com 192.168.200.3 go.microsoft.com 192.168.200.3 microsoft.com 192.168.200.3 msdn.microsoft.com 192.168.200.3 office.microsoft.com 192.168.200.3 support.microsoft.com 192.168.200.3 windowsupdate.microsoft.com 192.168.200.3 www.microsoft.com 192.168.200.3 pandasoftware.com 192.168.200.3 www.pandasoftware.com »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\printer.exe PRESENT ! C:\WINDOWS\system32\WinAvXX.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-Christophe »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-Christophe\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JEAN-C~1\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Re, Je ne trouve pas le fichier vdo_326d-6b44.sys: j'ai suivi exactement la procedure mais il n'apparait pas. Merci, JC

Re, ==> Je n'arrive pas a passer sur le site Virustotal.com. j'essaye depuis 20 minutes. Il y a qque chose qui le bloque. Que dois-je faire STP? Pour info.: j'ai un autre PC qui peut aller dessus sans pb donc c'est interne a ce PC. Pour la fenetre, c'est la fausse pub: Warning! etc.... Merci, JC

Salut Charles, Les deux manips ont ete faites, voici les rapports. La fenetre apparait toujours (( et le PC est lent ( mais j'ai acces (pour le moment) au panneau de configuration, au gestionnaires de taches... ))) Merci, JC Combofix rapport: ComboFix 07-09-20.1 - "Jean-Christophe" 2007-09-21 19:41:25.5 - FAT32x86 Microsoft Windows XP ?dition familiale 5.1.2600.2.1252.33.1036.18.54 [GMT 2:00] Command switches used :: C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\CFScript.txt Le temps d'ex‚cution du script a ‚t‚ d‚pass‚ pour le script "C:\ComboFix\restore_pt.vbs". L'ex‚cution du script a pris fin. FILE:: C:\WINDOWS\system32\WinAvXX.exe C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\systems.txt C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe C:\WINDOWS\system32\vtr.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\WinAvXX.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-21 to 2007-09-21 )))))))))))))))))))))))))))))))))))) . 2007-09-20 21:19 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-19 22:09 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-09-19 16:53 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-09-19 16:00 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-09-19 16:00 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-09-19 13:02 <REP> d-------- C:\Program Files\CCleaner 2007-09-19 12:46 <REP> d-------- C:\Program Files\a-squared Free 2007-09-19 10:56 <REP> d-------- C:\Program Files\RegCleaner 2007-09-19 07:26 <REP> d-------- C:\WINDOWS\report 2007-09-19 07:25 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-09-19 07:25 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-09-19 07:25 267,845 --a------ C:\WINDOWS\tsc.exe 2007-09-19 07:25 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-09-19 07:25 <REP> d-------- C:\WINDOWS\AU_Backup 2007-09-19 07:23 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-09-19 07:23 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-09-19 07:23 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Temp 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Log 2007-09-18 23:31 883,694 --a------ C:\SmitfraudFix.exe 2007-09-18 23:08 <REP> d-------- C:\SmitfraudFix 2007-09-18 22:39 3,394 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-18 21:10 <REP> d-------- C:\Program Files\Navilog1 2007-09-18 20:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Mes documents 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Favoris 2007-09-14 21:08 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-09-14 14:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\WINDOWS 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust 2007-09-01 15:57 1,268 --a------ C:\WINDOWS\mozver.dat 2007-08-21 20:28 0 --a------ C:\WINDOWS\nsreg.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-14 21:11 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-09-14 21:11 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-29 17:57 --------- d-------- C:\Program Files\Alwil Software 2007-07-29 17:07 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-07-29 16:24 --------- d-------- C:\Program Files\Realtek Sound Manager 2007-07-29 16:24 --------- d-------- C:\Program Files\AvRack 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\Real 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\InterTrust 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\ICQ 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\FUJIFILM 2007-07-26 17:25 --------- d-------- C:\DOCUME~1\OLGA\APPLIC~1\WebCallDirect 2007-07-19 08:58 3583488 --------- C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-27 15:24 823808 --------- C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 15:24 671232 --------- C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 15:24 477696 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 15:24 193024 --------- C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 15:24 1152000 --------- C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 15:23 27648 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 15:22 132608 --------- C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2005-07-21 15:12 457 --a------ C:\Program Files\INSTALL.LOG . ((((((((((((((((((((((((((((( snapshot_2007-09-20_212949.73 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 16,384 2007-09-21 17:36:22 C:\WINDOWS\Temp\Perflib_Perfdata_598.dat . . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-09-23 09:09 C:\WINDOWS\SOUNDMAN.EXE] "Disk Monitor"="C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe" [2003-06-18 11:57] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 22:05] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-11 22:02] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-06-24 15:16] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-08-06 21:12] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32] "ExtraFilmHemmaAgent"="C:\Program Files\Extrafilm FotoFacil\Agent.exe" [2006-10-03 09:40] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "NetAppel"="C:\program files\netappel\netappel.exe" [2007-09-15 13:19] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify] PCANotify.dll 2003-05-29 11:00 8704 C:\WINDOWS\system32\PCANotify.dll R3 C4C_BSC2;C4C_BSC2;C:\WINDOWS\system32\DRIVERS\C4C_BSC2.sys R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S2 vdo_326d-6b44;vdo_326d-6b44;\??\C:\WINDOWS\system32\vdo_326d-6b44.sys S3 PIXMC10;JVC Communication PIX-MC10 Driver;C:\WINDOWS\system32\Drivers\pixmc10c.sys S3 PIXMC10A;JVC PIX-MC10 Audio Capture;C:\WINDOWS\system32\Drivers\pixmc10a.sys S3 PIXMC10V;JVC PIX-MC10 Video Capture;C:\WINDOWS\system32\Drivers\pixmc10v.sys . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-21 19:44:17 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-21 19:45:29 C:\ComboFix-quarantined-files.txt ... 2007-09-21 19:45 C:\ComboFix3.txt ... 2007-09-20 22:17 C:\ComboFix2.txt ... 2007-09-21 19:32 . --- E O F --- Rapport HijackThis: StartupList report, 21/09/2007, 19:48:18 StartupList version: 1.52.2 Started from : C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\HiJackThis_v2.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16512) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\lotus\notes\nslsvice.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Extrafilm FotoFacil\Agent.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Messenger\msmsgs.exe C:\program files\netappel\netappel.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\HiJackThis_v2.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Jean-Christophe\Menu Démarrer\Programmes\Démarrage] system.exe Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE Exif Launcher.lnk = ? autorun.exe Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run SoundMan = SOUNDMAN.EXE Disk Monitor = C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe SunJavaUpdateSched = C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot SpeedTouch USB Diagnostics = "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime REGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN ExtraFilmHemmaAgent = "C:\Program Files\Extrafilm FotoFacil\Agent.exe" Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" Adobe Photo Downloader = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background NetAppel = "C:\program files\netappel\netappel.exe" -nosplash -minimized -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] = -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: *No BHO's found* -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [France Telecom MDM ActiveX Control] InProcServer32 = C:\WINDOWS\MDM.ocx CODEBASE = http://minitelweb.minitel.com/imin_data/ocx/MDM.cab [shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll CODEBASE = http://download.macromedia.com/pub/shockwa...director/sw.cab [ewidoOnlineScan Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\EWIDOO~1.DLL CODEBASE = http://downloads.ewido.net/ewidoOnlineScan.cab [Contrôleur de DownloadManager] InProcServer32 = C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX CODEBASE = http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.0.8.cab [image Uploader Control] InProcServer32 = C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx CODEBASE = http://webalbum.foto.com/NewUploader/ImageUploader4.cab [HouseCall Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx CODEBASE = http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab [Java Plug-in 1.4.2_05] InProcServer32 = C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll CODEBASE = http://java.sun.com/update/1.4.2/jinstall-...indows-i586.cab [{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}] CODEBASE = http://fpdownload.macromedia.com/get/shock...h/ultrashim.cab [{A18962F6-E6ED-40B1-97C9-1FB36F38BFA8}] CODEBASE = http://www.extrafilm.fr/net/import/ImageUploader3.cab [iPSUploader4 Control] InProcServer32 = C:\WINDOWS\Downloaded Program Files\IPSUploader4.ocx CODEBASE = http://photoservice.fujicolor.de/ips-opdat...PSUploader4.cab [Java Plug-in 1.4.2_05] InProcServer32 = C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll CODEBASE = http://java.sun.com/products/plugin/autodl...indows-i586.cab [get_atlcom Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\gp.ocx CODEBASE = http://www.adobe.com/products/acrobat/nos/gp.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx CODEBASE = http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab [Creative Product Registration ActiveX Control Module] InProcServer32 = C:\WINDOWS\System32\CTORWE~1.OCX CODEBASE = http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab [{FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39}] CODEBASE = http://webalbum.foto.com/FUploader/SpeedUploader.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\WINDOWS\system32\mswsock.dll Protocol #18: C:\WINDOWS\system32\mswsock.dll Protocol #19: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services a-squared Free Service: "C:\Program Files\a-squared Free\a2service.exe" (autostart) Ad-Aware 2007 Service: "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe" (autostart) Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (system) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN): System32\DRIVERS\alcan5wn.sys (manual start) SpeedTouch ADSL Modem ATM Transport: System32\DRIVERS\alcaudsl.sys (manual start) Service for WDM 3D Audio Driver: system32\drivers\ALCXSENS.SYS (manual start) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Pilote de processeur AMD K7: System32\DRIVERS\amdk7.sys (system) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Protocole client ARP 1394: System32\DRIVERS\arp1394.sys (manual start) avast! iAVS4 Control Service: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" (autostart) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Ati HotKey Poller: %SystemRoot%\System32\Ati2evxx.exe (autostart) ati2mtag: System32\DRIVERS\ati2mtag.sys (manual start) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) avast! Antivirus: "C:\Program Files\Alwil Software\Avast4\ashServ.exe" (autostart) avast! Mail Scanner: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (manual start) avast! Web Scanner: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (manual start) AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system) AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart) AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system) Service Elève pcAnywhere: C:\Program Files\Symantec\pcAnywhere\awhost32.exe (manual start) awlegacy: \SystemRoot\System32\Drivers\awlegacy.sys (system) AW_HOST: system32\drivers\aw_host5.sys (system) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pont MAC: System32\DRIVERS\bridge.sys (manual start) Miniport de pont MAC: System32\DRIVERS\bridge.sys (manual start) Explorateur d'ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) C-DillaCdaC11BA: C:\WINDOWS\System32\drivers\CDAC11BA.EXE (autostart) C4C_BSC2: System32\DRIVERS\C4C_BSC2.sys (manual start) catchme: \??\C:\DOCUME~1\JEAN-C~1\LOCALS~1\Temp\catchme.sys (manual start) Closed Caption Decoder: System32\DRIVERS\CCDECODE.sys (manual start) CdaC15BA: \??\C:\WINDOWS\System32\drivers\CDAC15BA.SYS (autostart) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Creative Service for CDROM Access: C:\WINDOWS\System32\CTsvcCDA.EXE (autostart) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de disque: System32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) Fallback: System32\DRIVERS\C4C_FALL.sys (autostart) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) Fsks: System32\DRIVERS\C4C_FSKS.sys (autostart) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) France Telecom Routing Table Service: C:\WINDOWS\System32\FTRTSVC.exe (autostart) GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: System32\DRIVERS\hidusb.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) Pilote du pare-feu Windows IPv6: system32\drivers\ip6fw.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) iPod Service: C:\Program Files\iPod\bin\iPodService.exe (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (system) Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) K56: System32\DRIVERS\C4C_K56K.sys (autostart) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) Lotus Notes Single Logon: "C:\Program Files\lotus\notes\nslsvice.exe" (autostart) Machine Debug Manager: "C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe" (autostart) mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart) Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) Pilote HID de souris: System32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start) MRXSMB: System32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: System32\DRIVERS\mssmbios.sys (manual start) Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start) NABTS/FEC VBI Codec: System32\DRIVERS\NABTSFEC.sys (manual start) Microsoft TV/Video Connection: System32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: System32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: System32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Upper Class Filter Driver: System32\DRIVERS\NTIDrvr.sys (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Contrôleur hôte compatible IEE 1394 VIA OHCI: System32\DRIVERS\ohci1394.sys (system) Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start) PCI Bus Driver: System32\DRIVERS\pci.sys (system) PfModNT: \??\C:\WINDOWS\System32\drivers\PfModNT.sys (autostart) JVC Communication PIX-MC10 Driver: System32\Drivers\pixmc10c.sys (manual start) JVC PIX-MC10 Audio Capture: System32\Drivers\pixmc10a.sys (manual start) JVC PIX-MC10 Video Capture: System32\Drivers\pixmc10v.sys (manual start) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) Pilote processeur: System32\DRIVERS\processr.sys (system) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) Rdbss: System32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Rksample: System32\DRIVERS\C4C_SAMP.sys (manual start) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver: System32\DRIVERS\Rtlnic51.sys (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Pilote de bus de transport/protocole SBP-2: System32\DRIVERS\sbp2port.sys (system) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) BDA Slip De-Framer: System32\DRIVERS\SLIP.sys (manual start) SoftFax: System32\DRIVERS\C4C_FAXX.sys (autostart) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Srv: System32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) BDA IPSink: System32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{43352E4E-DA66-4C43-86BE-6DDE559B81DD} (manual start) SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Tones: System32\DRIVERS\C4C_TONE.sys (autostart) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start) Microsoft USB Generic Parent Driver: System32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft: System32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start) Classe d'imprimantes USB Microsoft: System32\DRIVERS\usbprint.sys (manual start) Pilote de scanneur USB: System32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: System32\DRIVERS\usbuhci.sys (manual start) ADI Remote NDIS Network Device Driver: System32\DRIVERS\usb8023.sys (manual start) V124: System32\DRIVERS\C4C_V124.sys (autostart) vdo_326d-6b44: \??\C:\WINDOWS\system32\vdo_326d-6b44.sys (autostart) Carte vidéo VGA.: \SystemRoot\System32\drivers\vga.sys (system) VIA AGP Filter: System32\DRIVERS\viaagp1.sys (system) ViaIde: System32\DRIVERS\viaide.sys (system) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) World Standard Teletext Codec: System32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: C:\ComboFix\fprops.vbs => C:\QooBox\Quarantine\C\ComboFix\FProps.vbs.vir||x -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- End of report, 38 040 bytes Report generated in 0,219 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only

OK et merci bon boulot JC

Cela a ete fait - j'avais laisse la fenetre ouverte au cas ou. Voici le message recu sur page web: Malware Submission Your file was successfully submitted. Please let the user helping you know that you have submitted the file. Merci a toi et a demain, Bonne soiree, JC

Re, Je viens d'avoir le message suivant apres l'analyse: ///// Soumettez le malware à Bleeping Computer pour analyses. Copiez/Collez le chemin de fichier ci-dessous dans la zone ci-dessus et cliquez sur Envoyer. C:\DOCUME~1\JEAN-C~1\Bureau.\[4]-Submit_2007-09-20@22.07.zip ///// Et voici le rapport. Merci, JC ComboFix 07-09-20.1 - "Jean-Christophe" 2007-09-20 22:07:57.2 - FAT32x86 Microsoft Windows XP ?dition familiale 5.1.2600.2.1252.1.1036.18.71 [GMT 2:00] Command switches used :: C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\CFScript.txt * Created a new restore point FILE:: C:\WINDOWS\system32\WinAvXX.exe C:\WINDOWS\system32\printer.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\prn64.dll C:\WINDOWS\system32\WinAvXX.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-20 to 2007-09-20 )))))))))))))))))))))))))))))))))))) . 2007-09-20 21:19 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-19 22:09 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-09-19 16:53 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-09-19 16:00 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-09-19 16:00 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-09-19 13:02 <REP> d-------- C:\Program Files\CCleaner 2007-09-19 12:46 <REP> d-------- C:\Program Files\a-squared Free 2007-09-19 10:56 <REP> d-------- C:\Program Files\RegCleaner 2007-09-19 07:26 <REP> d-------- C:\WINDOWS\report 2007-09-19 07:25 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-09-19 07:25 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-09-19 07:25 267,845 --a------ C:\WINDOWS\tsc.exe 2007-09-19 07:25 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-09-19 07:25 <REP> d-------- C:\WINDOWS\AU_Backup 2007-09-19 07:23 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-09-19 07:23 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-09-19 07:23 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Temp 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Log 2007-09-18 23:31 883,694 --a------ C:\SmitfraudFix.exe 2007-09-18 23:08 <REP> d-------- C:\SmitfraudFix 2007-09-18 22:39 3,394 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-18 21:10 <REP> d-------- C:\Program Files\Navilog1 2007-09-18 20:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Mes documents 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Favoris 2007-09-14 21:08 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-09-14 14:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\WINDOWS 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust 2007-09-01 15:57 1,268 --a------ C:\WINDOWS\mozver.dat 2007-08-21 20:28 0 --a------ C:\WINDOWS\nsreg.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-14 21:11 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-09-14 21:11 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-29 17:57 --------- d-------- C:\Program Files\Alwil Software 2007-07-29 17:07 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-07-29 16:24 --------- d-------- C:\Program Files\Realtek Sound Manager 2007-07-29 16:24 --------- d-------- C:\Program Files\AvRack 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\Real 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\InterTrust 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\ICQ 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\FUJIFILM 2007-07-26 17:25 --------- d-------- C:\DOCUME~1\OLGA\APPLIC~1\WebCallDirect 2007-07-19 08:58 3583488 --------- C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-27 15:24 823808 --------- C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 15:24 671232 --------- C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 15:24 477696 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 15:24 193024 --------- C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 15:24 1152000 --------- C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 15:23 27648 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 15:22 132608 --------- C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2005-07-21 15:12 457 --a------ C:\Program Files\INSTALL.LOG . ((((((((((((((((((((((((((((( snapshot_2007-09-20_212949.73 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 16,384 2007-09-20 20:12:28 C:\WINDOWS\Temp\Perflib_Perfdata_528.dat . . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-09-23 09:09 C:\WINDOWS\SOUNDMAN.EXE] "Disk Monitor"="C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe" [2003-06-18 11:57] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 22:05] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-11 22:02] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-06-24 15:16] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-08-06 21:12] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32] "ExtraFilmHemmaAgent"="C:\Program Files\Extrafilm FotoFacil\Agent.exe" [2006-10-03 09:40] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] "WinAVX"="C:\WINDOWS\system32\WinAvXX.exe" [2007-09-13 11:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "NetAppel"="C:\program files\netappel\netappel.exe" [2007-09-15 13:19] "WinAVX"="C:\WINDOWS\system32\WinAvXX.exe" [2007-09-13 11:06] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=1 (0x1) "DisableTaskMgr"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=1 (0x1) "DisableTaskMgr"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoControlPanel"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoControlPanel"=1 (0x1) "NoWindowsUpdate"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Shell"="Explorer.exe C:\WINDOWS\system32\printer.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify] PCANotify.dll 2003-05-29 11:00 8704 C:\WINDOWS\system32\PCANotify.dll R3 C4C_BSC2;C4C_BSC2;C:\WINDOWS\system32\DRIVERS\C4C_BSC2.sys R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S2 vdo_326d-6b44;vdo_326d-6b44;\??\C:\WINDOWS\system32\vdo_326d-6b44.sys S3 PIXMC10;JVC Communication PIX-MC10 Driver;C:\WINDOWS\system32\Drivers\pixmc10c.sys S3 PIXMC10A;JVC PIX-MC10 Audio Capture;C:\WINDOWS\system32\Drivers\pixmc10a.sys S3 PIXMC10V;JVC PIX-MC10 Video Capture;C:\WINDOWS\system32\Drivers\pixmc10v.sys S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-20 22:13:38 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-20 22:17:04 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-20 22:17 C:\ComboFix2.txt ... 2007-09-20 21:30 . --- E O F ---

Thanks a lot! JC

