scotischiglander

bonsoir je ne sais pas si j'ai fais la bonne manip, si je viens malencontreusement m'intercaller dans une disussion, mais j'ai moi aussi des inquiétudes sur la sécurité de mes connections. j'ai été infecté par un troyan , voici la partie de l'analyse d'antivir qui le précise (j'ai posté la total sur le forum sécurité..analyse...) "...C:\Program Files\IGN France\Georando-Ile-de-France\IN_IMA.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Fichier supprimé. C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP248\A0056174.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Fichier supprimé. Fin de la recherche : samedi 7 novembre 2009 19:28..." et sur le forum sécurité, "Pear" m'a conseillé de voir sur les autres forums. j'ai vu le soucis actuel et j'ai voulu comprendre comment une mise à jour d'antivir de début novembre n'avais pas détecté un infection qui a été vue et supprimé par une version antivir du printemps 2009!!! donc n'est ce pas un autre soucis qu'antivir en qui je fais confiance........ pouvez vous m'aiguiller, ou me donner des pistes de recherches.. je pous post le fichier d'analyse. Results of screen317's Security Check version 0.99.0 Windows XP Service Pack 3 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus ZoneAlarm Avira updated! `````````````````````````````` Anti-malware/Other Utilities Check: Ad-Aware Gmer HijackThis 2.0.2 TuneUp Utilities 2008 Java 6 Update 15 Java 6 Update 7 Out of date Java installed! Adobe Flash Player 10 Adobe Reader 9.1.3 - Français `````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe Ad-Aware AAWTray.exe is disabled! `````````````````````````````` DNS Vulnerability Check: `````````End of Log``````````` encore une fois si j'ai fais une boulette en m'incrustant au mauvais endroit, je présente à tous mes excuses, mais je ne suis pas trop à l'aise sur un forum Kenavo!

bonsoir Merci des conseils depuis la suppression par antivir des chevaux de troie et un redémarrage cela va beaucoup mieux (fluidité réponses mise à jour.....) j'ai réglé le double clic et j'ai tenté un mise à jour de la carte mémoire mais de de meilleur pilote dispo. pour le moment tout va mieux (pourvu que cela dure). je vais faire un ménage dans mon pc et une restauration du système. puis voir sur les forum d'optimisation ce qui peut m'etre utile. merci pour le coup de main Kenavo!

Bonsoir à toutes et tous. je reviens vous embêter (dernier soucis en février 2009 réglé avec brio par Thanios) Mon PC a un comportement bizarre. En effet il est très long à réagir lorsque je déclenche une action (ouverture de fichier, de logiciel, connexion sur Mozilla & sur Thunderbird, demande de mise à jour d'antivir de ad-aware, traitement de tune-up....). Les mises à jour des logiciels de sécurités sont longues voir annulées voire impossible(Antivir, ad-aware) Régulièrement lorsque je fais une action, l'écran se fige pendant plusieurs dizaines de secondes, ou alors la boite de dialogue ouverte se déplace comme les cartes dans le jeu "solitaire" en laissant des traces derrière elle. Régulièrement le double clic sur les raccourcis bureau ne fonctionnent pas et il faut le clic droit et le menu ouvrir pour avoir une réponse. Autrement mon bureau s'efface (plus d'icônes & avec ou pas de fond d'écran ) et devient couleur de fond (rose pour le moment)puis réapparait lentement. Plusieurs fois mon PC s'est redémarré seul sans raisons apparentes. Lors de la maintenance en 1 clic avec tune-up, les mêmes problèmes du composant système reviennent, il s'agit de raccourcis avec des fichiers . jpeg que j'ai déplacé ou supprimé, et qui 'ne sont plus disponible", malgré la correction ils reviennent au prochains scan. En feuilletant les forum Zébulon j'ai lancé le scan en ligne "Panda software" il a scanné une nuit entière pour m'annoncer au petit matin que 4 fichiers étaient infectés mais sans me les nommer (ou alors j'ai zappé l'info), par contre lorsque je scann avec Antivir Free, rien ne m'est signalé hormis 1 avertissement. Système Microsoft Windows XP édition familiale version 2002 service pack 3. Antivir personal free version 9.0.0.65. AD-Aware free version 8.1.1 Zone Alarm 7.0.483.000. les mise à jour automatiques sont activées. mise à jour de IE. effectuée. J'ai suivi les conseils concernant le Pré-Nettoyage d'un PC infecté , procédure pré-HijackThis (2005) je vous joint le log HIJACKTHIS Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:34:05, on 07/11/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe C:\Program Files\TuneUp Utilities 2008\RegistryCleaner.exe C:\Program Files\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart O4 - S-1-5-18 Startup: Navigateur Orange.lnk = C:\Program Files\Microsoft Works Suite 2003\Setup\launcher.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Navigateur Orange.lnk = C:\Program Files\Microsoft Works Suite 2003\Setup\launcher.exe (User 'Default user') O4 - .DEFAULT User Startup: Navigateur Orange.lnk = C:\Program Files\Microsoft Works Suite 2003\Setup\launcher.exe (User 'Default user') O4 - Startup: Ad-Aware.lnk = C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe O4 - Global Startup: Ad-Aware.lnk = C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe O4 - Global Startup: TuneUp Maintenance en 1 clic.lnk = C:\Program Files\TuneUp Utilities 2008\OneClick.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203021963265 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - C:\WINDOWS\system32\alading.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Service Google Update (gupdate1c99e434e9c2c28) (gupdate1c99e434e9c2c28) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8469 bytes je vous joind le rapport d'antivir avec la version que je viens de réintaller après le scann hijackthis; c'est la version: moteur de recherche V8 02 00 100 du 02 03 2009 ficher de def des virus v7 01 02 127 du 05/03/2009 (je ne peux pas avoir de mise à jour plus récente) (alors qu'avant la procédure de pré-hijack j'avais la mise à jour de début nov 2009 qui n'avait rien trouvé à part l'avertissement habituel) Avira AntiVir Personal Date de création du fichier de rapport : samedi 7 novembre 2009 18:06 La recherche porte sur 1284893 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : SAM Informations de version : BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00 AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 13:20:54 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 10:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 11:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 10:21:31 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 12:30:36 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 20:33:26 ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 07:41:14 ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 14:58:20 Version du moteur : 8.2.0.100 AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 17:36:42 AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 20:01:56 AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 11:44:25 AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 18:24:41 AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 13:06:10 AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 20:01:56 AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 15:49:16 AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 20:01:56 AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 13:06:10 AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 14:32:40 AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 14:22:44 AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 14:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 08:47:30 AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 11:39:26 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 14:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 15:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 15:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 10:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 15:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 08:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 15:40:59 RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 13:49:32 RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 10:07:05 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: supprimer Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : samedi 7 novembre 2009 18:06 La recherche d'objets cachés commence. '77642' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'RegistryCleaner.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés Processus de recherche 'unsecapp.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'ULCDRSvr.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'MemOptimizer.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'slserv.exe' - '1' module(s) sont contrôlés Processus de recherche 'Res.exe' - '1' module(s) sont contrôlés Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés Processus de recherche 'zlclient.exe' - '0' module(s) sont contrôlés Processus de recherche 'AAWTray.exe' - '1' module(s) sont contrôlés Processus de recherche 'PSIService.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'iviRegMgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'incdsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleUpdate.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXPPS.EXE' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXBCES.EXE' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'AAWService.exe' - '1' module(s) sont contrôlés Processus de recherche 'vsmon.exe' - '0' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '47' processus ont été contrôlés avec '47' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '62' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <disque dur de la SAM> C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\Program Files\IGN France\Georando-Ile-de-France\IN_IMA.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Fichier supprimé. C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP248\A0056174.dll [RESULTAT] Contient le cheval de Troie TR/Crypt.XPACK.Gen [REMARQUE] Fichier supprimé. Fin de la recherche : samedi 7 novembre 2009 19:28 Temps nécessaire: 1:22:18 Heure(s) La recherche a été effectuée intégralement 8845 Les répertoires ont été contrôlés 346049 Des fichiers ont été contrôlés 2 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 2 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 1 Impossible de contrôler des fichiers 346046 Fichiers non infectés 3104 Les archives ont été contrôlées 1 Avertissements 3 Consignes 77642 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés je vous joint les rapports de Ad-Aware Logfile created: 03/11/2009 06:14:03 Lavasoft Ad-Aware version: 8.1.0 User performing scan: denis *********************** Definitions database information *********************** Lavasoft definition file: 149.84 Genotype definition file version: 2009/10/28 15:48:12 ******************************** Scan results: ********************************* Scan profile name: Analyse intelligente (ID: smart) Objects scanned: 39194 Objects detected: 1 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 0 Files...........: 0 Folders.........: 0 LSPs............: 0 Cookies.........: 1 Browser hijacks.: 0 MRU objects.....: 0 Removed items: Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0 Scan and cleaning complete: Finished correctly after 480 seconds *********************************** Settings *********************************** Scan profile: ID: smart, enabled:1, value: Analyse intelligente ID: folderstoscan, enabled:1, value: ID: useantivirus, enabled:0, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: false ID: scanhostsfile, enabled:1, value: false ID: scanmru, enabled:1, value: false ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: false ID: onlyexecutables, enabled:1, value: true ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: true ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true ID: heuristicslevel, enabled:1, value: mild, domain: medium,mild,strict Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:0, value: Daily 1 ID: time, enabled:0, value: Wed Oct 14 14:32:00 2009 ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:0 ID: monday, enabled:0, value: false ID: tuesday, enabled:0, value: false ID: wednesday, enabled:0, value: false ID: thursday, enabled:0, value: false ID: friday, enabled:0, value: false ID: saturday, enabled:0, value: false ID: sunday, enabled:0, value: false ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:0, value: ID: auto_deal_with_infections, enabled:0, value: false ID: updatedaily2, enabled:0, value: Daily 2 ID: time, enabled:0, value: Wed Oct 14 20:32:00 2009 ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:0 ID: monday, enabled:0, value: false ID: tuesday, enabled:0, value: false ID: wednesday, enabled:0, value: false ID: thursday, enabled:0, value: false ID: friday, enabled:0, value: false ID: saturday, enabled:0, value: false ID: sunday, enabled:0, value: false ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:0, value: ID: auto_deal_with_infections, enabled:0, value: false ID: updatedaily3, enabled:0, value: Daily 3 ID: time, enabled:0, value: Wed Oct 14 02:32:00 2009 ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:0 ID: monday, enabled:0, value: false ID: tuesday, enabled:0, value: false ID: wednesday, enabled:0, value: false ID: thursday, enabled:0, value: false ID: friday, enabled:0, value: false ID: saturday, enabled:0, value: false ID: sunday, enabled:0, value: false ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:0, value: ID: auto_deal_with_infections, enabled:0, value: false ID: updatedaily4, enabled:0, value: Daily 4 ID: time, enabled:0, value: Wed Oct 14 08:32:00 2009 ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:0 ID: monday, enabled:0, value: false ID: tuesday, enabled:0, value: false ID: wednesday, enabled:0, value: false ID: thursday, enabled:0, value: false ID: friday, enabled:0, value: false ID: saturday, enabled:0, value: false ID: sunday, enabled:0, value: false ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:0, value: ID: auto_deal_with_infections, enabled:0, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Wed Oct 14 14:32:00 2009 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: true ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: true ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: Gold.eGL, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language ID: autoentertainmentmode, enabled:0, value: true ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple Realtime protection settings: ID: realtime, enabled:1 ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ID: modules, enabled:1 ID: processprotection, enabled:1, value: true ID: registryprotection, enabled:0, value: true ID: networkprotection, enabled:0, value: true ID: layers, enabled:1 ID: useantivirus, enabled:0, value: true ID: usespywareheuristics, enabled:0, value: true ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict ****************************** System information ****************************** Computer name: SAM Processor name: AMD Athlon XP 2600+ Processor identifier: x86 Family 6 Model 10 Stepping 0 Processor speed: ~1913MHZ Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 2560, number of processors 1, processor features: [MMX,SSE,3DNow] Physical memory available: 315965440 bytes Physical memory total: 1005961216 bytes Virtual memory available: 1923846144 bytes Virtual memory total: 2147352576 bytes Memory load: 68% Microsoft Windows XP Professional Service Pack 3 (build 2600) Windows startup mode: Running processes: PID: 604 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT PID: 676 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT PID: 700 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT PID: 744 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT PID: 756 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT PID: 932 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1000 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1100 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1148 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1320 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1412 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 1524 name: C:\WINDOWS\system32\ZoneLabs\vsmon.exe owner: <UNKNOWN> domain: <UNKNOWN> PID: 1804 name: C:\WINDOWS\system32\LEXBCES.EXE owner: SYSTEM domain: AUTORITE NT PID: 1836 name: C:\WINDOWS\system32\LEXPPS.EXE owner: SYSTEM domain: AUTORITE NT PID: 1844 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT PID: 1924 name: C:\Program Files\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: AUTORITE NT PID: 204 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 660 name: C:\Program Files\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: AUTORITE NT PID: 656 name: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT PID: 824 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM domain: AUTORITE NT PID: 964 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 1380 name: C:\Program Files\Ahead\InCD\InCDsrv.exe owner: SYSTEM domain: AUTORITE NT PID: 1388 name: C:\Program Files\Google\Update\GoogleUpdate.exe owner: SYSTEM domain: AUTORITE NT PID: 1688 name: C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe owner: SYSTEM domain: AUTORITE NT PID: 1948 name: C:\Program Files\Java\jre6\bin\jqs.exe owner: SYSTEM domain: AUTORITE NT PID: 1984 name: C:\WINDOWS\system32\nvsvc32.exe owner: SYSTEM domain: AUTORITE NT PID: 288 name: C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe owner: SYSTEM domain: AUTORITE NT PID: 340 name: C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe owner: SYSTEM domain: AUTORITE NT PID: 416 name: C:\WINDOWS\system32\slserv.exe owner: SYSTEM domain: AUTORITE NT PID: 472 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 492 name: C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe owner: SYSTEM domain: AUTORITE NT PID: 2352 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 2528 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT PID: 2980 name: C:\WINDOWS\Explorer.EXE owner: denis domain: SAM PID: 3652 name: C:\WINDOWS\system32\rundll32.exe owner: denis domain: SAM PID: 3788 name: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe owner: <UNKNOWN> domain: <UNKNOWN> PID: 3800 name: C:\Program Files\USB Disk Win98 Driver\Res.EXE owner: denis domain: SAM PID: 3828 name: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe owner: denis domain: SAM PID: 3852 name: C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe owner: denis domain: SAM PID: 3860 name: C:\WINDOWS\system32\RUNDLL32.EXE owner: denis domain: SAM PID: 2160 name: C:\Program Files\TuneUp Utilities 2008\RegistryCleaner.exe owner: denis domain: SAM PID: 3692 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT PID: 3876 name: C:\WINDOWS\System32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT PID: 1248 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: denis domain: SAM PID: 4020 name: C:\WINDOWS\system32\ctfmon.exe owner: denis domain: SAM PID: 1852 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: denis domain: SAM Startup items: Name: PostBootReminder imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9} Name: CDBurn imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9} Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: SysTray imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153} Name: WPDShServiceObj imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} Name: NvCplDaemon imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup Name: BluetoothAuthenticationAgent imagepath: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent Name: NeroCheck imagepath: C:\WINDOWS\system32\NeroCheck.exe Name: Ad-Watch imagepath: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe Name: ZoneAlarm Client imagepath: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" Name: USB Storage Toolbox imagepath: C:\Program Files\USB Disk Win98 Driver\Res.EXE Name: KernelFaultCheck imagepath: %systemroot%\system32\dumprep 0 -k Name: nwiz imagepath: nwiz.exe /install Name: avgnt imagepath: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1} imagepath: Pré-chargeur Browseui Name: {8C7461EF-2B13-11d2-BE35-3078302C2030} imagepath: Démon de cache des catégories de composant Name: location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Ad-Aware.lnk imagepath: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe Name: imagepath: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini Name: location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\TuneUp Maintenance en 1 clic.lnk imagepath: C:\Program Files\TuneUp Utilities 2008\OneClick.exe Name: imagepath: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\desktop.ini Name: location: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\Navigateur Orange.lnk imagepath: C:\Program Files\Microsoft Works Suite 2003\Setup\launcher.exe Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: ALG displayname: Service de la passerelle de la couche Application Name: AntiVirSchedulerService displayname: Avira AntiVir Planificateur Name: AntiVirService displayname: Avira AntiVir Guard Name: Apple Mobile Device displayname: Apple Mobile Device Name: AudioSrv displayname: Audio Windows Name: BITS displayname: Service de transfert intelligent en arrière-plan Name: Bonjour Service displayname: Service Bonjour Name: Browser displayname: Explorateur d'ordinateur Name: BthServ displayname: Bluetooth Support Service Name: CryptSvc displayname: Services de cryptographie Name: DcomLaunch displayname: Lanceur de processus serveur DCOM Name: Dhcp displayname: Client DHCP Name: Dnscache displayname: Client DNS Name: ERSvc displayname: Service de rapport d'erreurs Name: Eventlog displayname: Journal des événements Name: EventSystem displayname: Système d'événements de COM+ Name: FastUserSwitchingCompatibility displayname: Compatibilité avec le Changement rapide d'utilisateur Name: helpsvc displayname: Aide et support Name: InCDsrv displayname: InCD File System Service Name: Irmon displayname: Moniteur infrarouge Name: IviRegMgr displayname: IviRegMgr Name: JavaQuickStarterService displayname: Java Quick Starter Name: lanmanserver displayname: Serveur Name: lanmanworkstation displayname: Station de travail Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: LexBceS displayname: LexBce Server Name: LmHosts displayname: Assistance TCP/IP NetBIOS Name: Netman displayname: Connexions réseau Name: Nla displayname: NLA (Network Location Awareness) Name: NVSvc displayname: NVIDIA Driver Helper Service Name: PlugPlay displayname: Plug-and-Play Name: PolicyAgent displayname: Services IPSEC Name: ProtectedStorage displayname: Emplacement protégé Name: ProtexisLicensing displayname: ProtexisLicensing Name: RasMan displayname: Gestionnaire de connexions d'accès distant Name: RpcSs displayname: Appel de procédure distante (RPC) Name: SamSs displayname: Gestionnaire de comptes de sécurité Name: Schedule displayname: Planificateur de tâches Name: SeaPort displayname: SeaPort Name: seclogon displayname: Connexion secondaire Name: SENS displayname: Notification d'événement système Name: SharedAccess displayname: Pare-feu Windows / Partage de connexion Internet Name: ShellHWDetection displayname: Détection matériel noyau Name: SLService displayname: SmartLinkService Name: Spooler displayname: Spouleur d'impression Name: srservice displayname: Service de restauration système Name: stisvc displayname: Acquisition d'image Windows (WIA) Name: TapiSrv displayname: Téléphonie Name: TermService displayname: Services Terminal Server Name: Themes displayname: Thèmes Name: TrkWks displayname: Client de suivi de lien distribué Name: UleadBurningHelper displayname: Ulead Burning Helper Name: UxTuneUp displayname: TuneUp Extension de thème Name: vsmon displayname: TrueVector Internet Monitor Name: W32Time displayname: Horloge Windows Name: WebClient displayname: WebClient Name: winmgmt displayname: Infrastructure de gestion Windows Name: wscsvc displayname: Centre de sécurité Name: wuauserv displayname: Mises à jour automatiques Name: WudfSvc displayname: Windows Driver Foundation - User-mode Driver Framework Name: WZCSVC displayname: Configuration automatique sans fil Logfile created: 07/11/2009 07:28:16 Lavasoft Ad-Aware version: 8.1.0 User performing scan: denis *********************** Definitions database information *********************** Lavasoft definition file: 149.88 Genotype definition file version: 2009/11/06 10:26:06 ******************************** Scan results: ********************************* Scan profile name: Analyse intelligente (ID: smart) Objects scanned: 39130 Objects detected: 1 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 0 Files...........: 0 Folders.........: 0 LSPs............: 0 Cookies.........: 1 Browser hijacks.: 0 MRU objects.....: 0 Removed items: Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0 Scan and cleaning complete: Finished correctly after 936 seconds *********************************** Settings *********************************** Scan profile: ID: smart, enabled:1, value: Analyse intelligente ID: folderstoscan, enabled:1, value: ID: useantivirus, enabled:0, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: false ID: scanhostsfile, enabled:1, value: false ID: scanmru, enabled:1, value: false ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: false ID: onlyexecutables, enabled:1, value: true ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: true ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true ID: heuristicslevel, enabled:1, value: mild, domain: medium,mild,strict Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:0, value: Daily 1 ID: time, enabled:0, value: Wed Oct 14 14:32:00 2009 ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:0 ID: monday, enabled:0, value: false ID: tuesday, enabled:0, value: false ID: wednesday, enabled:0, value: false ID: thursday, enabled:0, value: false ID: friday, enabled:0, value: false ID: saturday, enabled:0, value: false ID: sunday, enabled:0, value: false ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:0, value: ID: auto_deal_with_infections, enabled:0, value: false ID: updatedaily2, enabled:0, value: Daily 2 ID: time, enabled:0, value: Wed Oct 14 20:32:00 2009 ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:0 ID: monday, enabled:0, value: false ID: tuesday, enabled:0, value: false ID: wednesday, enabled:0, value: false ID: thursday, enabled:0, value: false ID: friday, enabled:0, value: false ID: saturday, enabled:0, value: false ID: sunday, enabled:0, value: false ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:0, value: ID: auto_deal_with_infections, enabled:0, value: false ID: updatedaily3, enabled:0, value: Daily 3 ID: time, enabled:0, value: Wed Oct 14 02:32:00 2009 ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:0 ID: monday, enabled:0, value: false ID: tuesday, enabled:0, value: false ID: wednesday, enabled:0, value: false ID: thursday, enabled:0, value: false ID: friday, enabled:0, value: false ID: saturday, enabled:0, value: false ID: sunday, enabled:0, value: false ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:0, value: ID: auto_deal_with_infections, enabled:0, value: false ID: updatedaily4, enabled:0, value: Daily 4 ID: time, enabled:0, value: Wed Oct 14 08:32:00 2009 ID: frequency, enabled:0, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:0 ID: monday, enabled:0, value: false ID: tuesday, enabled:0, value: false ID: wednesday, enabled:0, value: false ID: thursday, enabled:0, value: false ID: friday, enabled:0, value: false ID: saturday, enabled:0, value: false ID: sunday, enabled:0, value: false ID: monthly, enabled:0, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:0, value: ID: auto_deal_with_infections, enabled:0, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Wed Oct 14 14:32:00 2009 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: true ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: true ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: Gold.eGL, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language ID: autoentertainmentmode, enabled:0, value: true ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple Realtime protection settings: ID: realtime, enabled:1 ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ID: modules, enabled:1 ID: processprotection, enabled:1, value: true