Re, Et voici le rapport comme demande. Merci, JC ComboFix 07-09-20.1 - "Jean-Christophe" 2007-09-20 21:21:03.1 - FAT32x86 Microsoft Windows XP ?dition familiale 5.1.2600.2.1252.1.1036.18.68 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-20 to 2007-09-20 )))))))))))))))))))))))))))))))))))) . 2007-09-20 21:19 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-20 20:54 7,680 --a------ C:\WINDOWS\system32\WinAvXX.exe 2007-09-20 20:54 7,680 --a------ C:\WINDOWS\system32\printer.exe 2007-09-19 22:09 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-09-19 16:53 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-09-19 16:00 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-09-19 16:00 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-09-19 13:02 <REP> d-------- C:\Program Files\CCleaner 2007-09-19 12:46 <REP> d-------- C:\Program Files\a-squared Free 2007-09-19 10:56 <REP> d-------- C:\Program Files\RegCleaner 2007-09-19 07:26 <REP> d-------- C:\WINDOWS\report 2007-09-19 07:25 86,094 --a------ C:\WINDOWS\BPMNT.dll 2007-09-19 07:25 71,749 --a------ C:\WINDOWS\hcextoutput.dll 2007-09-19 07:25 267,845 --a------ C:\WINDOWS\tsc.exe 2007-09-19 07:25 1,163,344 --a------ C:\WINDOWS\vsapi32.dll 2007-09-19 07:25 <REP> d-------- C:\WINDOWS\AU_Backup 2007-09-19 07:23 69,689 --a------ C:\WINDOWS\UNZIP.DLL 2007-09-19 07:23 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL 2007-09-19 07:23 286,720 --a------ C:\WINDOWS\PATCH.EXE 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Temp 2007-09-19 07:23 <REP> d-------- C:\WINDOWS\AU_Log 2007-09-18 23:31 883,694 --a------ C:\SmitfraudFix.exe 2007-09-18 23:08 <REP> d-------- C:\SmitfraudFix 2007-09-18 22:39 3,394 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-18 21:10 <REP> d-------- C:\Program Files\Navilog1 2007-09-18 20:54 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Mes documents 2007-09-17 21:10 <REP> dr------- C:\DOCUME~1\Elyan\Favoris 2007-09-14 21:08 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-09-14 14:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Mes documents 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer 2007-09-14 12:59 <REP> dr------- C:\DOCUME~1\ADMINI~1\Favoris 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression 2007-09-14 12:59 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\WINDOWS 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau 2007-09-14 12:59 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust 2007-09-01 15:57 1,268 --a------ C:\WINDOWS\mozver.dat 2007-08-21 20:28 0 --a------ C:\WINDOWS\nsreg.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-14 21:11 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-09-14 21:11 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-09-06 12:09 801144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-06 12:05 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 12:05 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 12:03 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 12:02 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 12:00 95608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-09-06 12:00 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-29 17:57 --------- d-------- C:\Program Files\Alwil Software 2007-07-29 17:07 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-07-29 16:24 --------- d-------- C:\Program Files\Realtek Sound Manager 2007-07-29 16:24 --------- d-------- C:\Program Files\AvRack 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\Real 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\InterTrust 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\ICQ 2007-07-29 16:24 --------- d-------- C:\DOCUME~1\ELYAN\APPLIC~1\FUJIFILM 2007-07-26 17:25 --------- d-------- C:\DOCUME~1\OLGA\APPLIC~1\WebCallDirect 2007-07-19 08:58 3583488 --------- C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-27 15:24 823808 --------- C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 15:24 671232 --------- C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 15:24 477696 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 15:24 193024 --------- C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 15:24 1152000 --------- C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 15:23 27648 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 15:22 132608 --------- C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2005-07-21 15:12 457 --a------ C:\Program Files\INSTALL.LOG . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-09-23 09:09 C:\WINDOWS\SOUNDMAN.EXE] "Disk Monitor"="C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe" [2003-06-18 11:57] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe" [2004-06-03 22:05] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-11 22:02] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-06-24 15:16] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-08-06 21:12] "EoEngine"="" [] "EoWeather"="" [] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32] "ExtraFilmHemmaAgent"="C:\Program Files\Extrafilm FotoFacil\Agent.exe" [2006-10-03 09:40] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] "WinAVX"="C:\WINDOWS\system32\WinAvXX.exe" [2007-09-13 11:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "NetAppel"="C:\program files\netappel\netappel.exe" [2007-09-15 13:19] "WinAVX"="C:\WINDOWS\system32\WinAvXX.exe" [2007-09-13 11:06] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "WinAVX"=C:\WINDOWS\system32\WinAvXX.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=1 (0x1) "DisableTaskMgr"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=1 (0x1) "DisableTaskMgr"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoControlPanel"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoControlPanel"=1 (0x1) "NoWindowsUpdate"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Shell"="Explorer.exe C:\WINDOWS\system32\printer.exe" R3 C4C_BSC2;C4C_BSC2;C:\WINDOWS\system32\DRIVERS\C4C_BSC2.sys R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S2 vdo_326d-6b44;vdo_326d-6b44;\??\C:\WINDOWS\system32\vdo_326d-6b44.sys S3 PIXMC10;JVC Communication PIX-MC10 Driver;C:\WINDOWS\system32\Drivers\pixmc10c.sys S3 PIXMC10A;JVC PIX-MC10 Audio Capture;C:\WINDOWS\system32\Drivers\pixmc10a.sys S3 PIXMC10V;JVC PIX-MC10 Video Capture;C:\WINDOWS\system32\Drivers\pixmc10v.sys S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys *Newly Created Service* - HTTPFILTER . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-20 21:27:47 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-20 21:30:44 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-20 21:30 . --- E O F ---

Salut, Meme remarque que sur les posts precedents ;(( pour le suivi la procedure. Acces au differents menus puis plus rien apres un moment (qques minutes), reapparition fenetre pub... Merci bcp, A tres bientot, JC ==> Voici les 3 rapports apres le suivi de la procedure: HijackThis: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 20:52:28, on 20/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.exe C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\HiJackThis_v2.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr.dll (file missing) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Extrafilm FotoFacil\Agent.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [NetAppel] "C:\program files\netappel\netappel.exe" -nosplash -minimized O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: system.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Exif Launcher.lnk = ? O4 - Global Startup: autorun.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/ O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.0.8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://webalbum.foto.com/NewUploader/ImageUploader4.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - http://www.extrafilm.fr/net/import/ImageUploader3.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://photoservice.fujicolor.de/ips-opdat...PSUploader4.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} - http://webalbum.foto.com/FUploader/SpeedUploader.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\systems.txt O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Elève pcAnywhere (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lotus Notes Single Logon - IBM Corp - C:\Program Files\lotus\notes\nslsvice.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe -- End of file - 8511 bytes SmitFraudFix: SmitFraudFix v2.225 Rapport fait à 20:52:52,21, 20/09/2007 Executé à partir de C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 192.168.200.3 ad.doubleclick.net 192.168.200.3 ad.fastclick.net 192.168.200.3 ads.fastclick.net 192.168.200.3 ar.atwola.com 192.168.200.3 atdmt.com 192.168.200.3 avp.ch 192.168.200.3 avp.com 192.168.200.3 avp.ru 192.168.200.3 awaps.net 192.168.200.3 banner.fastclick.net 192.168.200.3 banners.fastclick.net 192.168.200.3 ca.com 192.168.200.3 click.atdmt.com 192.168.200.3 clicks.atdmt.com 192.168.200.3 customer.symantec.com 192.168.200.3 dispatch.mcafee.com 192.168.200.3 download.mcafee.com 192.168.200.3 downloads-us1.kaspersky-labs.com 192.168.200.3 downloads-us2.kaspersky-labs.com 192.168.200.3 downloads-us3.kaspersky-labs.com 192.168.200.3 downloads1.kaspersky-labs.com 192.168.200.3 downloads2.kaspersky-labs.com 192.168.200.3 downloads3.kaspersky-labs.com 192.168.200.3 downloads4.kaspersky-labs.com 192.168.200.3 engine.awaps.net 192.168.200.3 f-secure.com 192.168.200.3 fastclick.net 192.168.200.3 ftp.avp.ch 192.168.200.3 ftp.downloads1.kaspersky-labs.com 192.168.200.3 ftp.downloads2.kaspersky-labs.com 192.168.200.3 ftp.downloads3.kaspersky-labs.com 192.168.200.3 ftp.f-secure.com 192.168.200.3 ftp.kasperskylab.ru 192.168.200.3 ftp.sophos.com 192.168.200.3 ids.kaspersky-labs.com 192.168.200.3 kaspersky-labs.com 192.168.200.3 kaspersky.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 mast.mcafee.com 192.168.200.3 mcafee.com 192.168.200.3 media.fastclick.net 192.168.200.3 my-etrust.com 192.168.200.3 nai.com 192.168.200.3 networkassociates.com 192.168.200.3 norton.com 192.168.200.3 phx.corporate-ir.net 192.168.200.3 rads.mcafee.com 192.168.200.3 secure.nai.com 192.168.200.3 securityresponse.symantec.com 192.168.200.3 service1.symantec.com 192.168.200.3 sophos.com 192.168.200.3 spd.atdmt.com 192.168.200.3 symantec.com 192.168.200.3 trendmicro.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 us.mcafee.com 192.168.200.3 vil.nai.com 192.168.200.3 viruslist.com 192.168.200.3 viruslist.ru 192.168.200.3 virusscan.jotti.org 192.168.200.3 virustotal.com 192.168.200.3 www.avp.ch 192.168.200.3 www.avp.com 192.168.200.3 www.avp.ru 192.168.200.3 www.awaps.net 192.168.200.3 www.ca.com 192.168.200.3 www.f-secure.com 192.168.200.3 www.fastclick.net 192.168.200.3 www.grisoft.com 192.168.200.3 www.kaspersky-labs.com 192.168.200.3 www.kaspersky.com 192.168.200.3 www.kaspersky.ru 192.168.200.3 www.mcafee.com 192.168.200.3 www.my-etrust.com 192.168.200.3 www.nai.com 192.168.200.3 www.networkassociates.com 192.168.200.3 www.sophos.com 192.168.200.3 www.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 www.trendmicro.com 192.168.200.3 www.viruslist.com 192.168.200.3 www.viruslist.ru 192.168.200.3 www.virustotal.com 192.168.200.3 www3.ca.com »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" DiagHelp: DiagHelp version v1.2 - http://www.malekal.com excute le 20/09/2007 à 21:02:37,83 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->20/09/2007 21:02:36 C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->20/09/2007 21:01:14 C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->20/09/2007 20:57:28 C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->20/09/2007 20:57:28 C:\WINDOWS\prefetch\WMIAPSRV.EXE-1E2270A5.pf -->20/09/2007 20:57:24 C:\WINDOWS\prefetch\WUAUCLT.EXE-399A8E72.pf -->20/09/2007 20:57:06 C:\WINDOWS\prefetch\SETUP.OVR-154CE291.pf -->20/09/2007 20:57:02 C:\WINDOWS\prefetch\ASHWEBSV.EXE-0548EF0A.pf -->20/09/2007 20:56:44 C:\WINDOWS\prefetch\ASHMAISV.EXE-12E27032.pf -->20/09/2007 20:56:44 C:\WINDOWS\prefetch\ALG.EXE-0F138680.pf -->20/09/2007 20:56:44 C:\WINDOWS\System32\drivers\NSDriver.sys -->14/09/2007 21:11:58 C:\WINDOWS\System32\drivers\AWRTRD.sys -->14/09/2007 21:11:56 C:\WINDOWS\System32\drivers\aswmon.sys -->06/09/2007 12:05:26 C:\WINDOWS\System32\drivers\aswmon2.sys -->06/09/2007 12:05:10 C:\WINDOWS\System32\drivers\aswRdr.sys -->06/09/2007 12:03:02 C:\WINDOWS\System32\drivers\aswTdi.sys -->06/09/2007 12:02:20 C:\WINDOWS\System32\drivers\aavmker4.sys -->06/09/2007 12:00:54 C:\WINDOWS\System32\tmp.txt -->20/09/2007 20:52:58 C:\WINDOWS\System32\tmp.reg -->20/09/2007 20:52:58 C:\WINDOWS\System32\wpa.dbl -->14/09/2007 12:59:40 C:\WINDOWS\System32\WinAvXX.exe -->13/09/2007 11:06:42 C:\WINDOWS\System32\printer.exe -->13/09/2007 11:06:42 C:\WINDOWS\System32\CONFIG.NT -->13/09/2007 09:58:16 C:\WINDOWS\System32\aswBoot.exe -->06/09/2007 12:09:50 C:\WINDOWS\System32\AvastSS.scr -->06/09/2007 12:00:08 C:\WINDOWS\System32\VCCLSID.exe -->06/09/2007 00:22:24 C:\WINDOWS\System32\MRT.exe -->05/09/2007 19:50:44 C:\WINDOWS\System32\TZLog.log -->30/08/2007 22:47:56 C:\WINDOWS\System32\systems.txt -->21/08/2007 08:00:08 C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06 C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52 C:\WINDOWS\System32\wuaueng.dll -->30/07/2007 19:19:42 C:\WINDOWS\System32\wuapi.dll -->30/07/2007 19:19:36 C:\WINDOWS\System32\wucltui.dll -->30/07/2007 19:19:32 C:\WINDOWS\System32\wuweb.dll -->30/07/2007 19:19:28 C:\WINDOWS\System32\wuaucpl.cpl -->30/07/2007 19:19:28 C:\WINDOWS\System32\cdm.dll -->30/07/2007 19:19:20 C:\WINDOWS\System32\wuauclt.exe -->30/07/2007 19:19:16 C:\WINDOWS\System32\wups2.dll -->30/07/2007 19:19:12 C:\WINDOWS\System32\wucltui.dll.mui -->30/07/2007 19:19:04 C:\WINDOWS\System32\wuaueng.dll.mui -->30/07/2007 19:18:48 C:\WINDOWS\System32\wups.dll -->30/07/2007 19:18:40 C:\WINDOWS.log -->20/09/2007 20:55:42 C:\WINDOWS\wiadebug.log -->20/09/2007 20:55:18 C:\WINDOWS\bootstat.dat -->20/09/2007 20:54:16 C:\WINDOWS\WindowsUpdate.log -->20/09/2007 20:53:40 C:\WINDOWS\setupact.log -->20/09/2007 20:53:02 C:\WINDOWS\ntbtlog.txt -->20/09/2007 20:51:22 C:\WINDOWS\SchedLgU.Txt -->20/09/2007 20:49:56 C:\WINDOWS\wiaservc.log -->20/09/2007 20:35:46 C:\WINDOWS\setuperr.log -->19/09/2007 22:09:30 C:\WINDOWS\tsc.ini -->19/09/2007 07:26:32 C:\WINDOWS\LPT$VPN.725 -->19/09/2007 07:25:32 C:\WINDOWS\tsc.ptn -->19/09/2007 07:25:32 C:\WINDOWS\tsc.exe -->19/09/2007 07:25:32 C:\WINDOWS\hcextoutput.dll -->19/09/2007 07:25:32 C:\WINDOWS\vsapi32.dll -->19/09/2007 07:25:32 MD5 des fichiers sensibles tcpip.sys 1dbf125862891817f374f407626967f4 ndis.sys 558635d3af1c7546d26067d5d9b6959e null.sys 73c1e1f395918bc2c6dd67af7591a3ad svchost.exe 2979b03d5382a602623c0535b16ab9c0 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\temp 05/02/2005 08:09 53 248 VCDInstaller.exe 12/09/2001 14:42 212 992 NavBrowser.exe 2 fichier(s) 266 240 octets 0 Rép(s) 21 605 056 512 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\system 23/08/2001 12:00 9 728 regsvr32.exe 1 fichier(s) 9 728 octets 0 Rép(s) 21 605 056 512 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\system32 20/08/2004 01:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 21 605 056 512 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\Downloaded Program Files 27/06/2004 00:21 <REP> . 27/06/2004 00:21 <REP> .. 27/06/2004 00:21 65 desktop.ini 04/06/2004 10:44 740 jinstall-1_4_2_05.inf 02/02/2005 09:36 976 464 EPUWALcontrol.dll 17/06/2004 16:21 240 CtORWebClient.inf 09/02/2005 16:54 1 271 erma.inf 30/01/2002 02:00 497 MDM.inf 01/03/2007 23:46 487 424 DownloadManagerV2.ocx 01/03/2007 23:42 251 DownloadManagerV2.inf 14/02/2007 18:44 2 557 752 ImageUploader4.ocx 14/02/2007 18:44 378 ImageUploader4.inf 05/03/2007 12:27 2 574 024 IPSUploader4.ocx 05/03/2007 12:27 324 IPSUploader4.inf 16/05/2007 08:22 166 512 gp.ocx 16/05/2007 08:22 399 gp.inf 11/06/2007 12:21 5 021 swflash.inf 11/07/2006 09:41 345 656 ewidoOnlineScan.dll 02/11/2005 18:07 435 712 xscan53.ocx 02/11/2005 18:01 1 777 xscan.inf 18 fichier(s) 7 554 507 octets Total des fichiers listés : 18 fichier(s) 7 554 507 octets 2 Rép(s) 21 605 056 512 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\NetAppel\\NetAppel.exe"="C:\\Program Files\\NetAppel\\NetAppel.exe:*:Enabled:NetAppel" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\WebCallDirect.com\\WebCallDirect\\WebCallDirect.exe"="C:\\Program Files\\WebCallDirect.com\\WebCallDirect\\WebCallDirect.exe:*:Enabled:WebCallDirect" "%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "legalnoticecaption"="" "legalnoticetext"="" "DisableRegistryTools"=dword:00000001 "DisableTaskMgr"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 192.168.200.3 downloads-us1.kaspersky-labs.com 192.168.200.3 downloads-us2.kaspersky-labs.com 192.168.200.3 downloads-us3.kaspersky-labs.com 192.168.200.3 downloads1.kaspersky-labs.com 192.168.200.3 downloads2.kaspersky-labs.com 192.168.200.3 downloads3.kaspersky-labs.com 192.168.200.3 downloads4.kaspersky-labs.com 192.168.200.3 ftp.downloads1.kaspersky-labs.com 192.168.200.3 ftp.downloads2.kaspersky-labs.com 192.168.200.3 ftp.downloads3.kaspersky-labs.com 192.168.200.3 ftp.kasperskylab.ru 192.168.200.3 ids.kaspersky-labs.com 192.168.200.3 kaspersky-labs.com 192.168.200.3 kaspersky.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 www.kaspersky-labs.com 192.168.200.3 www.kaspersky.com 192.168.200.3 www.kaspersky.ru 192.168.200.3 customer.symantec.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 securityresponse.symantec.com 192.168.200.3 service1.symantec.com 192.168.200.3 symantec.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 windowsupdate.microsoft.com 192.168.200.3 trendmicro.com 192.168.200.3 www.trendmicro.com 192.168.200.3 ftp.sophos.com 192.168.200.3 sophos.com 192.168.200.3 www.sophos.com 192.168.200.3 pandasoftware.com 192.168.200.3 www.pandasoftware.com 192.168.200.3 networkassociates.com 192.168.200.3 www.networkassociates.com 192.168.200.3 windowsupdate.microsoft.com catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-20 21:03:06 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 152 - Agent.exe 212 - ashDisp.exe 312 - avgas.exe 328 - ctfmon.exe 384 - msmsgs.exe 400 - netappel.exe 464 - guard.exe 508 - CSRSS.EXE 512 - CDAC11BA.EXE 532 - WINLOGON.EXE 580 - SERVICES.EXE 592 - LSASS.EXE 740 - NSLSVICE.EXE 824 - SVCHOST.EXE 876 - SVCHOST.EXE 944 - SVCHOST.EXE 1160 - SVCHOST.EXE 1196 - mdm.exe 1248 - AAWSERVICE.EXE 1376 - EXPLORER.EXE 1452 - ASHSERV.EXE 1756 - spoolsv.exe 2012 - Dragdiag.exe 2224 - cmd.exe 2468 - ashMaiSv.exe 2568 - ashWebSv.exe 2804 - iPodService.exe 3188 - alg.exe 3604 - IEXPLORE.EXE Total number of processes = 30 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntoskrnl.exe 806EC000 - \WINDOWS\system32\hal.dll F9D72000 - \WINDOWS\system32\KDCOM.DLL F9C82000 - \WINDOWS\system32\BOOTVID.dll F9822000 - ACPI.sys F9D74000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS F9811000 - pci.sys F9872000 - isapnp.sys F9882000 - ohci1394.sys F9892000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS F9D76000 - viaide.sys F9AF2000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS F98A2000 - MountMgr.sys F97F2000 - ftdisk.sys F9AFA000 - PartMgr.sys F98B2000 - VolSnap.sys F97DA000 - atapi.sys F98C2000 - disk.sys F98D2000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F97BA000 - fltmgr.sys F97A8000 - sr.sys F9785000 - Fastfat.sys F976E000 - KSecDD.sys F9741000 - NDIS.sys F9B02000 - viaagp1.sys F98E2000 - sbp2port.sys F9726000 - Mup.sys F9C86000 - Gernuwa.sys F9912000 - \SystemRoot\System32\DRIVERS\nic1394.sys F9922000 - \SystemRoot\System32\DRIVERS\amdk7.sys F966A000 - \SystemRoot\System32\DRIVERS\ati2mtag.sys F9656000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS F9643000 - \SystemRoot\System32\DRIVERS\C4C_BSC2.sys F9932000 - \SystemRoot\System32\DRIVERS\C4C_SOAR.SYS F9942000 - \SystemRoot\System32\DRIVERS\C4C_SAMP.sys F95BA000 - \SystemRoot\System32\DRIVERS\HSF_CNXT.sys F9593000 - \SystemRoot\System32\DRIVERS\C4C_AMOS.SYS F9B22000 - \SystemRoot\System32\Drivers\Modem.SYS F9952000 - \SystemRoot\System32\DRIVERS\Rtlnic51.sys F9B2A000 - \SystemRoot\System32\DRIVERS\usbuhci.sys F9570000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS F9B32000 - \SystemRoot\System32\DRIVERS\usbehci.sys F9962000 - \SystemRoot\System32\DRIVERS\imapi.sys F9CFA000 - \SystemRoot\System32\Drivers\cdrbsdrv.SYS F9972000 - \SystemRoot\System32\DRIVERS\cdrom.sys F9982000 - \SystemRoot\System32\DRIVERS\redbook.sys F9525000 - \SystemRoot\System32\DRIVERS\ks.sys F9D78000 - \SystemRoot\System32\DRIVERS\NTIDrvr.sys F9B3A000 - \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys F94B6000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F9492000 - \SystemRoot\system32\drivers\portcls.sys F9992000 - \SystemRoot\system32\drivers\drmk.sys F942F000 - \SystemRoot\system32\drivers\ALCXSENS.SYS F9B42000 - \SystemRoot\System32\DRIVERS\fdc.sys F941E000 - \SystemRoot\System32\DRIVERS\serial.sys F9D06000 - \SystemRoot\System32\DRIVERS\serenum.sys F940A000 - \SystemRoot\System32\DRIVERS\parport.sys F99A2000 - \SystemRoot\System32\DRIVERS\i8042prt.sys F9B4A000 - \SystemRoot\System32\DRIVERS\mouclass.sys F9B52000 - \SystemRoot\system32\drivers\aw_host5.sys F9B5A000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F9EE2000 - \SystemRoot\System32\DRIVERS\audstub.sys F99B2000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F9D0A000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F9353000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F99C2000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F99D2000 - \SystemRoot\System32\DRIVERS\raspptp.sys F9B62000 - \SystemRoot\System32\DRIVERS\TDI.SYS F9342000 - \SystemRoot\System32\DRIVERS\psched.sys F99E2000 - \SystemRoot\System32\DRIVERS\msgpc.sys F9B6A000 - \SystemRoot\System32\DRIVERS\ptilink.sys F9B72000 - \SystemRoot\System32\DRIVERS\raspti.sys F99F2000 - \SystemRoot\System32\DRIVERS\termdd.sys F9D7A000 - \SystemRoot\System32\DRIVERS\swenum.sys F930E000 - \SystemRoot\System32\DRIVERS\update.sys F9D1A000 - \SystemRoot\System32\DRIVERS\mssmbios.sys F9A02000 - \SystemRoot\System32\Drivers\NDProxy.SYS F9A42000 - \SystemRoot\System32\DRIVERS\usbhub.sys F9D7C000 - \SystemRoot\System32\DRIVERS\USBD.SYS F9B7A000 - \SystemRoot\System32\DRIVERS\flpydisk.sys F9D7E000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F9F3F000 - \SystemRoot\System32\Drivers\Null.SYS F9D80000 - \SystemRoot\System32\Drivers\Beep.SYS F9F40000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys F9B8A000 - \SystemRoot\System32\drivers\vga.sys F9D42000 - \SystemRoot\System32\Drivers\awlegacy.sys F9D82000 - \SystemRoot\System32\Drivers\mnmdd.SYS F9D84000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F9B92000 - \SystemRoot\System32\Drivers\Msfs.SYS F9B9A000 - \SystemRoot\System32\Drivers\Npfs.SYS F9D46000 - \SystemRoot\System32\DRIVERS\rasacd.sys B6F2D000 - \SystemRoot\System32\DRIVERS\ipsec.sys B6ED5000 - \SystemRoot\System32\DRIVERS\tcpip.sys F9A62000 - \SystemRoot\System32\Drivers\aswTdi.SYS B6EAD000 - \SystemRoot\System32\DRIVERS\netbt.sys B6E8B000 - \SystemRoot\System32\drivers\afd.sys F9A72000 - \SystemRoot\System32\DRIVERS\netbios.sys B6E60000 - \SystemRoot\System32\DRIVERS\rdbss.sys B6DC9000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys F9A92000 - \SystemRoot\System32\Drivers\Fips.SYS B6DA8000 - \SystemRoot\System32\DRIVERS\ipnat.sys F9AA2000 - \SystemRoot\System32\DRIVERS\wanarp.sys F9AB2000 - \SystemRoot\System32\DRIVERS\arp1394.sys F9BA2000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS F9F5D000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys F9BAA000 - \SystemRoot\System32\Drivers\Aavmker4.SYS F9AD2000 - \SystemRoot\System32\Drivers\Cdfs.SYS B6C28000 - \SystemRoot\System32\Drivers\dump_atapi.sys F9D86000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F9560000 - \SystemRoot\System32\drivers\Dxapi.sys F9BB2000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys B6C41000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA33000 - \SystemRoot\System32\ati3d2ag.dll B6B10000 - \SystemRoot\System32\DRIVERS\ndisuio.sys B68A2000 - \SystemRoot\System32\Drivers\aswMon2.SYS B65BD000 - \SystemRoot\system32\drivers\wdmaud.sys B681A000 - \SystemRoot\system32\drivers\sysaudio.sys B6298000 - \SystemRoot\System32\DRIVERS\mrxdav.sys F9DEA000 - \SystemRoot\System32\Drivers\ParVdm.SYS B6487000 - \??\C:\WINDOWS\System32\drivers\CDAC15BA.SYS B612A000 - \SystemRoot\System32\DRIVERS\C4C_FALL.sys B606E000 - \SystemRoot\System32\DRIVERS\C4C_FSKS.sys B5FE6000 - \SystemRoot\System32\DRIVERS\C4C_K56K.sys F9E12000 - \SystemRoot\System32\Drivers\MASPINT.SYS B5F6C000 - \SystemRoot\System32\DRIVERS\srv.sys B619B000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys B617B000 - \??\C:\WINDOWS\System32\drivers\PfModNT.sys B5EEC000 - \SystemRoot\System32\DRIVERS\C4C_FAXX.sys B608A000 - \SystemRoot\System32\DRIVERS\C4C_TONE.sys B5E4A000 - \SystemRoot\System32\DRIVERS\C4C_V124.sys B5AC1000 - \SystemRoot\System32\Drivers\HTTP.sys B5C9E000 - \SystemRoot\System32\Drivers\aswRdr.SYS B583E000 - \SystemRoot\system32\drivers\kmixer.sys F9F7B000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 137 Liste des programmes installes a-squared Free 3.0 ABBYY FineReader 5.0 Sprint Plus ABBYY FineReader 6.0 Ad-Aware 2007 Adobe Reader 8.1.0 Adobe® Photoshop® Album Starter Edition 3.2 Adobe® Photoshop® Album Starter Edition 3.2 Allok QuickTime to AVI MPEG DVD Converter 1.1.2 Archiveur WinRAR ArcSoft PhotoImpression ATI Display Driver AutoUpdate avast! Antivirus AVG Anti-Spyware 7.5 CCleaner (remove only) Correctif du dictionnaire français pour Office 2000 Correctif pour Windows XP (KB914440) Correctif Windows XP - KB873339 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Cortina SpellChecker (Word) 1.1.1 Creative MediaSource CryptoMailer 4.10 DivX DivX Player EPSON Copy Utility EPSON Logiciel imprimante EPSON Photo Print EPSON PhotoQuicker3.5 EPSON Scan EPSON Smart Panel ESCX5400 Guide de référence ESCX5400 Guide des logiciels ESCX5400 Guide du copieur Extrafilm FotoFacil FinePixViewer Resource FinePixViewer Ver.5.1 FUJIFILM USB Driver Generic USB Card Reader Driver v1.9e3 getPlus®_ocx Google Earth HijackThis 2.0.0 Hotfix for Windows XP (KB915865) ImageMixer ImageMixer VCD2 LE for FinePix InterActual Player iTunes iTunes Java 2 Runtime Environment, SE v1.4.2_01 Java 2 Runtime Environment, SE v1.4.2_05 Java Media Framework 2.1.1a LiveReg (Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) Livre Album Fuji Photo Lotus Notes 7.0 Macromedia Shockwave Player MailNavigator v.1.11 Microsoft AutoRoute Express Europe 98 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office XP Professional avec FrontPage Microsoft Works 7.0 MicroStaff WINASPI Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933566) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mise à jour pour Windows XP (KB933360) Mise à jour pour Windows XP (KB938828) MuVo Driver Navilog1 3.0.4 NetAppel NTI CD & DVD-Maker NTI CD & DVD-Maker 6.5 Gold OLYMPUS CAMEDIA Master 4.0 PowerDVD QuickTime RAW FILE CONVERTER LE RealPlayer Realtek AC'97 Audio ScanToWeb SoulSeek Client 156b SpeedTouch USB Software Symantec pcAnywhere WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows XP Service Pack 2 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files 27/06/2004 00:16 <REP> . 27/06/2004 00:16 <REP> .. 02/10/2004 22:11 <REP> ABBYY 27/06/2004 00:28 <REP> Adobe 17/07/2007 17:21 <REP> Allok QuickTime to AVI MPEG DVD Converter 29/07/2007 17:57 <REP> Alwil Software 02/10/2004 22:18 <REP> ArcSoft 19/09/2007 12:46 <REP> a-squared Free 29/07/2007 16:24 <REP> AvRack 19/09/2007 13:02 <REP> CCleaner 26/05/2005 14:28 <REP> Common Files 27/06/2004 00:20 <REP> ComPlus Applications 16/04/2005 11:45 <REP> Creative 27/06/2004 00:30 <REP> CyberLink 21/03/2007 21:38 <REP> Dictionnaire 28/02/2005 19:08 <REP> directx 18/09/2005 13:59 <REP> DivX 09/11/2005 19:23 <REP> eoRezo 02/10/2004 22:10 <REP> EPSON 15/10/2005 15:26 <REP> Extrafilm FotoFacil 27/06/2004 00:16 <REP> Fichiers communs 17/12/2005 20:29 <REP> FinePixViewer 27/06/2004 00:27 <REP> Generic 13/06/2007 18:02 <REP> Google 14/09/2007 14:05 <REP> Grisoft 21/07/2005 15:12 457 INSTALL.LOG 03/10/2004 11:19 <REP> InterActual 27/06/2004 00:20 <REP> Internet Explorer 06/08/2005 21:11 <REP> iPod 06/08/2005 21:11 <REP> iTunes 27/06/2004 00:30 <REP> Java 08/03/2007 23:10 <REP> JMF2.1.1 07/11/2004 18:06 <REP> Lavasoft 08/06/2006 13:26 <REP> Livre Album Fuji Photo 22/10/2006 12:25 <REP> lotus 22/10/2006 13:38 <REP> MailNavigator 27/06/2004 00:20 <REP> Messenger 05/02/2006 21:42 <REP> Microsoft AutoRoute 27/06/2004 00:22 <REP> microsoft frontpage 06/10/2004 18:34 <REP> Microsoft Office 06/10/2004 18:38 <REP> Microsoft Visual Studio 27/06/2004 00:56 <REP> Microsoft Works 27/06/2004 00:21 <REP> Movie Maker 27/06/2004 00:19 <REP> MSN 27/06/2004 00:19 <REP> MSN Gaming Zone 18/09/2007 21:10 <REP> Navilog1 09/04/2006 17:26 <REP> NetAppel 27/06/2004 00:21 <REP> NetMeeting 27/06/2004 00:29 <REP> NewTech Infosystems 02/10/2004 22:41 <REP> OLYMPUS 27/06/2004 00:20 <REP> Outlook Express 28/02/2005 18:53 <REP> PIXELA 02/10/2004 22:39 <REP> QuickTime 11/10/2004 22:02 <REP> Real 29/07/2007 16:24 <REP> Realtek Sound Manager 19/09/2007 10:56 <REP> RegCleaner 17/12/2005 20:29 <REP> REGSHAVE 27/06/2004 00:20 <REP> Services en ligne 02/10/2004 22:28 <REP> Sistech 02/10/2004 22:16 <REP> Smart Panel 10/04/2005 18:18 <REP> Soulseek 21/03/2007 20:41 <REP> SpellChecker 26/10/2004 18:47 <REP> Symantec 10/12/2004 18:55 <REP> Thomson 11/10/2004 19:04 <REP> Wanadoo 27/06/2004 00:20 <REP> Windows Media Player 27/06/2004 00:19 <REP> Windows NT 18/09/2005 13:36 <REP> WinRAR 27/06/2004 00:22 <REP> xerox 23/05/2005 09:47 <REP> Yahoo! 1 fichier(s) 457 octets 69 Rép(s) 21 605 089 280 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files\fichiers communs 27/06/2004 00:16 <REP> . 27/06/2004 00:16 <REP> .. 27/06/2004 00:16 <REP> Microsoft Shared 27/06/2004 00:16 <REP> SpeechEngines 27/06/2004 00:16 <REP> ODBC 27/06/2004 00:20 <REP> System 27/06/2004 00:21 <REP> MSSoap 27/06/2004 00:21 <REP> Services 27/06/2004 00:27 <REP> InstallShield 27/06/2004 00:28 <REP> Adobe 27/06/2004 00:30 <REP> Java 02/10/2004 22:17 <REP> Python 06/10/2004 18:38 <REP> Designer 11/10/2004 22:02 <REP> Real 11/10/2004 22:02 <REP> xing shared 26/10/2004 18:47 <REP> Symantec Shared 26/05/2005 14:07 <REP> ACD Systems 08/06/2005 09:22 <REP> KAV Shared Files 14/09/2007 21:08 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 19 Rép(s) 21 605 089 280 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 27/06/2004 00:26 <REP> . 27/06/2004 00:26 <REP> .. 07/03/2001 09:00 127 033 MSOWS40c.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 28/02/2004 17:00 58 784 MSOSV.DLL 06/10/2004 18:37 <REP> 1036 06/10/2004 18:38 <REP> 1033 28/02/2004 17:00 1 327 104 MSONSEXT.DLL 28/02/2004 17:00 86 016 PKMWS.DLL 28/02/2004 17:00 24 576 PKMTRACE.DLL 28/02/2004 17:00 401 462 MSVCP60.DLL 28/02/2004 17:00 69 632 PKMAXCTL.DLL 28/02/2004 17:00 872 448 PKMCDO.DLL 28/02/2004 17:00 159 744 PKMCORE.DLL 28/02/2004 17:00 106 496 PKMFORMS.DLL 28/02/2004 17:00 684 032 PKMRES.DLL 28/02/2004 17:00 28 672 PKMSSTLB.DLL 28/02/2004 17:00 40 960 PKMTEMPL.DLL 28/02/2004 17:00 237 568 PROMDEMO.DLL 28/02/2004 17:00 184 320 SECMGR.DLL 28/02/2004 17:00 323 584 VAIDDMGR.DLL 28/02/2004 17:00 32 768 VAIMEM.DLL 19 fichier(s) 5 482 113 octets 4 Rép(s) 21 605 089 280 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files\common files 26/05/2005 14:28 <REP> . 26/05/2005 14:28 <REP> .. 26/05/2005 14:28 <REP> McNeel Shared 0 fichier(s) 0 octets 3 Rép(s) 21 605 089 280 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\ 18/09/2007 23:31 883 694 SmitfraudFix.exe 1 fichier(s) 883 694 octets 0 Rép(s) 21 605 089 280 octets libres c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX1\_ISDel.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX1\Setup.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX1\Reader\AcroRd32.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX0\_ISDel.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX0\Setup.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX0\Via4in1.exe c:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX0\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX0\Setup.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX0\Via4in1.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX1\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX1\Setup.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\{DE8EAA5A-E96F-4E88-AA72-FEFF0E6190FA}\{5aa18c57-381c-4c99-8fe6-5eb1cb0a5bc0}\DIRECTX8\DXSETUP.EXE c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\Lotus Notes\setup.exe c:\Documents and Settings\Jean-Christophe\Menu Démarrer\Programmes\Démarrage\system.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Ma musique\MP3\Softwares\slsk152.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Ma musique\MP3\Softwares\slsk156b.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\A505AFP1.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\Ac705RdP_efgj.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\Acro-Reader_703_Update.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\AdbeRdr705_enu_full.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\Mas_clock.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\WinZip\WINZIP32.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\WinZip\WZSEPE32.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Terminal numerique\Vega_v1.054.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Terminal numerique\Vega_v2.31.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Terminal numerique\5000\TFD-Down.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Général\Stations_MT\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\SHELLEXE.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Général\Stations_MT\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\ADOBE\rs40eng(1).exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Général\Stations_MT\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\45A0163\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Général\Stations_MT\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\45A0158\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Semaine23-2005\Plate-Forme Sat\Fontvieille\MON-MON-005@W1\HUB DVB-RCS\Exploitation\ISP\ISPCertificate.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Semaine23-2005\Plate-Forme Sat\Fontvieille\MON-MON-005@W1\HUB DVB-RCS\Exploitation\ISP\jinit1319.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Semaine23-2005\Plate-Forme Sat\Fontvieille\MON-MON-005@W1\Eutelsat Multimedia Platform\Supervision\duralnk64_52_drv_win.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Semaine23-2005\Plate-Forme Sat\Fontvieille\MON-MON-005@W1\Eutelsat Multimedia Platform\Clients_EMP\NetTester.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\aaw2007.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\aaw6181.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\acdsee.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\canvasx_eval.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\dumeter3.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\kavperso50149_01net352.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\MNavi111.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\msnaddin.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\rh30eval_fr_20040421.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\setup_eoweather.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\setupfre.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\dumphive.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\HostsChk.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\restart.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\swreg.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\swsc.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\swxcacls.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\unzip.exe c:\Documents and Settings\Jean-Christophe\Bureau\Navilog1.exe c:\Documents and Settings\Jean-Christophe\Bureau\Archives\iTunesSetup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Archives\Archives\Divers\dumeter3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Archives\Archives\Divers\SVGView.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\TDCA\Monaco\NETPERF.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\TDCA\Monaco\netserver.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\TDCA\TDCA_Data\stat\nss\ObsHC3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\Billing\Schedule.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\Billing\TAP2PlusInspect.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\des.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\ANASM7\AD121501.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\ANASM7\ANASM7.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\conform_vala\CONFORM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\conform_vala\PRG23.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\conform_vala\PRG77.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\conform_vala\RESTIT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\Macro\awk\Awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\Macro\awk\vms for Prepaid\Awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\Mesures_12_01\pp\Results.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\Info_SUP_CET\fichiers Netcool\nnm7 probe\omnibus-3.x-wnt-probe-nco-p-nnm7_0\post36\nco_p_nnm7.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\Info_SUP_CET\fichiers Netcool\nnm7 probe\omnibus-3.x-wnt-probe-nco-p-nnm7_0\pre36\nco_p_nnm7.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\courbe de trafic\calcucell.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\starter.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\common\AdbeRdr60_enu_full.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\common\winzip81.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\Config_manager\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.2\NNM_00932.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.2\NNM_01015.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.2\NNM_01018.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.4\ECS_00028.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.4\NNM_00998.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.4\NNM_01010.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.4\NNM_01055.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.102.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.102.50\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.310.92\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.320.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.321.52\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.331.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-001@Eurasiasat 1\Antenne & RF\Hub Monaco\Modem Paradise\CAM Windows Installer-1.72.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Applications\Clients\Config.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Applications\Kernel\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Dsp2.08.18\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Dsp2.08.18\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\OpenMuxService\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\OpenMuxService\OpenMuxService.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ DSP Update\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ DSP Update\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\PiaPlusAdmin.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Self Test.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Test Bed.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Test Server.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\VerifAutoTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\Sentinel\setupx86.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\Divers\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IoMeter\Dynamo.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IoMeter\Iometer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IPTools\wsttcp.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\SkyGate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\Acrobat\_isdel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\Acrobat\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\Config.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\OpalManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\ReadPacket.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\ReadSection.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\SatConfig.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\SatStatus.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\SkyGate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\Update.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\Apps\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\Apps\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\V02.00.03\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\V02.00.03\cascfg\cascfg.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\Skygate upgrade 05.01.13\files\exe\SkyGate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\Skygate upgrade 05.01.13\files\OpenMux 2.00.21\OpalManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\Skygate upgrade 05.01.13\files\OpenMux 2.00.21\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\Skygate upgrade 05.01.13\files\Ruby (SOLE II only)\Ruby.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\THALES_BM\DspUpdate\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\THALES_BM\Test Pia Plus\Self Test.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\THALES_BM\Test Pia Plus\Test Bed.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\THALES_BM\Test Pia Plus\Test Server.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\starter.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.4\ECS_00028.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.4\NNM_00998.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.4\NNM_01010.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.4\NNM_01055.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.2\NNM_00932.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.2\NNM_01015.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.2\NNM_01018.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.331.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.321.52\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.320.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.310.92\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.102.50\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.102.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\Config_manager\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\common\AdbeRdr60_enu_full.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\common\winzip81.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Bilan Stations Terriennes Satellite\La Rûche\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\SHELLEXE.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Bilan Stations Terriennes Satellite\La Rûche\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\45A0158\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Bilan Stations Terriennes Satellite\La Rûche\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\45A0163\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Bilan Stations Terriennes Satellite\La Rûche\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\ADOBE\rs40eng(1).exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\CSM - Supervision des porteuses\Monitor & control\laurent\Etude de marché\entreprises\orbit\firmware\Esa_A0705.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Equipements\RF\Tranceiver\Anacom\Anasat\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Equipements\RF\Tranceiver\Anacom\Anasat\SupJr\DT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Equipements\RF\Tranceiver\Anacom\Anasat\Two Units Compact SSPA\Anacom.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Equipements\RF\Tranceiver\Anacom\supervision\SUPERVIS.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Fontvieille\MON-MON-005@W1\Eutelsat Multimedia Platform\Clients_EMP\NetTester.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Fontvieille\MON-MON-005@W1\Eutelsat Multimedia Platform\Supervision\duralnk64_52_drv_win.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Formation\Training_Thalès\OpenMux\coral.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Formation\Training_Thalès\OpenMux\OpalManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\SkyGate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IoMeter\Dynamo.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IoMeter\Iometer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IPTools\wsttcp.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\Divers\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\Sentinel\setupx86.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\PiaPlusAdmin.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Self Test.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Test Bed.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Test Server.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\VerifAutoTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ DSP Update\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ DSP Update\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\OpenMuxService\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\OpenMuxService\OpenMuxService.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Dsp2.08.18\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Dsp2.08.18\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Applications\Kernel\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Applications\Clients\Config.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\UNINSTAL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\IESS docs\Docs\409_54.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\IESS docs\Docs\409rev3a.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\IESS docs\Docs\410rev05.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\LST.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\LSTDOC44.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\LSTPGM44.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\lst44\LSTBWB44.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\lst44\LSTPGM44.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\AcrobatReaders\ar40eng.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\Config.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\coral.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\CoralMHP.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\ExtractIpClient.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\ExtractIpServer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\NetTester.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\OnyxManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\OpalManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\OptiPID.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\Ruby.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\ScClient.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\SSU_Manager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\Topaz.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Kernel\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Kernel\SSU.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\BrowserServer\BrowserServer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\BrowserServer\BrowserService.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\BrowserServer\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\CarbPlus\CPInterMdi.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Divers\Install Digigram\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\DLL\vcredist.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Install Digigram\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\OpenMuxService\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\OpenMuxService\OpenMuxService.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ DSP Update\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ DSP Update\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\PiaPlusAdmin.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\Self Test.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\Test Bed.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\Test Server.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\VerifAutoTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\autorun.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\instmsia.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\instmsiw.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Internet Installer\RainbowSSD5.39.2.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_31\install.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_9x\sentstrt.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_9x\sentw9x.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_NT\setupaxp.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_NT\setupppc.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_NT\setupx86.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\RainbowKeyUpdater\RainbowKeyUpdater 3.0.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\Divers\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\IoMeter\Dynamo.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\IoMeter\Iometer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\IPTools\wsttcp.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\jre\jre-1_2_2_006-win.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\vnc-3.3.3r9_x86_win32\vnc_x86_win32\winvnc\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\vnc-3.3.3r9_x86_win32\vnc_x86_win32\winvnc\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\BOX40.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\BOX40A.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\IESS412.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\POINT40.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\POINT40A.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\iess412_v22\IESS.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\winpoint\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\winpoint\WINPoint.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\SATCODX\satg-trial.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Satmaster\satwin.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Satmaster\smdemo32.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Satmaster\usrguide.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\Handheld Spectrum Analyzer R&S FSH3 - download simulation.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\rsfsh_vxipnp_1_1.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\FSH3\R&S FSH3 - Firmware 5[1].0.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\FSH3\R&S FSHView 5_0\CDROM\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\FSH3\R&S FSHView 5_0\CDROM\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Viewer\LVIEW31.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Trans\Projets\BDT\BD-Access\vba232a.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Trans\Reseaux\DSLAM\G.SHDSL\Modems\Thomson\BootP server\BootP.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Trans\Reseaux\DSLAM\Libello V4\LibelloSoft.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Divona\Divona2Ways\DIVERS\FSH3\Handheld Spectrum Analyzer R&S FSH3 - download simulation.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Divona\Divona2Ways\DIVERS\FSH3\FSH3\R&S FSH3 - Firmware 5[1].0.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Divona\Divona2Ways\DIVERS\FSH3\FSH3\R&S FSHView 5_0\CDROM\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Divona\Divona2Ways\DIVERS\FSH3\FSH3\R&S FSHView 5_0\CDROM\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\Monaco\NETPERF.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\Monaco\netserver.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\BSS data\soft\btswatl1.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\awk\awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\aide\calcucell.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\aide\CoordConvert.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\aide\network\awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\Doc_SSP\TOOLS\NETSCAPE\cc32e461.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\Doc_SSP\TOOLS\READER\ACRD4EN.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\acdSee\CORE99.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\acdSee\CR-ACD3K.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\acdSee\fo-acds3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Divers\AcroReader51_ENU_full.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Divers\calcucel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Divers\CoordConvert.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Divers\MobileModemSettingsDrivers_R3A_english.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Gencard2.1_tool\Install\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\harraps\finstall.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\harraps\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\harraps\deinstal\remove.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\harraps\deinstal\data\fontdel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IN\COMPROV_ACCMAN\disk1\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IN\PPS\Prv_dk1\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IN\PPS\Prv_dk1\SETUP1.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IrCOMM2k-eng\ircomm2k.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IrCOMM2k-eng\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\agrsmdel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\agsetup3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\LTSMhom.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\LTSMMsg.