ID: registryprotection, enabled:0, value: true ID: networkprotection, enabled:0, value: true ID: layers, enabled:1 ID: useantivirus, enabled:0, value: true ID: usespywareheuristics, enabled:0, value: true ID: heuristicslevel, enabled:0, value: mild, domain: medium,mild,strict ****************************** System information ****************************** Computer name: SAM Processor name: AMD Athlon XP 2600+ Processor identifier: x86 Family 6 Model 10 Stepping 0 Processor speed: ~1913MHZ Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 2560, number of processors 1, processor features: [MMX,SSE,3DNow] Physical memory available: 283152384 bytes Physical memory total: 1005961216 bytes Virtual memory available: 1922633728 bytes Virtual memory total: 2147352576 bytes Memory load: 71% Microsoft Windows XP Professional Service Pack 3 (build 2600) Windows startup mode: Running processes: PID: 452 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT PID: 676 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT PID: 700 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT PID: 744 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT PID: 756 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT PID: 920 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1000 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1096 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1148 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1316 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1408 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 1524 name: C:\WINDOWS\system32\ZoneLabs\vsmon.exe owner: <UNKNOWN> domain: <UNKNOWN> PID: 1800 name: C:\WINDOWS\system32\LEXBCES.EXE owner: SYSTEM domain: AUTORITE NT PID: 1832 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT PID: 1840 name: C:\WINDOWS\system32\LEXPPS.EXE owner: SYSTEM domain: AUTORITE NT PID: 1916 name: C:\Program Files\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: AUTORITE NT PID: 184 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 380 name: C:\Program Files\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: AUTORITE NT PID: 656 name: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT PID: 824 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM domain: AUTORITE NT PID: 804 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 1556 name: C:\Program Files\Ahead\InCD\InCDsrv.exe owner: SYSTEM domain: AUTORITE NT PID: 876 name: C:\Program Files\Google\Update\GoogleUpdate.exe owner: SYSTEM domain: AUTORITE NT PID: 1940 name: C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe owner: SYSTEM domain: AUTORITE NT PID: 1976 name: C:\Program Files\Java\jre6\bin\jqs.exe owner: SYSTEM domain: AUTORITE NT PID: 232 name: C:\WINDOWS\system32\nvsvc32.exe owner: SYSTEM domain: AUTORITE NT PID: 488 name: C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe owner: SYSTEM domain: AUTORITE NT PID: 560 name: C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe owner: SYSTEM domain: AUTORITE NT PID: 600 name: C:\WINDOWS\system32\slserv.exe owner: SYSTEM domain: AUTORITE NT PID: 628 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 396 name: C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe owner: SYSTEM domain: AUTORITE NT PID: 2444 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 2536 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT PID: 3308 name: C:\WINDOWS\Explorer.EXE owner: denis domain: SAM PID: 3268 name: C:\WINDOWS\system32\wscntfy.exe owner: denis domain: SAM PID: 3612 name: C:\WINDOWS\system32\rundll32.exe owner: denis domain: SAM PID: 3716 name: C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe owner: <UNKNOWN> domain: <UNKNOWN> PID: 3720 name: C:\Program Files\USB Disk Win98 Driver\Res.EXE owner: denis domain: SAM PID: 208 name: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe owner: denis domain: SAM PID: 3760 name: C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe owner: denis domain: SAM PID: 816 name: C:\WINDOWS\system32\RUNDLL32.EXE owner: denis domain: SAM PID: 3816 name: C:\WINDOWS\system32\ctfmon.exe owner: denis domain: SAM PID: 2124 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT PID: 868 name: C:\WINDOWS\System32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT PID: 3900 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: denis domain: SAM PID: 3472 name: C:\Program Files\Avira\AntiVir Desktop\update.exe owner: SYSTEM domain: AUTORITE NT PID: 1732 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: denis domain: SAM Startup items: Name: PostBootReminder imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9} Name: CDBurn imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9} Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: SysTray imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153} Name: WPDShServiceObj imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} Name: NvCplDaemon imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup Name: BluetoothAuthenticationAgent imagepath: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent Name: NeroCheck imagepath: C:\WINDOWS\system32\NeroCheck.exe Name: Ad-Watch imagepath: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe Name: ZoneAlarm Client imagepath: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" Name: USB Storage Toolbox imagepath: C:\Program Files\USB Disk Win98 Driver\Res.EXE Name: KernelFaultCheck imagepath: %systemroot%\system32\dumprep 0 -k Name: nwiz imagepath: nwiz.exe /install Name: avgnt imagepath: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1} imagepath: Pré-chargeur Browseui Name: {8C7461EF-2B13-11d2-BE35-3078302C2030} imagepath: Démon de cache des catégories de composant Name: location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Ad-Aware.lnk imagepath: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe Name: imagepath: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini Name: location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\TuneUp Maintenance en 1 clic.lnk imagepath: C:\Program Files\TuneUp Utilities 2008\OneClick.exe Name: imagepath: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\desktop.ini Name: location: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\Navigateur Orange.lnk imagepath: C:\Program Files\Microsoft Works Suite 2003\Setup\launcher.exe Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: ALG displayname: Service de la passerelle de la couche Application Name: AntiVirSchedulerService displayname: Avira AntiVir Planificateur Name: AntiVirService displayname: Avira AntiVir Guard Name: Apple Mobile Device displayname: Apple Mobile Device Name: AudioSrv displayname: Audio Windows Name: BITS displayname: Service de transfert intelligent en arrière-plan Name: Bonjour Service displayname: Service Bonjour Name: Browser displayname: Explorateur d'ordinateur Name: BthServ displayname: Bluetooth Support Service Name: CryptSvc displayname: Services de cryptographie Name: DcomLaunch displayname: Lanceur de processus serveur DCOM Name: Dhcp displayname: Client DHCP Name: Dnscache displayname: Client DNS Name: ERSvc displayname: Service de rapport d'erreurs Name: Eventlog displayname: Journal des événements Name: EventSystem displayname: Système d'événements de COM+ Name: FastUserSwitchingCompatibility displayname: Compatibilité avec le Changement rapide d'utilisateur Name: helpsvc displayname: Aide et support Name: InCDsrv displayname: InCD File System Service Name: Irmon displayname: Moniteur infrarouge Name: IviRegMgr displayname: IviRegMgr Name: JavaQuickStarterService displayname: Java Quick Starter Name: lanmanserver displayname: Serveur Name: lanmanworkstation displayname: Station de travail Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: LexBceS displayname: LexBce Server Name: LmHosts displayname: Assistance TCP/IP NetBIOS Name: Netman displayname: Connexions réseau Name: Nla displayname: NLA (Network Location Awareness) Name: NVSvc displayname: NVIDIA Driver Helper Service Name: PlugPlay displayname: Plug-and-Play Name: PolicyAgent displayname: Services IPSEC Name: ProtectedStorage displayname: Emplacement protégé Name: ProtexisLicensing displayname: ProtexisLicensing Name: RasMan displayname: Gestionnaire de connexions d'accès distant Name: RpcSs displayname: Appel de procédure distante (RPC) Name: SamSs displayname: Gestionnaire de comptes de sécurité Name: Schedule displayname: Planificateur de tâches Name: SeaPort displayname: SeaPort Name: seclogon displayname: Connexion secondaire Name: SENS displayname: Notification d'événement système Name: SharedAccess displayname: Pare-feu Windows / Partage de connexion Internet Name: ShellHWDetection displayname: Détection matériel noyau Name: SLService displayname: SmartLinkService Name: Spooler displayname: Spouleur d'impression Name: srservice displayname: Service de restauration système Name: stisvc displayname: Acquisition d'image Windows (WIA) Name: TapiSrv displayname: Téléphonie Name: TermService displayname: Services Terminal Server Name: Themes displayname: Thèmes Name: TrkWks displayname: Client de suivi de lien distribué Name: UleadBurningHelper displayname: Ulead Burning Helper Name: UxTuneUp displayname: TuneUp Extension de thème Name: vsmon displayname: TrueVector Internet Monitor Name: W32Time displayname: Horloge Windows Name: WebClient displayname: WebClient Name: winmgmt displayname: Infrastructure de gestion Windows Name: wscsvc displayname: Centre de sécurité Name: wuauserv displayname: Mises à jour automatiques Name: WudfSvc displayname: Windows Driver Foundation - User-mode Driver Framework Name: WZCSVC displayname: Configuration automatique sans fil je vous remercie pour votre aide car j'avoue avoir du mal à tout comprendre.

Bonsoir Thanos bien effectué senduit.com mais je n'ai pas l'impression qu'il se soit passé grand chose: j'ai accepté "fusion au registre" et rien de visuel ne s'est produit. j'ai refait un Rsit dont je te joind le fichier "log". Logfile of random's system information tool 1.05 (written by random/random) Run by denis at 2009-02-27 19:45:00 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 80 GB (53%) free of 153 GB Total RAM: 959 MB (41% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:45:40, on 27/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Orange\Systray\SystrayApp.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Orange\Launcher\Launcher.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Orange\connectivity\connectivitymanager.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe C:\Program Files\Dofus\Dofus.exe C:\Program Files\Dofus\dofus.dll C:\Program Files\Dofus\dofus.dll C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Orange\Deskboard\deskboard.exe C:\Program Files\Orange\browser\browser.exe C:\Documents and Settings\denis\Bureau\RSIT.exe C:\Program Files\trend micro\denis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [systrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - .DEFAULT User Startup: Navigateur Orange.lnk = C:\Program Files\Orange\Launcher\Launcher.exe (User 'Default user') O4 - Global Startup: Ad-Aware.lnk = C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe O4 - Global Startup: Cartable en ligne - Le Hall Bienvenue Quentin PERRUCHET (2).URL O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203021963265 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - C:\WINDOWS\system32\alading.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 8675 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Maintenance en 1 clic.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}] C:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-26 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{988B07F5-7392-455A-8A1F-64935CB8B6ED}] BHO Barre de Confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-26 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-26 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - Barre de confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-26 136600] "BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592] "NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-12-13 919016] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696] "SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208] "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400] "Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe [2008-06-20 154368] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Ad-Aware.lnk - C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe Cartable en ligne - Le Hall Bienvenue Quentin PERRUCHET (2).URL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "_NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III" "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Warcraft III\Warcraft III.exe"="C:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======List of files/folders created in the last 1 months====== 2009-02-27 19:45:00 ----D---- C:\rsit 2009-02-26 21:16:31 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-02-26 21:14:30 ----SHD---- C:\Config.Msi 2009-02-26 21:09:17 ----D---- C:\Program Files\NOS 2009-02-26 21:09:17 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2009-02-26 21:05:22 ----A---- C:\WINDOWS\system32\javaws.exe 2009-02-26 21:05:22 ----A---- C:\WINDOWS\system32\javaw.exe 2009-02-26 21:05:22 ----A---- C:\WINDOWS\system32\java.exe 2009-02-26 21:05:22 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-02-25 18:50:57 ----D---- C:\Program Files\Avira 2009-02-25 18:50:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-02-24 18:06:27 ----D---- C:\Program Files\Navilog1 2009-02-23 23:30:06 ----A---- C:\WINDOWS\ntbtlog.txt 2009-02-16 18:48:21 ----D---- C:\Program Files\OpenOffice.org 2.4 2009-02-16 17:29:57 ----A---- C:\WINDOWS\War3Unin.exe 2009-02-16 17:27:15 ----D---- C:\Warcraft III 2009-02-16 09:44:55 ----D---- C:\Program Files\Warcraft III 2009-02-07 18:53:53 ----A---- C:\WINDOWS\setuplog.txt 2009-01-28 18:56:38 ----D---- C:\Program Files\Microsoft Picture It! 7 ======List of files/folders modified in the last 1 months====== 2009-02-27 19:45:40 ----D---- C:\Program Files\Trend Micro 2009-02-27 19:45:32 ----D---- C:\WINDOWS\Prefetch 2009-02-27 19:45:12 ----D---- C:\WINDOWS\Internet Logs 2009-02-27 18:52:54 ----D---- C:\WINDOWS\Temp 2009-02-27 10:03:53 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-02-27 09:16:11 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-02-27 00:27:54 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-26 21:18:13 ----SHD---- C:\WINDOWS\Installer 2009-02-26 21:18:12 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-02-26 21:16:31 ----D---- C:\Program Files\Fichiers communs 2009-02-26 21:16:31 ----D---- C:\Program Files\Adobe 2009-02-26 21:16:22 ----D---- C:\WINDOWS\WinSxS 2009-02-26 21:13:26 ----D---- C:\WINDOWS\system32 2009-02-26 21:09:17 ----RD---- C:\Program Files 2009-02-26 21:06:37 ----D---- C:\Program Files\Java 2009-02-26 12:54:38 ----A---- C:\WINDOWS\lexstat.ini 2009-02-25 18:51:00 ----D---- C:\WINDOWS\system32\drivers 2009-02-25 17:47:21 ----D---- C:\Program Files\SpeedFan 2009-02-23 23:33:46 ----A---- C:\WINDOWS\system32\user32.dll 2009-02-23 23:30:06 ----D---- C:\WINDOWS 2009-02-23 18:39:01 ----D---- C:\Program Files\Mozilla Firefox 2009-02-21 08:38:24 ----HD---- C:\WINDOWS\inf 2009-02-21 08:38:24 ----D---- C:\Program Files\Windows Live 2009-02-21 08:38:24 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-02-19 21:50:35 ----D---- C:\Documents and Settings\denis\Application Data\OpenOffice.org2 2009-02-16 18:48:42 ----RSD---- C:\WINDOWS\Fonts 2009-02-09 16:52:03 ----A---- C:\WINDOWS\WirelessFTP.INI 2009-02-06 19:21:32 ----D---- C:\Program Files\Dofus 2009-01-28 19:00:02 ----SD---- C:\Documents and Settings\denis\Application Data\Microsoft 2009-01-28 18:56:54 ----D---- C:\WINDOWS\Help 2009-01-28 18:56:01 ----D---- C:\Program Files\Microsoft Works ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-09-15 28688] R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-01-26 52224] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-12-13 394952] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624] R3 nvax;Service for NVIDIA® nForce Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376] R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2003-06-07 70656] R3 nvnforce;Service for NVIDIA® nForce Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464] R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-30 5888] R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-04 15104] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-09-15 88800] S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [] S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-03-29 86097] S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [] S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-04 126686] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-04 1309184] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-04 180360] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-04 404990] S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-04 95424] S3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-04 13240] S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851] S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-04-22 98048] S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531] S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-04-22 52608] S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048] S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-08 611664] R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536] R2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-09-15 798772] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-26 152984] R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-05-16 303104] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-08-20 73796] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-12-13 75304] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-08-03 355584] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- j'espère que c'est tout bon et si on se retrouve pas pour continuer à nettoyer ce PC, je te présente encore une fois tout mes remerciements pour tes conseils et action. merci aussi à toute l'équipe. Kenavo

Bonsoir Thanos Merci pour les conseils, le Pc va beaucoup mieux (même mieux qu'avant l'infection). voici le rapport de Java: JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Thu Feb 26 21:06:03 2009 Found and removed: C:\Program Files\Java\jre1.6.0_04 Found and removed: C:\Program Files\Java\jre1.6.0_05 Found and removed: C:\Program Files\Java\jre1.6.0_06 Found and removed: C:\Program Files\Java\jre1.6.0_07 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\JavaPlugin.160_04 Found and removed: SOFTWARE\Classes\JavaPlugin.160_05 Found and removed: SOFTWARE\Classes\JavaPlugin.160_06 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_06 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_06 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160060} Found and removed: Software\Classes\JavaPlugin.160_04 Found and removed: Software\Classes\JavaPlugin.160_05 Found and removed: Software\Classes\JavaPlugin.160_06 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_06 Found and removed: Software\JavaSoft\Java2D\1.6.0_04 Found and removed: Software\JavaSoft\Java2D\1.6.0_05 Found and removed: Software\JavaSoft\Java2D\1.6.0_06 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_06 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_06\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_06\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\ ------------------------------------ Finished reporting. j'ai fais lamise à jour de adobe reader 9 par contre pas trouvé de version 8.1.3 à désinstaler dans ma liste des programmes installés !!!! Rend toi sur cette page afin de télécharger le fichier fix.reg sur ton Bureau => http://senduit.com/68ef2d Patiente une seconde: le téléchargement va se lancer automatiquement. quand je clic je tombe sur une page stipulant que ce fichier est expiré !!!!! au plaisir de te lire.

désolé j'ai oublié de joindre les rapports de scan d'Antivir (l'age surement) les voilà par ordre. avant la mise à jour d'antivir: Avira AntiVir Personal Date de création du fichier de rapport : mercredi 25 février 2009 18:52 La recherche porte sur 1038808 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : denis Nom de l'ordinateur :SAM Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36 ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 16:57:13 ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 16:16:47 ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 17/11/2008 16:38:59 Version du moteur: 8.2.0.31 AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56 AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 14:00:07 AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38 AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39 AEOFFICE.DLL : 8.1.0.30 196986 Bytes 07/11/2008 15:06:41 AEHEUR.DLL : 8.1.0.71 1487222 Bytes 07/11/2008 15:06:41 AEHELP.DLL : 8.1.1.3 119157 Bytes 07/11/2008 15:06:41 AEGEN.DLL : 8.1.1.0 319859 Bytes 07/11/2008 15:06:41 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56 AECORE.DLL : 8.1.4.1 172405 Bytes 07/11/2008 15:06:41 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58 AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Répertoire système Windows Fichier de configuration.........: C:\Program Files\Avira\AntiVir PersonalEdition Classic\setupprf.dat Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: arrêt Fichier mode de recherche........: Sélection de fichiers intelligente Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Début de la recherche : mercredi 25 février 2009 18:52 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'antivir_workstation_winu_fr_h.exe' - '1' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'AlertModule.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'slserv.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'MemOptimizer.exe' - '1' module(s) sont contrôlés Processus de recherche 'WkUFind.exe' - '1' module(s) sont contrôlés Processus de recherche 'SystrayApp.exe' - '1' module(s) sont contrôlés Processus de recherche 'incdsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'FTRTSVC.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXPPS.EXE' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXBCES.EXE' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'aawservice.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '36' processus ont été contrôlés avec '36' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '53' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\WINDOWS\system32' Fin de la recherche : mercredi 25 février 2009 18:55 Temps nécessaire: 03:01 Minute(s) La recherche a été effectuée intégralement 242 Les répertoires ont été contrôlés 6344 Des fichiers ont été contrôlés 0 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 0 Impossible de contrôler des fichiers 6344 Fichiers non infectés 18 Les archives ont été contrôlées 0 Avertissements 0 Consignes après la mise à jour d'Antivir Avira AntiVir Personal Date de création du fichier de rapport : mercredi 25 février 2009 19:09 La recherche porte sur 1265535 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :SAM Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 18:08:07 ANTIVIR2.VDF : 7.1.2.55 248832 Bytes 20/02/2009 18:08:10 ANTIVIR3.VDF : 7.1.2.82 109568 Bytes 25/02/2009 18:08:11 Version du moteur: 8.2.0.88 AEVDF.DLL : 8.1.1.0 106868 Bytes 25/02/2009 18:08:27 AESCRIPT.DLL : 8.1.1.52 348538 Bytes 25/02/2009 18:08:26 AESCN.DLL : 8.1.1.7 127347 Bytes 25/02/2009 18:08:24 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38 AEPACK.DLL : 8.1.3.8 397684 Bytes 25/02/2009 18:08:23 AEOFFICE.DLL : 8.1.0.33 196987 Bytes 25/02/2009 18:08:21 AEHEUR.DLL : 8.1.0.97 1610103 Bytes 25/02/2009 18:08:20 AEHELP.DLL : 8.1.2.0 119159 Bytes 25/02/2009 18:08:14 AEGEN.DLL : 8.1.1.21 336244 Bytes 25/02/2009 18:08:13 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56 AECORE.DLL : 8.1.6.6 176501 Bytes 25/02/2009 18:08:12 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58 AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: arrêt Fichier mode de recherche........: Tous les fichiers Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Types d'archives divergents......: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Catégories de dangers divergentes: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : mercredi 25 février 2009 19:09 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'slserv.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés Processus de recherche 'incdsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'FTRTSVC.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'AlertModule.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'MemOptimizer.exe' - '1' module(s) sont contrôlés Processus de recherche 'WkUFind.exe' - '1' module(s) sont contrôlés Processus de recherche 'SystrayApp.exe' - '1' module(s) sont contrôlés Processus de recherche 'zlclient.exe' - '0' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXPPS.EXE' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXBCES.EXE' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'aawservice.exe' - '1' module(s) sont contrôlés Processus de recherche 'vsmon.exe' - '0' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '37' processus ont été contrôlés avec '37' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '51' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <disque dur de la SAM> C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! Fin de la recherche : mercredi 25 février 2009 20:10 Temps nécessaire: 1:00:37 Heure(s) La recherche a été effectuée intégralement 7161 Les répertoires ont été contrôlés 390440 Des fichiers ont été contrôlés 0 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 1 Impossible de contrôler des fichiers 390439 Fichiers non infectés 3047 Les archives ont été contrôlées 1 Avertissements 0 Consignes merci encore.

bonsoir Thanos Merci pour le coup de main j'ai effectué comme demandé un fix navilog 1, dont je joinds le rapport Clean Navipromo version 3.7.4 commencé le 25/02/2009 à 17:43:18,71 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 16.02.2009 à 18h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2600+ ) BIOS : BIOS Date: 09/24/03 19:43:06 Ver: 08.00.08 USER : denis ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090224-0] 4.8.1335 (Activated) Firewall : ZoneAlarm Firewall 7.0.462.000 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:149 Go (Free:78 Go) D:\ (CD or DVD) E:\ (CD or DVD) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\denis\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\denis\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\Doudou\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\Fanfan\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\nany\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\denis\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\denis\menudm~1\progra~1" *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\denis\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\denis\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 25/02/2009 à 17:47:02,59 *** ensuite comme prévu téléchargement, suppression et installation de Antivir à la place d'Avast. j'ai fais deux scans Antivir (un fais directement par antivir avant que j'ai reconnecté Internet, et fais la mise à jour, et l'autre après redemmarage et mise à jour), dont je joinds les rapports. Par contre comme à chaque fois (c'est aussi pour cela que j'avais réinstallé Avast), j'ai un avertissement concernant un fichier que Antivir n'arrive pas à scanner. ?????? est ce que cela est important, et si oui comment m'en débarasser? encore et encore des interrogations. encore une fois merci pour le coup de main, et si une réponse pour ce fichier non "scannable", ce serait chouette. kenavo

bonsoir Qc001 merci pour l'info j'ai ouvert DrWeb sous format excel et voici le copie de la feuille user32.dll c:\windows\system32 BackDoor.Zapinit Sera désinfecté après redémarrage de l'ordinateur A0012357.dll C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP55 BackDoor.Zapinit Désinfecté. A0015416.DLL C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP55 BackDoor.Zapinit Désinfecté. user32.dll.delete_on_reboot C:\WINDOWS\system32 BackDoor.Zapinit Sera désinfecté après redémarrage de l'ordinateur est ce que c'est ce qui était attendu? merci pour votre réponse.