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\nokia7110\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\nokia7110\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\AIG.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\EDIMIRE.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\EXISTDIR.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\FREE_DSK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\GLA.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\GTL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\GTLGRAF.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\GTPDISP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\INST_WAM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\INST_WNT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\LECTCHOI.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\LOADWAM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\PMDAUTOM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\QUELCLAV.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\SCANPVC.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\SERVEUR.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\TM3.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\VERMODEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\SecuCRT\scrt30b3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\SecuCRT\securecrt.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\ultredit\dictfr.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\ultredit\eclue90a.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\ultredit\uedit32fi.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\winzip\WinZip81REG.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\xtalk\disk1\XTALK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\SkypeSetup-Beta.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\isdn\ISDN.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\AIG.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\EDIMIRE.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\EXISTDIR.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\FREE_DSK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\GLA.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\GTL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\GTLGRAF.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\GTPDISP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\INST_WAM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\INST_WNT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\LECTCHOI.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\LOADWAM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\PMDAUTOM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\QUELCLAV.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\SCANPVC.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\SERVEUR.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\TM3.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\VERMODEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\calcucell.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\Mesures_12_01\pp\Results.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\Macro\awk\Awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\Macro\awk\vms for Prepaid\Awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\Billing\Schedule.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\Billing\TAP2PlusInspect.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\des.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\ANASM7\AD121501.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\ANASM7\ANASM7.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\conform_vala\CONFORM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\conform_vala\PRG23.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\conform_vala\PRG77.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\conform_vala\RESTIT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\E-DOC UTRAN\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\E-DOC UTRAN\Acrobat_Reader40\windows\english\rs405eng.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\E-DOC UTRAN\Acrobat_Reader40\windows\french\rs405fre.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\CopySys.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\Install.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\acrobat\ar505enu.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\acrobat\ar505fra.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Inf\Win2K_XP\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Inf\WIN98_ME\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Nokia\MPAPI3s.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Nokia\ServiceLayer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Outlook\WatchDog.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\nomad\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Inf\Win2K_XP\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Inf\WIN98_ME\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Nokia\MPAPI3s.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Nokia\ServiceLayer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Outlook\WatchDog.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\nomad\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Inf\Win2K_XP\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Inf\WIN98_ME\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Nokia\MPAPI3s.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Nokia\ServiceLayer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Outlook\WatchDog.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\nomad\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Services 3G - 2003\wapgateway_202_b64-02.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Adobe\adberdr70_distrib_enu.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\AR\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Dual_IO\diowin2k\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Dual_IO\diowin2k\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Dual_IO\diowin9x\Enablers\ENABLEDO.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Dual_IO\diowin9x\Windows@20CE\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473A\edgeport.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473A\ionflash.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473B\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473B\Win98\edgeport.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473B\Win98\ionflash.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\E6474A\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\E6474A\Sentinel\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Edgeport\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\NITRO\Data_Server_3_00.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Macro CRT\CDR\AWK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Macro CRT\scrt414\scrt414.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\bhart_tools\tcteaq14.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\bhart_tools\bhartinstall\Disk1\expand.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\bhart_tools\bhartinstall\Disk1\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\GPRS\setup_orange_pc.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\GPRS\setup_orange_ppc.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\SecureCRT.v5.0.3.1040-TBE\scrt503.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\SecureCRT.v5.0.3.1040-TBE\scrt503-tbe.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\SMSC\AUTORUN.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\statssp\bin\AWK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\statssp\bin\Cmd32.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\statssp\bin\Perl.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\statssp\bin\PerlGlob.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10HC\HC3\logiciels\liv_msot\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10HC\HC3\logiciels\liv_msot\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10B3\Observations\Trace Sarla\Ad121601.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10B3\Observations\Unimanager\Remote desktop connexion\msrdpcli.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10B3\Publiphone\Landis & Gyr - Eureka soft\MAINTENANCE système POP-VTS-SN\checkboard.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Département Satellite et Energie\Satellite\DVB-RCS_PAS1R\ica.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Département Satellite et Energie\Satellite\DVB-RCS\UpGrade\TerminalConfig.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\LiM Work\vision\delphi\visio\tests\144MB\DISK1\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\LiM Work\vision\delphi\visio\tests\144MB\DISK1\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\cgi-bin\htimage.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\cgi-bin\imagemap.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\cgi-bin\_vti_cnf\htimage.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\cgi-bin\_vti_cnf\imagemap.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\_vti_bin\fpcount.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Divers\Copie Portable\guidetolive.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\RealProducer_8.5_Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\ste51fr.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\RealNetwork\rp8plus-setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\Meeting operateur\insttool.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\ConferenceRoom 1 8\crinst1803.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\ipass.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\mdac_typ_v2.5_SP1.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\zBand Client (IE, Build 116).exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\zBand Network Element (Build 24).exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\zBand Server (Evaluation Ed.).exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Microsoft Meeting\NetMeeting.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Microsoft Meeting\nm30ax.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\FTPVoyage.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\ie5setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\mirc59t.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\SatBoxCD.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\sniffer_setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\winzip80.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\PeopleCall\ppcdial-1903.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\Harmonic\SatBox.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\Harmonic\SatBoxInst.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\UDCAST\putty.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\FTP\fvsetup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Visiosat\Carte_PC\philippe\e-mail.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\Messagerie\c84w1na.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\aaw2007.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\avgas-setup-7.5.1.43.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\ccsetup200.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\ComboFix.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\HiJackThis_v2.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\MDAC253-KB927779-x86-FRA.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\RegCleaner.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\RHosts.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\spybotsd15.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Windows-KB890830-V1.33.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\WindowsXP-KB927779-x86-ENU.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\WindowsXP-KB927779-x86-FRA.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\WindowsXP-KB936021-x86-FRA.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\ZR_1.0.0.37\Zeb-Restore.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\Software\a2FreeSetup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\Software\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\Software\ATF-Cleaner.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\Software\spybotsd_includes.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\catchme.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\diff.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\dumphive.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\find2.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\Fport.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\grep.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\KProcCheck.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\LFiles.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\md5sums.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\pslist.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\streams.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\swreg.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\dumphive.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\exit.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\HostsChk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\Process.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\Reboot.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\restart.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\swreg.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\swsc.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\swxcacls.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\unzip.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\VCCLSID.exe c:\Documents and Settings\Olga\Local Settings\Temp\cat.exe c:\Documents and Settings\Olga\Local Settings\Temp\ICQSRP.exe c:\Documents and Settings\Olga\Local Settings\Temp\setup_wm.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX0\_ISDel.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX0\Setup.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX0\Via4in1.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX1\_ISDel.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX1\Setup.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX1\Reader\AcroRd32.exe c:\Documents and Settings\Olga\Local Settings\Temp\TFRINS\kav_personalpro_45049_fre_tr1m.exe c:\Documents and Settings\Olga\Local Settings\Temp\pft14.tmp\Setup.exe c:\Documents and Settings\Olga\Local Settings\Temp\pft1~tmp\_ISDEL.EXE c:\Documents and Settings\Olga\Local Settings\Temp\pft1~tmp\SETUP.EXE c:\Documents and Settings\Olga\Local Settings\Temp\Adobe Reader 8\Setup.exe c:\Documents and Settings\Olga\Menu Démarrer\Programmes\Démarrage\system.exe c:\Documents and Settings\Olga\Mes documents\AcroPro80_efg.exe c:\Documents and Settings\Olga\Mes documents\AdbeRdr80_en_US.exe c:\Documents and Settings\Olga\Mes documents\AdobeReader305-PalmOS_fra.exe c:\Documents and Settings\Olga\Mes documents\Google_Earth_BZXE.exe c:\Documents and Settings\Olga\Mes documents\Uploader.exe c:\Documents and Settings\Olga\Mes documents\My eBooks\ACDSee32.exe c:\Documents and Settings\Olga\Mes documents\My eBooks\udfrinst.exe c:\Documents and Settings\Olga\Mes documents\Letzeburgisch\SpellCheckerWord-1_1_1.exe c:\Documents and Settings\Olga\Mes documents\Letzeburgisch\dictionnaire\dic_luxembourgeois.exe c:\Documents and Settings\Olga\Mes documents\Letzeburgisch\dictionnaire\dictionnaire_setup.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\PortableFirefox.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\firefox.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\updater.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\xpicleanup.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\plugins\NPSWF32_FlashUtil.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\uninstall\uninstall.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\bestelsoft.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\DivX521.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\icqpro2003b.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\setupnetappel.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\wrar350fr.exe c:\Documents and Settings\Olga\Mes documents\deutsch\Berliner_platz\Lehrer\jmf-2_1_1a-win.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\PWORM\PWORM.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\LINES98\LINES98.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\JC\JC.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\JC\Japan2\Japan2.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\JC\Japan2\JCSet.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\JC\Japan2\Soluter.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\1\SPCTAUDIOSetupus.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\DivX\Register_DivX.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\DivX\SetStereo.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\wincmd\SHARE_NT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\wincmd\WC32TO16.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\wincmd\WCUNINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\wincmd\WINCMD32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Masdance\runscr.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Masdance\unins000.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Depress\runscr.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Depress\unins000.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Cellar_scrnsv\runscr.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Cellar_scrnsv\unins000.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\masanja2\Masja2.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\kulinar\KULINAR.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\audiograbber\audiograbber.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\audiograbber\uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Player\UNINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Player\XMPLAYER.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Encoder\RAR.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Encoder\UNINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Encoder\XMCODER.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Encoder\xmcodpop.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Winamp\winamp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Winamp\winampa.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\WinRAR\Rar.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\WinRAR\Uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\WinRAR\UnRAR.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\WinRAR\WinRAR.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\The Playa\ThePlaya.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\The Playa\uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\The Playa\validator.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\The Bat!\thebat.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Symantec\LiveUpdate\LUAll.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Symantec\LiveUpdate\Uninst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Resounding\Roger Wilco\roger.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Resounding\Roger Wilco\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealPlayer\realplay.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealPlayer\Setup\.g2cln.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealPlayer\Setup\setup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealJukebox\Update\rnuninst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealDownload\REALDOWNLOAD.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ReGetDx\MozSetup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ReGetDx\regetdx.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\PrecisionTime\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Plus!\SYSAGENT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Plus!\THEMES.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Photoshop 5.0\Photoshp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Photoshop 5.0\Registration\AdobeReg32.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\PV\Msoffice\MUSTUI.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Outlook Express\msimn.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Outlook Express\oemig50.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Outlook Express\wab.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Outlook Express\wabmig.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\opera.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\UnInst\OpUninst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\UnInst\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\UnInst\Backup\j2re-1_4_1_01-windows-i586-i.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\Program\Netscape.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\BACKLOG.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NDD32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NREGEDIT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NREGXPRT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NULIVEUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\OPTWIZ.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\REGPATCH.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\REGWDOC.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\SD32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\SIREGIST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\SYSDOC32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\WDSCAN.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\WINDOC.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NSS\SPDSTART.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\NetMeeting\CB32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\NetMeeting\CONF.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\NetMeeting\WB32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\NEMO_Soft\MicroDVD\MicroDVD.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Mult.ru Studio\masclock\runscr.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Mult.ru Studio\masclock\unins000.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\EXCEL.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\GRAPH9.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MAKECERT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MSO7FTP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MSO7FTPA.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MSO7FTPS.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MSOHTMED.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\OSA9.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\OTUNEUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\SELFCERT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\WINWORD.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\1049\MSOHELP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\talk99.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\tkreg99.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\Tkreg99b.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\UpgAgent.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\mathcad.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\mcad.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\Msft.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\Newdict.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\regtool.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\cmaple.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\lks.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\mint.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\updtsrc.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\wmaple.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Lexmark_RMN\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Lavasoft Ad-Aware\Ad-aware.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Lavasoft Ad-Aware\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\AVPExec.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\AVPInst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\AvpM.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\AVRescue.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\KAVI.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\klav.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\OffGuard.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\OGRC.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Java Web Start\helper.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Java Web Start\javaws.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Java Web Start\uninst-javaws.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\ACTSETUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\CHLINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\IEXPLORE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Setup\IEBATCH.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Setup\SETUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\isignup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\InstallShield Installation Information\{7F5E2A5A-92C5-4DF1-808D-1688C50CBFEE}\Setup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\InstallShield Installation Information\{1666FA7C-CB5F-11D6-A78C-00B0D079AF64}\Setup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\DBConvert.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\Icq.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\ICQPatchManager.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\ICQRebootDll.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\Icqrun.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\icqsrp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\ICQUninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\NDEdit.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\NDetect.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\UNWISE32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\DataFiles\externals.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\GameSpy Arcade\ArcadeInstallFull201.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Far\Far.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Far\Uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\dlimport.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\logagent.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\mplayer2.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\setup_wm.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\wmplayer.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\EDialer\EDialer.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\EDialer\Master.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\EDialer\DDETools\ExecMacro.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\EDialer\DDETools\RequestItem.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\DivXCodec\uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Date Manager\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Shared\Writing Tools\9.0\wt9sptlEN.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Register\IEHost.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Programs\coreldrw.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Programs\cscconv.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Programs\ExploreCD.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Programs\webwlc.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\DCOM95.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\LOGBOOK.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\LOGGER.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\SEVINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\SYMUNDO.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Real\Update\nddeserv.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Real\Update\rnuninst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Real\Update\upgrdhlp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\ReGet Shared\regetupd.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Microsoft Shared\VBA\VBA6\link.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Microsoft Shared\MSINFO\MSINFO32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Microsoft Shared\Artgalry\ARTGALRY.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Microsoft Shared\Artgalry\CAG.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\KAV Shared Files\AddKey.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\KAV Shared Files\avpupd.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\KAV Shared Files\AvpVList.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\KAV Shared Files\RepView.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKERNEL.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\engine\6\Intel 32\KNLWRAP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Webupdate\axdist.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Webupdate\iftw.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Webupdate\WebUpdate.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Webupdate\wsh.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\GMT\GUninstaller.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\EBAPISET.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\EBP16B.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\EBRR.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\SAgent95.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\STMSetup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Borland Shared\BDE\BDEADMIN.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Autodesk Shared\AcHelp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\AVP Shared Files\AddKey.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\AVP Shared Files\AVPUnIns.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\AVP Shared Files\avpupd.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\AVP Shared Files\RepView.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\CREATIVE\AUDIO\CTSetup\ctsetup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\acad.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\addplwiz.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\assist.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\expand.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\hpsetup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\pc3exe.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\sfxfe32.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\styexe.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\styshwiz.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\WebDepot\ErrorHandler\RepairToday.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Support\slidelib.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\3dsviz.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\Manager.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\Notify.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\QueueMan.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\Server.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Help\alalink.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\Web\qkorder.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PS_20SE\PSTUDIO.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PS_20SE\QKORDER.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PP_20\Photoprn.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PF_20\fantasy2.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PB_20\PhBase.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Achiever ADC-65\TWUNK_16.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Achiever ADC-65\TWUNK_32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Accessories\MSPAINT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Accessories\WORDPAD.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Accessories\HyperTerminal\HYPERTRM.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\easytalk.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\etexp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\ETTrace.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\srfile.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\UNINSTAL.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMDEIDE\98clean.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMDEIDE\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ACDSee32\ACDSee32.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ACDSee32\NetSonic.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ACDSee32\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\AINFO.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\CAGENT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\ExtDictSaver.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\FINEOCR.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\FineReader.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\FINESTI.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\SETUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\TWAIN\TWUNK_16.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\TWAIN\TWUNK_32.EXE c:\Documents and Settings\Olga\Mes documents\Vykroyki\DEMO.exe c:\Documents and Settings\Olga\Mes documents\Vykroyki\vw6042.exe c:\Documents and Settings\Olga\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe c:\Documents and Settings\Olga\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\ARPPRODUCTICON.exe c:\Documents and Settings\Olga\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe c:\Documents and Settings\Olga\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe c:\Documents and Settings\Olga\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe c:\Documents and Settings\Elyan\Menu Démarrer\Programmes\Démarrage\system.exe c:\Documents and Settings\Elyan\Local Settings\Temporary Internet Files\Content.IE5\OKJAJ9FB\SmitfraudFix[1].exe c:\Documents and Settings\Elyan\Local Settings\Temporary Internet Files\Content.IE56VF3FB4\RHosts[1].exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\_ISDel.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\Setup.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\Via4in1.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX1\_ISDel.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX1\Setup.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX1\Reader\AcroRd32.exe c:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\system.exe c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll ****** Fin du rapport DiagHelp

Salut, OK je fais cela dès mon retour du boulot vers 19h00. Merci encore pour ta patience. JC

Bonjour, Désolé, tu as raison mais j'ai suivi scrupuleusement les étapes en mode sans echec deux fois. Mais comme j'ai suivi deux fois les procédures en mode sans échec et que le PC ne redémarre pas et se met en mode sans écran avec aucune fenêtre active (sauf gestionnaire des tâches si je le demande) - smitfraudfix disparait (je l'ai laissé tourner une quinzaine de minutes). J'ai fait exactement les manip suivante: 1.Suivi étape par étape de ta procédure dans compte JC Smitfraudfix - Action 2: Au bout de 15 minutes - démarrage gestionnaire des tâches: aucune tâche active apparemment - redémarrage par mon action du PC 2. Reprise de ta procédure en mode sans echec dans compte JC toujours depuis étape 3 Smitfraudfix - Action 2: Au bout de 15 minutes : Même problème que précédemment - redémarrage par mon action du PC 3. J'ai refait un smitfraudfix en mode normal pour voir si le même problème apparaissait dans ce mode (il réapparaissait comme en mode sans echec) - redémarrage du PC après 15 minutes Envoi des 3 rapports Je vais refaire les manips ce soir ==> Dois-je attendre plus de 15 minutes sur smitfraudfix? Une remarque: lorsque j'ai désactivé teatimer, j'ai eu le message: modification de la base de registre non autorisée mais apparemment le logiciel a pris l'action car après réouverture, l'option était décochée Merci et désolé encore, JC

Re, Galere!! J'ai suivi la procedure etape par etape. Tout ok sauf: etape 3: Modification base de registre interdite plusieurs fois apres le fix et etape 5 qui s'est execute a moitie: apres appui sur 2, lancement du nettoyage mais apres qques temps la fenetre disparait et je dois relancer le PC. Je n'ai donc pas eu les questions suivantes: A la question: Voulez-vous nettoyer le registre ? répond O (oui) et presse [Entrée] afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection. Le fix déterminera si le fichier wininet.dll est infecté. A la question: Corriger le fichier infecté ? répond O (oui) et presse [Entrée] pour remplacer le fichier corrompu. Avant de disparaitre, il apparait sur la fenetre de l'ecran le message: fichier inaccessible... Pour l'acces aux menus disparus (gestionnaire de taches, propriete du poste de travail...), je l'ai eu pendant qques minutes et cela a de nouveau disparu avec le meme message qu'auparavant. Le message Warning! ... reapparait apres m'avoir laisse tranquille pendant quelques temps. A chaque demarrage, j'ai maintenant le message printer.exe manquant. Merci encore pour ta patience et ton aide. JC Voir ci-dessous les 3 rapports demandes STP Smitfraudfix Hijackthis DiagHelp Rapport Smitfraudfix mitFraudFix v2.225 Rapport fait à 22:30:07,01, 19/09/2007 Executé à partir de C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 192.168.200.3 ad.doubleclick.net 192.168.200.3 ad.fastclick.net 192.168.200.3 ads.fastclick.net 192.168.200.3 ar.atwola.com 192.168.200.3 atdmt.com 192.168.200.3 avp.ch 192.168.200.3 avp.com 192.168.200.3 avp.ru 192.168.200.3 awaps.net 192.168.200.3 banner.fastclick.net 192.168.200.3 banners.fastclick.net 192.168.200.3 ca.com 192.168.200.3 click.atdmt.com 192.168.200.3 clicks.atdmt.com 192.168.200.3 customer.symantec.com 192.168.200.3 dispatch.mcafee.com 192.168.200.3 download.mcafee.com 192.168.200.3 downloads-us1.kaspersky-labs.com 192.168.200.3 downloads-us2.kaspersky-labs.com 192.168.200.3 downloads-us3.kaspersky-labs.com 192.168.200.3 downloads1.kaspersky-labs.com 192.168.200.3 downloads2.kaspersky-labs.com 192.168.200.3 downloads3.kaspersky-labs.com 192.168.200.3 downloads4.kaspersky-labs.com 192.168.200.3 engine.awaps.net 192.168.200.3 f-secure.com 192.168.200.3 fastclick.net 192.168.200.3 ftp.avp.ch 192.168.200.3 ftp.downloads1.kaspersky-labs.com 192.168.200.3 ftp.downloads2.kaspersky-labs.com 192.168.200.3 ftp.downloads3.kaspersky-labs.com 192.168.200.3 ftp.f-secure.com 192.168.200.3 ftp.kasperskylab.ru 192.168.200.3 ftp.sophos.com 192.168.200.3 ids.kaspersky-labs.com 192.168.200.3 kaspersky-labs.com 192.168.200.3 kaspersky.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 mast.mcafee.com 192.168.200.3 mcafee.com 192.168.200.3 media.fastclick.net 192.168.200.3 my-etrust.com 192.168.200.3 nai.com 192.168.200.3 networkassociates.com 192.168.200.3 norton.com 192.168.200.3 phx.corporate-ir.net 192.168.200.3 rads.mcafee.com 192.168.200.3 secure.nai.com 192.168.200.3 securityresponse.symantec.com 192.168.200.3 service1.symantec.com 192.168.200.3 sophos.com 192.168.200.3 spd.atdmt.com 192.168.200.3 symantec.com 192.168.200.3 trendmicro.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 us.mcafee.com 192.168.200.3 vil.nai.com 192.168.200.3 viruslist.com 192.168.200.3 viruslist.ru 192.168.200.3 virusscan.jotti.org 192.168.200.3 virustotal.com 192.168.200.3 www.avp.ch 192.168.200.3 www.avp.com 192.168.200.3 www.avp.ru 192.168.200.3 www.awaps.net 192.168.200.3 www.ca.com 192.168.200.3 www.f-secure.com 192.168.200.3 www.fastclick.net 192.168.200.3 www.grisoft.com 192.168.200.3 www.kaspersky-labs.com 192.168.200.3 www.kaspersky.com 192.168.200.3 www.kaspersky.ru 192.168.200.3 www.mcafee.com 192.168.200.3 www.my-etrust.com 192.168.200.3 www.nai.com 192.168.200.3 www.networkassociates.com 192.168.200.3 www.sophos.com 192.168.200.3 www.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 www.trendmicro.com 192.168.200.3 www.viruslist.com 192.168.200.3 www.viruslist.ru 192.168.200.3 www.virustotal.com 192.168.200.3 www3.ca.com »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\printer.exe supprimé C:\WINDOWS\system32\WinAvXX.exe supprimé »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" Rapport hitjackthis Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 22:37:14, on 19/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\lotus\notes\nslsvice.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Extrafilm FotoFacil\Agent.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\program files\netappel\netappel.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\HiJackThis_v2.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr.dll (file missing) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Extrafilm FotoFacil\Agent.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [NetAppel] "C:\program files\netappel\netappel.exe" -nosplash -minimized O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: system.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Exif Launcher.lnk = ? O4 - Global Startup: autorun.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/ O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.0.8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://webalbum.foto.com/NewUploader/ImageUploader4.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - http://www.extrafilm.fr/net/import/ImageUploader3.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://photoservice.fujicolor.de/ips-opdat...PSUploader4.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} - http://webalbum.foto.com/FUploader/SpeedUploader.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\systems.txt O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Elève pcAnywhere (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lotus Notes Single Logon - IBM Corp - C:\Program Files\lotus\notes\nslsvice.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe -- End of file - 10637 bytes Rapport Diaghelp DiagHelp version v1.2 - http://www.malekal.com excute le 19/09/2007 à 22:40:31,25 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->19/09/2007 22:40:18 C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->19/09/2007 22:40:16 C:\WINDOWS\prefetch\WINZIP32.EXE-329CAB37.pf -->19/09/2007 22:39:16 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->19/09/2007 22:39:04 C:\WINDOWS\prefetch\NOTEPAD.EXE-189578DA.pf -->19/09/2007 22:37:26 C:\WINDOWS\prefetch\HIJACKTHIS_V2.EXE-082410DF.pf -->19/09/2007 22:36:50 C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->19/09/2007 22:36:30 C:\WINDOWS\prefetch\WMIAPSRV.EXE-1E2270A5.pf -->19/09/2007 22:36:16 C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->19/09/2007 22:36:02 C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->19/09/2007 22:35:08 C:\WINDOWS\System32\drivers\NSDriver.sys -->14/09/2007 21:11:58 C:\WINDOWS\System32\drivers\AWRTRD.sys -->14/09/2007 21:11:56 C:\WINDOWS\System32\drivers\aswmon.sys -->06/09/2007 12:05:26 C:\WINDOWS\System32\drivers\aswmon2.sys -->06/09/2007 12:05:10 C:\WINDOWS\System32\drivers\aswRdr.sys -->06/09/2007 12:03:02 C:\WINDOWS\System32\drivers\aswTdi.sys -->06/09/2007 12:02:20 C:\WINDOWS\System32\drivers\aavmker4.sys -->06/09/2007 12:00:54 C:\WINDOWS\System32\tmp.txt -->19/09/2007 22:30:28 C:\WINDOWS\System32\tmp.reg -->19/09/2007 22:30:28 C:\WINDOWS\System32\wpa.dbl -->14/09/2007 12:59:40 C:\WINDOWS\System32\WinAvXX.exe -->13/09/2007 11:06:42 C:\WINDOWS\System32\printer.exe -->13/09/2007 11:06:42 C:\WINDOWS\System32\CONFIG.NT -->13/09/2007 09:58:16 C:\WINDOWS\System32\aswBoot.exe -->06/09/2007 12:09:50 C:\WINDOWS\System32\AvastSS.scr -->06/09/2007 12:00:08 C:\WINDOWS\System32\VCCLSID.exe -->06/09/2007 00:22:24 C:\WINDOWS\System32\MRT.exe -->05/09/2007 19:50:44 C:\WINDOWS\System32\TZLog.log -->30/08/2007 22:47:56 C:\WINDOWS\System32\systems.txt -->21/08/2007 08:00:08 C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06 C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52 C:\WINDOWS\System32\wuaueng.dll -->30/07/2007 19:19:42 C:\WINDOWS\System32\wuapi.dll -->30/07/2007 19:19:36 C:\WINDOWS\System32\wucltui.dll -->30/07/2007 19:19:32 C:\WINDOWS\System32\wuweb.dll -->30/07/2007 19:19:28 C:\WINDOWS\System32\wuaucpl.cpl -->30/07/2007 19:19:28 C:\WINDOWS\System32\cdm.dll -->30/07/2007 19:19:20 C:\WINDOWS\System32\wuauclt.exe -->30/07/2007 19:19:16 C:\WINDOWS\System32\wups2.dll -->30/07/2007 19:19:12 C:\WINDOWS\System32\wucltui.dll.mui -->30/07/2007 19:19:04 C:\WINDOWS\System32\wuaueng.dll.mui -->30/07/2007 19:18:48 C:\WINDOWS\System32\wups.dll -->30/07/2007 19:18:40 C:\WINDOWS.log -->19/09/2007 22:33:34 C:\WINDOWS\wiadebug.log -->19/09/2007 22:33:10 C:\WINDOWS\bootstat.dat -->19/09/2007 22:32:34 C:\WINDOWS\WindowsUpdate.log -->19/09/2007 22:31:54 C:\WINDOWS\SchedLgU.Txt -->19/09/2007 22:31:52 C:\WINDOWS\wiaservc.log -->19/09/2007 22:31:42 C:\WINDOWS\setupact.log -->19/09/2007 22:30:36 C:\WINDOWS\ntbtlog.txt -->19/09/2007 22:18:36 C:\WINDOWS\setuperr.log -->19/09/2007 22:09:30 C:\WINDOWS\tsc.ini -->19/09/2007 07:26:32 C:\WINDOWS\LPT$VPN.725 -->19/09/2007 07:25:32 C:\WINDOWS\tsc.ptn -->19/09/2007 07:25:32 C:\WINDOWS\tsc.exe -->19/09/2007 07:25:32 C:\WINDOWS\hcextoutput.dll -->19/09/2007 07:25:32 C:\WINDOWS\vsapi32.dll -->19/09/2007 07:25:32 MD5 des fichiers sensibles tcpip.sys 1dbf125862891817f374f407626967f4 ndis.sys 558635d3af1c7546d26067d5d9b6959e null.sys 73c1e1f395918bc2c6dd67af7591a3ad svchost.exe 2979b03d5382a602623c0535b16ab9c0 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\temp 05/02/2005 08:09 53 248 VCDInstaller.exe 12/09/2001 14:42 212 992 NavBrowser.exe 2 fichier(s) 266 240 octets 0 Rép(s) 21 835 284 480 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\system 23/08/2001 12:00 9 728 regsvr32.exe 1 fichier(s) 9 728 octets 0 Rép(s) 21 835 284 480 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\system32 20/08/2004 01:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 21 835 284 480 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\WINDOWS\Downloaded Program Files 27/06/2004 00:21 <REP> . 27/06/2004 00:21 <REP> .. 27/06/2004 00:21 65 desktop.ini 04/06/2004 10:44 740 jinstall-1_4_2_05.inf 02/02/2005 09:36 976 464 EPUWALcontrol.dll 17/06/2004 16:21 240 CtORWebClient.inf 09/02/2005 16:54 1 271 erma.inf 30/01/2002 02:00 497 MDM.inf 01/03/2007 23:46 487 424 DownloadManagerV2.ocx 01/03/2007 23:42 251 DownloadManagerV2.inf 14/02/2007 18:44 2 557 752 ImageUploader4.ocx 14/02/2007 18:44 378 ImageUploader4.inf 05/03/2007 12:27 2 574 024 IPSUploader4.ocx 05/03/2007 12:27 324 IPSUploader4.inf 16/05/2007 08:22 166 512 gp.ocx 16/05/2007 08:22 399 gp.inf 11/06/2007 12:21 5 021 swflash.inf 11/07/2006 09:41 345 656 ewidoOnlineScan.dll 02/11/2005 18:07 435 712 xscan53.ocx 02/11/2005 18:01 1 777 xscan.inf 18 fichier(s) 7 554 507 octets Total des fichiers listés : 18 fichier(s) 7 554 507 octets 2 Rép(s) 21 835 284 480 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\NetAppel\\NetAppel.exe"="C:\\Program Files\\NetAppel\\NetAppel.exe:*:Enabled:NetAppel" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\WebCallDirect.com\\WebCallDirect\\WebCallDirect.exe"="C:\\Program Files\\WebCallDirect.com\\WebCallDirect\\WebCallDirect.exe:*:Enabled:WebCallDirect" "%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "legalnoticecaption"="" "legalnoticetext"="" "DisableRegistryTools"=dword:00000001 "DisableTaskMgr"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 192.168.200.3 downloads-us1.kaspersky-labs.com 192.168.200.3 downloads-us2.kaspersky-labs.com 192.168.200.3 downloads-us3.kaspersky-labs.com 192.168.200.3 downloads1.kaspersky-labs.com 192.168.200.3 downloads2.kaspersky-labs.com 192.168.200.3 downloads3.kaspersky-labs.com 192.168.200.3 downloads4.kaspersky-labs.com 192.168.200.3 ftp.downloads1.kaspersky-labs.com 192.168.200.3 ftp.downloads2.kaspersky-labs.com 192.168.200.3 ftp.downloads3.kaspersky-labs.com 192.168.200.3 ftp.kasperskylab.ru 192.168.200.3 ids.kaspersky-labs.com 192.168.200.3 kaspersky-labs.com 192.168.200.3 kaspersky.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 www.kaspersky-labs.com 192.168.200.3 www.kaspersky.com 192.168.200.3 www.kaspersky.ru 192.168.200.3 customer.symantec.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 securityresponse.symantec.com 192.168.200.3 service1.symantec.com 192.168.200.3 symantec.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 windowsupdate.microsoft.com 192.168.200.3 trendmicro.com 192.168.200.3 www.trendmicro.com 192.168.200.3 ftp.sophos.com 192.168.200.3 sophos.com 192.168.200.3 www.sophos.com 192.168.200.3 pandasoftware.com 192.168.200.3 www.pandasoftware.com 192.168.200.3 networkassociates.com 192.168.200.3 www.networkassociates.com 192.168.200.3 windowsupdate.microsoft.com catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-19 22:40:57 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 240 - SVCHOST.EXE 512 - CSRSS.EXE 536 - WINLOGON.EXE 572 - CMD.EXE 580 - SERVICES.EXE 592 - LSASS.EXE 740 - NSLSVICE.EXE 828 - SVCHOST.EXE 880 - SVCHOST.EXE 944 - SVCHOST.EXE 1032 - ashMaiSv.exe 1112 - SVCHOST.EXE 1232 - ashWebSv.exe 1240 - AAWSERVICE.EXE 1316 - ASHSERV.EXE 1532 - SPOOLSV.EXE 1800 - GUARD.EXE 1880 - EXPLORER.EXE 1904 - CDAC11BA.EXE 2012 - MDM.EXE 2224 - ALG.EXE 2556 - realsched.exe 2580 - DRAGDIAG.EXE 2588 - iTunesHelper.ex 2648 - iPodService.exe 2660 - Agent.exe 2728 - apdproxy.exe 2744 - ashDisp.exe 2832 - avgas.exe 2844 - CTFMON.EXE 2868 - MSMSGS.EXE 2960 - netappel.exe 3652 - IEXPLORE.EXE Total number of processes = 34 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntoskrnl.exe 806EC000 - \WINDOWS\system32\hal.dll F9D72000 - \WINDOWS\system32\KDCOM.DLL F9C82000 - \WINDOWS\system32\BOOTVID.dll F9822000 - ACPI.sys F9D74000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS F9811000 - pci.sys F9872000 - isapnp.sys F9882000 - ohci1394.sys F9892000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS F9D76000 - viaide.sys F9AF2000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS F98A2000 - MountMgr.sys F97F2000 - ftdisk.sys F9AFA000 - PartMgr.sys F98B2000 - VolSnap.sys F97DA000 - atapi.sys F98C2000 - disk.sys F98D2000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F97BA000 - fltmgr.sys F97A8000 - sr.sys F9785000 - Fastfat.sys F976E000 - KSecDD.sys F9741000 - NDIS.sys F9B02000 - viaagp1.sys F98E2000 - sbp2port.sys F9726000 - Mup.sys F9C86000 - Gernuwa.sys F9912000 - \SystemRoot\System32\DRIVERS\nic1394.sys F9922000 - \SystemRoot\System32\DRIVERS\amdk7.sys F966A000 - \SystemRoot\System32\DRIVERS\ati2mtag.sys F9656000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS F9643000 - \SystemRoot\System32\DRIVERS\C4C_BSC2.sys F9932000 - \SystemRoot\System32\DRIVERS\C4C_SOAR.SYS F9942000 - \SystemRoot\System32\DRIVERS\C4C_SAMP.sys F95BA000 - \SystemRoot\System32\DRIVERS\HSF_CNXT.sys F9593000 - \SystemRoot\System32\DRIVERS\C4C_AMOS.SYS F9B22000 - \SystemRoot\System32\Drivers\Modem.SYS F9952000 - \SystemRoot\System32\DRIVERS\Rtlnic51.sys F9B2A000 - \SystemRoot\System32\DRIVERS\usbuhci.sys F9570000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS F9B32000 - \SystemRoot\System32\DRIVERS\usbehci.sys F9962000 - \SystemRoot\System32\DRIVERS\imapi.sys F9CFA000 - \SystemRoot\System32\Drivers\cdrbsdrv.SYS F9972000 - \SystemRoot\System32\DRIVERS\cdrom.sys F9982000 - \SystemRoot\System32\DRIVERS\redbook.sys F9525000 - \SystemRoot\System32\DRIVERS\ks.sys F9D78000 - \SystemRoot\System32\DRIVERS\NTIDrvr.sys F9B3A000 - \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys F94B6000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F9492000 - \SystemRoot\system32\drivers\portcls.sys F9992000 - \SystemRoot\system32\drivers\drmk.sys F942F000 - \SystemRoot\system32\drivers\ALCXSENS.SYS F9B42000 - \SystemRoot\System32\DRIVERS\fdc.sys F941E000 - \SystemRoot\System32\DRIVERS\serial.sys F9D06000 - \SystemRoot\System32\DRIVERS\serenum.sys F940A000 - \SystemRoot\System32\DRIVERS\parport.sys F99A2000 - \SystemRoot\System32\DRIVERS\i8042prt.sys F9B4A000 - \SystemRoot\System32\DRIVERS\mouclass.sys F9B52000 - \SystemRoot\system32\drivers\aw_host5.sys F9B5A000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F9EE0000 - \SystemRoot\System32\DRIVERS\audstub.sys F99B2000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F9D0A000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F9353000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F99C2000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F99D2000 - \SystemRoot\System32\DRIVERS\raspptp.sys F9B62000 - \SystemRoot\System32\DRIVERS\TDI.SYS F9342000 - \SystemRoot\System32\DRIVERS\psched.sys F99E2000 - \SystemRoot\System32\DRIVERS\msgpc.sys F9B6A000 - \SystemRoot\System32\DRIVERS\ptilink.sys F9B72000 - \SystemRoot\System32\DRIVERS\raspti.sys F99F2000 - \SystemRoot\System32\DRIVERS\termdd.sys F9D7A000 - \SystemRoot\System32\DRIVERS\swenum.sys F930E000 - \SystemRoot\System32\DRIVERS\update.sys F9D1A000 - \SystemRoot\System32\DRIVERS\mssmbios.sys F9A02000 - \SystemRoot\System32\Drivers\NDProxy.SYS F9A42000 - \SystemRoot\System32\DRIVERS\usbhub.sys F9D7C000 - \SystemRoot\System32\DRIVERS\USBD.SYS F9B7A000 - \SystemRoot\System32\DRIVERS\flpydisk.sys F9D7E000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F9F36000 - \SystemRoot\System32\Drivers\Null.SYS F9D80000 - \SystemRoot\System32\Drivers\Beep.SYS F9F37000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys F9B8A000 - \SystemRoot\System32\drivers\vga.sys F9D42000 - \SystemRoot\System32\Drivers\awlegacy.sys F9D82000 - \SystemRoot\System32\Drivers\mnmdd.SYS F9D84000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F9B92000 - \SystemRoot\System32\Drivers\Msfs.SYS F9B9A000 - \SystemRoot\System32\Drivers\Npfs.SYS F9D46000 - \SystemRoot\System32\DRIVERS\rasacd.sys B6F2D000 - \SystemRoot\System32\DRIVERS\ipsec.sys B6ED5000 - \SystemRoot\System32\DRIVERS\tcpip.sys F9A62000 - \SystemRoot\System32\Drivers\aswTdi.SYS B6EAD000 - \SystemRoot\System32\DRIVERS\netbt.sys B6E8B000 - \SystemRoot\System32\drivers\afd.sys F9A72000 - \SystemRoot\System32\DRIVERS\netbios.sys B6E60000 - \SystemRoot\System32\DRIVERS\rdbss.sys B6DC9000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys F9A92000 - \SystemRoot\System32\Drivers\Fips.SYS B6DA8000 - \SystemRoot\System32\DRIVERS\ipnat.sys F9AA2000 - \SystemRoot\System32\DRIVERS\wanarp.sys F9AB2000 - \SystemRoot\System32\DRIVERS\arp1394.sys F9F53000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys F9BA2000 - \SystemRoot\System32\Drivers\Aavmker4.SYS F9BAA000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS F9BB2000 - \SystemRoot\System32\DRIVERS\usbccgp.sys F9D6A000 - \SystemRoot\System32\DRIVERS\usbscan.sys F9BBA000 - \SystemRoot\System32\DRIVERS\usbprint.sys F9AD2000 - \SystemRoot\System32\Drivers\Cdfs.SYS B6BD8000 - \SystemRoot\System32\Drivers\dump_atapi.sys F9D86000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F955C000 - \SystemRoot\System32\drivers\Dxapi.sys F9BC2000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys B6C0E000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\ati2dvag.dll BFA33000 - \SystemRoot\System32\ati3d2ag.dll B6AB8000 - \SystemRoot\System32\DRIVERS\ndisuio.sys B687A000 - \SystemRoot\System32\Drivers\aswMon2.SYS B66BD000 - \SystemRoot\System32\DRIVERS\mrxdav.sys F9DAA000 - \SystemRoot\System32\Drivers\ParVdm.SYS B65B8000 - \SystemRoot\system32\drivers\wdmaud.sys B6782000 - \SystemRoot\system32\drivers\sysaudio.sys B670A000 - \??