bonsoir en réponse à la question: Peux tu poster le rapport de DrWeb ?. désolé je ne retrouve pas de fichier DrWeb.csv sur mon bureau mais seulement un fihier excel DrWeb. !!!!! j'ai fini le scan ce matin à 2h30 et peut etre n'ai je pas enregistré comme il fallais. dois je en faire un autre ?? est ce que cela aura la même utilité? Merci pour votre réponse

bonjour merci de votre aide je joint le rapport de navilog et j'essaie de retrouver le rapport de drweb Search Navipromo version 3.7.4 commencé le 24/02/2009 à 18:07:39,35 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 16.02.2009 à 18h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon XP 2600+ ) BIOS : BIOS Date: 09/24/03 19:43:06 Ver: 08.00.08 USER : denis ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090224-0] 4.8.1335 (Not Activated) Firewall : ZoneAlarm Firewall 7.0.462.000 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:149 Go (Free:78 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (USB) - FAT32 - Total:249 Mo (Free:0 Go) Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\denis\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\Doudou\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\Fanfan\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\nany\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\denis\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\denis\menudm~1\progra~1" *** *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\denis\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! HKEY_CURRENT_USER\Software\Lanconfig HKEY_CURRENT_USER\Software\mc *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\denis\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : *** Analyse terminée le 24/02/2009 à 18:08:26,14 ***

bonjour merci d'avoir répondu à ma demande. j'ai réalisé les actions demandées sur mon Pc et j'ai retrouvé la main. par contre j'ai eggectué Dr.Web CureIt en mode sans écheccar je n'avais pas la possibilité autrement d'avoir mon clavaier et me souris de dispo. il a détecté plusieur fichier infecté et j'ai suivi ses directives, j'ai ensuite réalisé RSIT.exe. je vous envoie les rapports. ensuite ayant retrouvé la main j'ai reffais Dr.Web CureIt en mode normal et rien de détecté. merci encore et j'attend vos commentaires. 1° fichier:"info" info.txt logfile of random's system information tool 1.05 2009-02-24 02:14:07 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ABBYY FineReader 5.0 Sprint Plus-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2} Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003} Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Ahead InCD EasyWrite Reader-->C:\WINDOWS\unmrw.exe /UNINSTALL Ahead InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL Ahead Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Ahead NeroVision Express-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Barre de confiance CM-CIC-->"C:\Program Files\BarreConfCMCIC\Setup.exe" -u Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Dofus 1.26.0-->C:\Program Files\Dofus\uninstall.exe Extension Système de Microsoft Money-->MsiExec.exe /I{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7} Free Mp3 Wma Converter V 1.6.3-->"C:\Program Files\Free Audio Pack\unins000.exe" Gekko Mahjongg-->C:\PROGRA~1\MICROA~1\MAXIMA~1\Data\System\Unwise32.exe C:\PROGRA~1\MICROA~1\MAXIMA~1\Data\System\Install.log GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634} Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Lexmark X6100 Series-->C:\WINDOWS\System32\spool\drivers\w32x86\3\LXBFUN5C.EXE -dLexmark X6100 Series livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Money-->MsiExec.exe /I{01A2E33A-8ADA-42D1-9173-8F65149E952F} Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft Picture It! Photo 7.0-->MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9} Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72} Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 8 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" MP3 Player Utilities 3.68-->MsiExec.exe /I{D98BFAD2-0C90-47F4-9D69-2EFF21631884} Navigateur Orange-->C:\Program Files\Orange\Uninstall\Browser\Shell.exe MainUninstall.shl NVIDIA Audio Driver-->C:\WINDOWS\System32\nvuAudio.exe Uninstall C:\WINDOWS\System32\NvAudio.nvu,NVIDIA Audio Driver NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI NVIDIA Ethernet Driver-->C:\WINDOWS\System32\nvuenet.exe Uninstall C:\WINDOWS\System32\Nvenet.nvu,NVIDIA Ethernet Driver NVIDIA Gart Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA Gart Driver NvMixer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall Orange - Logiciels Internet-->C:\Program Files\Orange\installation\core\Installgui.exe -u PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" Print to Fax-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BF2B19D-9C79-492A-8969-F059F06A627F}\setup.exe" -l0x40c ControlPanel QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} S4 League_EU-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D96021A9-B290-4783-B019-0E4000DA84CE}\setup.exe" -l0x9 Sélecteur d'installation de Microsoft Works Suite 2003-->C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe E:\ SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe" Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe" TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: ZoneAlarm Antivirus (disabled) (outdated) AV: avast! antivirus 4.8.1335 [VPS 090223-0] FW: ZoneAlarm Firewall System event log Computer Name: SAM Event Code: 7036 Message: Le service Gestionnaire de connexion automatique d'accès distant est entré dans l'état : arrêté. Record Number: 34686 Source Name: Service Control Manager Time Written: 20090223062843.000000+060 Event Type: Informations User: Computer Name: SAM Event Code: 7035 Message: Un contrôle Arrêter a correctement été envoyé au service Gestionnaire de connexion automatique d'accès distant. Record Number: 34685 Source Name: Service Control Manager Time Written: 20090223062843.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SAM Event Code: 8033 Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{E38EC5D0-FC21-4DFF-8A4E-4071CCC72288} car un maître explorateur a été arrêté. Record Number: 34684 Source Name: BROWSER Time Written: 20090223062842.000000+060 Event Type: Informations User: Computer Name: SAM Event Code: 1073 Message: Échec de la tentative de redémarrer. SAM Record Number: 34683 Source Name: USER32 Time Written: 20090223062559.000000+060 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: SAM Event Code: 7036 Message: Le service Gestionnaire de connexion automatique d'accès distant est entré dans l'état : en cours d'exécution. Record Number: 34682 Source Name: Service Control Manager Time Written: 20090223061735.000000+060 Event Type: Informations User: Application event log Computer Name: SAM Event Code: 0 Message: Record Number: 118 Source Name: gusvc Time Written: 20080224082732.000000+060 Event Type: Informations User: Computer Name: SAM Event Code: 2 Message: Récupération de la mise à jour automatique du fichier CAB de la liste racine tierce partie réussie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> Record Number: 117 Source Name: crypt32 Time Written: 20080223091244.000000+060 Event Type: Informations User: Computer Name: SAM Event Code: 7 Message: Récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie réussie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> Record Number: 116 Source Name: crypt32 Time Written: 20080223091243.000000+060 Event Type: Informations User: Computer Name: SAM Event Code: 11725 Message: Product: Dealio Toolbar 3.3 -- Removal failed. Record Number: 115 Source Name: MsiInstaller Time Written: 20080223082015.000000+060 Event Type: Informations User: SAM\denis Computer Name: SAM Event Code: 11725 Message: Product: Dealio Toolbar 3.3 -- Removal failed. Record Number: 114 Source Name: MsiInstaller Time Written: 20080223081919.000000+060 Event Type: Informations User: SAM\denis ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=0a00 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "tvdumpflags"=8 -----------------EOF----------------- 2° fichier: "log" Logfile of random's system information tool 1.05 (written by random/random) Run by denis at 2009-02-24 02:13:59 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 81 GB (53%) free of 153 GB Total RAM: 959 MB (61% free) HijackThis download failed ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Maintenance en 1 clic.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}] C:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{988B07F5-7392-455A-8A1F-64935CB8B6ED}] BHO Barre de Confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}] EoBHO Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - Barre de confiance - C:\Program Files\BarreConfCMCIC\TAPBar.dll [2007-09-14 225280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592] "NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-12-13 919016] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696] "SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208] "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400] "Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe [2008-06-20 154368] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kammcqu] c:\documents and settings\denis\local settings\application data\kammcqu.exe kammcqu [] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Ad-Aware.lnk - C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe Cartable en ligne - Le Hall Bienvenue Quentin PERRUCHET (2).URL C:\Documents and Settings\denis\Menu Démarrer\Programmes\Démarrage SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe TuneUp Maintenance en 1 clic.lnk - C:\Program Files\TuneUp Utilities 2008\OneClick.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "_NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III" "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Warcraft III\Warcraft III.exe"="C:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3902b71a-d8dc-11dc-b8dc-000ea610979d}] shell\Setup\command - setup.exe ======List of files/folders created in the last 1 months====== 2009-02-24 02:13:59 ----D---- C:\rsit 2009-02-23 23:30:06 ----A---- C:\WINDOWS\ntbtlog.txt 2009-02-22 17:00:35 ----A---- C:\WINDOWS\system32\aswBoot.exe 2009-02-16 18:48:21 ----D---- C:\Program Files\OpenOffice.org 2.4 2009-02-16 17:29:57 ----A---- C:\WINDOWS\War3Unin.exe 2009-02-16 17:27:15 ----D---- C:\Warcraft III 2009-02-16 09:44:55 ----D---- C:\Program Files\Warcraft III 2009-02-07 18:53:53 ----A---- C:\WINDOWS\setuplog.txt 2009-01-28 18:56:38 ----D---- C:\Program Files\Microsoft Picture It! 7 ======List of files/folders modified in the last 1 months====== 2009-02-24 02:13:55 ----D---- C:\WINDOWS\Prefetch 2009-02-24 02:12:46 ----D---- C:\WINDOWS\Internet Logs 2009-02-24 02:11:28 ----D---- C:\WINDOWS\Temp 2009-02-24 02:11:24 ----D---- C:\Program Files\SpeedFan 2009-02-24 02:10:16 ----D---- C:\WINDOWS\system32 2009-02-23 23:33:46 ----A---- C:\WINDOWS\system32\user32.dll 2009-02-23 23:30:06 ----D---- C:\WINDOWS 2009-02-23 23:27:01 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-02-23 23:24:02 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-23 18:44:01 ----D---- C:\WINDOWS\system32\drivers 2009-02-23 18:39:01 ----D---- C:\Program Files\Mozilla Firefox 2009-02-23 07:14:52 ----RD---- C:\Program Files 2009-02-21 09:11:10 ----SHD---- C:\WINDOWS\Installer 2009-02-21 08:38:24 ----HD---- C:\WINDOWS\inf 2009-02-21 08:38:24 ----D---- C:\Program Files\Windows Live 2009-02-21 08:38:24 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-02-19 21:50:35 ----D---- C:\Documents and Settings\denis\Application Data\OpenOffice.org2 2009-02-16 18:48:42 ----RSD---- C:\WINDOWS\Fonts 2009-02-15 10:32:04 ----A---- C:\WINDOWS\lexstat.ini 2009-02-09 16:52:03 ----A---- C:\WINDOWS\WirelessFTP.INI 2009-02-06 19:21:32 ----D---- C:\Program Files\Dofus 2009-01-28 19:00:02 ----SD---- C:\Documents and Settings\denis\Application Data\Microsoft 2009-01-28 18:56:54 ----D---- C:\WINDOWS\Help 2009-01-28 18:56:01 ----D---- C:\Program Files\Microsoft Works 2009-01-25 19:10:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-01-25 19:09:24 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944] R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376] R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-09-15 28688] R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-01-26 52224] R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-12-13 394952] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624] R3 nvax;Service for NVIDIA® nForce Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376] R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2003-06-07 70656] R3 nvnforce;Service for NVIDIA® nForce Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-30 5888] R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-04 15104] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-09-15 88800] S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [] S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-03-29 86097] S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [] S3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-04 126686] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-04 1309184] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-04 180360] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-04 404990] S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-04 95424] S3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-04 13240] S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851] S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-04-22 98048] S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531] S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-04-22 52608] S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048] S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-08 611664] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536] R2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-09-15 798772] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-05-16 303104] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-08-20 73796] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-12-13 75304] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-08-03 355584] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF-----------------

bonsoir a tous et toutes Je fais de nouveau appel a vous car avast4 m'a signalé que "c:\windows\systeme32\user32.dll" est infecté par win32:syspatch[wrm] virus/ver090223-0,23/02/2009 la mise en quarantaine, la réparation, la suppression et le déplacement étant impossible avast m'a conseiller d'appuyer sur "ne rien faire" et de lancer un scan au démarrage., ce que j'ai fais. le pc a redémarré, scan (sur fond bleu), avast me signalant "c:\windows\systeme32\user32.dll" est infecté par win32:syspatch[wrm]: lorsque je veux mettre en quarantaine avast m'annonce une erreur 0xc0000121 , lorsque je veux réparer avast me signal erreur 42060 , pour continuer le scan la seule solution est d'ignorer. ensuite avast me signal que : c:\windows\temp\_avast4_\unp54962263.tmp est infecté par win32:syspatch[wrm] mise en quarantaine pour finir le scan. mon bureau apparait une fois le scan terminer, la bare des taches est transparente et le pointeur de la souris se déplace mais pas de réponse au clavier ni aux clic souris. je suis actuellement sur le pc portable de ma fille pour demander votre aide svp. windows xp pack 3 , j'ai désinstalé antivir et je suis bêtement passer sous avast. parefeu zone alarme , ad-aware antispyware . sur une clé usb j'ai télécharger HiJackThis. j'attend votre aide svp merci par avance

merci de ne pas oublier thin lizzy "the black rose" gary moore

bonjour angélique merci de ton aide voici les éléments demandés: scan gmer du 29032008 à 13h51 GMER 1.0.14.14205 - http://www.gmer.net Rootkit scan 2008-03-29 13:50:12 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwConnectPort [0xB5067040] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0xB5063930] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateKey [0xB506EA80] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0xB5067510] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcess [0xB506D870] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcessEx [0xB506DAA0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateSection [0xB5070FD0] SSDT F7BDB0FC ZwCreateThread SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0xB5067600] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0xB5063F20] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0xB506F6E0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteValueKey [0xB506F440] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDuplicateObject [0xB506D580] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0xB506F8B0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0xB5063D70] SSDT F7BDB0E8 ZwOpenProcess SSDT F7BDB0ED ZwOpenThread SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRenameKey [0xB5070250] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0xB506FCB0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRequestWaitReplyPort [0xB5066C00] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRestoreKey [0xB5070080] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSecureConnectPort [0xB5067220] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0xB5064120] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetValueKey [0xB506F140] SSDT F7BDB0F7 ZwTerminateProcess SSDT F7BDB0F2 ZwWriteVirtualMemory ---- Kernel code sections - GMER 1.0.14 ---- .text TUKERNEL.EXE!_abnormal_termination + 104 804E2760 12 Bytes [ 10, 75, 06, B5, 70, D8, 06, ... ] ? srescan.sys Le fichier spécifié est introuvable. ! ---- User code sections - GMER 1.0.14 ---- .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WdtpInterfacePointer_UserFree + FFEDCA04 774A1931 51 Bytes [ 00, 00, 00, 00, 00, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WdtpInterfacePointer_UserFree + FFEDCA3F 774A196C 1 Byte [ 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WdtpInterfacePointer_UserFree + FFEDCA46 774A1973 3 Bytes [ 00, 00, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WdtpInterfacePointer_UserFree + FFEDCA4F 774A197C 1 Byte [ 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WdtpInterfacePointer_UserFree + FFEDCA56 774A1983 3 Bytes [ 00, 00, 00 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTaskMemAlloc + B5 774BD0FD 10 Bytes [ 43, 6F, 6E, 76, 65, 72, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTaskMemAlloc + C0 774BD108 35 Bytes [ 47, 65, 74, 44, 6F, 63, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTaskMemAlloc + E4 774BD12C 19 Bytes [ 6C, 6F, 62, 61, 6C, 46, 72, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTaskMemAlloc + F8 774BD140 37 Bytes [ 47, 65, 74, 48, 47, 6C, 6F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTaskMemAlloc + 11E 774BD166 2 Bytes [ 47, 65 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsValidInterface + 186 774BD5AF 46 Bytes [ 6F, 6E, 69, 6B, 65, 72, 52, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsValidInterface + 1B5 774BD5DE 260 Bytes [ 49, 53, 74, 6F, 72, 61, 67, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsValidInterface + 2BA 774BD6E3 29 Bytes [ 4F, 6C, 65, 43, 72, 65, 61, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsValidInterface + 2D8 774BD701 168 Bytes [ 4F, 6C, 65, 43, 72, 65, 61, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsValidInterface + 381 774BD7AA 151 Bytes [ 6F, 43, 6F, 6E, 76, 65, 72, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetMalloc + A6 774BDD9E 58 Bytes [ 74, 43, 6F, 6E, 76, 65, 72, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetMalloc + E1 774BDDD9 5 Bytes [ 49, 6E, 74, 65, 72 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetMalloc + E7 774BDDDF 177 Bytes [ 61, 63, 65, 50, 6F, 69, 6E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromGUID2 + 8F 774BDE91 63 Bytes [ 57, 72, 69, 74, 65, 53, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromGUID2 + CF 774BDED1 25 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromGUID2 + E9 774BDEEB 28 Bytes [ 55, 14, 03, 75, 0C, 4F, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromGUID2 + 106 774BDF08 15 Bytes [ C2, 46, 4F, 77, 7A, 1C, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromGUID2 + 116 774BDF18 77 Bytes [ 03, 38, 4F, 77, 9C, 44, 4F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateBindCtx + 6A 774BE5A4 64 Bytes [ EB, 58, 4D, 77, 03, 4F, 54, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateBindCtx + AB 774BE5E5 111 Bytes [ 90, 90, 90, 90, 8B, FF, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateBindCtx + 11B 774BE655 88 Bytes [ 01, 75, 07, 51, FF, 15, 8C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateBindCtx + 174 774BE6AE 19 Bytes [ EC, 8B, 45, 08, 83, C0, 04, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateBindCtx + 18B 774BE6C5 5 Bytes [ 8B, FF, 55, 8B, EC ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetState + 2 774BEDE8 9 Bytes [ 83, C6, 48, 6A, 27, 66, C7, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetState + C 774BEDF2 4 Bytes [ 66, 83, 66, 02 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetState + 11 774BEDF7 14 Bytes [ 58, 5E, 5D, C2, 0C, 00, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetState + 20 774BEE06 3 Bytes [ EC, 57, 33 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetState + 24 774BEE0A 17 Bytes [ 39, 7D, 08, 74, 3B, E8, 5A, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetErrorInfo + 52 774BEEEC 4 Bytes [ 84, CB, 09, 03 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetErrorInfo + 57 774BEEF1 33 Bytes [ A1, 98, 61, 5C, 77, 57, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetErrorInfo + 79 774BEF13 4 Bytes [ 15, 80, 12, 4A ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetErrorInfo + 7E 774BEF18 63 Bytes [ 89, 7E, 04, 89, 06, FF, 05, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateGuid + 37 774BEF58 14 Bytes [ 00, 0F, 85, 34, 85, 05, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateGuid + 47 774BEF68 3 Bytes [ 8B, FF, 55 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeEx + 1 774BEF6C 2 Bytes [ EC, 56 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeEx + 4 774BEF6F 30 Bytes [ 75, 08, 56, 6A, 01, 6A, 04, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeEx + 23 774BEF8E 4 Bytes [ 5E, 5D, C2, 04 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeEx + 28 774BEF93 18 Bytes [ 90, 90, 90, 90, 90, 33, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeEx + 3B 774BEFA6 65 Bytes [ C3, 90, AD, 52, 54, 77, 2F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!RegisterDragDrop + 6E 774BF688 71 Bytes [ 98, 85, FF, 0F, 85, E4, 06, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!RegisterDragDrop + B6 774BF6D0 68 Bytes [ 51, 6A, 00, FF, 35, 00, 60, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitialize + 3B 774BF715 64 Bytes [ CA, 83, E1, 03, F3, A4, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitialize + 7C 774BF756 23 Bytes [ 45, 08, 0F, 85, A0, 2F, 05, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitialize + 94 774BF76E 5 Bytes [ 00, 90, 90, 90, 90 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitialize + 9A 774BF774 14 Bytes [ 8B, FF, 55, 8B, EC, 56, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitialize + AA 774BF784 12 Bytes [ FF, 75, 08, 0F, 85, 18, 0A, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateInstanceEx + 42 774BFAAD 107 Bytes [ FF, 90, 90, 90, 90, 90, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateInstance + 56 774BFB19 4 Bytes [ 84, F2, 28, 06 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateInstance + 5B 774BFB1E 68 Bytes [ 56, 8B, 75, 08, 8B, 4E, 2C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateInstance + A0 774BFB63 20 Bytes [ 03, 53, FF, 50, 04, 33, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateInstance + B5 774BFB78 158 Bytes [ 55, 8B, EC, 56, 8D, 45, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateInstance + 154 774BFC17 23 Bytes [ B8, 57, 00, 07, 80, E9, 20, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitialize + CB 774C2B02 69 Bytes [ FF, 8B, C7, 0D, 00, 00, 07, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitialize + 111 774C2B48 66 Bytes [ 75, 10, 89, 5D, 08, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitialize + 154 774C2B8B 46 Bytes [ 5D, 0C, 56, 8B, 75, 08, 57, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitialize + 1AD 774C2BE4 102 Bytes [ 15, 44, 10, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitialize + 214 774C2C4B 36 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisconnectObject + 4 774C2D01 15 Bytes [ 08, 50, FF, 51, 08, 8B, 46, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisconnectObject + 14 774C2D11 21 Bytes [ 8D, BE, B0, 00, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisconnectObject + 2A 774C2D27 17 Bytes [ 8B, 07, 85, C0, 0F, 85, 8E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisconnectObject + 3C 774C2D39 12 Bytes [ 8E, 80, 00, 00, 00, 5E, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisconnectObject + 49 774C2D46 77 Bytes [ 56, 8B, F1, 8B, 46, 28, 85, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeAllLibraries + 13 774C3AAA 21 Bytes [ 6A, 0C, 89, 41, 04, 58, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeAllLibraries + 29 774C3AC0 54 Bytes [ 00, B0, 1A, 4A, 77, 89, 70, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeAllLibraries + 60 774C3AF7 95 Bytes [ FF, B8, 57, 00, 07, 80, E9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeAllLibraries + C1 774C3B58 7 Bytes [ 85, FF, 0F, 84, C9, C2, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeAllLibraries + C9 774C3B60 10 Bytes [ 57, FF, 15, 44, 12, 4A, 77, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStreamOnHGlobal + 2 774C6412 38 Bytes [ 75, 08, 8B, F1, 89, 1E, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStreamOnHGlobal + 29 774C6439 39 Bytes [ 00, 89, 06, 89, 5E, 14, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStreamOnHGlobal + 51 774C6461 73 Bytes [ 89, 46, 54, 8B, 45, 0C, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStreamOnHGlobal + 9B 774C64AB 21 Bytes [ 89, 46, 58, 8B, 45, 10, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStreamOnHGlobal + 102 774C6512 3 Bytes [ FF, 33, C0 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorage + 25 774C7962 20 Bytes [ 00, 8D, 45, C4, 50, 6A, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorage + 3A 774C7977 203 Bytes [ 15, 58, 10, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorage + 106 774C7A43 29 Bytes [ FF, 3B, C6, 89, 45, F8, 7C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorage + 124 774C7A61 70 Bytes [ FF, 15, E4, 12, 4A, 77, E9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorage + 16B 774C7AA8 1 Byte [ 4F ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetRunningObjectTable + 1B 774CC24F 5 Bytes [ 74, AC, 64, A1, 18 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetRunningObjectTable + 21 774CC255 18 Bytes [ 00, 00, 8B, 80, 80, 0F, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetRunningObjectTable + 34 774CC268 57 Bytes [ 25, 39, BE, 84, 04, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetRunningObjectTable + 6F 774CC2A3 24 Bytes [ 8B, 00, 03, 46, 04, 3B, C7, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetRunningObjectTable + 88 774CC2BC 3 Bytes [ 80, 80, 0F ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DllGetClassObject + 43 774CC8EA 59 Bytes [ 64, A1, 18, 00, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DllGetClassObject + 8F 774CC936 6 Bytes [ 33, C0, E9, E4, F2, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DllGetClassObject + EB 774CC992 4 Bytes [ 00, 8B, 80, 80 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DllGetClassObject + F0 774CC997 3 Bytes [ 00, 00, 8B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DllGetClassObject + F4 774CC99B 43 Bytes [ 03, 46, 58, 56, 8D, 48, 60, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromString + 37 774CCBD3 11 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromString + 43 774CCBDF 5 Bytes [ 8B, 80, B0, 00, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromString + 49 774CCBE5 42 Bytes [ 8B, 08, 50, FF, 51, 04, 5D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromString + 74 774CCC10 7 Bytes [ 8D, 45, 08, 50, 8D, BE, A8 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromString + 13B 774CCCD7 8 Bytes [ 48, 0C, 5D, C2, 0C, 00, 90, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromCLSID + 1B 774CD5EB 3 Bytes [ 02, 89, 5D ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromCLSID + 1F 774CD5EF 11 Bytes [ 0F, 84, 49, 65, 02, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromCLSID + 2B 774CD5FB 152 Bytes [ 00, 39, 5D, D8, 74, 06, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromCLSID + C4 774CD694 44 Bytes [ 00, 5F, 5E, 8B, C3, 5B, 5D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromCLSID + F1 774CD6C1 47 Bytes [ 15, 20, 17, 4A, 77, 5D, C2, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoReleaseMarshalData + 20 774CEA7B 59 Bytes [ 85, B8, 23, 00, 00, F6, 81, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoReleaseMarshalData + A3 774CEAFE 26 Bytes [ 00, 10, 0F, 85, 84, 7F, 05, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoReleaseMarshalData + BE 774CEB19 4 Bytes [ 84, 28, 23, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoReleaseMarshalData + F5 774CEB50 68 Bytes [ 75, 1D, A8, 08, 74, 19, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoReleaseMarshalData + 13A 774CEB95 37 Bytes [ 83, 7D, FC, 00, 74, 0A, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DcomChannelSetHResult + B8 774CF777 96 Bytes [ 4E, 64, 8B, 49, 20, 3B, C8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DcomChannelSetHResult + 119 774CF7D8 26 Bytes [ FF, 51, 0C, 85, C0, 7C, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DcomChannelSetHResult + 134 774CF7F3 1 Byte [ F6 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DcomChannelSetHResult + 136 774CF7F5 1 Byte [ 8C ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DcomChannelSetHResult + 13B 774CF7FA 58 Bytes [ 83, 7F, 04, 08, 0F, 85, 99, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetMarshalSizeMax 774D0D1F 33 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetMarshalSizeMax + 22 774D0D41 4 Bytes [ BF, FD, FF, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetMarshalSizeMax + 29 774D0D48 7 Bytes [ 59, 53, 8D, 86, B4, 01, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetMarshalSizeMax + 31 774D0D50 82 Bytes [ 50, BB, 57, 00, 07, 80, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetMarshalSizeMax + 85 774D0DA4 1 Byte [ 5D ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnmarshalInterface 774D0E53 6 Bytes [ 90, 90, 8B, FF, 55, 8B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnmarshalInterface + 7 774D0E5A 183 Bytes [ 83, EC, 34, 53, 8B, D9, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnmarshalInterface + BF 774D0F12 32 Bytes [ 45, FC, 2B, F0, 39, 55, E0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnmarshalInterface + E0 774D0F33 18 Bytes [ 15, 54, 61, 5C, 77, 8B, 4D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnmarshalInterface + F4 774D0F47 1 Byte [ D4 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoImpersonateClient + 24 774D2A53 33 Bytes [ 7C, 61, F6, 45, 0D, 40, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoImpersonateClient + 46 774D2A75 20 Bytes [ 85, C0, 74, 4E, 6A, 01, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoImpersonateClient + 5C 774D2A8B 102 Bytes [ 8B, F0, 85, F6, 0F, 84, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoImpersonateClient + C3 774D2AF2 25 Bytes [ 33, D2, F7, F6, 8B, 45, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoImpersonateClient + DD 774D2B0C 5 Bytes [ 90, 90, 90, 90, 90 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibraries + 56 774D33EF 20 Bytes [ EC, 56, 57, FF, 75, 0C, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibraries + 6B 774D3404 80 Bytes [ 07, 57, FF, 50, 40, 3D, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibraries + BC 774D3455 23 Bytes [ FF, 83, FA, 05, 0F, 84, BA, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibraries + D4 774D346D 39 Bytes [ 00, 00, 8B, 40, 68, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibraries + FC 774D3495 56 Bytes CALL ED4C87B7 .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibrariesEx + D 774D3557 32 Bytes [ FF, 53, 56, 57, 8B, F1, BF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibrariesEx + 2E 774D3578 82 Bytes [ FF, 15, 90, 12, 4A, 77, 80, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibrariesEx + 81 774D35CB 15 Bytes [ 07, 80, 89, 45, 20, E9, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibrariesEx + 91 774D35DB 159 Bytes [ FF, 56, 57, 8B, F9, BE, 68, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFreeUnusedLibrariesEx + 132 774D367C 130 Bytes [ 88, 80, 0F, 00, 00, 85, C9, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterface + 34 774D42C1 25 Bytes [ 4D, 08, 89, 0C, 85, B0, 95, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterface + 4E 774D42DB 18 Bytes [ 83, 7D, 08, 00, 5E, 0F, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterface + 61 774D42EE 94 Bytes [ 15, 30, 12, 4A, 77, E9, 87, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterface + C1 774D434E 3 Bytes [ 25, 44, 05 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterface + C5 774D4352 97 Bytes [ 5F, 8B, C3, 5B, 5E, 5D, C2, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReleaseStgMedium + 118 774D4D05 6 Bytes [ 8B, CF, E8, FD, 9A, FE ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReleaseStgMedium + 11F 774D4D0C 5 Bytes [ 50, E8, 5F, 9B, FE ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReleaseStgMedium + 125 774D4D12 4 Bytes [ 85, C0, 0F, 85 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReleaseStgMedium + 12A 774D4D17 133 Bytes [ 0F, 05, 00, 8D, 46, 04, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReleaseStgMedium + 1B0 774D4D9D 37 Bytes [ 85, FF, 7C, 30, 8B, 46, 24, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObjectContext + 3A 774D51FE 125 Bytes [ FF, 85, C0, 7C, 07, 81, 66, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObjectContext + B8 774D527C 11 Bytes [ 8B, 03, 8B, 4D, 18, 89, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObjectContext + C4 774D5288 13 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObjectContext + D2 774D5296 5 Bytes [ 75, 1C, FF, 75, 18 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObjectContext + D8 774D529C 2 Bytes [ 75, 14 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateFreeThreadedMarshaler + 60 774D5CCA 74 Bytes [ FF, 39, 5D, 14, 74, 6F, 39, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateFreeThreadedMarshaler + AB 774D5D15 11 Bytes [ 15, 5C, 10, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateFreeThreadedMarshaler + B7 774D5D21 55 Bytes [ FF, 39, 5D, F4, 74, 1A, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCallContext + 28 774D5D59 32 Bytes [ 60, 5C, 77, 53, 33, DB, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCallContext + 49 774D5D7A 254 Bytes [ 00, 89, 06, 33, C0, 8B, 4D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassObject + C7 774D5E79 4 Bytes [ EC, 81, EC, 4C ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassObject + CD 774D5E7F 9 Bytes [ 00, 53, 8B, D9, 56, 8D, 83, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassObject + D8 774D5E8A 17 Bytes [ 8B, 08, 57, 89, 4D, F4, 03, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassObject + EA 774D5E9C 27 Bytes [ FF, FF, F3, A5, 83, 20, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassObject + 106 774D5EB8 21 Bytes [ 8B, 4B, 14, 85, C9, C7, 45, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterChannelHook + 10 774D715F 183 Bytes [ 89, 45, AC, 8B, 06, 33, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterChannelHook + C8 774D7217 31 Bytes [ 5D, C4, 7C, 40, FF, 75, AC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterChannelHook + E8 774D7237 5 Bytes [ 45, C0, 8B, 08, 50 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterChannelHook + EE 774D723D 36 Bytes [ 51, 08, 39, 7D, C4, 8B, C3, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterChannelHook + 116 774D7265 5 Bytes [ 8B, FF, 55, 8B, EC ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeSecurity + 2F 774D744C 100 Bytes [ 00, 00, 8B, 5E, 38, 89, 5D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeSecurity + 94 774D74B1 8 Bytes [ 85, C0, 89, 45, E8, 0F, 8C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeSecurity + 9D 774D74BA 1 Byte [ 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeSecurity + A8 774D74C5 57 Bytes CALL EECA354F .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeSecurity + E3 774D7500 94 Bytes [ 89, 45, E0, B9, A0, 61, 5C, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterClassObject + 7D 774D879D 15 Bytes [ 0F, 85, D4, 02, 00, 00, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterClassObject + 8D 774D87AD 27 Bytes [ 8D, BD, B4, FB, FF, FF, AB, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterClassObject + A9 774D87C9 48 Bytes [ 89, 9D, D0, FB, FF, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterClassObject + DA 774D87FA 55 Bytes [ 0F, 85, BF, D1, 00, 00, 33, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterClassObject + 112 774D8832 35 Bytes [ 93, 5C, 77, FF, 15, 04, 16, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryClientBlanket + 2 774DAA70 34 Bytes [ FF, 0F, 8C, 84, 00, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryClientBlanket + 25 774DAA93 5 Bytes [ B5, E0, FD, FF, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryClientBlanket + 2B 774DAA99 20 Bytes [ D6, 85, C0, 0F, 85, 81, 7C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryClientBlanket + 40 774DAAAE 43 Bytes [ FF, 50, 8D, 85, D4, FD, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryClientBlanket + 6C 774DAADA 19 Bytes [ FF, 89, 85, E4, FD, FF, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetProxyBlanket + 12 774DB465 3 Bytes [ EC, FF, 75 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IIDFromString + 45 774DB4C9 31 Bytes [ C8, 8D, 45, D4, 6A, 01, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IIDFromString + 67 774DB4EB 43 Bytes [ 90, 90, 8B, FF, 55, 8B, EC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IIDFromString + 93 774DB517 62 Bytes [ 00, FF, 75, 10, 8B, 40, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetPSClsid + 3A 774DB556 199 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetPSClsid + 102 774DB61E 1 Byte [ 4D ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetPSClsid + 104 774DB620 8 Bytes [ 56, FF, 75, 0C, E8, 2D, A3, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetPSClsid + 10D 774DB629 34 Bytes [ 85, C0, 0F, 85, A9, 16, 03, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetPSClsid + 130 774DB64C 11 Bytes [ 00, A1, 04, 60, 5C, 77, 56, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCopyProxy + 17 774E00FE 1 Byte [ E8 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCopyProxy + 1A 774E0101 2 Bytes [ 70, D0 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCopyProxy + 21 774E0108 29 Bytes [ 3B, C3, 0F, 8C, E5, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCopyProxy + 40 774E0127 189 Bytes [ 06, 8D, 4D, EC, 51, 68, FC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCopyProxy + FE 774E01E5 64 Bytes [ 8B, 4D, E0, 3B, CB, 8B, F0, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSwitchCallContext + 24 774E034B 20 Bytes [ 85, 64, FF, FF, FF, 8B, 78, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevertToSelf + 1 774E0360 4 Bytes [ 06, 8D, 4D, 80 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevertToSelf + 7 774E0366 58 Bytes [ 8D, 6C, FF, FF, FF, 51, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevertToSelf + 42 774E03A1 2 Bytes [ 45, 80 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevertToSelf + 45 774E03A4 15 Bytes [ 75, 8C, 8D, 8D, 74, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevertToSelf + 55 774E03B4 43 Bytes [ FF, F7, DF, 1B, FF, 6A, 04, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!FreePropVariantArray + A 774E0DD0 75 Bytes [ 85, DB, 0F, 85, 43, 77, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!FreePropVariantArray + 56 774E0E1C 57 Bytes [ FF, 75, 10, 8B, 45, 08, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!FreePropVariantArray + 90 774E0E56 4 Bytes [ F9, 89, 45, FC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!FreePropVariantArray + 95 774E0E5B 54 Bytes [ 47, 04, F7, D0, A8, 01, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!FreePropVariantArray + CC 774E0E92 6 Bytes [ F8, 85, FF, 0F, 8C, F9 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptorFromTypeInfo + 11 774E1BE5 223 Bytes [ 08, 50, FF, 51, 08, 89, 3D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptorFromTypeInfo + F1 774E1CC5 17 Bytes [ 00, 43, 00, 6C, 00, 61, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptorFromTypeInfo + 103 774E1CD7 24 Bytes [ 75, 10, 8B, 5D, 0C, E9, 0B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptorFromTypeInfo + 11C 774E1CF0 4 Bytes [ 8F, 24, C8, 03 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptorFromTypeInfo + 160 774E1D34 29 Bytes [ 8B, 3D, A4, 10, 4A, 77, 83, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromProgID + 24 774E42F0 92 Bytes [ 85, C0, 74, 1E, 89, 73, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromProgID + 81 774E434D 64 Bytes [ 90, 90, 90, FF, FF, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromProgID + C2 774E438E 23 Bytes [ 5E, C9, C2, 08, 00, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromOle1Class + 13 774E43A6 19 Bytes [ 0F, 85, B3, 23, 03, 00, 6A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromOle1Class + 27 774E43BA 55 Bytes [ 75, 0C, 8B, CF, FF, 75, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromOle1Class + 5F 774E43F2 6 Bytes [ 90, 90, 90, 90, 90, 8B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromOle1Class + 66 774E43F9 17 Bytes [ 55, 8B, EC, 8D, 45, 0C, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromOle1Class + 81 774E4414 9 Bytes [ 51, 53, 56, 57, 8B, 7D, 0C, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MkParseDisplayName + 31 774E4762 59 Bytes [ 51, 04, 83, C6, 54, 56, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MkParseDisplayName + 6D 774E479E 35 Bytes [ 55, 8B, EC, 56, 8B, 75, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MkParseDisplayName + 91 774E47C2 53 Bytes [ 55, 8B, EC, 8B, 45, 0C, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MkParseDisplayName + C7 774E47F8 210 Bytes [ F0, 33, DB, F3, A7, 0F, 84, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MkParseDisplayName + 19A 774E48CB 9 Bytes [ 4B, 77, C7, 46, 18, 74, 22, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObject + 22 774E4E82 76 Bytes [ 07, 50, FF, 15, 28, 15, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObject + 6F 774E4ECF 32 Bytes [ FF, 89, 73, 74, 0F, B6, 0E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObject + 90 774E4EF0 37 Bytes [ FF, 89, 46, 28, 8D, 46, 38, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObject + B6 774E4F16 7 Bytes [ FF, 50, 8D, 4D, FC, E8, 0A ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetObject + BE 774E4F1E 5 Bytes [ 00, 00, E9, 46, D8 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoResumeClassObjects + 41 774E751D 166 Bytes [ 00, 39, 75, EC, 8B, 43, 1C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSuspendClassObjects + 5D 774E75C4 64 Bytes [ 6A, 04, 8D, 45, CC, 50, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSuspendClassObjects + 9E 774E7605 145 Bytes [ 85, B1, DA, 03, 00, 57, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSuspendClassObjects + 130 774E7697 31 Bytes [ 76, 38, 8D, 46, 28, FF, 76, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSuspendClassObjects + 150 774E76B7 75 Bytes [ 08, FF, FF, 00, 80, E9, C7, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSuspendClassObjects + 19C 774E7703 48 Bytes [ 83, F8, 16, 0F, 84, C0, EA, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryProxyBlanket + 6F 774E7D63 3 Bytes [ 21, 9B, 04 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryProxyBlanket + 73 774E7D67 39 Bytes [ 8B, 45, 0C, 89, 08, 33, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryProxyBlanket + 9B 774E7D8F 113 Bytes [ 8B, 75, 0C, 57, 6A, 04, 59, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryProxyBlanket + 10D 774E7E01 39 Bytes [ B8, 02, 40, 00, 80, 5F, 5E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryProxyBlanket + 135 774E7E29 63 Bytes [ 00, F7, D8, 1B, C0, F7, D8, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantClear + 25 774E8BCF 30 Bytes [ 00, 00, 85, C0, 0F, 8C, 4D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantClear + B8 774E8C62 33 Bytes CALL 004E8C68 .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantClear + 136 774E8CE0 9 Bytes [ B9, 68, 60, 5C, 77, E8, D8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantClear + 14F 774E8CF9 12 Bytes [ 56, 8B, 75, 08, 85, F6, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantClear + 15C 774E8D06 10 Bytes [ 06, 8D, 4D, 08, 51, 68, 3C, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetErrorInfo + 5D 774E9BAC 68 Bytes [ 55, 8B, EC, 51, 53, 57, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetErrorInfo + A2 774E9BF1 317 Bytes [ 83, F8, 15, 0F, 8F, B3, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeClassObject + 9D 774E9D2F 11 Bytes [ 4F, 03, 00, 8D, 85, F8, FD, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeClassObject + A9 774E9D3B 2 Bytes [ 73, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeClassObject + AE 774E9D40 6 Bytes [ F8, 85, FF, 0F, 8C, 08 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeClassObject + B5 774E9D47 18 Bytes [ 02, 00, 8B, 35, 3C, 10, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeClassObject + C9 774E9D5B 23 Bytes [ FF, 50, 68, CC, EE, 4A, 77, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLoadFromStream + F 774EA266 22 Bytes [ 80, 80, 0F, 00, 00, F6, 40, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLoadFromStream + 26 774EA27D 16 Bytes [ 89, 40, 04, C3, 8B, 46, 3C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLoadFromStream + 37 774EA28E 236 Bytes [ 00, 8B, 80, 80, 0F, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStm + 9D 774EA3C9 42 Bytes [ 55, 8B, EC, 83, EC, 24, 83, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStm + C8 774EA3F4 35 Bytes [ C0, 0F, 85, FB, C9, 03, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStm + 114 774EA440 10 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStm + 11F 774EA44B 71 Bytes [ 45, 08, FF, 31, 89, 41, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStm + 167 774EA493 192 Bytes [ F6, 45, 08, 01, 74, 07, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateGenericComposite + 49 774EA554 23 Bytes [ D6, 89, 3D, 28, 8E, 5C, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateGenericComposite + 61 774EA56C 23 Bytes [ 00, 00, 50, 57, FF, 35, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateGenericComposite + 79 774EA584 54 Bytes [ 69, 00, 00, 50, 56, FF, 35, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateGenericComposite + B0 774EA5BB 6 Bytes [ 90, 90, 90, 90, 90, 8B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateGenericComposite + B7 774EA5C2 137 Bytes [ 55, 8B, EC, 51, 56, 89, 4D, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetTreatAsClass + 27 774ED234 3 Bytes [ 27, 46, 04 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetTreatAsClass + 2B 774ED238 56 Bytes [ 33, C0, 5E, 5D, C2, 08, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetTreatAsClass + 64 774ED271 92 Bytes [ 55, 0C, 52, 53, 50, FF, 51, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetTreatAsClass + C1 774ED2CE 113 Bytes [ C0, 7C, 0B, 8B, 45, 0C, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetTreatAsClass + 133 774ED340 64 Bytes [ FC, 57, 8B, 7D, 08, 83, C7, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetComCatalog + 28 774EF040 66 Bytes [ 80, 80, 0F, 00, 00, 8B, 40, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetComCatalog + 6B 774EF083 45 Bytes [ 83, F9, 04, 0F, 85, C9, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetComCatalog + 99 774EF0B1 1 Byte [ 45 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetComCatalog + C4 774EF0DC 75 Bytes [ 00, 00, FF, B7, 10, 02, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetComCatalog + 110 774EF128 11 Bytes [ 85, C0, 89, 06, 0F, 84, 0E, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTaskMemRealloc + 1F 774F29FD 3 Bytes [ 90, 90, 90 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTaskMemRealloc + 23 774F2A01 5 Bytes [ FF, 55, 8B, EC, 51 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTaskMemRealloc + 29 774F2A07 88 Bytes [ 56, 57, 8B, 3D, 8C, 14, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!RevokeDragDrop + 31 774F2A60 4 Bytes [ 85, 33, 8B, 03 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!RevokeDragDrop + 36 774F2A65 13 Bytes [ C3, 90, 90, 90, 90, 90, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!RevokeDragDrop + 44 774F2A73 5 Bytes [ 50, 04, 85, C0, 0F ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!RevokeDragDrop + 4A 774F2A79 149 Bytes [ C4, 5B, FF, FF, C7, 46, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!RevokeDragDrop + E0 774F2B0F 2 Bytes [ 47, 10 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFileTimeNow + 2D 774F2CA1 38 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFileTimeNow + 54 774F2CC8 2 Bytes [ 46, 04 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFileTimeNow + 57 774F2CCB 31 Bytes [ 0E, 89, 08, 89, 41, 04, 5F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFileTimeNow + 77 774F2CEB 41 Bytes [ FF, 55, 8B, EC, 83, EC, 1C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFileTimeNow + BB 774F2D2F 22 Bytes [ 8B, 0D, C8, 62, 5C, 77, 85, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserFree + E 774F2ED6 13 Bytes [ FF, 5E, C9, C3, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserFree + 1F 774F2EE7 145 Bytes [ 8B, C0, C3, 90, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetClipboard + 3F 774F2F7A 66 Bytes [ 0D, D4, 62, 5C, 77, 85, C9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetClipboard + 82 774F2FBD 8 Bytes [ FC, FF, 8B, C6, 5E, 5D, C2, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetClipboard + 8B 774F2FC6 70 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetClipboard + D2 774F300D 89 Bytes [ 3D, 30, 12, 4A, 77, 0F, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetClipboard + 12C 774F3067 102 Bytes [ 33, C0, 5F, 5E, 5B, C9, C3, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleUninitialize 774F3373 50 Bytes [ 90, 8B, FF, 55, 8B, EC, A1, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleUninitialize + 33 774F33A6 103 Bytes [ 8D, 4D, E4, C7, 45, E4, EC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleUninitialize + 9E 774F3411 22 Bytes [ 90, 8B, FF, 55, 8B, EC, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleUninitialize + B5 774F3428 16 Bytes [ 8B, 49, 08, 83, C2, 10, 3B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleUninitialize + C6 774F3439 18 Bytes [ 5D, C2, 04, 00, 90, 90, 90, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleQueryLinkFromData + 11 774F3533 3 Bytes [ 2C, 30, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleQueryLinkFromData + 15 774F3537 44 Bytes [ 64, A1, 18, 00, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleQueryCreateFromData + 10 774F3564 40 Bytes [ 00, 00, 8B, 00, 03, 46, 40, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleQueryCreateFromData + 39 774F358D 8 Bytes [ 00, 00, 8B, 80, 80, 0F, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleQueryCreateFromData + 42 774F3596 110 Bytes [ 00, 03, 46, 40, 89, 08, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleQueryCreateFromData + B1 774F3605 56 Bytes [ 75, 18, FF, 75, 14, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleQueryCreateFromData + EA 774F363E 33 Bytes [ F9, 8B, 57, 74, 33, C0, 8B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoLockObjectExternal + 12 774F3D35 58 Bytes [ 39, 41, 6C, 74, 11, 64, A1, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoLockObjectExternal + 4D 774F3D70 15 Bytes [ F8, 0F, 8D, 13, 2D, FD, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoLockObjectExternal + 5D 774F3D80 86 Bytes [ 2C, 01, 00, 90, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoLockObjectExternal + E9 774F3E0C 101 Bytes [ 8B, F8, FF, 15, D0, 18, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoLockObjectExternal + 14F 774F3E72 7 Bytes [ 0F, 84, 79, 78, 02, 00, 56 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateFileMoniker + B 774F3FE3 26 Bytes [ 00, 00, 8B, 80, B0, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateFileMoniker + 26 774F3FFE 137 Bytes [ 01, 5F, C9, C2, 04, 00, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateFileMoniker + B0 774F4088 3 Bytes [ 85, 23, 06 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateFileMoniker + B5 774F408D 38 Bytes [ 5D, 90, 90, 90, 90, 90, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateFileMoniker + DC 774F40B4 12 Bytes [ D6, 85, C0, 75, 4E, 0F, B7, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCurrentProcess + 1B 774F46AA 13 Bytes [ 8B, EC, 83, 39, 00, 56, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCurrentProcess + 2A 774F46B9 76 Bytes [ 80, 80, 0F, 00, 00, 8B, 30, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCurrentProcess + 78 774F4707 7 Bytes [ FF, 3D, 57, 44, 46, 4C, 0F ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCurrentProcess + 80 774F470F 40 Bytes [ 89, E5, 03, 00, 5D, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCurrentProcess + A9 774F4738 13 Bytes [ 00, 8B, 80, 80, 0F, 00, 00, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStandardMarshal + 6 774F481A 37 Bytes [ 9B, FC, FF, 85, C0, 0F, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStandardMarshal + 3B 774F484F 47 Bytes [ C1, EE, 10, 56, 8B, CF, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStandardMarshal + 6B 774F487F 256 Bytes [ 00, 89, 45, FC, 5F, 5E, 5B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStandardMarshal + 16C 774F4980 55 Bytes [ FF, 0F, 8D, 28, 14, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStandardMarshal + 1A5 774F49B9 9 Bytes [ BE, 57, 00, 07, 80, E9, C5, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgSetTimes + 2 774F54C1 16 Bytes [ FF, BB, 57, 00, 07, 80, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgSetTimes + 44 774F5503 6 Bytes [ FF, 50, E8, 4C, 04, FE ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgSetTimes + 4B 774F550A 109 Bytes [ 85, C0, 0F, 85, 95, B1, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgSetTimes + E4 774F55A3 8 Bytes CALL 775196F1 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgSetTimes + ED 774F55AC 68 Bytes [ F0, 85, F6, 0F, 85, 3C, 22, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageEx + 1D 774FAFBC 147 Bytes [ 05, 00, 8D, 50, 02, 8B, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageEx + B1 774FB050 153 Bytes [ 5D, FC, 0F, B6, 06, 33, C9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageEx + 14B 774FB0EA 77 Bytes [ 24, F8, E5, 4A, 77, 53, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageEx + 199 774FB138 94 Bytes [ 3B, DF, 0F, 84, 82, 02, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageEx + 1F8 774FB197 124 Bytes [ EC, 83, EC, 0C, 8B, 4D, 10, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnHandle + C7 774FE1C8 32 Bytes [ 8D, 46, 24, 50, FF, 15, 54, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnHandle + E8 774FE1E9 37 Bytes [ FF, FF, FF, 74, E0, 52, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnHandle + 10E 774FE20F 27 Bytes [ 00, 00, 89, 41, 0C, 89, 41, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnHandle + 12B 774FE22C 3 Bytes [ 90, 90, 90 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnHandle + 12F 774FE230 86 Bytes [ FF, 55, 8B, EC, 56, 8B, F1, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSaveToStream + F 774FF525 9 Bytes [ EC, 51, 51, 83, 65, F8, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSaveToStream + 19 774FF52F 26 Bytes [ 00, 66, F7, 45, 0E, 07, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSaveToStream + 34 774FF54A 53 Bytes [ 00, 56, 68, D8, 00, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSaveToStream + 6A 774FF580 23 Bytes [ 00, 00, 8B, F8, 85, FF, 7C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteClassStm + F 774FF598 11 Bytes [ 7C, 0C, 8B, 45, FC, 8B, 4D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteClassStm + 1B 774FF5A4 20 Bytes [ 89, 01, 5E, 8D, 45, F8, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteClassStm + 30 774FF5B9 74 Bytes [ 81, FF, 20, 00, 03, 80, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteClassStm + 7B 774FF604 96 Bytes [ 03, 00, F6, 45, 10, 02, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteClassStm + DC 774FF665 18 Bytes [ FF, FF, 8B, F0, 3B, F3, 7C, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfile + 17 77504D02 3 Bytes [ 90, 03, FC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfile + 1B 77504D06 37 Bytes [ 8B, F8, 85, FF, 0F, 8C, 1E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfile + 41 77504D2C 15 Bytes [ 74, 40, 83, 7D, E4, FF, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfile + 74 77504D5F 4 Bytes [ 33, C0, 8A, 45 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfile + 79 77504D64 57 Bytes [ F7, D0, A8, 01, 0F, 85, 34, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteClassStg + 2 77505F75 24 Bytes [ B5, FF, FF, 39, 5E, 14, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteClassStg + 1B 77505F8E 33 Bytes [ 00, 03, 46, 14, 3B, C3, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStg + 13 77505FB0 10 Bytes [ 00, 03, 46, 18, 3B, C3, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStg + 1E 77505FBB 69 Bytes [ FF, 33, D2, 39, 5E, 08, 76, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStg + 64 77506001 5 Bytes [ 8B, 00, 03, 46, 18 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStg + 6A 77506007 33 Bytes [ 04, 90, 42, 89, 01, 3B, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadClassStg + 8C 77506029 71 Bytes [ 8B, 08, 03, 4E, 10, E8, 5B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateStorageEx + 1 775071B3 94 Bytes [ 75, 0C, 57, 83, EC, 10, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateStorageEx + 60 77507212 94 Bytes [ 8B, FC, 8D, 75, EC, A5, A5, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateStorageEx + BF 77507271 48 Bytes [ EC, 81, EC, 20, 01, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateStorageEx + F0 775072A2 18 Bytes [ 85, C0, 0F, 84, 1D, 42, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateStorageEx + 103 775072B5 57 Bytes CALL 775072F0 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteFmtUserTypeStg + 2 775076B0 46 Bytes [ 7F, 0F, 83, EC, 73, 01, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteFmtUserTypeStg + 31 775076DF 65 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteFmtUserTypeStg + 73 77507721 60 Bytes [ 15, AC, 14, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteFmtUserTypeStg + B0 7750775E 88 Bytes [ FF, 55, 8B, EC, 51, 53, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteFmtUserTypeStg + 109 775077B7 78 Bytes [ F8, 85, FF, 0F, 84, 1E, 72, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteStringStream + 4 77507952 46 Bytes [ 75, 08, 6A, 00, 57, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteStringStream + 33 77507981 103 Bytes [ FF, 53, 56, 8B, F1, 57, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteStringStream + 9B 775079E9 4 Bytes [ C6, 5E, 5B, C3 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteStringStream + A0 775079EE 24 Bytes [ 7D, 0C, 00, 0F, 85, 73, 3C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteStringStream + B9 77507A07 183 Bytes CALL 77507A18 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsRunning + 34 77509706 152 Bytes [ 55, 8B, EC, 83, EC, 0C, 83, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsRunning + 136 77509808 24 Bytes JMP 775098CA C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsRunning + 14F 77509821 93 Bytes [ 56, 20, 8B, 4D, 10, 8B, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsRunning + 1AD 7750987F 64 Bytes [ 8B, F8, 85, FF, 0F, 8C, 4E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsRunning + 1EE 775098C0 21 Bytes [ 10, 8B, CE, FF, 75, 0C, 53, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerRelativePathTo + 29 7750A045 6 Bytes [ 8B, 76, 20, 8B, 06, 56 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerRelativePathTo + 30 7750A04C 89 Bytes [ 50, 04, 8B, C6, 5E, C3, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerRelativePathTo + 8A 7750A0A6 113 Bytes [ 07, 80, EB, F3, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerRelativePathTo + FC 7750A118 53 Bytes [ 3F, 8D, 4C, 09, 02, 8B, C1, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerRelativePathTo + 132 7750A14E 30 Bytes [ C8, 83, E1, 03, F3, A4, 33, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetMiscStatus 7750A429 41 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetMiscStatus + 2A 7750A453 84 Bytes [ 00, 00, 89, 06, F7, D8, 1B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetMiscStatus + 7F 7750A4A8 125 Bytes [ 50, 04, 8B, C6, 5E, 5D, C2, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetMiscStatus + FD 7750A526 49 Bytes [ 33, C0, 5F, 5E, 5D, C2, 04, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetMiscStatus + 12F 7750A558 34 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HENHMETAFILE_UserMarshal + 36 7750A7BD 11 Bytes [ CE, 0F, 85, 7A, 53, 01, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HENHMETAFILE_UserMarshal + 42 7750A7C9 6 Bytes [ 8B, F8, 3B, FB, 0F, 8C ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HENHMETAFILE_UserMarshal + 49 7750A7D0 16 Bytes [ 53, 01, 00, 83, 4E, 44, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HENHMETAFILE_UserMarshal + 5A 7750A7E1 111 Bytes [ 8B, C7, 5F, 5E, 5B, C9, C2, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HENHMETAFILE_UserMarshal + CA 7750A851 51 Bytes [ 50, FF, 51, 60, 5D, C2, 0C, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetAutoConvert + 2 7750B22A 19 Bytes [ 51, 08, 5F, 8B, C6, 5B, 5E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetAutoConvert + 16 7750B23E 1 Byte [ FC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetAutoConvert + 18 7750B240 58 Bytes [ EB, BE, FF, FF, 00, 80, EB, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetAutoConvert + 53 7750B27B 17 Bytes CALL 7750B24C C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetAutoConvert + 65 7750B28D 60 Bytes [ 8D, 4F, 5C, 89, 4D, 0C, E9, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateDataAdviseHolder + 12 7750B657 70 Bytes [ 15, D4, 18, 4A, 77, 83, C4, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateDataAdviseHolder + 59 7750B69E 47 Bytes [ 75, 08, 8D, 75, FC, E8, 4D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateDataAdviseHolder + 89 7750B6CE 36 Bytes [ 04, 85, C0, 0F, 84, 78, A5, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInstanceFromFile + 52 7750B72E 22 Bytes [ 80, 3F, 03, 0F, 84, A6, 1B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInstanceFromFile + 69 7750B745 14 Bytes [ EC, 8B, 45, 10, 85, C0, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInstanceFromFile + 78 7750B754 138 Bytes [ 8B, 75, 0C, 83, C6, 03, 83, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInstanceFromFile + 103 7750B7DF 32 Bytes [ 37, FF, 15, 18, 11, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInstanceFromFile + 124 7750B800 1 Byte [ 55 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkFromData + 2 7750B98F 15 Bytes [ 39, 7E, 70, 0F, 85, DF, 19, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkFromData + 12 7750B99F 37 Bytes [ FF, 8B, C3, 5F, 5E, 5B, C9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkFromData + 38 7750B9C5 7 Bytes [ 85, C0, 0F, 84, D5, 57, 01 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkFromDataEx + 3B 7750BA13 50 Bytes [ EC, 51, 51, 83, 65, FC, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkFromDataEx + 6E 7750BA46 37 Bytes [ 8B, 75, 0C, 85, F6, 74, 0E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkFromDataEx + 94 7750BA6C 113 Bytes [ 85, F6, 89, 73, 48, 74, 10, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkFromDataEx + 106 7750BADE 132 Bytes [ 55, 8B, EC, 51, 53, 8B, 5D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkFromDataEx + 18B 7750BB63 31 Bytes [ 08, 50, FF, 51, 20, 8B, F8, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoIsHandlerConnected + 2 7750C88E 45 Bytes [ 75, 0C, FF, 75, 08, E8, 0E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoIsHandlerConnected + 30 7750C8BC 27 Bytes [ 00, 53, 56, 8B, 75, 0C, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoIsHandlerConnected + 4C 7750C8D8 21 Bytes [ 51, 68, 00, 08, 00, 00, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoIsHandlerConnected + 62 7750C8EE 55 Bytes [ FF, 7C, 13, FF, 75, 10, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoIsHandlerConnected + 9A 7750C926 42 Bytes [ FF, 55, 8B, EC, 8B, 45, 14, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateOleAdviseHolder + 26 7750CA60 33 Bytes [ 23, 00, 00, 8B, F8, 85, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateOleAdviseHolder + 48 7750CA82 75 Bytes [ 21, 7D, E0, 8D, 45, CC, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateOleAdviseHolder + 94 7750CACE 54 Bytes [ 45, E4, 56, FF, 75, D0, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateOleAdviseHolder + CB 7750CB05 9 Bytes [ 83, 7D, E0, 00, 0F, 85, 16, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateOleAdviseHolder + D5 7750CB0F 95 Bytes [ 83, 7D, CC, 00, 0F, 85, 75, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadFmtUserTypeStg + C7 7750DE46 62 Bytes [ C0, 8B, 35, 40, 10, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadFmtUserTypeStg + 10F 7750DE8E 14 Bytes [ 83, EC, 20, 66, A1, 60, 62, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadFmtUserTypeStg + 11E 7750DE9D 16 Bytes [ F6, 89, 75, E4, C7, 45, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadFmtUserTypeStg + 12F 7750DEAE 53 Bytes [ F0, 04, 00, 00, 00, E8, EE, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadFmtUserTypeStg + 165 7750DEE4 87 Bytes [ 45, F8, 57, 8B, 38, 56, 56, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSave + A8 7750F3E6 52 Bytes [ 64, A1, 18, 00, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSave + E4 7750F422 22 Bytes [ F8, 3B, FB, 0F, 8C, F0, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSave + FC 7750F43A 4 Bytes [ 8B, 80, 80, 0F ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSave + 101 7750F43F 59 Bytes [ 00, 8B, 00, 03, 46, 70, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSave + 13D 7750F47B 43 Bytes [ 08, 50, FF, 51, 18, 8B, F8, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetHGlobalFromILockBytes + 10 775109FF 13 Bytes [ 8B, 08, 50, FF, 51, 08, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetHGlobalFromILockBytes + 1E 77510A0D 12 Bytes [ B5, E4, FE, FF, FF, 8D, 46, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetHGlobalFromILockBytes + 2B 77510A1A 12 Bytes [ 1B, C0, 57, 23, C1, 50, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetHGlobalFromILockBytes + 38 77510A27 3 Bytes [ 71, FC, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetHGlobalFromILockBytes + 3C 77510A2B 59 Bytes [ 8B, F8, 33, C0, 3B, F8, 0F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateILockBytesOnHGlobal + A 77510E0D 55 Bytes [ 00, 39, 7D, 08, 89, 7E, 6C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateILockBytesOnHGlobal + 42 77510E45 1 Byte [ 55 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateILockBytesOnHGlobal + 44 77510E47 66 Bytes [ EC, 56, 8B, 75, 08, 8D, 4E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateILockBytesOnHGlobal + 87 77510E8A 2 Bytes [ CF, 01 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateILockBytesOnHGlobal + 8B 77510E8E 31 Bytes [ C3, 90, 90, 90, 90, 90, 8D, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfileOnILockBytes + 82 77510FB5 48 Bytes [ 33, F6, 8B, 4D, 08, E8, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfileOnILockBytes + B3 77510FE6 8 Bytes [ 55, 8B, EC, 56, 8B, F1, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfileOnILockBytes + BD 77510FF0 37 Bytes [ 00, F6, 45, 08, 01, 74, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfileOnILockBytes + E3 77511016 72 Bytes [ F1, 8B, 46, 14, 57, 33, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreateDocfileOnILockBytes + 12C 7751105F 19 Bytes [ 55, 8B, EC, 8B, 4D, 08, 8B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateErrorInfo + E 775120AF 25 Bytes [ 5F, 8B, C6, 5E, C9, C2, 10, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateErrorInfo + 28 775120C9 23 Bytes [ C1, 20, FB, FF, 8B, C8, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateErrorInfo + 40 775120E1 39 Bytes [ 15, 50, 61, 5C, 77, E9, E9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateErrorInfo + 68 77512109 66 Bytes [ FF, 36, 50, FF, 75, 08, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateErrorInfo + AB 7751214C 69 Bytes [ 46, 3D, FF, 7F, 00, 00, 0F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserSize + 2C 77512AEA 18 Bytes [ 00, FF, B5, 58, FF, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserSize + 60 77512B1E 1 Byte [ 56 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserSize + 62 77512B20 10 Bytes [ 35, 50, 10, 4A, 77, 57, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserSize + 6D 77512B2B 17 Bytes [ 75, 08, 33, FF, 68, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserMarshal + A 77512B3E 72 Bytes [ BF, F3, 01, 04, 80, 83, 7D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserMarshal + 53 77512B87 40 Bytes [ 84, 80, 27, FD, FF, E9, F4, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserMarshal + B 77512BB0 6 Bytes [ 85, C0, 59, 74, 39, 57 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserMarshal + 12 77512BB7 47 Bytes CALL 77512BF6 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserMarshal + 54 77512BF9 30 Bytes [ 55, 8B, EC, 53, 56, 57, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserMarshal + 73 77512C18 85 Bytes [ BE, 3C, 1A, 4A, 77, A5, A5, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserSize + 50 77512C6E 101 Bytes [ 00, 00, EB, 56, C7, 46, 10, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserFree + 48 77512CD4 50 Bytes [ 15, 24, 12, 4A, 77, 83, F8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserFree + 7B 77512D07 149 Bytes [ 80, 80, 0F, 00, 00, 8B, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserUnmarshal + 71 77512D9D 133 Bytes CALL 77512DAB C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!STGMEDIUM_UserUnmarshal + F7 77512E23 59 Bytes [ 5E, C3, 90, 90, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserUnmarshal + 2 77512E5F 106 Bytes [ 15, 54, 61, 5C, 77, 89, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserUnmarshal + 6D 77512ECA 84 Bytes [ FF, 55, 8B, EC, 8B, 45, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserUnmarshal + C2 77512F1F 15 Bytes [ 83, 4D, FC, FF, 8B, 45, E4, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserUnmarshal + D2 77512F2F 1 Byte [ 90 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLIPFORMAT_UserUnmarshal + D4 77512F31 12 Bytes [ FF, FF, FF, FC, 1B, 52, 77, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserMarshal + 7 775131C1 11 Bytes [ D8, 85, DB, 0F, 8C, 89, 7D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserMarshal + 13 775131CD 59 Bytes [ 0A, 8B, 4D, F8, 8B, 3C, 81, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserMarshal + 4F 77513209 30 Bytes [ 02, 0F, B7, 49, 1C, 8B, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserMarshal + 6E 77513228 1 Byte [ 98 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserMarshal + 70 7751322A 114 Bytes CALL 77513239 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserSize + 4A 7751329D 93 Bytes [ 7D, A0, C7, 04, 87, FC, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserSize + A8 775132FB 34 Bytes [ FF, 55, 8B, EC, 51, 51, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserSize + CC 7751331F 34 Bytes [ 03, 46, 18, 39, 58, 1C, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserSize + EF 77513342 10 Bytes [ 03, 46, 18, 39, 5E, 18, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserSize + FA 7751334D 80 Bytes [ 64, A1, 18, 00, 00, 00, 8B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetClipboard + 7E 775139CE 168 Bytes [ 83, F8, 2C, 74, 7E, 66, 83, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetClipboard + 128 77513A78 2 Bytes [ 48, 0F ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetClipboard + 12B 77513A7B 22 Bytes [ 6B, F2, 00, 00, 8D, 46, 06, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetClipboard + 143 77513A93 32 Bytes [ 6A, 00, FF, 35, 00, 60, 5C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetClipboard + 19A 77513AEA 72 Bytes [ 66, 8B, 07, 56, 8B, 75, 0C, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoIsOle1Class + 22 775148B6 13 Bytes [ 69, 00, 6E, 00, 73, 00, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromIID + 9 775148C4 120 Bytes [ 6C, 00, 6C, 00, 00, 00, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromIID + 141 775149FC 7 Bytes [ 56, FF, 75, 08, 89, 45, FC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromIID + 149 77514A04 159 Bytes [ 15, 18, 18, 4A, 77, E9, 16, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromIID + 1E9 77514AA4 16 Bytes [ 85, F6, 7C, 1A, 8D, 85, 7C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StringFromIID + 1FA 77514AB5 57 Bytes [ F0, 8D, 85, 7C, FF, FF, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ProgIDFromCLSID + 8F 77514C01 15 Bytes [ 0F, B7, 70, 02, 8D, 74, 70, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ProgIDFromCLSID + 9F 77514C11 39 Bytes [ CB, 8B, 1A, 8D, 7C, 7B, 04, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ProgIDFromCLSID + C7 77514C39 2 Bytes [ 45, 08 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ProgIDFromCLSID + CA 77514C3C 4 Bytes [ 4D, 10, 89, 01 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ProgIDFromCLSID + CF 77514C41 48 Bytes [ 08, 50, FF, 51, 04, 33, C0, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateItemMoniker + 22 775152A6 24 Bytes [ 85, DB, 0F, 84, C6, 6C, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateItemMoniker + 3B 775152BF 30 Bytes [ 00, 8D, 73, 04, A5, A5, A5, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateItemMoniker + 5A 775152DE 50 Bytes [ 08, FF, 75, F8, FF, 15, 70, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateItemMoniker + 8D 77515311 68 Bytes [ 0F, 85, B3, 8C, 01, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateItemMoniker + D2 77515356 54 Bytes [ 00, 56, FF, 75, 1C, 8B, 75, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMessageFilter + 23 77515792 37 Bytes [ FF, 15, 24, 12, 4A, 77, 3D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMessageFilter + 83 775157F2 7 Bytes [ 0C, 89, 51, 04, 83, C1, 10 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMessageFilter + 8B 775157FA 63 Bytes [ C0, 10, FF, 45, F4, 89, 4D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMessageFilter + CB 7751583A 130 Bytes [ 7F, 05, 02, 40, 00, 80, E9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMessageFilter + 14E 775158BD 33 Bytes [ 55, 8B, EC, 83, 7D, 08, 00, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetMenuDescriptor + 2F 77516169 10 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetMenuDescriptor + 3A 77516174 18 Bytes CALL 77516191 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetMenuDescriptor + 4D 77516187 50 Bytes [ C6, 5E, 5D, C2, 04, 00, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRun 775161BA 14 Bytes [ 90, 90, 90, 90, 8B, FF, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRun + F 775161C9 129 Bytes [ 3B, C7, 74, 15, 50, 57, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromProgIDEx + 4D 7751624B 1 Byte [ C0 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromProgIDEx + 4F 7751624D 5 Bytes [ 46, 14, 89, 46, 20 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromProgIDEx + 55 77516253 18 Bytes [ 46, 18, 89, 46, 24, 66, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromProgIDEx + 68 77516266 186 Bytes [ 46, 28, C7, 46, 30, 78, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CLSIDFromProgIDEx + 123 77516321 167 Bytes [ 1C, 00, 00, 00, 85, C0, 0F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateClassMoniker + 53 77516AE2 50 Bytes CALL 77516AF9 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateClassMoniker + 86 77516B15 3 Bytes [ 8D, 81, D0 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateClassMoniker + 8A 77516B19 34 Bytes [ 00, 00, 3B, 38, 74, 47, 42, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateClassMoniker + AD 77516B3C 53 Bytes [ 89, 41, 24, 8B, 74, C1, 28, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateClassMoniker + E3 77516B72 16 Bytes [ 00, 00, 8B, B4, C1, D0, 00, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterfaceAndReleaseStream + 2 77516DC8 28 Bytes [ 50, FF, 15, BC, 10, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterfaceAndReleaseStream + 1F 77516DE5 3 Bytes [ 00, 00, 8B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterfaceAndReleaseStream + 23 77516DE9 80 Bytes [ 03, 46, 1C, 83, C0, 70, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterfaceAndReleaseStream + 7E 77516E44 5 Bytes [ 8B, FF, 55, 8B, EC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterfaceAndReleaseStream + 84 77516E4A 132 Bytes [ 4D, 0C, FF, 75, 08, 83, C1, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterThreadInterfaceInStream + 19 77516ECF 148 Bytes [ 55, 8B, EC, 83, EC, 0C, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterThreadInterfaceInStream + AE 77516F64 25 Bytes CALL 77516E5C C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterThreadInterfaceInStream + C9 77516F7F 31 Bytes [ 8B, C7, 5F, 5E, 5B, C9, C2, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterThreadInterfaceInStream + EA 77516FA0 26 Bytes [ C0, 89, 45, FC, 0F, 84, C5, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoMarshalInterThreadInterfaceInStream + 106 77516FBC 10 Bytes [ 00, 8B, 45, FC, 89, B0, B0, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoWaitForMultipleHandles + 16 77517157 41 Bytes [ 35, 88, 18, 4A, 77, FF, D6, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoWaitForMultipleHandles + 41 77517182 2 Bytes [ 71, 91 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoWaitForMultipleHandles + 45 77517186 14 Bytes [ 8B, 45, FC, 5F, 5E, 5B, C9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoWaitForMultipleHandles + 54 77517195 1 Byte [ 04 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoWaitForMultipleHandles + 56 77517197 29 Bytes [ EB, ED, 90, 90, 90, 90, 90, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserUnmarshal + 3D 77532F5C 26 Bytes [ 00, 00, 8B, 80, 80, 0F, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserMarshal + 13 77532F78 16 Bytes [ 74, 16, 64, A1, 18, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserMarshal + 24 77532F89 22 Bytes [ 8E, 8C, 00, 00, 00, EB, 02, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserMarshal + 3B 77532FA0 113 Bytes [ 00, 00, 8B, 80, 80, 0F, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserMarshal + AD 77533012 51 Bytes CALL 775037A9 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserMarshal + E1 77533046 38 Bytes CALL 7750F90D C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserSize + 13 7753306E 28 Bytes [ 4D, 08, 66, 83, B9, 82, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserSize + 30 7753308B 92 Bytes [ 8B, F0, 83, C0, F4, F7, DE, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserSize + AB 77533106 20 Bytes [ 66, 04, 00, 83, 26, 00, E9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserSize + C2 7753311D 33 Bytes [ 8B, 80, 80, 0F, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserSize + E4 7753313F 36 Bytes [ 8B, CB, 89, 45, E4, E8, 70, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteOleStg + 19 77534F56 11 Bytes [ 89, 01, FF, 15, FC, 12, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteOleStg + 25 77534F62 23 Bytes [ 04, 8B, CE, EB, 2B, E8, 22, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteOleStg + 3D 77534F7A 6 Bytes [ 75, F8, E8, F8, 07, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteOleStg + 44 77534F81 177 Bytes [ 8B, F8, 85, FF, 7C, 12, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!WriteOleStg + F6 77535033 8 Bytes [ 20, FF, 75, 1C, FF, 75, 18, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadStringStream + 5A 77535AAC 73 Bytes [ 55, 8B, EC, 56, 8B, 75, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadStringStream + A4 77535AF6 15 Bytes [ 8D, 46, 04, 8B, 08, 50, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadStringStream + B4 77535B06 4 Bytes [ DF, 03, 00, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadStringStream + BB 77535B0D 15 Bytes [ 11, 8B, 46, 30, 8B, 08, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadStringStream + CB 77535B1D 139 Bytes [ 75, 24, 85, DB, 74, 20, 83, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageFile + 1 77535C90 10 Bytes [ 7D, F4, 6A, 05, 59, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageFile + D 77535C9C 26 Bytes [ F4, F3, A5, 8B, 08, 50, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageFile + 28 77535CB7 3 Bytes [ 74, 1D, 8B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageFile + 2D 77535CBC 37 Bytes [ 8B, 43, 18, 8B, 08, 8D, 14, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageFile + 53 77535CE2 51 Bytes [ 83, C3, 20, FF, 4D, EC, 0F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetUserType + 3B 77535D84 56 Bytes CALL 77513C1E C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetUserType + 74 77535DBD 23 Bytes [ B8, FF, FF, FF, 7F, 80, 4E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetUserType + 8C 77535DD5 9 Bytes [ C2, 0C, 00, 90, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetUserType + 96 77535DDF 27 Bytes [ 55, 8B, EC, 83, 7D, 10, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegGetUserType + B3 77535DFC 3 Bytes [ A5, DD, FD ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadOleStg + 3B 7753724E 6 Bytes [ 76, 8B, CB, E8, A2, CC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadOleStg + 42 77537255 1 Byte [ FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadOleStg + 45 77537258 4 Bytes [ 74, 6B, 83, 7E ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadOleStg + 4A 7753725D 24 Bytes [ FF, 74, 10, 83, 7D, 0C, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ReadOleStg + 63 77537276 25 Bytes [ FF, 75, 0C, 50, FF, 51, 58, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDoAutoConvert + 11 7753747B 92 Bytes [ 00, 00, 89, 86, AC, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDoAutoConvert + 6E 775374D8 89 Bytes CALL 77515892 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDoAutoConvert + C9 77537533 37 Bytes [ 8B, D8, EB, 13, 3B, C6, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDoAutoConvert + EF 77537559 12 Bytes [ 8D, 73, 30, 8B, 06, 56, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDoAutoConvert + FC 77537566 56 Bytes [ 45, 10, 25, 00, 02, 00, 00, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoBuildVersion + AE 775379B2 38 Bytes [ F8, FF, 3B, F3, 7D, 28, 81, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoBuildVersion + D5 775379D9 41 Bytes [ BE, 1D, 01, 01, 80, EB, C3, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoBuildVersion + FF 77537A03 80 Bytes [ 55, 8B, EC, 56, FF, 75, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoBuildVersion + 150 77537A54 43 Bytes [ F9, FF, 5E, 5D, C2, 04, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoBuildVersion + 17C 77537A80 71 Bytes [ 56, 8B, 75, 10, 85, F6, 0F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumVerbs + 97 77537CCC 66 Bytes CALL 7758C612 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumVerbs + DB 77537D10 6 Bytes [ 11, 57, E8, 12, 67, F8 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumVerbs + E2 77537D17 39 Bytes [ 85, C0, 75, 07, B8, 57, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumVerbs + 10A 77537D3F 42 Bytes [ C0, 74, 06, 8B, 08, 50, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumVerbs + 135 77537D6A 98 Bytes [ 51, 50, FF, 52, 10, F6, 46, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLoad + 16 77537F8A 261 Bytes [ 50, FF, 51, 14, 85, C0, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLoad + 11C 77538090 5 Bytes [ BE, 80, 00, 00, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLoad + 122 77538096 58 Bytes [ 07, 85, C0, 74, 09, 8B, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLoad + 15D 775380D1 33 Bytes [ F6, 0F, 84, BB, 00, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLoad + 17F 775380F3 94 Bytes [ 75, 0C, 83, 26, 00, E8, 2C, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsAccelerator + 3B 7753850A 11 Bytes [ DB, 74, 1D, 8D, 45, EC, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsAccelerator + 47 77538516 5 Bytes [ FF, FF, 75, E4, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsAccelerator + 4D 7753851C 8 Bytes CALL 775086AC C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsAccelerator + 56 77538525 21 Bytes [ EC, A5, A5, A5, A5, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!IsAccelerator + 6C 7753853B 102 Bytes [ 4D, FC, 5F, 5E, 8B, C3, 5B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleTranslateAccelerator + 8C 77538704 26 Bytes CALL 7758D7D5 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleTranslateAccelerator + A7 7753871F 66 Bytes [ 00, EB, 10, 6A, 01, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleTranslateAccelerator + EA 77538762 12 Bytes [ 10, 53, FF, 75, 80, 8D, 4E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleTranslateAccelerator + F7 7753876F 115 Bytes [ 85, C0, 74, 4E, 8B, 45, 80, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleTranslateAccelerator + 16B 775387E3 120 Bytes [ 46, 34, 8B, 08, 50, FF, 51, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateMenuDescriptor + 44 775389CA 72 Bytes CALL 77509C63 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateMenuDescriptor + 8D 77538A13 299 Bytes [ C7, 41, 1C, 80, E1, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateMenuDescriptor + 1B9 77538B3F 75 Bytes [ 50, FF, 51, 0C, 8B, D8, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateMenuDescriptor + 205 77538B8B 18 Bytes [ 85, C0, 74, 11, 6A, 04, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateMenuDescriptor + 218 77538B9E 21 Bytes [ 00, 00, 57, 8D, 7E, E4, 57, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserFree + 6 77538BB4 18 Bytes [ 08, 50, FF, 51, 14, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserFree + 19 77538BC7 65 Bytes [ 44, 8B, 46, 2C, 8B, 08, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserUnmarshal + 31 77538C09 1 Byte [ 80 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HGLOBAL_UserUnmarshal + 33 77538C0B 21 Bytes [ 0C, 53, 83, C6, 40, 56, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDestroyMenuDescriptor + 1 77538C21 66 Bytes [ C7, 5F, EB, 05, B8, 57, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDestroyMenuDescriptor + 63 77538C83 49 Bytes [ 00, 68, 78, 8C, 5C, 77, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDestroyMenuDescriptor + 95 77538CB5 5 Bytes [ 89, 18, 8B, 03, 53 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDestroyMenuDescriptor + 9B 77538CBB 10 Bytes [ 50, 04, 8B, 03, 53, FF, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDestroyMenuDescriptor + A6 77538CC6 10 Bytes [ B5, F4, FD, FF, FF, 8B, 03, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitializeWOW + 20 7753944A 7 Bytes [ F0, 85, F6, 7C, 48, C7, 45 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitializeWOW + 28 77539452 66 Bytes [ 01, 00, 00, 00, 8B, CB, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitializeWOW + 6B 77539495 27 Bytes [ 50, 18, 8B, 4D, FC, E8, C5, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitializeWOW + 87 775394B1 103 Bytes [ EC, 56, 8B, 75, 08, 57, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleInitializeWOW + EF 77539519 180 Bytes [ 00, 39, 75, 08, 0F, 84, B1, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeWOW + 12 775395CF 29 Bytes [ 00, 33, F6, 5F, 5B, 8B, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeWOW + 30 775395ED 19 Bytes [ 15, 50, 61, 5C, 77, 8B, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInitializeWOW + 44 77539601 36 Bytes [ 55, 8B, EC, 53, 56, 8B, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnmarshalHresult + 1C 77539626 85 Bytes [ D7, 66, 85, C0, 7D, 31, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnloadingWOW + 2F 7753967C 80 Bytes [ EC, 53, 56, 57, FF, 75, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnloadingWOW + 80 775396CD 22 Bytes [ 45, 0C, 50, 57, FF, 76, 10, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnloadingWOW + 97 775396E4 13 Bytes [ 33, 8D, 45, 0C, 50, 57, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnloadingWOW + A5 775396F2 429 Bytes [ 25, 0F, B7, 45, 0C, 50, 6A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoUnloadingWOW + 253 775398A0 151 Bytes [ 75, 0C, 53, 68, 12, 01, 00, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetConvertStg + 7 77539FED 88 Bytes [ 88, 50, 8D, 4B, FC, E8, 32, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetConvertStg + 60 7753A046 22 Bytes [ 83, 63, 50, FE, B8, 71, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetConvertStg + 77 7753A05D 5 Bytes [ 04, 80, E9, 2C, 01 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetConvertStg + 7E 7753A064 59 Bytes [ F6, 43, 50, 08, 0F, 85, 22, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetConvertStg + BA 7753A0A0 56 Bytes CALL 7758B90D C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsCurrentClipboard + 25 7753A665 15 Bytes [ C0, 5D, C2, 04, 00, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsCurrentClipboard + 35 7753A675 66 Bytes [ 8B, 80, 80, 0F, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsCurrentClipboard + 78 7753A6B8 47 Bytes [ 00, 00, EB, 49, 66, 83, 3E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsCurrentClipboard + A8 7753A6E8 2 Bytes [ 2B, 09 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleIsCurrentClipboard + AE 7753A6EE 210 Bytes [ 89, 45, FC, 74, 12, 66, 83, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleFlushClipboard + 88 7753A879 133 Bytes [ 46, 0C, 6A, 00, 89, 45, F8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleFlushClipboard + 10E 7753A8FF 65 Bytes [ 06, 6A, 00, FF, 75, 0C, 57, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleFlushClipboard + 150 7753A941 63 Bytes [ 7D, 08, 85, FF, 75, 04, 33, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleFlushClipboard + 190 7753A981 151 Bytes [ 07, 57, FF, 15, 04, 12, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleFlushClipboard + 228 7753AA19 45 Bytes [ C0, 75, 09, 66, 39, 46, 0A, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateEx + 35 7753B7DB 5 Bytes [ 90, 90, 90, 90, 90 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateEx + 3B 7753B7E1 2 Bytes [ FF, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateEx + 3E 7753B7E4 14 Bytes [ BC, A7, 53, 77, C5, A7, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateEx + 4D 7753B7F3 65 Bytes [ 55, 8B, EC, 83, EC, 14, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateEx + 8F 7753B835 61 Bytes [ F0, 0F, 84, 53, 01, 00, 00, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreate + 38 7753B94C 81 Bytes [ 15, 74, 12, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreate + 8A 7753B99E 28 Bytes [ 18, 4A, 77, 85, C0, 75, 09, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreate + A7 7753B9BB 14 Bytes [ FF, 55, 8B, EC, 56, 57, 6A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreate + B6 7753B9CA 88 Bytes [ 15, CC, 18, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreate + 10F 7753BA23 8 Bytes [ EB, DE, 90, 90, 90, 90, 90, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromDataEx 7753BDE1 30 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromDataEx + 1F 7753BE00 18 Bytes [ 83, 7E, 74, 01, 75, 07, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromDataEx + 32 7753BE13 29 Bytes [ 83, 38, 00, 74, 08, 8B, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromDataEx + 50 7753BE31 173 Bytes [ 5E, 5D, C2, 04, 00, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromData + 2 7753BEDF 21 Bytes CALL 784143F3 .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromData + 18 7753BEF5 18 Bytes [ 53, 8D, 45, DC, 50, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromData + 2B 7753BF08 21 Bytes [ FF, 3B, C3, 89, 45, E8, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromData + 41 7753BF1E 39 Bytes [ 75, E0, FF, 75, E0, FF, D6, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromData + 71 7753BF4E 1 Byte [ 4D ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreatePointerMoniker + 40 7753C418 200 Bytes [ 00, 00, 8B, 4D, CC, 8D, 54, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateObjrefMoniker + A9 7753C4E1 3 Bytes [ 07, 80, 8B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateObjrefMoniker + AD 7753C4E5 70 Bytes [ B8, 3B, C3, 74, 06, 8B, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateObjrefMoniker + 119 7753C551 109 Bytes [ 75, B4, 8B, 46, 04, 3B, C3, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateObjrefMoniker + 187 7753C5BF 212 Bytes [ 08, 50, FF, 51, 08, 8B, C6, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateObjrefMoniker + 25C 7753C694 27 Bytes [ FF, 15, D0, 13, 4A, 77, 8B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!BindMoniker + 36 7753C772 32 Bytes [ 51, C7, 01, 28, E0, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!BindMoniker + 57 7753C793 19 Bytes CALL 775953AB C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!BindMoniker + 6B 7753C7A7 30 Bytes [ FF, 55, 8B, EC, 83, EC, 18, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!BindMoniker + 8A 7753C7C6 21 Bytes [ 85, C0, 74, 11, 6A, 04, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!BindMoniker + A0 7753C7DC 108 Bytes [ 75, 30, 89, 3B, FF, 75, 2C, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerCommonPrefixWith 7753DE40 140 Bytes [ 90, 6A, 0C, 68, B8, CE, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerCommonPrefixWith + 8D 7753DECD 38 Bytes [ EC, 56, 57, 8B, 7D, 08, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerCommonPrefixWith + B4 7753DEF4 64 Bytes [ 00, 90, 90, 90, 90, 90, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerCommonPrefixWith + F5 7753DF35 1 Byte [ E0 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!MonikerCommonPrefixWith + F7 7753DF37 7 Bytes [ 35, 24, 12, 4A, 77, FF, D6 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStdProgressIndicator + 2 7753E9CA 32 Bytes [ 51, 44, 8B, D8, 3B, DF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStdProgressIndicator + 23 7753E9EB 10 Bytes [ 45, FC, 8B, 4D, 0C, 89, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStdProgressIndicator + 2E 7753E9F6 91 Bytes [ 02, 33, DB, 8B, 45, F8, 3B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateStdProgressIndicator + B2 7753EA7A 225 Bytes [ 0F, 85, FF, 02, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetClassFile + 73 7753EB5D 37 Bytes [ 8B, 45, F4, 89, 45, F0, E9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetClassFile + 99 7753EB83 9 Bytes [ 45, EC, 50, FF, 75, F8, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetClassFile + A3 7753EB8D 12 Bytes [ FF, 8B, F8, 85, FF, 7C, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetClassFile + B0 7753EB9A 27 Bytes [ 12, FF, 75, 10, FF, 75, FC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetClassFile + CC 7753EBB6 40 Bytes [ 75, F4, 50, FF, 51, 2C, 8B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCurrentLogicalThreadId 775420AE 50 Bytes [ 90, 90, 90, 6A, 0C, 68, F8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassVersion + 43 77542128 48 Bytes [ 75, 14, 33, C0, F3, A7, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassVersion + 74 77542159 44 Bytes [ 04, 83, C6, 14, 89, 33, EB, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassVersion + 17A 7754225F 33 Bytes [ 50, FF, 11, 89, 45, E4, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassVersion + 19C 77542281 41 Bytes [ 51, 08, EB, 21, C7, 45, E4, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetClassVersion + 1F9 775422DE 50 Bytes [ 49, 18, 8B, 55, 0C, 89, 0A, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTreatAsClass + 56 77542732 26 Bytes [ 8B, FF, 55, 8B, EC, 5D, E9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTreatAsClass + 71 7754274D 15 Bytes [ 90, 90, 90, 90, 90, 83, 6C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTreatAsClass + 82 7754275E 58 Bytes [ 90, 90, 90, 83, 6C, 24, 04, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTreatAsClass + BD 77542799 98 Bytes [ EB, A7, 90, 90, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTreatAsClass + 120 775427FC 35 Bytes [ F1, BB, FF, FF, 8B, F0, EB, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DllRegisterServer + 1C 775429B3 3 Bytes [ E0, FE, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DllRegisterServer + 20 775429B7 9 Bytes [ 89, 45, CC, 33, F6, 3B, C6, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DllRegisterServer + 2A 775429C1 100 Bytes [ 00, 00, 00, 8B, 4D, D0, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterInitializeSpy + 33 77542A26 38 Bytes [ FF, 89, 45, CC, 3B, C6, 7D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterInitializeSpy + 5A 77542A4D 37 Bytes [ 7C, 40, 8B, 45, C0, 2B, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterInitializeSpy + 80 77542A73 112 Bytes [ 04, 80, EB, 1F, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterInitializeSpy + F1 77542AE4 3 Bytes [ C8, 10, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterInitializeSpy + F5 77542AE8 30 Bytes [ 00, 8B, 7D, 0C, 8B, 07, 8D, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeInitializeSpy + 52 77542BDF 29 Bytes [ 01, 04, 80, EB, 18, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeInitializeSpy + 70 77542BFD 9 Bytes [ 4D, FC, FF, 8B, 45, D0, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeInitializeSpy + 7A 77542C07 3 Bytes [ 7D, B7, F7 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetState 77542C14 51 Bytes [ 90, 90, 90, 90, FF, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetState + 34 77542C48 14 Bytes [ 45, 18, 89, 18, C7, 45, B4, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetState + 43 77542C57 248 Bytes [ 08, 8D, 55, B4, 52, 50, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryReleaseObject + E7 77542D50 47 Bytes [ 10, D1, FF, 8B, 45, 14, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryReleaseObject + 11C 77542D85 17 Bytes CALL CF387351 .