\C:\WINDOWS\System32\drivers\CDAC15BA.SYS B645D000 - \SystemRoot\System32\DRIVERS\C4C_FALL.sys B6441000 - \SystemRoot\System32\DRIVERS\C4C_FSKS.sys B62E9000 - \SystemRoot\System32\DRIVERS\C4C_K56K.sys F9DB0000 - \SystemRoot\System32\Drivers\MASPINT.SYS B6286000 - \SystemRoot\System32\DRIVERS\srv.sys B66A9000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys B6695000 - \??\C:\WINDOWS\System32\drivers\PfModNT.sys B6155000 - \SystemRoot\System32\DRIVERS\C4C_FAXX.sys B6655000 - \SystemRoot\System32\DRIVERS\C4C_TONE.sys B60DB000 - \SystemRoot\System32\DRIVERS\C4C_V124.sys B606F000 - \SystemRoot\System32\Drivers\aswRdr.SYS B5D7A000 - \SystemRoot\System32\Drivers\HTTP.sys B57D4000 - \SystemRoot\system32\drivers\kmixer.sys F9EE1000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 140 Liste des programmes installes a-squared Free 3.0 ABBYY FineReader 5.0 Sprint Plus ABBYY FineReader 6.0 Ad-Aware 2007 Adobe Reader 8.1.0 Adobe® Photoshop® Album Starter Edition 3.2 Adobe® Photoshop® Album Starter Edition 3.2 Allok QuickTime to AVI MPEG DVD Converter 1.1.2 Archiveur WinRAR ArcSoft PhotoImpression ATI Display Driver AutoUpdate avast! Antivirus AVG Anti-Spyware 7.5 CCleaner (remove only) Correctif du dictionnaire français pour Office 2000 Correctif pour Windows XP (KB914440) Correctif Windows XP - KB873339 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Cortina SpellChecker (Word) 1.1.1 Creative MediaSource CryptoMailer 4.10 DivX DivX Player EPSON Copy Utility EPSON Logiciel imprimante EPSON Photo Print EPSON PhotoQuicker3.5 EPSON Scan EPSON Smart Panel ESCX5400 Guide de référence ESCX5400 Guide des logiciels ESCX5400 Guide du copieur Extrafilm FotoFacil FinePixViewer Resource FinePixViewer Ver.5.1 FUJIFILM USB Driver Generic USB Card Reader Driver v1.9e3 getPlus®_ocx Google Earth HijackThis 2.0.0 Hotfix for Windows XP (KB915865) ImageMixer ImageMixer VCD2 LE for FinePix InterActual Player iTunes iTunes Java 2 Runtime Environment, SE v1.4.2_01 Java 2 Runtime Environment, SE v1.4.2_05 Java Media Framework 2.1.1a LiveReg (Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) Livre Album Fuji Photo Lotus Notes 7.0 Macromedia Shockwave Player MailNavigator v.1.11 Microsoft AutoRoute Express Europe 98 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office XP Professional avec FrontPage Microsoft Works 7.0 MicroStaff WINASPI Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923689) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933566) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mise à jour pour Windows XP (KB933360) Mise à jour pour Windows XP (KB938828) MuVo Driver Navilog1 3.0.4 NetAppel NTI CD & DVD-Maker NTI CD & DVD-Maker 6.5 Gold OLYMPUS CAMEDIA Master 4.0 PowerDVD QuickTime RAW FILE CONVERTER LE RealPlayer Realtek AC'97 Audio ScanToWeb SoulSeek Client 156b SpeedTouch USB Software Spybot - Search & Destroy Symantec pcAnywhere WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows XP Service Pack 2 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files 27/06/2004 00:16 <REP> . 27/06/2004 00:16 <REP> .. 02/10/2004 22:11 <REP> ABBYY 27/06/2004 00:28 <REP> Adobe 17/07/2007 17:21 <REP> Allok QuickTime to AVI MPEG DVD Converter 29/07/2007 17:57 <REP> Alwil Software 02/10/2004 22:18 <REP> ArcSoft 19/09/2007 12:46 <REP> a-squared Free 29/07/2007 16:24 <REP> AvRack 19/09/2007 13:02 <REP> CCleaner 26/05/2005 14:28 <REP> Common Files 27/06/2004 00:20 <REP> ComPlus Applications 16/04/2005 11:45 <REP> Creative 27/06/2004 00:30 <REP> CyberLink 21/03/2007 21:38 <REP> Dictionnaire 28/02/2005 19:08 <REP> directx 18/09/2005 13:59 <REP> DivX 09/11/2005 19:23 <REP> eoRezo 02/10/2004 22:10 <REP> EPSON 15/10/2005 15:26 <REP> Extrafilm FotoFacil 27/06/2004 00:16 <REP> Fichiers communs 17/12/2005 20:29 <REP> FinePixViewer 27/06/2004 00:27 <REP> Generic 13/06/2007 18:02 <REP> Google 14/09/2007 14:05 <REP> Grisoft 21/07/2005 15:12 457 INSTALL.LOG 03/10/2004 11:19 <REP> InterActual 27/06/2004 00:20 <REP> Internet Explorer 06/08/2005 21:11 <REP> iPod 06/08/2005 21:11 <REP> iTunes 27/06/2004 00:30 <REP> Java 08/03/2007 23:10 <REP> JMF2.1.1 07/11/2004 18:06 <REP> Lavasoft 08/06/2006 13:26 <REP> Livre Album Fuji Photo 22/10/2006 12:25 <REP> lotus 22/10/2006 13:38 <REP> MailNavigator 27/06/2004 00:20 <REP> Messenger 05/02/2006 21:42 <REP> Microsoft AutoRoute 27/06/2004 00:22 <REP> microsoft frontpage 06/10/2004 18:34 <REP> Microsoft Office 06/10/2004 18:38 <REP> Microsoft Visual Studio 27/06/2004 00:56 <REP> Microsoft Works 27/06/2004 00:21 <REP> Movie Maker 27/06/2004 00:19 <REP> MSN 27/06/2004 00:19 <REP> MSN Gaming Zone 18/09/2007 21:10 <REP> Navilog1 09/04/2006 17:26 <REP> NetAppel 27/06/2004 00:21 <REP> NetMeeting 27/06/2004 00:29 <REP> NewTech Infosystems 02/10/2004 22:41 <REP> OLYMPUS 27/06/2004 00:20 <REP> Outlook Express 28/02/2005 18:53 <REP> PIXELA 02/10/2004 22:39 <REP> QuickTime 11/10/2004 22:02 <REP> Real 29/07/2007 16:24 <REP> Realtek Sound Manager 19/09/2007 10:56 <REP> RegCleaner 17/12/2005 20:29 <REP> REGSHAVE 27/06/2004 00:20 <REP> Services en ligne 02/10/2004 22:28 <REP> Sistech 02/10/2004 22:16 <REP> Smart Panel 10/04/2005 18:18 <REP> Soulseek 21/03/2007 20:41 <REP> SpellChecker 18/09/2007 20:54 <REP> Spybot - Search & Destroy 26/10/2004 18:47 <REP> Symantec 10/12/2004 18:55 <REP> Thomson 11/10/2004 19:04 <REP> Wanadoo 27/06/2004 00:20 <REP> Windows Media Player 27/06/2004 00:19 <REP> Windows NT 18/09/2005 13:36 <REP> WinRAR 27/06/2004 00:22 <REP> xerox 23/05/2005 09:47 <REP> Yahoo! 1 fichier(s) 457 octets 70 Rép(s) 21 832 466 432 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files\fichiers communs 27/06/2004 00:16 <REP> . 27/06/2004 00:16 <REP> .. 27/06/2004 00:16 <REP> Microsoft Shared 27/06/2004 00:16 <REP> SpeechEngines 27/06/2004 00:16 <REP> ODBC 27/06/2004 00:20 <REP> System 27/06/2004 00:21 <REP> MSSoap 27/06/2004 00:21 <REP> Services 27/06/2004 00:27 <REP> InstallShield 27/06/2004 00:28 <REP> Adobe 27/06/2004 00:30 <REP> Java 02/10/2004 22:17 <REP> Python 06/10/2004 18:38 <REP> Designer 11/10/2004 22:02 <REP> Real 11/10/2004 22:02 <REP> xing shared 26/10/2004 18:47 <REP> Symantec Shared 26/05/2005 14:07 <REP> ACD Systems 08/06/2005 09:22 <REP> KAV Shared Files 14/09/2007 21:08 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 19 Rép(s) 21 832 466 432 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 27/06/2004 00:26 <REP> . 27/06/2004 00:26 <REP> .. 07/03/2001 09:00 127 033 MSOWS40c.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 28/02/2004 17:00 58 784 MSOSV.DLL 06/10/2004 18:37 <REP> 1036 06/10/2004 18:38 <REP> 1033 28/02/2004 17:00 1 327 104 MSONSEXT.DLL 28/02/2004 17:00 86 016 PKMWS.DLL 28/02/2004 17:00 24 576 PKMTRACE.DLL 28/02/2004 17:00 401 462 MSVCP60.DLL 28/02/2004 17:00 69 632 PKMAXCTL.DLL 28/02/2004 17:00 872 448 PKMCDO.DLL 28/02/2004 17:00 159 744 PKMCORE.DLL 28/02/2004 17:00 106 496 PKMFORMS.DLL 28/02/2004 17:00 684 032 PKMRES.DLL 28/02/2004 17:00 28 672 PKMSSTLB.DLL 28/02/2004 17:00 40 960 PKMTEMPL.DLL 28/02/2004 17:00 237 568 PROMDEMO.DLL 28/02/2004 17:00 184 320 SECMGR.DLL 28/02/2004 17:00 323 584 VAIDDMGR.DLL 28/02/2004 17:00 32 768 VAIMEM.DLL 19 fichier(s) 5 482 113 octets 4 Rép(s) 21 832 466 432 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\Program Files\common files 26/05/2005 14:28 <REP> . 26/05/2005 14:28 <REP> .. 26/05/2005 14:28 <REP> McNeel Shared 0 fichier(s) 0 octets 3 Rép(s) 21 832 466 432 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 2B1B-1302 Répertoire de C:\ 18/09/2007 23:31 883 694 SmitfraudFix.exe 1 fichier(s) 883 694 octets 0 Rép(s) 21 832 466 432 octets libres c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX1\_ISDel.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX1\Setup.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX1\Reader\AcroRd32.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX0\_ISDel.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX0\Setup.exe c:\Documents and Settings\Default User\Local Settings\Temp\RarSFX0\Via4in1.exe c:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX0\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX0\Setup.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX0\Via4in1.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX1\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\RarSFX1\Setup.exe c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\{DE8EAA5A-E96F-4E88-AA72-FEFF0E6190FA}\{5aa18c57-381c-4c99-8fe6-5eb1cb0a5bc0}\DIRECTX8\DXSETUP.EXE c:\Documents and Settings\Jean-Christophe\Local Settings\Temp\Lotus Notes\setup.exe c:\Documents and Settings\Jean-Christophe\Menu Démarrer\Programmes\Démarrage\system.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Ma musique\MP3\Softwares\slsk152.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Ma musique\MP3\Softwares\slsk156b.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\A505AFP1.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\Ac705RdP_efgj.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\Acro-Reader_703_Update.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\AdbeRdr705_enu_full.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Divers\Mas_clock.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\WinZip\WINZIP32.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\WinZip\WZSEPE32.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Terminal numerique\Vega_v1.054.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Terminal numerique\Vega_v2.31.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossiers_Personnels_JCV\Terminal numerique\5000\TFD-Down.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Général\Stations_MT\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\SHELLEXE.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Général\Stations_MT\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\ADOBE\rs40eng(1).exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Général\Stations_MT\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\45A0163\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Général\Stations_MT\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\45A0158\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Semaine23-2005\Plate-Forme Sat\Fontvieille\MON-MON-005@W1\HUB DVB-RCS\Exploitation\ISP\ISPCertificate.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Semaine23-2005\Plate-Forme Sat\Fontvieille\MON-MON-005@W1\HUB DVB-RCS\Exploitation\ISP\jinit1319.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Semaine23-2005\Plate-Forme Sat\Fontvieille\MON-MON-005@W1\Eutelsat Multimedia Platform\Supervision\duralnk64_52_drv_win.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Dossier_Fun_04\Semaine23-2005\Plate-Forme Sat\Fontvieille\MON-MON-005@W1\Eutelsat Multimedia Platform\Clients_EMP\NetTester.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\aaw2007.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\aaw6181.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\acdsee.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\canvasx_eval.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\dumeter3.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\kavperso50149_01net352.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\MNavi111.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\msnaddin.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\rh30eval_fr_20040421.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\setup_eoweather.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\setupfre.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\dumphive.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\HostsChk.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\restart.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\swreg.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\swsc.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\swxcacls.exe c:\Documents and Settings\Jean-Christophe\Mes documents\Téléchargements_Divers\SmitfraudFix\unzip.exe c:\Documents and Settings\Jean-Christophe\Bureau\Navilog1.exe c:\Documents and Settings\Jean-Christophe\Bureau\Archives\iTunesSetup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Archives\Archives\Divers\dumeter3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Archives\Archives\Divers\SVGView.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\TDCA\Monaco\NETPERF.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\TDCA\Monaco\netserver.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\TDCA\TDCA_Data\stat\nss\ObsHC3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\Billing\Schedule.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\Billing\TAP2PlusInspect.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\des.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\ANASM7\AD121501.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\ANASM7\ANASM7.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\conform_vala\CONFORM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\conform_vala\PRG23.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\conform_vala\PRG77.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\alcatel\NSS\data_vala\conform_vala\RESTIT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\Macro\awk\Awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\Macro\awk\vms for Prepaid\Awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\PLmnK\Mesures_12_01\pp\Results.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\Info_SUP_CET\fichiers Netcool\nnm7 probe\omnibus-3.x-wnt-probe-nco-p-nnm7_0\post36\nco_p_nnm7.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\Info_SUP_CET\fichiers Netcool\nnm7 probe\omnibus-3.x-wnt-probe-nco-p-nnm7_0\pre36\nco_p_nnm7.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\15122005\courbe de trafic\calcucell.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\starter.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\common\AdbeRdr60_enu_full.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\common\winzip81.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\Config_manager\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.2\NNM_00932.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.2\NNM_01015.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.2\NNM_01018.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.4\ECS_00028.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.4\NNM_00998.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.4\NNM_01010.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\patches_6.4\NNM_01055.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.102.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.102.50\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.310.92\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.320.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.321.52\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Stations Terriennes\La Ruche Vulcain\RUC-004@PAS-1R (Ku Band)\Antenne & RF\Network Engineering CD\skywan_cd\content\software\SkyWAN_V5.331.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-001@Eurasiasat 1\Antenne & RF\Hub Monaco\Modem Paradise\CAM Windows Installer-1.72.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Applications\Clients\Config.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Applications\Kernel\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Dsp2.08.18\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Dsp2.08.18\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\OpenMuxService\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\OpenMuxService\OpenMuxService.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ DSP Update\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ DSP Update\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\PiaPlusAdmin.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Self Test.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Test Bed.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Test Server.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\VerifAutoTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\Sentinel\setupx86.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\Divers\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IoMeter\Dynamo.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IoMeter\Iometer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IPTools\wsttcp.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\SkyGate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\Acrobat\_isdel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\Acrobat\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\Config.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\OpalManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\ReadPacket.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\ReadSection.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\SatConfig.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\SatStatus.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\SkyGate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\Update.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\Apps\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\Apps\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\V02.00.03\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\copy of install CD 05.01.00\All_Files\V02.00.03\cascfg\cascfg.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\Skygate upgrade 05.01.13\files\exe\SkyGate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\Skygate upgrade 05.01.13\files\OpenMux 2.00.21\OpalManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\Skygate upgrade 05.01.13\files\OpenMux 2.00.21\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\Skygate upgrade 05.01.13\files\Ruby (SOLE II only)\Ruby.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\THALES_BM\DspUpdate\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\THALES_BM\Test Pia Plus\Self Test.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\THALES_BM\Test Pia Plus\Test Bed.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\CD upgrade\THALES_BM\Test Pia Plus\Test Server.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\starter.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.4\ECS_00028.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.4\NNM_00998.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.4\NNM_01010.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.4\NNM_01055.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.2\NNM_00932.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.2\NNM_01015.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\patches_6.2\NNM_01018.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.331.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.321.52\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.320.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.310.92\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.102.50\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\SkyWAN_V5.102.40\skyconf.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\software\Config_manager\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\common\AdbeRdr60_enu_full.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\skywan_cd\content\common\winzip81.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Bilan Stations Terriennes Satellite\La Rûche\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\SHELLEXE.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Bilan Stations Terriennes Satellite\La Rûche\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\45A0158\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Bilan Stations Terriennes Satellite\La Rûche\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\45A0163\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Bilan Stations Terriennes Satellite\La Rûche\RUC 01 - 5.6M DBS Eurasiasat@42°E\Ampli mcl\MT3311_MT3411\ADOBE\rs40eng(1).exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\CSM - Supervision des porteuses\Monitor & control\laurent\Etude de marché\entreprises\orbit\firmware\Esa_A0705.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Equipements\RF\Tranceiver\Anacom\Anasat\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Equipements\RF\Tranceiver\Anacom\Anasat\SupJr\DT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Equipements\RF\Tranceiver\Anacom\Anasat\Two Units Compact SSPA\Anacom.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Equipements\RF\Tranceiver\Anacom\supervision\SUPERVIS.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Fontvieille\MON-MON-005@W1\Eutelsat Multimedia Platform\Clients_EMP\NetTester.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Fontvieille\MON-MON-005@W1\Eutelsat Multimedia Platform\Supervision\duralnk64_52_drv_win.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Formation\Training_Thalès\OpenMux\coral.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Formation\Training_Thalès\OpenMux\OpalManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 05.01.13\SkyGate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IoMeter\Dynamo.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IoMeter\Iometer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\IPTools\wsttcp.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\ToolsAndExamples\Divers\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\Sentinel\setupx86.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\PiaPlusAdmin.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Self Test.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Test Bed.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\Test Server.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ test\VerifAutoTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ DSP Update\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PiaPlus\PIA+ DSP Update\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\OpenMuxService\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\OpenMuxService\OpenMuxService.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Dsp2.08.18\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Dsp2.08.18\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Applications\Kernel\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\MON-RUC-003@HotBird 6\Exploitation\Configuration\Skygate\Skygate Release\Version 02.00.21 (SkygateOnly)\PathV2.00.21\Applications\Clients\Config.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\UNINSTAL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\IESS docs\Docs\409_54.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\IESS docs\Docs\409rev3a.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\IESS docs\Docs\410rev05.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\LST.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\LSTDOC44.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\LSTPGM44.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\lst44\LSTBWB44.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Operateur\Intelsat\link budget\lst44\LSTPGM44.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\AcrobatReaders\ar40eng.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\Config.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\coral.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\CoralMHP.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\ExtractIpClient.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\ExtractIpServer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\NetTester.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\OnyxManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\OpalManager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\OptiPID.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\Ruby.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\ScClient.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\SSU_Manager.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Clients\Topaz.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Kernel\OpenMux.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Applications\Kernel\SSU.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\BrowserServer\BrowserServer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\BrowserServer\BrowserService.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\BrowserServer\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\CarbPlus\CPInterMdi.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Divers\Install Digigram\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\DLL\vcredist.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Install Digigram\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\OpenMuxService\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\OpenMuxService\OpenMuxService.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ DSP Update\LoadHex.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ DSP Update\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\PiaPlusAdmin.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\PiaPlusTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\Self Test.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\Test Bed.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\Test Server.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\PiaPlus\PIA+ test\VerifAutoTest.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\autorun.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\instmsia.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\instmsiw.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Internet Installer\RainbowSSD5.39.2.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_31\install.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_9x\sentstrt.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_9x\sentw9x.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_NT\setupaxp.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_NT\setupppc.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\Install\Legacy\WIN_NT\setupx86.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\Sentinel\RainbowKeyUpdater\RainbowKeyUpdater 3.0.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\Divers\INSTSRV.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\IoMeter\Dynamo.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\IoMeter\Iometer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\IPTools\wsttcp.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\jre\jre-1_2_2_006-win.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\vnc-3.3.3r9_x86_win32\vnc_x86_win32\winvnc\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\OPAL\ToolsAndExamples\vnc-3.3.3r9_x86_win32\vnc_x86_win32\winvnc\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\BOX40.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\BOX40A.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\IESS412.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\POINT40.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\POINT40A.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\iess412_v22\IESS.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\winpoint\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Pointage_intelsat\winpoint\WINPoint.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\SATCODX\satg-trial.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Satmaster\satwin.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Satmaster\smdemo32.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Satmaster\usrguide.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\Handheld Spectrum Analyzer R&S FSH3 - download simulation.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\rsfsh_vxipnp_1_1.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\FSH3\R&S FSH3 - Firmware 5[1].0.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\FSH3\R&S FSHView 5_0\CDROM\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Spectrum_FSH3\FSH3\R&S FSHView 5_0\CDROM\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Service Satellite\Outils\Viewer\LVIEW31.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Trans\Projets\BDT\BD-Access\vba232a.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Trans\Reseaux\DSLAM\G.SHDSL\Modems\Thomson\BootP server\BootP.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Trans\Reseaux\DSLAM\Libello V4\LibelloSoft.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Divona\Divona2Ways\DIVERS\FSH3\Handheld Spectrum Analyzer R&S FSH3 - download simulation.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Divona\Divona2Ways\DIVERS\FSH3\FSH3\R&S FSH3 - Firmware 5[1].0.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Divona\Divona2Ways\DIVERS\FSH3\FSH3\R&S FSHView 5_0\CDROM\_ISDel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Divona\Divona2Ways\DIVERS\FSH3\FSH3\R&S FSHView 5_0\CDROM\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\Monaco\NETPERF.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\Monaco\netserver.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\BSS data\soft\btswatl1.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\awk\awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\aide\calcucell.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\aide\CoordConvert.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\aide\network\awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\Doc_SSP\TOOLS\NETSCAPE\cc32e461.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\Doc_SSP\TOOLS\READER\ACRD4EN.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\acdSee\CORE99.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\acdSee\CR-ACD3K.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\acdSee\fo-acds3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Divers\AcroReader51_ENU_full.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Divers\calcucel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Divers\CoordConvert.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Divers\MobileModemSettingsDrivers_R3A_english.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\Gencard2.1_tool\Install\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\harraps\finstall.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\harraps\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\harraps\deinstal\remove.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\harraps\deinstal\data\fontdel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IN\COMPROV_ACCMAN\disk1\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IN\PPS\Prv_dk1\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IN\PPS\Prv_dk1\SETUP1.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IrCOMM2k-eng\ircomm2k.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\IrCOMM2k-eng\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\agrsmdel.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\agsetup3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\LTSMhom.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\LTSMMsg.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\modem_IBM\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\nokia7110\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\nokia7110\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\AIG.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\EDIMIRE.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\EXISTDIR.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\FREE_DSK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\GLA.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\GTL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\GTLGRAF.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\GTPDISP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\INST_WAM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\INST_WNT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\LECTCHOI.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\LOADWAM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\PMDAUTOM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\QUELCLAV.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\SCANPVC.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\SERVEUR.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\TM3.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\PCWAM\VERMODEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\SecuCRT\scrt30b3.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\SecuCRT\securecrt.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\ultredit\dictfr.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\ultredit\eclue90a.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\ultredit\uedit32fi.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\winzip\WinZip81REG.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\soft\xtalk\disk1\XTALK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\SkypeSetup-Beta.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\isdn\ISDN.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\AIG.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\EDIMIRE.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\EXISTDIR.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\FREE_DSK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\GLA.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\GTL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\GTLGRAF.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\GTPDISP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\INST_WAM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\INST_WNT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\LECTCHOI.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\LOADWAM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\PMDAUTOM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\QUELCLAV.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\SCANPVC.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\SERVEUR.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\TM3.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\TDCA\Dossier Personnel\agf\transfert\PCWAM\VERMODEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\calcucell.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\Mesures_12_01\pp\Results.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\Macro\awk\Awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\Macro\awk\vms for Prepaid\Awk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\Billing\Schedule.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\Billing\TAP2PlusInspect.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\des.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\ANASM7\AD121501.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\ANASM7\ANASM7.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\conform_vala\CONFORM.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\conform_vala\PRG23.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\conform_vala\PRG77.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet Kosovo\PLmnK\alcatel\NSS\data_vala\conform_vala\RESTIT.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\E-DOC UTRAN\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\E-DOC UTRAN\Acrobat_Reader40\windows\english\rs405eng.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\E-DOC UTRAN\Acrobat_Reader40\windows\french\rs405fre.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\CopySys.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\Install.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\acrobat\ar505enu.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\acrobat\ar505fra.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Inf\Win2K_XP\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Inf\WIN98_ME\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Nokia\MPAPI3s.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Nokia\ServiceLayer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\mobile\Outlook\WatchDog.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\FR\nomad\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Inf\Win2K_XP\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Inf\WIN98_ME\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Nokia\MPAPI3s.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Nokia\ServiceLayer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\mobile\Outlook\WatchDog.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\It\nomad\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Inf\Win2K_XP\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Inf\WIN98_ME\DRemover98_2K.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Nokia\MPAPI3s.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Nokia\ServiceLayer.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\mobile\Outlook\WatchDog.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Kit BVRP\MT\data\UK\nomad\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Projet UMTS\UMTS\Services 3G - 2003\wapgateway_202_b64-02.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Adobe\adberdr70_distrib_enu.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\AR\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Dual_IO\diowin2k\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Dual_IO\diowin2k\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Dual_IO\diowin9x\Enablers\ENABLEDO.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Dual_IO\diowin9x\Windows@20CE\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473A\edgeport.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473A\ionflash.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473B\Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473B\Win98\edgeport.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Drivers\Edgeport\E6473B\Win98\ionflash.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\E6474A\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\E6474A\Sentinel\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\E6474A 8_3\Edgeport\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\AGILENT_SOFT\NITRO\Data_Server_3_00.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Macro CRT\CDR\AWK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\Macro CRT\scrt414\scrt414.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\bhart_tools\tcteaq14.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\bhart_tools\bhartinstall\Disk1\expand.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\bhart_tools\bhartinstall\Disk1\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\GPRS\setup_orange_pc.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\MONACELL\GPRS\setup_orange_ppc.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\SecureCRT.v5.0.3.1040-TBE\scrt503.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\SecureCRT.v5.0.3.1040-TBE\scrt503-tbe.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\SMSC\AUTORUN.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\statssp\bin\AWK.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\statssp\bin\Cmd32.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\statssp\bin\Perl.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Mobile\Dossier Personnel\statssp\bin\PerlGlob.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10HC\HC3\logiciels\liv_msot\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10HC\HC3\logiciels\liv_msot\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10B3\Observations\Trace Sarla\Ad121601.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10B3\Observations\Unimanager\Remote desktop connexion\msrdpcli.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\All\Commutation\E10B3\Publiphone\Landis & Gyr - Eureka soft\MAINTENANCE système POP-VTS-SN\checkboard.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Département Satellite et Energie\Satellite\DVB-RCS_PAS1R\ica.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Département Satellite et Energie\Satellite\DVB-RCS\UpGrade\TerminalConfig.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\LiM Work\vision\delphi\visio\tests\144MB\DISK1\_ISDEL.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\LiM Work\vision\delphi\visio\tests\144MB\DISK1\SETUP.EXE c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\cgi-bin\htimage.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\cgi-bin\imagemap.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\cgi-bin\_vti_cnf\htimage.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\cgi-bin\_vti_cnf\imagemap.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\LIM France\web\_vti_bin\fpcount.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Divers\Copie Portable\guidetolive.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\RealProducer_8.5_Setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\ste51fr.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\RealNetwork\rp8plus-setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\Meeting operateur\insttool.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\IPBUS\ConferenceRoom 1 8\crinst1803.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\ipass.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\mdac_typ_v2.5_SP1.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\zBand Client (IE, Build 116).exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\zBand Network Element (Build 24).exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\ZBand\zBand Server (Evaluation Ed.).exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Microsoft Meeting\NetMeeting.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Microsoft Meeting\nm30ax.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\FTPVoyage.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\ie5setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\mirc59t.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\SatBoxCD.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\sniffer_setup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\winzip80.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\PeopleCall\ppcdial-1903.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\Harmonic\SatBox.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\Harmonic\SatBoxInst.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\Téléchargements_Utiles\UDCAST\putty.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Doc. Techniques\FTP\fvsetup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\JCV\Archive Divona\Archivage dossiers\Divona\Visiosat\Carte_PC\philippe\e-mail.exe c:\Documents and Settings\Jean-Christophe\Bureau\Monaco-Telecom\Messagerie\c84w1na.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\aaw2007.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\avgas-setup-7.5.1.43.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\ccsetup200.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\ComboFix.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\HiJackThis_v2.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\MDAC253-KB927779-x86-FRA.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\RegCleaner.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\RHosts.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\spybotsd15.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Windows-KB890830-V1.33.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\WindowsXP-KB927779-x86-ENU.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\WindowsXP-KB927779-x86-FRA.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\WindowsXP-KB936021-x86-FRA.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\ZR_1.0.0.37\Zeb-Restore.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\Software\a2FreeSetup.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\Software\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\Software\ATF-Cleaner.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\Software\spybotsd_includes.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\catchme.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\diff.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\dumphive.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\find2.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\Fport.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\grep.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\KProcCheck.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\LFiles.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\md5sums.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\pslist.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\streams.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\Debug\DiagHelp\swreg.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\dumphive.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\exit.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\GenericRenosFix.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\HostsChk.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\Process.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\Reboot.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\restart.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\SmiUpdate.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\SrchSTS.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\swreg.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\swsc.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\swxcacls.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\unzip.exe c:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix\VCCLSID.exe c:\Documents and Settings\Olga\Local Settings\Temp\cat.exe c:\Documents and Settings\Olga\Local Settings\Temp\ICQSRP.exe c:\Documents and Settings\Olga\Local Settings\Temp\setup_wm.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX0\_ISDel.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX0\Setup.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX0\Via4in1.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX1\_ISDel.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX1\Setup.exe c:\Documents and Settings\Olga\Local Settings\Temp\RarSFX1\Reader\AcroRd32.exe c:\Documents and Settings\Olga\Local Settings\Temp\TFRINS\kav_personalpro_45049_fre_tr1m.exe c:\Documents and Settings\Olga\Local Settings\Temp\pft14.tmp\Setup.exe c:\Documents and Settings\Olga\Local Settings\Temp\pft1~tmp\_ISDEL.EXE c:\Documents and Settings\Olga\Local Settings\Temp\pft1~tmp\SETUP.EXE c:\Documents and Settings\Olga\Local Settings\Temp\Adobe Reader 8\Setup.exe c:\Documents and Settings\Olga\Menu Démarrer\Programmes\Démarrage\system.exe c:\Documents and Settings\Olga\Mes documents\AcroPro80_efg.exe c:\Documents and Settings\Olga\Mes documents\AdbeRdr80_en_US.exe c:\Documents and Settings\Olga\Mes documents\AdobeReader305-PalmOS_fra.exe c:\Documents and Settings\Olga\Mes documents\Google_Earth_BZXE.exe c:\Documents and Settings\Olga\Mes documents\Uploader.exe c:\Documents and Settings\Olga\Mes documents\My eBooks\ACDSee32.exe c:\Documents and Settings\Olga\Mes documents\My eBooks\udfrinst.exe c:\Documents and Settings\Olga\Mes documents\Letzeburgisch\SpellCheckerWord-1_1_1.exe c:\Documents and Settings\Olga\Mes documents\Letzeburgisch\dictionnaire\dic_luxembourgeois.exe c:\Documents and Settings\Olga\Mes documents\Letzeburgisch\dictionnaire\dictionnaire_setup.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\PortableFirefox.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\firefox.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\updater.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\xpicleanup.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\plugins\NPSWF32_FlashUtil.exe c:\Documents and Settings\Olga\Mes documents\Delo v Moskve\base de donnees\FirefoxLexis\firefox\uninstall\uninstall.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\bestelsoft.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\DivX521.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\icqpro2003b.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\setupnetappel.exe c:\Documents and Settings\Olga\Mes documents\Mes Téléchargements - Olga\wrar350fr.exe c:\Documents and Settings\Olga\Mes documents\deutsch\Berliner_platz\Lehrer\jmf-2_1_1a-win.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\PWORM\PWORM.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\LINES98\LINES98.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\JC\JC.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\JC\Japan2\Japan2.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\JC\Japan2\JCSet.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\games\JC\Japan2\Soluter.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\1\SPCTAUDIOSetupus.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\DivX\Register_DivX.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\DivX\SetStereo.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\wincmd\SHARE_NT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\wincmd\WC32TO16.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\wincmd\WCUNINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\wincmd\WINCMD32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Masdance\runscr.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Masdance\unins000.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Depress\runscr.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Depress\unins000.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Cellar_scrnsv\runscr.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\multru\Cellar_scrnsv\unins000.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\masanja2\Masja2.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\kulinar\KULINAR.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\audiograbber\audiograbber.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\audiograbber\uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Player\UNINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Player\XMPLAYER.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Encoder\RAR.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Encoder\UNINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Encoder\XMCODER.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Xing\XingMPEG Encoder\xmcodpop.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Winamp\winamp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Winamp\winampa.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\WinRAR\Rar.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\WinRAR\Uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\WinRAR\UnRAR.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\WinRAR\WinRAR.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\The Playa\ThePlaya.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\The Playa\uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\The Playa\validator.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\The Bat!\thebat.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Symantec\LiveUpdate\LUAll.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Symantec\LiveUpdate\Uninst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Resounding\Roger Wilco\roger.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Resounding\Roger Wilco\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealPlayer\realplay.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealPlayer\Setup\.g2cln.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealPlayer\Setup\setup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealJukebox\Update\rnuninst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Real\RealDownload\REALDOWNLOAD.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ReGetDx\MozSetup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ReGetDx\regetdx.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\PrecisionTime\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Plus!\SYSAGENT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Plus!\THEMES.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Photoshop 5.0\Photoshp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Photoshop 5.0\Registration\AdobeReg32.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\PV\Msoffice\MUSTUI.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Outlook Express\msimn.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Outlook Express\oemig50.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Outlook Express\wab.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Outlook Express\wabmig.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\opera.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\UnInst\OpUninst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\UnInst\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\UnInst\Backup\j2re-1_4_1_01-windows-i586-i.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Opera7\Program\Netscape.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\BACKLOG.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NDD32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NREGEDIT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NREGXPRT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NULIVEUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\OPTWIZ.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\REGPATCH.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\REGWDOC.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\SD32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\SIREGIST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\SYSDOC32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\WDSCAN.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\WINDOC.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Norton Utilities\NSS\SPDSTART.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\NetMeeting\CB32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\NetMeeting\CONF.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\NetMeeting\WB32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\NEMO_Soft\MicroDVD\MicroDVD.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Mult.ru Studio\masclock\runscr.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Mult.ru Studio\masclock\unins000.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\EXCEL.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\GRAPH9.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MAKECERT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MSO7FTP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MSO7FTPA.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MSO7FTPS.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\MSOHTMED.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\OSA9.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\OTUNEUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\SELFCERT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\WINWORD.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Microsoft Office\Office\1049\MSOHELP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\talk99.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\tkreg99.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\Tkreg99b.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MediaRing Talk 99\UpgAgent.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\mathcad.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\mcad.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\Msft.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\Newdict.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\MathSoft\Mathcad 2001 Professional\regtool.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\cmaple.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\lks.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\mint.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\updtsrc.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Maple 6\BIN.WNT\wmaple.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Lexmark_RMN\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Lavasoft Ad-Aware\Ad-aware.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Lavasoft Ad-Aware\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\AVPExec.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\AVPInst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\AvpM.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\AVRescue.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\KAVI.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\klav.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\OffGuard.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\OGRC.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Java Web Start\helper.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Java Web Start\javaws.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Java Web Start\uninst-javaws.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\ACTSETUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\CHLINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\IEXPLORE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Setup\IEBATCH.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Setup\SETUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Internet Explorer\Connection Wizard\isignup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\InstallShield Installation Information\{7F5E2A5A-92C5-4DF1-808D-1688C50CBFEE}\Setup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\InstallShield Installation Information\{1666FA7C-CB5F-11D6-A78C-00B0D079AF64}\Setup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\DBConvert.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\Icq.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\ICQPatchManager.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\ICQRebootDll.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\Icqrun.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\icqsrp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\ICQUninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\NDEdit.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\NDetect.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\UNWISE32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Icq\DataFiles\externals.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\GameSpy Arcade\ArcadeInstallFull201.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Far\Far.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Far\Uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\dlimport.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\logagent.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\mplayer2.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\setup_wm.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\F152~1\wmplayer.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\EDialer\EDialer.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\EDialer\Master.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\EDialer\DDETools\ExecMacro.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\EDialer\DDETools\RequestItem.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\DivXCodec\uninstall.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Date Manager\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Shared\Writing Tools\9.0\wt9sptlEN.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Register\IEHost.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Programs\coreldrw.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Programs\cscconv.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Programs\ExploreCD.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Corel\Graphics10\Programs\webwlc.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\DCOM95.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\LOGBOOK.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\LOGGER.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\SEVINST.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Symantec Shared\SYMUNDO.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Real\Update\nddeserv.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Real\Update\rnuninst.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Real\Update\upgrdhlp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\ReGet Shared\regetupd.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Microsoft Shared\VBA\VBA6\link.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Microsoft Shared\MSINFO\MSINFO32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Microsoft Shared\Artgalry\ARTGALRY.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Microsoft Shared\Artgalry\CAG.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\KAV Shared Files\AddKey.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\KAV Shared Files\avpupd.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\KAV Shared Files\AvpVList.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\KAV Shared Files\RepView.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKERNEL.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\engine\6\Intel 32\KNLWRAP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Webupdate\axdist.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Webupdate\iftw.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Webupdate\WebUpdate.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Webupdate\wsh.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\GMT\GUninstaller.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\EBAPISET.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\EBP16B.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\EBRR.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\SAgent95.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\EPSON\EBAPI\STMSetup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Borland Shared\BDE\BDEADMIN.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Autodesk Shared\AcHelp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\AVP Shared Files\AddKey.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\AVP Shared Files\AVPUnIns.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\AVP Shared Files\avpupd.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Common Files\AVP Shared Files\RepView.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\CREATIVE\AUDIO\CTSetup\ctsetup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\acad.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\addplwiz.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\assist.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\expand.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\hpsetup.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\pc3exe.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\sfxfe32.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\styexe.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\styshwiz.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\WebDepot\ErrorHandler\RepairToday.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Support\slidelib.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\3dsviz.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\Manager.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\Notify.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\QueueMan.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Render\Server.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AutoCAD 2000i\Help\alalink.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\Web\qkorder.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PS_20SE\PSTUDIO.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PS_20SE\QKORDER.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PP_20\Photoprn.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PF_20\fantasy2.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ArcSoft\PhotoStudio Suite\PB_20\PhBase.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Achiever ADC-65\TWUNK_16.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Achiever ADC-65\TWUNK_32.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Accessories\MSPAINT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Accessories\WORDPAD.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\Accessories\HyperTerminal\HYPERTRM.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\easytalk.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\etexp.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\ETTrace.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\srfile.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMSD\EasyTalk\UNINSTAL.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMDEIDE\98clean.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\AMDEIDE\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ACDSee32\ACDSee32.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ACDSee32\NetSonic.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ACDSee32\UNWISE.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\AINFO.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\CAGENT.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\ExtDictSaver.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\FINEOCR.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\FineReader.exe c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\FINESTI.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\SETUP.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\TWAIN\TWUNK_16.EXE c:\Documents and Settings\Olga\Mes documents\DiskMosc\Program Files\ABBYY FineReader 5.0 Pro\TWAIN\TWUNK_32.EXE c:\Documents and Settings\Olga\Mes documents\Vykroyki\DEMO.exe c:\Documents and Settings\Olga\Mes documents\Vykroyki\vw6042.exe c:\Documents and Settings\Olga\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe c:\Documents and Settings\Olga\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\ARPPRODUCTICON.exe c:\Documents and Settings\Olga\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe c:\Documents and Settings\Olga\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe c:\Documents and Settings\Olga\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe c:\Documents and Settings\Elyan\Menu Démarrer\Programmes\Démarrage\system.exe c:\Documents and Settings\Elyan\Local Settings\Temporary Internet Files\Content.IE5\OKJAJ9FB\SmitfraudFix[1].exe c:\Documents and Settings\Elyan\Local Settings\Temporary Internet Files\Content.IE56VF3FB4\RHosts[1].exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\_ISDel.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\Setup.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX0\Via4in1.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX1\_ISDel.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX1\Setup.exe c:\Documents and Settings\Administrateur\Local Settings\Temp\RarSFX1\Reader\AcroRd32.exe c:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\system.exe c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll c:\Documents and Settings\Jean-Christophe\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll ****** Fin du rapport DiagHelp

Merci beaucoup pour la rapidité, Voici le rapport qui vient de sortir: JC SmitFraudFix v2.225 Rapport fait à 16:54:09,01, 19/09/2007 Executé à partir de C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\lotus\notes\nslsvice.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\a-squared Free\a2free.exe C:\SmitfraudFix\SmiUpdate.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts Fichier hosts corrompu ! 127.0.0.1 www.legal-at-spybot.info 127.0.0.1 legal-at-spybot.info »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\printer.exe PRESENT ! C:\WINDOWS\system32\systems.txt PRESENT ! C:\WINDOWS\system32\vtr???.dll PRESENT ! C:\WINDOWS\system32\WinAvXX.exe PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-Christophe »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-Christophe\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JEAN-C~1\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\system32\\systems.txt" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Bonjour, J'ai un problème avec un message intempestif et récurrent. Le voici : Windows Security Alert : Warning! Potential Spyware Operation! your computer is making unauthorized copies of your system and Internet files. Run full scan nox to pervent any unauthorised access to your files! Click here to download spyware remover Il s'agit bien sur d'un message bidon mais : - j'ai également un ralentissement de mon système, - je n'ai plus accès à beaucoup de menus: au gestionnaire des taches, aux propriétés du poste de travail (pour desactiver les restaurations), à l'ajout et suppression des programmes... etc... Bref ... c'est quasiment impossible d'utiliser mon ordi depuis lundi! Pourriez vous m'aider SVP? Afin de gagner du temps, j'ai joint 4 rapports: HijackThis, Navilog1, Smitfraudfix (avant et après essai de correction) et Clean. Merci d'avance de votre aide et de vos conseil en tout cas ! JC Rapport HiJackThis : Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 21:20:06, on 18/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\lotus\notes\nslsvice.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\Explorer.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\WINDOWS\system32\printer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Extrafilm FotoFacil\Agent.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\program files\netappel\netappel.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jean-Christophe\Bureau\Mes telechargement\HiJackThis_v2.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [ffuploader] C:\DOCUME~1\Olga\LOCALS~1\Temp\phm.exe auto O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Extrafilm FotoFacil\Agent.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [NetAppel] "C:\program files\netappel\netappel.exe" -nosplash -minimized O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: system.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Exif Launcher.lnk = ? O4 - Global Startup: autorun.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/ O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.130/e9xr2.chm::/file.exe O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.0.8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://webalbum.foto.com/NewUploader/ImageUploader4.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/net/import/ImageUploader3.cab O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://photoservice.fujicolor.de/ips-opdat...PSUploader4.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://webalbum.foto.com/FUploader/SpeedUploader.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\systems.txt O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Service Elève pcAnywhere (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lotus Notes Single Logon - IBM Corp - C:\Program Files\lotus\notes\nslsvice.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe -- End of file - 11104 bytes Rapport Navilog1 Search Navipromo version 3.0.4 commencé le 18/09/2007 à 21:12:42,10 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 16.09.2007 a 13h00 by IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\Jean-Christophe\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR ====================================== Copyright 2005-2006 F-Secure Corporation. All rights reserved. This is a beta version. It will expire on 1st of October, 2007. Version information: 2.2.1064. [+] Started on 09/18/07 at 21:12:49. [+] Initializing ... [+] Starting scan, press Ctrl-C to abort. [+] Scanning for hidden items .................... [+] Scan complete. [+] Summary: 0 hidden item(s) found, 0 scheduled for renaming. [+] Exited on 09/18/07 at 21:13:25 (return code = 0). *** Recherche avec GenericNaviSearch *** !!! Tous Ces résultats peuvent révéler des fichiers légitimes !!! !!! A verifier impérativement avant toute suppression manuelle !!! * Scan C:\WINDOWS\system32 * Fichiers trouvés : Aucun Fichier trouvé ! Fichiers suspects : Aucun Fichier suspect trouvé ! *** Recherche fichiers *** *** Recherche cles registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : 3)Recherche Certificats : Certificat Egroup absent ! *** Analyse Terminé le 18/09/2007 à 21:13:42,82 *** RapportSmitfraudfix SmitFraudFix v2.200 Rapport fait à 23:12:34,87, 18/09/2007 Executé à partir de C:\Documents and Settings\Jean-Christophe\Mes documents\T‚l‚chargements_Divers\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 192.168.200.3 ad.doubleclick.net 192.168.200.3 ad.fastclick.net 192.168.200.3 ads.fastclick.net 192.168.200.3 ar.atwola.com 192.168.200.3 atdmt.com 192.168.200.3 avp.ch 192.168.200.3 avp.com 192.168.200.3 avp.ru 192.168.200.3 awaps.net 192.168.200.3 banner.fastclick.net 192.168.200.3 banners.fastclick.net 192.168.200.3 ca.com 192.168.200.3 click.atdmt.com 192.168.200.3 clicks.atdmt.com 192.168.200.3 customer.symantec.com 192.168.200.3 dispatch.mcafee.com 192.168.200.3 download.mcafee.com 192.168.200.3 downloads-us1.kaspersky-labs.com 192.168.200.3 downloads-us2.kaspersky-labs.com 192.168.200.3 downloads-us3.kaspersky-labs.com 192.168.200.3 downloads1.kaspersky-labs.com 192.168.200.3 downloads2.kaspersky-labs.com 192.168.200.3 downloads3.kaspersky-labs.com 192.168.200.3 downloads4.kaspersky-labs.com 192.168.200.3 engine.awaps.net 192.168.200.3 f-secure.com 192.168.200.3 fastclick.net 192.168.200.3 ftp.avp.ch 192.168.200.3 ftp.downloads1.kaspersky-labs.com 192.168.200.3 ftp.downloads2.kaspersky-labs.com 192.168.200.3 ftp.downloads3.kaspersky-labs.com 192.168.200.3 ftp.f-secure.com 192.168.200.3 ftp.kasperskylab.ru 192.168.200.3 ftp.sophos.com 192.168.200.3 ids.kaspersky-labs.com 192.168.200.3 kaspersky-labs.com 192.168.200.3 kaspersky.com 192.168.200.3 liveupdate.symantec.com 192.168.200.3 liveupdate.symantecliveupdate.com 192.168.200.3 mast.mcafee.com 192.168.200.3 mcafee.com 192.168.200.3 media.fastclick.net 192.168.200.3 my-etrust.com 192.168.200.3 nai.com 192.168.200.3 networkassociates.com 192.168.200.3 norton.com 192.168.200.3 phx.corporate-ir.net 192.168.200.3 rads.mcafee.com 192.168.200.3 secure.nai.com 192.168.200.3 securityresponse.symantec.com 192.168.200.3 service1.symantec.com 192.168.200.3 sophos.com 192.168.200.3 spd.atdmt.com 192.168.200.3 symantec.com 192.168.200.3 trendmicro.com 192.168.200.3 update.symantec.com 192.168.200.3 updates.symantec.com 192.168.200.3 updates1.kaspersky-labs.com 192.168.200.3 updates2.kaspersky-labs.com 192.168.200.3 updates3.kaspersky-labs.com 192.168.200.3 updates4.kaspersky-labs.com 192.168.200.3 updates5.kaspersky-labs.com 192.168.200.3 us.mcafee.com 192.168.200.3 vil.nai.com 192.168.200.3 viruslist.com 192.168.200.3 viruslist.ru 192.168.200.3 virusscan.jotti.org 192.168.200.3 virustotal.com 192.168.200.3 www.avp.ch 192.168.200.3 www.avp.com 192.168.200.3 www.avp.ru 192.168.200.3 www.awaps.net 192.168.200.3 www.ca.com 192.168.200.3 www.f-secure.com 192.168.200.3 www.fastclick.net 192.168.200.3 www.grisoft.com 192.168.200.3 www.kaspersky-labs.com 192.168.200.3 www.kaspersky.com 192.168.200.3 www.kaspersky.ru 192.168.200.3 www.mcafee.com 192.168.200.3 www.my-etrust.com 192.168.200.3 www.nai.com 192.168.200.3 www.networkassociates.com 192.168.200.3 www.sophos.com 192.168.200.3 www.symantec.com 192.168.200.3 www.symantec.com 192.168.200.3 www.trendmicro.com 192.168.200.3 www.viruslist.com 192.168.200.3 www.viruslist.ru 192.168.200.3 www.virustotal.com 192.168.200.3 www3.ca.com »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Rapport SmitFraudFix après essai de correction SmitFraudFix v2.200 Rapport fait à 23:56:38,64, 18/09/2007 Executé à partir de C:\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\..\{81260026-7663-40F1-88CE-7C27A0FBAA76}: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Rapport Clean Script execute en mode sans echec Rapport clean par Malekal_morte - http://www.malekal.com Script execute en mode sans echec 18/09/2007 a 23:54:33,82 Microsoft Windows XP [version 5.1.2600] *** Suppression des fichiers dans C: *** Suppression des fichiers dans C:\WINDOWS\ tentative de suppression de C:\WINDOWS\UnGins.exe *** Suppression des fichiers dans C:\WINDOWS\system32 tentative de suppression de C:\WINDOWS\system32\winsub.xml tentative de suppression de C:\WINDOWS\system32\printer.exe tentative de suppression de C:\WINDOWS\system32\WinAvXX.exe *** Suppression des fichiers dans C:\Program Files *** Suppression des clefs du registre effectuee.. *** Fin du rapport ! ________________________________________________________________________________________________________________________