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryReleaseObject + 137 77542DA0 123 Bytes [ FF, FF, FF, FF, 7B, 1D, 54, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryReleaseObject + 1B3 77542E1C 55 Bytes [ 90, 90, 90, 90, 90, B8, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryReleaseObject + 1EB 77542E54 13 Bytes [ 33, C0, EB, 05, B8, 57, 00, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMallocSpy + 24 77542EA3 4 Bytes [ 75, 07, B8, 57 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMallocSpy + 29 77542EA8 64 Bytes [ 07, 80, EB, 43, 83, 7D, 10, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMallocSpy + 6A 77542EE9 52 Bytes [ C6, EB, 03, 33, C0, 40, 5E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMallocSpy + 9F 77542F1E 16 Bytes [ FF, 75, 08, FF, 15, D0, 18, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterMallocSpy + B0 77542F2F 27 Bytes [ 06, FF, 75, 10, 8B, CE, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeMallocSpy + 1 77542F50 258 Bytes [ EC, 8B, 45, 08, 51, 68, FA, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeMallocSpy + 104 77543053 4 Bytes [ FF, 55, 8B, EC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeMallocSpy + 11D 7754306C 237 Bytes [ 07, 80, 5D, C2, 08, 00, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeMallocSpy + 20B 7754315A 48 Bytes [ 51, 08, 5F, 8B, C6, 5E, 5B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRevokeMallocSpy + 23D 7754318C 24 Bytes [ 00, 75, 20, 6A, 48, E8, 43, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HkOleRegisterObject + 5F 775437A4 18 Bytes [ BF, 28, 6C, 4B, 77, 57, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HkOleRegisterObject + 72 775437B7 6 Bytes [ 01, 56, 53, FF, 75, 94 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HkOleRegisterObject + 79 775437BE 13 Bytes [ 15, 2C, 10, 4A, 77, 8B, F8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HkOleRegisterObject + 87 775437CC 122 Bytes [ 00, 8D, 45, 8C, 50, 8D, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HkOleRegisterObject + 102 77543847 133 Bytes [ 15, 40, 10, 4A, 77, 33, F6, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!EnableHookObject 775439CC 167 Bytes [ 90, 90, 8B, FF, 55, 8B, EC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!EnableHookObject + A8 77543A74 18 Bytes [ 00, 3B, F3, 75, 3F, 6A, 14, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!EnableHookObject + BB 77543A87 2 Bytes [ 45, 08 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!EnableHookObject + BE 77543A8A 34 Bytes [ 80, 08, 01, 00, 00, 89, 46, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!EnableHookObject + E1 77543AAD 17 Bytes [ F7, FF, C7, 45, 0C, 0E, 00, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStdMarshalEx + 65 77544666 61 Bytes [ FF, 55, 8B, EC, FF, 75, 10, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStdMarshalEx + A3 775446A4 58 Bytes [ 07, 80, EB, 31, 57, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStdMarshalEx + DF 775446E0 85 Bytes [ 90, 90, 90, A1, A8, C5, 5C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStdMarshalEx + 135 77544736 9 Bytes [ E0, B8, 02, 40, 00, 80, 5D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetStdMarshalEx + 13F 77544740 8 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDeactivateObject + 5A 775448DF 65 Bytes [ 0F, 85, C3, 00, 00, 00, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoReactivateObject + 9 77544921 39 Bytes CALL C8544924 .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoReactivateObject + 31 77544949 33 Bytes [ 74, 5D, 56, 8B, 35, 28, 12, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoReactivateObject + 53 7754496B 135 Bytes [ D6, 68, F0, 8A, 4B, 77, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInvalidateRemoteMachineBindings + 2 775449F3 5 Bytes [ FF, 00, 80, 5D, C2 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInvalidateRemoteMachineBindings + 9 775449FA 35 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRetireServer + 9 77544A1E 20 Bytes [ 72, 5C, 77, 8B, F0, 8D, 04, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRetireServer + 1E 77544A33 9 Bytes [ 75, 16, 83, C6, 08, 3B, F0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetContextToken + 1 77544A65 40 Bytes [ 48, 0C, 83, C0, 20, 3B, C8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetContextToken + 2A 77544A8E 55 Bytes [ 4D, FC, 6A, 01, 83, C1, 18, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetSystemSecurityPermissions + 2B 77544AC6 14 Bytes [ 60, 5C, 77, FF, 15, 54, 61, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetSystemSecurityPermissions + 3A 77544AD5 77 Bytes [ 75, 0C, 89, 43, 0C, 50, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetDefaultContext + 3A 77544B23 77 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetDefaultContext + 89 77544B72 33 Bytes [ 00, 53, 56, 89, 45, FC, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetDefaultContext + AB 77544B94 27 Bytes [ FF, 50, FF, 15, C0, 18, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetDefaultContext + C7 77544BB0 23 Bytes [ CB, 89, 85, EC, FD, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetDefaultContext + 10A 77544BF3 2 Bytes [ F4, FD ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetCancelObject + 7B 7754512D 79 Bytes [ FF, 55, 8B, EC, 68, A8, BA, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCancelCall + 35 7754517D 49 Bytes [ FF, 55, 8B, EC, 56, 68, AC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTestCancel + 27 775451AF 2 Bytes [ FF, 55 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoTestCancel + 2A 775451B2 71 Bytes [ EC, 56, 68, B0, BA, 5C, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoEnableCallCancellation + 39 775451FA 5 Bytes [ 25, B8, BA, 5C, 77 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoEnableCallCancellation + 40 77545201 1 Byte [ 08 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisableCallCancellation + 5 7754520D 80 Bytes [ 68, BC, BA, 5C, 77, 68, 44, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisableCallCancellation + 56 7754525E 19 Bytes [ F0, 8B, C6, 5E, 5D, C2, 10, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisableCallCancellation + 6A 77545272 3 Bytes [ E4, BA, 5C ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisableCallCancellation + 6E 77545276 6 Bytes [ 68, 70, 8C, 4B, 77, 33 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDisableCallCancellation + 81 77545289 6 Bytes [ FF, 75, 0C, FF, 75, 08 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetCancelObject + 8 77545666 122 Bytes [ 08, 50, FF, 51, 04, EB, 05, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetCancelObject + 83 775456E1 19 Bytes [ FF, 55, 8B, EC, 8B, 45, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetCancelObject + 97 775456F5 10 Bytes [ 08, 50, FF, 51, 0C, EB, 05, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetCancelObject + A2 77545700 41 Bytes [ 80, 5D, C2, 08, 00, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoSetCancelObject + CC 7754572A 269 Bytes [ 80, 5D, C2, 08, 00, 90, 90, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryAuthenticationServices + 37 775458E8 113 Bytes [ 8B, 06, 56, FF, 50, 08, EB, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryAuthenticationServices + A9 7754595A 22 Bytes [ 00, 8B, F0, 8B, 45, 0C, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryAuthenticationServices + C0 77545971 37 Bytes [ 08, 50, FF, 51, 08, EB, 05, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryAuthenticationServices + E6 77545997 24 Bytes [ 57, 8B, 7D, 08, 33, F6, 57, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoQueryAuthenticationServices + FF 775459B0 29 Bytes [ 07, 8D, 4D, FC, 51, 68, 18, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateObjectInContext + 29 77549AED 2 Bytes [ D6, 46 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateObjectInContext + 2D 77549AF1 188 Bytes [ 39, 7D, F0, 0F, 84, BB, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateObjectInContext + EA 77549BAE 27 Bytes [ F7, FF, 39, 7D, FC, 7D, 65, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateObjectInContext + 107 77549BCB 6 Bytes [ 45, EC, 3B, C7, 74, 0F ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoCreateObjectInContext + 10E 77549BD2 36 Bytes [ 08, 50, FF, 51, 10, 8B, 45, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetApartmentID + BA 7754B4AD 34 Bytes [ 08, 83, 65, F8, 00, 8D, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetApartmentID + DD 7754B4D0 42 Bytes [ 51, 10, 8B, F0, 8B, 45, F8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetApartmentID + 108 7754B4FB 26 Bytes [ 8B, 45, F4, 83, C0, 07, 83, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetApartmentID + 123 7754B516 12 Bytes [ 8D, 6E, FF, FF, FF, 85, F6, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetApartmentID + 130 7754B523 54 Bytes [ 4D, FC, 89, 08, 8B, C6, 8D, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterPSClsid + 94 7754C79C 34 Bytes [ 8B, F0, 85, F6, 0F, 8C, FC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoPushServiceDomain + 13 7754C7BF 51 Bytes [ FF, 8B, F0, 85, F6, 0F, 8C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoPopServiceDomain + C 7754C7F3 20 Bytes [ 89, 55, E0, 89, 7D, E4, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoPopServiceDomain + 21 7754C808 66 Bytes [ 15, FC, 12, 4A, 77, 57, 6A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoPopServiceDomain + 64 7754C84B 18 Bytes [ 50, 10, 8B, F0, 8B, 45, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoPopServiceDomain + 77 7754C85E 35 Bytes [ 45, B4, 8B, 40, 24, 57, 23, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoPopServiceDomain + 9B 7754C882 8 Bytes [ 4D, B4, 8D, 45, 9C, 89, 45, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogateEx + 4F 7754E29D 4 Bytes [ 68, 30, 75, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogateEx + 54 7754E2A2 31 Bytes [ FF, 76, 30, FF, D7, BB, 02, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogateEx + 74 7754E2C2 3 Bytes [ 00, 00, 51 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogateEx + 79 7754E2C7 137 Bytes [ 15, A8, 10, 4A, 77, B9, CC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogateEx + 104 7754E352 148 Bytes [ 68, 20, 4E, 00, 00, FF, 76, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UpdateDCOMSettings + 10 7754F5E2 66 Bytes [ 40, 18, 83, 65, FC, 00, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UpdateDCOMSettings + 53 7754F625 41 Bytes [ 15, 34, 12, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UpdateDCOMSettings + 7D 7754F64F 28 Bytes [ 55, 8B, EC, 8B, 45, 08, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UpdateDCOMSettings + 9A 7754F66C 43 Bytes [ 15, 24, 12, 4A, 77, 0D, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UpdateDCOMSettings + C6 7754F698 27 Bytes [ 09, 89, 48, 14, 33, C0, EB, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogate + 8A 77556216 1 Byte [ 4A ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogate + 8D 77556219 8 Bytes [ 0C, 8B, 4F, 10, E8, 2B, E9, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogate + 96 77556222 8 Bytes [ 8B, CE, 8B, D8, E8, 9C, 7F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoRegisterSurrogate + 9F 7755622B 60 Bytes [ 85, DB, 7C, 1F, FF, 75, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInstanceFromIStorage + B 77556268 105 Bytes [ 8B, 45, 14, 8B, 4D, FC, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInstall + E2 77556409 3 Bytes [ 11, 3B, F9 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInstall + E6 7755640D 6 Bytes [ FF, 75, 08, 83, 66, 14 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInstall + ED 77556414 67 Bytes [ FF, 75, 08, 8B, CE, E8, 57, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInstall + 131 77556458 140 Bytes [ 3B, 89, 4B, 14, 8B, 36, F3, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoInstall + 1BE 775564E5 40 Bytes [ 50, FF, 15, 40, 12, 4A, 77, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoFileTimeToDosDateTime + 78 7755B10F 64 Bytes [ FD, FF, FF, 00, 8D, 8D, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDosDateTimeToFileTime + 3D 7755B150 38 Bytes [ 02, 00, 00, B9, 82, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDosDateTimeToFileTime + 64 7755B177 42 Bytes [ 15, 84, 13, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDosDateTimeToFileTime + 8F 7755B1A2 27 Bytes [ 00, 8D, 44, 00, 18, 50, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDosDateTimeToFileTime + AB 7755B1BE 2 Bytes [ 51, 50 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoDosDateTimeToFileTime + AF 7755B1C2 2 Bytes [ DC, 14 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptor + 10 775601AC 51 Bytes [ 90, 8B, FF, 55, 8B, EC, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptor + 44 775601E0 305 Bytes [ 8B, 08, 68, A4, FF, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptor + 176 77560312 23 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptor + 18E 7756032A 104 Bytes [ FF, 75, 10, 8B, 08, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CoGetInterceptor + 1F7 77560393 20 Bytes [ 00, 74, 11, FF, 75, 10, 8B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_CStdStubBuffer_QueryInterface 77560569 5 Bytes [ 90, 90, 90, 90, 8B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_CStdStubBuffer_QueryInterface + 6 7756056F 113 Bytes [ 55, 8B, EC, 51, 53, 56, 57, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_CStdStubBuffer_DebugServerQueryInterface + 2 775605E1 3 Bytes [ 8B, 45, FC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_CStdStubBuffer_DebugServerQueryInterface + 6 775605E5 18 Bytes [ 08, 89, 4F, 08, 89, 38, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_CStdStubBuffer_DebugServerQueryInterface + 1C 775605FB 116 Bytes [ 8B, FF, 55, 8B, EC, 51, 53, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_CStdStubBuffer_CountRefs + 7 77560671 5 Bytes [ FC, 8B, 08, 89, 4F ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_CStdStubBuffer_CountRefs + D 77560677 21 Bytes [ 89, 38, 8B, 3F, 3B, FB, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubForwardingFunction + 9 7756068D 33 Bytes [ EC, 56, 57, 8B, 7D, 08, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubForwardingFunction + 2B 775606AF 1 Byte [ 57 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubForwardingFunction + 56 775606DA 65 Bytes [ 00, 90, 90, 90, 90, 90, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubForwardingFunction + 98 7756071C 53 Bytes [ 55, 14, 85, D2, 74, 14, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubForwardingFunction + CE 77560752 14 Bytes [ 40, 1C, 8B, 40, 24, 85, C0, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_IUnknown_Release_Proxy + 25 77560993 86 Bytes JMP 02FBFC9A .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_IUnknown_Release_Proxy + 7C 775609EA 100 Bytes [ 46, FC, 50, 8B, 46, 18, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_IUnknown_Release_Proxy + E1 77560A4F 47 Bytes [ 8D, 8D, 6C, FF, FF, FF, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_IUnknown_Release_Proxy + 120 77560A8E 12 Bytes [ 51, 08, 83, 65, E4, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_IUnknown_Release_Proxy + 12F 77560A9D 29 Bytes [ 8B, 47, 08, 89, 45, 80, 8B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2_va + F 77564634 99 Bytes [ FF, 90, 90, 90, 90, 90, B8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2_va + A6 775646CB 24 Bytes [ 90, 90, 90, 90, 90, B8, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2_va + 100 77564725 13 Bytes [ 90, 90, 90, 90, 90, B8, 07, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2_va + 10E 77564733 174 Bytes [ FF, 90, 90, 90, 90, 90, B8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2_va + 1F0 77564815 23 Bytes [ 90, 90, 90, 90, 90, B8, 17, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2 + 1B 77564AE8 206 Bytes [ 90, 90, B8, 47, 03, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2 + EA 77564BB7 14 Bytes [ 90, 90, 90, 90, 90, B8, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2 + F9 77564BC6 63 Bytes [ 90, 90, 90, 90, 90, B8, 56, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2 + 13A 77564C07 41 Bytes [ B8, 5A, 03, 00, 00, E9, CC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrClientCall2 + 167 77564C34 25 Bytes [ B8, 5D, 03, 00, 00, E9, 9F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrDllGetClassObject 77565210 98 Bytes [ B8, C1, 03, 00, 00, E9, C3, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrDllGetClassObject + 63 77565273 14 Bytes [ FF, 90, 90, 90, 90, 90, B8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrDllGetClassObject + 72 77565282 31 Bytes [ FF, 90, 90, 90, 90, 90, B8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrDllGetClassObject + 93 775652A3 71 Bytes [ 90, 90, 90, B8, CB, 03, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrDllGetClassObject + DB 775652EB 15 Bytes [ FF, 90, 90, 90, 90, 90, B8, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrDllUnregisterProxy + 6 77565F5A 31 Bytes [ FF, F6, 45, 08, 01, 74, 06, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrDllUnregisterProxy + 61 77565FB5 54 Bytes [ 8B, FF, 55, 8B, EC, 8B, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubCall2 + 34 77565FEC 41 Bytes [ 5D, 0C, 85, DB, 56, 57, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubCall2 + 5E 77566016 19 Bytes [ 5B, 5D, C2, 0C, 00, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubCall2 + 8E 77566046 15 Bytes [ 51, 0C, 5E, 5D, C2, 08, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubCall2 + 9E 77566056 61 Bytes [ EC, 56, 8B, 75, 08, 56, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!ComPs_NdrStubCall2 + DC 77566094 12 Bytes [ C6, 5E, 5D, C2, 04, 00, 90, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserSize + 57 775799D0 137 Bytes [ A1, 04, 60, 5C, 77, 89, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserMarshal + 61 77579A5A 66 Bytes [ 32, 02, 00, 00, 8D, 85, 7C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserMarshal + D7 77579AD0 23 Bytes [ 85, 7C, FB, FF, FF, 89, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserMarshal + EF 77579AE8 95 Bytes [ F4, 6C, 4B, 77, BE, A8, 6C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserMarshal + 14F 77579B48 49 Bytes [ FF, 68, 30, 99, 4B, 77, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserMarshal + 181 77579B7A 4 Bytes [ B0, 78, 4B, 77 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserUnmarshal + 30 77579BB9 5 Bytes [ 89, 85, 50, FB, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserUnmarshal + 36 77579BBF 6 Bytes [ 68, C8, 98, 4B, 77, 50 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserUnmarshal + 3D 77579BC6 87 Bytes [ D6, 8B, 85, 7C, FB, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserUnmarshal + C9 77579C52 13 Bytes [ FF, FF, B5, 7C, FB, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserUnmarshal + D7 77579C60 20 Bytes [ D6, 83, A5, 7C, FB, FF, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserFree + 34 77579D9C 17 Bytes [ 10, 4A, 77, 90, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILEPICT_UserFree + 46 77579DAE 42 Bytes [ B5, 74, FB, FF, FF, FF, D6, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HENHMETAFILE_UserUnmarshal + 11 77579DD9 177 Bytes [ FF, FF, FF, 00, 00, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILE_UserMarshal + 17 77579E96 66 Bytes [ 5B, 18, 3B, DE, 74, 40, 68, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILE_UserMarshal + 5A 77579ED9 33 Bytes [ 50, EB, 05, 68, 6C, EE, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILE_UserMarshal + 7D 77579EFC 60 Bytes [ 00, 33, C0, 8B, 4D, E4, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILE_UserUnmarshal + 12 77579F39 134 Bytes [ 8B, 00, 8B, 70, 14, 6A, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HMETAFILE_UserUnmarshal + 99 77579FC0 88 Bytes [ 10, FD, FF, FF, 33, DB, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HPALETTE_UserMarshal + 4B 7757A0AA 111 Bytes [ B5, 14, FD, FF, FF, E8, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HPALETTE_UserMarshal + BB 7757A11A 83 Bytes [ 89, 8D, 5C, FC, FF, FF, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HPALETTE_UserMarshal + 10F 7757A16E 109 Bytes [ 15, 20, 14, 4A, 77, 8D, 44, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HPALETTE_UserMarshal + 17D 7757A1DC 10 Bytes [ 0F, 84, 26, 01, 00, 00, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HPALETTE_UserUnmarshal + B 7757A27F 39 Bytes [ FF, FF, 15, 40, 10, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HPALETTE_UserUnmarshal + 33 7757A2A7 20 Bytes [ EB, 06, 8B, 3D, 24, 12, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!HBITMAP_UserFree + 2 7757A2BC 40 Bytes [ FF, FF, 15, 40, 10, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserSize + 1 7757A2E5 21 Bytes [ 85, 10, FD, FF, FF, FF, 70, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserSize + 17 7757A2FB 1 Byte [ FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserSize + 19 7757A2FD 9 Bytes [ BE, 6C, EE, 4A, 77, 8B, 3D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserSize + 24 7757A308 38 Bytes [ 89, 9D, A0, FC, FF, FF, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserMarshal + 2 7757A32F 63 Bytes [ 89, 9D, FC, FC, FF, FF, 3B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserMarshal + 42 7757A36F 5 Bytes [ 4A, 77, 89, 85, CC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserMarshal + 48 7757A375 3 Bytes [ FF, FF, 3B ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserMarshal + 4C 7757A379 81 Bytes [ 75, 31, FF, B5, E4, FC, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserUnmarshal + 2 7757A3CB 15 Bytes [ D7, 25, FF, FF, 00, 00, 0D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserUnmarshal + 12 7757A3DB 171 Bytes [ 39, 9D, FC, FC, FF, FF, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserUnmarshal + BE 7757A487 63 Bytes [ C8, FC, FF, FF, 3B, C3, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserUnmarshal + FE 7757A4C7 69 Bytes [ B5, F4, FC, FF, FF, FF, 15, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserUnmarshal + 145 7757A50E 4 Bytes [ 89, 85, 60, FC ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserFree + 2 7757A52D 23 Bytes [ FF, 50, 8D, 85, 0C, FD, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserFree + 1A 7757A545 78 Bytes [ B5, 18, FD, FF, FF, FF, 15, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserFree + 6B 7757A596 11 Bytes [ 15, 40, 10, 4A, 77, FF, D7, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserFree + 77 7757A5A2 154 Bytes [ D7, EB, 0C, FF, D7, 25, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SNB_UserFree + 112 7757A63D 70 Bytes [ B5, 18, FD, FF, FF, FF, 15, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleLockRunning + 16 7758888C 131 Bytes [ 66, 8B, 48, 02, 0F, B7, D1, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetContainedObject + 4E 7758891A 159 Bytes [ FF, B6, 84, 00, 00, 00, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleNoteObjectVisible + 9C 775889BB 11 Bytes [ 50, FF, 11, 3B, C3, 89, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleNoteObjectVisible + AA 775889C9 53 Bytes [ 8B, 45, F8, FF, 37, 8B, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleNoteObjectVisible + E0 775889FF 12 Bytes [ FF, 89, 45, FC, EB, 4F, 39, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleNoteObjectVisible + ED 77588A0C 135 Bytes CALL 77585783 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleNoteObjectVisible + 175 77588A94 9 Bytes [ 10, 8B, F1, FF, 15, 74, 12, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetDocumentBitStg 77588C11 47 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!SetDocumentBitStg + B 77588C41 34 Bytes [ 83, C1, 08, 3B, CA, 72, F4, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!GetConvertStg 77588C64 44 Bytes [ 90, 90, 90, 90, 8B, FF, 55, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDraw + 1 77588C91 108 Bytes [ F0, EB, 02, 33, F6, 3B, F3, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDraw + 6E 77588CFE 91 Bytes [ 08, 8D, 5E, 20, 53, 68, F8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDraw + CA 77588D5A 29 Bytes [ 33, DB, 8B, 46, 1C, 8B, 08, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDraw + E8 77588D78 105 Bytes [ 30, 89, 5D, 10, 8B, 45, 10, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDraw + 152 77588DE2 106 Bytes [ 7E, 3C, 89, 45, FC, 8B, 07, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDuplicateData + 75 77588FC7 6 Bytes [ EB, 0A, C7, 85, 00, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDuplicateData + 7C 77588FCE 24 Bytes [ FF, 0E, 00, 07, 80, 85, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDuplicateData + 121 77589073 19 Bytes [ 04, FF, FF, FF, 00, EB, 12, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDuplicateData + 135 77589087 8 Bytes [ 15, D8, 13, 4A, 77, 0F, B7, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleDuplicateData + 13E 77589090 21 Bytes [ 8D, 00, FF, FF, FF, C1, E8, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateStaticFromData 775896DA 78 Bytes [ 90, 8B, FF, 55, 8B, EC, F6, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateStaticFromData + 4F 77589729 29 Bytes [ 0D, 8B, 45, 10, 83, 20, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateStaticFromData + 6D 77589747 5 Bytes [ 5F, 5E, 5D, C2, 0C ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateStaticFromData + 73 7758974D 16 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateStaticFromData + 84 7758975E 246 Bytes [ 85, C0, 74, 12, 8B, 55, 08, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkEx + 7C 77589BBA 130 Bytes [ 4D, FC, 51, 57, 6A, 10, 57, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkToFileEx + 21 77589C3D 45 Bytes [ 0C, F7, D8, 1B, C0, 83, E0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkToFileEx + 4F 77589C6B 31 Bytes [ 08, 50, 8B, 45, 08, E8, 22, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkToFileEx + 6F 77589C8B 20 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkToFileEx + 84 77589CA0 14 Bytes [ 85, C0, 75, 07, BE, 57, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkToFileEx + 93 77589CAF 7 Bytes [ 14, 74, 18, E8, B7, 46, F3 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFileEx + E 77589DEE 42 Bytes [ E1, 03, F3, A4, 8B, 4D, DC, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFileEx + 39 77589E19 4 Bytes [ 4D, 20, 8B, 11 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFileEx + 3E 77589E1E 2 Bytes [ 50, 20 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFileEx + 41 77589E21 78 Bytes [ 49, 04, 89, 48, 24, 8B, 4D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFileEx + 90 77589E70 6 Bytes [ 56, 8D, 8D, F0, FE, FF ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLink + 4 7758A104 2 Bytes [ 08, 50 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLink + 7 7758A107 2 Bytes [ 51, 08 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLink + A 7758A10A 36 Bytes [ 45, E4, 85, C0, 74, 06, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLink + 2F 7758A12F 53 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkToFile + 1A 7758A165 20 Bytes [ 0D, FF, B5, E4, FD, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkToFile + 2F 7758A17A 22 Bytes CALL C858A17C .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateLinkToFile + 46 7758A191 6 Bytes [ 00, 8D, 85, FC, FD, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFile + 2 7758A198 40 Bytes CALL C858A19A .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFile + 86 7758A21C 7 Bytes [ 33, C9, 41, 3B, C1, 75, 64 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFile + 8E 7758A224 123 Bytes [ 75, 0C, 3B, F7, 74, 48, 66, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFile + 10A 7758A2A0 12 Bytes [ 55, 8B, EC, 56, 33, F6, 83, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateFromFile + 117 7758A2AD 3 Bytes [ 45, 08, 8B ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateDataCache + 4 7758C00F 27 Bytes [ 4E, 58, 8D, 45, F8, 50, E8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateDataCache + 20 7758C02B 51 Bytes [ 24, 83, 78, 1C, FF, 75, 1E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateDataCache + 55 7758C060 7 Bytes [ 8B, C7, F7, D0, 21, 46, 68 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateDataCache + 5D 7758C068 1 Byte [ 5D ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!CreateDataCache + 5F 7758C06A 8 Bytes [ 74, 08, 57, 8B, CE, E8, EA, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DoDragDrop + 37 77590428 18 Bytes [ 8B, F8, 85, FF, 0F, 85, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DoDragDrop + 4A 7759043B 71 Bytes [ 05, 9B, 00, 00, 8B, F8, 85, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DoDragDrop + 92 77590483 36 Bytes [ 8B, F8, 83, 3B, 08, 75, 0E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DoDragDrop + B7 775904A8 12 Bytes [ F8, 8B, 06, 89, 41, 08, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!DoDragDrop + C4 775904B5 6 Bytes [ 51, 08, 83, 65, A4, 00 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateEmbeddingHelper + 3A 77591B19 9 Bytes [ 0C, 0F, 94, C1, 8B, C1, 5D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleCreateEmbeddingHelper + 44 77591B23 398 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetAutoConvert + 6C 77591CB2 25 Bytes [ 76, 3C, FF, 75, F0, FF, D3, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetAutoConvert + 86 77591CCC 30 Bytes [ D3, A8, 03, 74, 4F, 83, 7D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetAutoConvert + A5 77591CEB 50 Bytes [ 15, A8, 17, 4A, 77, 83, 66, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetAutoConvert + D8 77591D1E 12 Bytes [ FF, FF, 83, 7D, 08, 00, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleSetAutoConvert + E5 77591D2B 30 Bytes [ 00, 00, 33, C0, 40, 5B, 5F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleMetafilePictFromIconAndLabel + 1A 775927A9 15 Bytes [ 00, 90, 90, 90, 90, 90, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleMetafilePictFromIconAndLabel + 6D 775927FC 45 Bytes [ 0F, 94, C1, 51, 56, FF, 50, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleMetafilePictFromIconAndLabel + 9B 7759282A 75 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleMetafilePictFromIconAndLabel + E7 77592876 23 Bytes [ 85, C0, 75, 07, B8, 0E, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleMetafilePictFromIconAndLabel + FF 7759288E 49 Bytes [ 8B, 7D, 0C, 83, E7, 01, 74, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfFile + A 77592C51 92 Bytes [ A1, 04, 60, 5C, 77, 83, A5, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfFile + 67 77592CAE 2 Bytes [ FC, FB ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfFile + 78 77592CBF 17 Bytes [ 50, FF, 15, 20, 14, 4A, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfFile + 8A 77592CD1 34 Bytes [ B8, EF, 4A, 77, FF, B5, F8, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfFile + AD 77592CF4 5 Bytes [ FF, 00, 5B, 74, 0C ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfClass + 57 77592F88 24 Bytes [ F6, 74, 07, 33, F6, E9, 46, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfClass + 71 77592FA2 58 Bytes [ 15, 7C, 13, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfClass + AC 77592FDD 7 Bytes [ FF, 8D, 85, 7C, FF, FF, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfClass + B4 77592FE5 9 Bytes [ FF, 15, 78, 12, 4A, 77, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleGetIconOfClass + BE 77592FEF 2 Bytes [ FF, FF ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumFormatEtc + 2D 77593DCE 15 Bytes [ FF, FF, D3, 8D, 85, 88, FA, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumFormatEtc + 3D 77593DDE 117 Bytes [ 50, FF, 35, 2C, 61, 5C, 77, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumFormatEtc + B3 77593E54 97 Bytes [ FA, FF, FF, 8D, 44, 46, FE, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumFormatEtc + 115 77593EB6 12 Bytes [ 50, 8D, 85, 54, FF, FF, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleRegEnumFormatEtc + 122 77593EC3 10 Bytes [ 68, 00, 00, 00, 80, C7, 85, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAM + 29 77599695 17 Bytes [ 55, 8B, EC, 81, EC, AC, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAM + 3B 775996A7 3 Bytes [ 53, 33, DB ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAM + 3F 775996AB 1 Byte [ 55 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAM + 41 775996AD 91 Bytes [ 52, 53, 53, 89, 45, FC, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAMEx + 42 77599709 148 Bytes [ 75, B4, FF, 15, 20, 14, 4A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAMEx + D7 7759979E 1 Byte [ 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAMEx + D9 775997A0 9 Bytes [ 5D, B0, 6A, 04, 33, C0, 8D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAMEx + E3 775997AA 3 Bytes [ B2, EF, FF ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertIStorageToOLESTREAMEx + E9 775997B0 9 Bytes [ 89, 45, AC, 0F, 8C, 01, 01, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertOLESTREAMToIStorage + 14 775999C6 59 Bytes CALL 775817FD C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertOLESTREAMToIStorage + 50 77599A02 14 Bytes [ 55, 8B, EC, 83, 7D, 08, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertOLESTREAMToIStorage + 5F 77599A11 69 Bytes [ 00, 8B, 03, 85, C0, 75, 0A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertOLESTREAMToIStorageEx + 4 77599A57 14 Bytes [ F8, 85, FF, 75, 07, B8, 0E, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertOLESTREAMToIStorageEx + 4B 77599A9E 2 Bytes [ 8A, 45 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertOLESTREAMToIStorageEx + 4F 77599AA2 36 Bytes [ 8B, C6, 5E, 5F, 5D, C2, 04, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertOLESTREAMToIStorageEx + 74 77599AC7 160 Bytes CALL 77598D30 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!OleConvertOLESTREAMToIStorageEx + 115 77599B68 22 Bytes [ 90, 90, 90, 90, 90, 8B, FF, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtGetDvtd16Info + 1B 7759A769 205 Bytes [ F0, 85, F6, 0F, 85, B8, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtGetDvtd16Info + 113 7759A861 30 Bytes [ 85, C0, 0F, 8C, 12, 01, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd16toDvtd32 + 8 7759A880 148 Bytes [ FF, 03, 75, 0F, 8B, 75, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd16toDvtd32 + 9D 7759A915 25 Bytes [ 01, 75, 4B, 83, 65, F8, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd16toDvtd32 + B7 7759A92F 68 Bytes CALL 775999FF C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd16toDvtd32 + FC 7759A974 45 Bytes CALL 7759A356 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd16toDvtd32 + 12A 7759A9A2 63 Bytes CALL 7759A846 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtGetDvtd32Info + 1 7759AA6A 5 Bytes [ 45, 0C, 89, 45, 94 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtGetDvtd32Info + 7 7759AA70 20 Bytes [ 45, 10, 53, 8B, 5D, 1C, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtGetDvtd32Info + 1C 7759AA85 1 Byte [ 7D ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtGetDvtd32Info + 1E 7759AA87 9 Bytes [ 8D, 4D, A8, 89, 45, 98, 33, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtGetDvtd32Info + 28 7759AA91 75 Bytes [ E2, FF, FF, 39, 75, A0, 0F, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd32toDvtd16 + 30 7759ABA9 150 Bytes [ 4E, 1C, 8B, 55, 9C, 89, 0A, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd32toDvtd16 + FD 7759AC76 41 Bytes [ 06, 56, FF, 50, 0C, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd32toDvtd16 + 127 7759ACA0 18 Bytes [ 6A, 01, FF, 75, F0, E8, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd32toDvtd16 + 13A 7759ACB3 71 Bytes [ F8, 7F, 05, 0E, 00, 07, 80, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!UtConvertDvtd32toDvtd16 + 182 7759ACFB 4 Bytes [ 8B, 45, EC, 83 ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnILockBytes + 3F 7759C0CF 19 Bytes [ 15, 00, 12, 4A, 77, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnILockBytes + 53 7759C0E3 174 Bytes [ 00, 50, 6A, 02, FF, 15, D0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnILockBytes + 102 7759C192 21 Bytes [ C2, 04, 00, 90, 90, 90, 90, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnILockBytes + 118 7759C1A8 180 Bytes [ 89, 5D, F8, 89, 5D, E8, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenStorageOnILockBytes + 1CD 7759C25D 28 Bytes [ 15, 94, 11, 4A, 77, 89, 45, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageILockBytes + 10 7759C3F5 9 Bytes [ 1F, 39, 5D, FC, 74, 09, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageILockBytes + 1A 7759C3FF 110 Bytes [ 15, CC, 13, 4A, 77, 39, 5D, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageILockBytes + 89 7759C46E 125 Bytes [ 8B, FF, 55, 8B, EC, 56, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageILockBytes + 107 7759C4EC 9 Bytes [ 99, F7, 7E, 18, 8B, 4D, 0C, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgIsStorageILockBytes + 111 7759C4F6 27 Bytes [ 46, 08, 69, C0, A0, 86, 01, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantChangeType + 32 775A3A69 118 Bytes [ 0E, 00, 07, 80, EB, 13, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantChangeType + A9 775A3AE0 30 Bytes [ 45, 08, 83, C0, 08, 50, FF, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!FmtIdToPropStgName + 2 775A3AFF 11 Bytes [ 8B, F0, 83, 7D, FC, 00, 74, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!FmtIdToPropStgName + E 775A3B0B 2 Bytes [ 1D, A5 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!FmtIdToPropStgName + 12 775A3B0F 104 Bytes [ 8B, C6, 5E, C9, C2, 0C, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropStgNameToFmtId + 1B 775A3B78 28 Bytes CALL 775A373C C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropStgNameToFmtId + 39 775A3B96 14 Bytes [ 0C, 8D, 45, EC, 50, 8D, 45, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropStgNameToFmtId + 48 775A3BA5 33 Bytes [ FF, 15, FC, BA, 5C, 77, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreatePropStg + E 775A3BC7 10 Bytes CALL 775A328F C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreatePropStg + 19 775A3BD2 39 Bytes [ 74, 09, FF, 75, FC, FF, 15, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreatePropStg + 41 775A3BFA 4 Bytes [ 83, A5, F8, FC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreatePropStg + 46 775A3BFF 150 Bytes [ FF, 00, 53, 8B, 5D, 08, 89, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreatePropStg + DD 775A3C96 224 Bytes JMP 6B52C79D .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenPropStg + 3D 775A3D77 40 Bytes [ 47, 83, F8, 15, 74, 0F, 83, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenPropStg + 66 775A3DA0 752 Bytes [ EB, 31, FF, 75, 18, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreatePropSetStg + 1F5 775A4091 32 Bytes [ 50, FF, 75, F8, 56, FF, 75, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreatePropSetStg + 216 775A40B2 2 Bytes [ FF, 55 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgCreatePropSetStg + 219 775A40B5 67 Bytes [ EC, 51, 51, 8B, 4D, 0C, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropSysFreeString + 9 775A40F9 129 Bytes [ 48, 0F, 84, 2F, 01, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropSysFreeString + 8B 775A417B 105 Bytes JMP 775A42ED C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropSysFreeString + F5 775A41E5 6 Bytes [ 84, 9F, 00, 00, 00, 48 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropSysFreeString + FC 775A41EC 11 Bytes [ 6B, 48, 74, 12, 48, 48, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropSysFreeString + 108 775A41F8 8 Bytes [ 48, 74, 34, 48, 0F, 85, CC, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantCopy + 9 775A4323 2 Bytes [ 01, 00 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantCopy + C 775A4326 36 Bytes [ 83, F9, 1E, 0F, 8D, 6A, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantCopy + 32 775A434C 106 Bytes [ 00, 49, 0F, 84, 98, 00, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantCopy + 9D 775A43B7 36 Bytes [ 00, 00, 8B, 4D, 08, 89, 41, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!PropVariantCopy + C2 775A43DC 15 Bytes [ 00, 00, DF, 6D, F8, 8B, 45, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgConvertVariantToProperty + 11 775A5DCF 82 Bytes JMP 775A6041 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgPropertyLengthAsVariant + 1F 775A5E22 88 Bytes [ 0F, 8C, 1B, 02, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgConvertPropertyToVariant + 40 775A5E7B 87 Bytes [ 8A, 45, 20, 88, 45, DB, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgConvertPropertyToVariant + 99 775A5ED4 12 Bytes [ 3B, C1, 0F, 8F, 9E, 01, 00, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgConvertPropertyToVariant + A6 775A5EE1 89 Bytes [ 00, 83, C1, F6, 3B, C1, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgConvertPropertyToVariant + 100 775A5F3B 55 Bytes [ 80, 7D, 20, 00, 0F, 85, 72, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgConvertPropertyToVariant + 138 775A5F73 45 Bytes [ 46, 08, 5F, EB, 64, 8A, 45, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnILockBytes + 3A 775B05BE 14 Bytes [ 0F, 86, 3C, 02, 00, 00, 8B, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnILockBytes + 49 775B05CD 39 Bytes [ 00, 8D, 04, 40, 8D, 3C, 81, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnILockBytes + 71 775B05F5 40 Bytes [ 74, 0E, 8B, 45, 10, 85, C0, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnILockBytes + 9A 775B061E 26 Bytes [ 83, 3E, 00, 0F, 8C, 4B, 07, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnILockBytes + B5 775B0639 19 Bytes [ FF, FF, 8B, 45, 14, FF, 70, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenAsyncDocfileOnIFillLockBytes + 2 775B064D 15 Bytes [ 8B, 45, 14, FF, 30, E8, 5F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenAsyncDocfileOnIFillLockBytes + 12 775B065D 85 Bytes [ FF, FF, 8B, 0F, 83, F9, 01, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenAsyncDocfileOnIFillLockBytes + 69 775B06B4 1 Byte [ DC ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenAsyncDocfileOnIFillLockBytes + 8C 775B06D7 1 Byte [ 55 ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgOpenAsyncDocfileOnIFillLockBytes + 8E 775B06D9 17 Bytes [ 8D, 0C, 40, 8D, 0C, 8A, 8B, ... ] .text ... .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnFile + 48 775B0840 205 Bytes [ 8B, CF, 8B, 7D, E4, 8B, D1, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnFile + 116 775B090E 103 Bytes CALL 775A5923 C:\WINDOWS\system32\ole32.dll (Microsoft OLE pour Windows/Microsoft Corporation) .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnFile + 17E 775B0976 43 Bytes [ FC, 83, 45, E4, 10, 83, C7, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnFile + 1AB 775B09A3 43 Bytes [ 83, 3E, 00, 89, 45, 1C, 0F, ... ] .text C:\Program Files\Orange\systray\systrayapp.exe[272] ole32.dll!StgGetIFillLockBytesOnFile + 1D7 775B09CF 26 Bytes [ 45, F4, 8B, 40, 04, 83, F8, ... ] .text ... .text C:\WINDOWS\System32\smss.exe[400] smss.exe 485811FC 1 Byte [ 20 ] .text C:\WINDOWS\System32\smss.exe[400] smss.exe 485811FF 11 Bytes [ 60, 2E, 64, 61, 74, 61, 00, ... ] .text C:\WINDOWS\System32\smss.exe[400] smss.exe 4858120C 2 Bytes [ 00, C0 ] .text C:\WINDOWS\System32\smss.exe[400] smss.exe 48581210 2 Bytes [ 00, 04 ] .text C:\WINDOWS\System32\smss.exe[400] smss.exe 48581214 2 Bytes [ 00, B0 ] .text ... ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [b506BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [b506C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [b506C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [b506BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [b506BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [b506BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [b506C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [b506C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [b506BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [b506C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [b506C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [b506BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [b506C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [b506C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [b506BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [b506BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [b506BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [b506C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [b506C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [b506BCA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [b506BE10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [b506C320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [b506C1C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ---- Devices - GMER 1.0.14 ---- Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94023c0c Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a94023c0c ---- EOF - GMER 1.0.14 ---- scan diag help du 29032008 à 14h05 DiagHelp version v1.4 - http://www.malekal.com excute le 29/03/2008 à 13:55:25,70 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\EXPLORER.EXE-082F38A9.pf -->29/03/2008 13:54:14 C:\WINDOWS\prefetch\WSCNTFY.EXE-1B24F5EB.pf -->29/03/2008 13:53:26 C:\WINDOWS\prefetch\WUAUCLT.EXE-399A8E72.pf -->29/03/2008 13:31:42 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->29/03/2008 13:30:49 C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->29/03/2008 13:28:34 C:\WINDOWS\prefetch\LXBFPSWX.EXE-1E6D9D56.pf -->29/03/2008 13:20:55 C:\WINDOWS\prefetch\LXBFJSWX.EXE-14576D16.pf -->29/03/2008 13:20:54 C:\WINDOWS\prefetch\WINWORD.EXE-29F5CB89.pf -->29/03/2008 13:15:23 C:\WINDOWS\prefetch\AVSCAN.EXE-181AB66D.pf -->29/03/2008 13:09:20 C:\WINDOWS\prefetch\AVCENTER.EXE-058B10AA.pf -->29/03/2008 13:09:16 C:\WINDOWS\System32\drivers\gmer.sys -->29/03/2008 13:31:31 C:\WINDOWS\System32\drivers\avipbb.sys -->09/03/2008 14:07:26 C:\WINDOWS\System32\drivers\mrxdav.sys -->18/12/2007 10:51:35 C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54 C:\WINDOWS\System32\drivers\tcpip.sys -->30/10/2007 18:20:55 C:\WINDOWS\System32\drivers\avgntdd.sys -->09/08/2007 13:04:11 C:\WINDOWS\System32\drivers\avgntmgr.sys -->18/07/2007 14:22:19 C:\WINDOWS\System32\vsconfig.xml -->29/03/2008 12:29:46 C:\WINDOWS\System32\nvapps.xml -->29/03/2008 12:00:21 C:\WINDOWS\System32\wpa.dbl -->28/03/2008 18:51:56 C:\WINDOWS\System32\PerfStringBackup.INI -->24/03/2008 09:39:03 C:\WINDOWS\System32\perfh00C.dat -->24/03/2008 09:39:03 C:\WINDOWS\System32\perfh009.dat -->24/03/2008 09:39:03 C:\WINDOWS\System32\perfc00C.dat -->24/03/2008 09:39:03 C:\WINDOWS\System32\perfc009.dat -->24/03/2008 09:39:03 C:\WINDOWS\System32\Uninstall.ico -->23/03/2008 13:53:32 C:\WINDOWS\System32\Help.ico -->23/03/2008 13:53:32 C:\WINDOWS\System32\pavas.ico -->23/03/2008 13:53:31 C:\WINDOWS\System32\Thumbs.db -->16/03/2008 20:53:08 C:\WINDOWS\System32\TUKernel.exe -->16/03/2008 19:02:01 C:\WINDOWS\System32\TuneUpDefragService.exe -->15/03/2008 13:59:17 C:\WINDOWS\System32\initdebug.nfo -->09/03/2008 20:48:06 C:\WINDOWS\System32\CONFIG.NT -->09/03/2008 13:55:50 C:\WINDOWS\System32\FNTCACHE.DAT -->08/03/2008 06:19:37 C:\WINDOWS\System32\MRT.exe -->05/03/2008 17:30:54 C:\WINDOWS\System32\uxtuneup.dll -->27/02/2008 13:15:14 C:\WINDOWS\System32\nscompat.tlb -->23/02/2008 07:35:04 C:\WINDOWS\System32\amcompat.tlb -->23/02/2008 07:35:04 C:\WINDOWS\System32\TZLog.log -->17/02/2008 19:41:26 C:\WINDOWS\System32\spupdwxp.log -->16/02/2008 08:37:17 C:\WINDOWS\System32\setupfax.log -->10/02/2008 10:23:54 C:\WINDOWS\System32\zllictbl.dat -->10/02/2008 08:22:37 C:\WINDOWS\gmer.ini -->29/03/2008 13:31:35 C:\WINDOWS\gmer_uninstall.cmd -->29/03/2008 13:31:31 C:\WINDOWS\gmer.dll -->29/03/2008 13:31:31 C:\WINDOWS\lexstat.ini -->29/03/2008 13:22:53 C:\WINDOWS\setupapi.log -->29/03/2008 12:23:21 C:\WINDOWS\KB905414.log -->29/03/2008 12:22:07 C:\WINDOWS\WindowsUpdate.log -->29/03/2008 12:22:06 C:\WINDOWS\0.log -->29/03/2008 12:00:16 C:\WINDOWS\wiadebug.log -->29/03/2008 12:00:08 C:\WINDOWS\wiaservc.log -->29/03/2008 12:00:07 C:\WINDOWS\bootstat.dat -->29/03/2008 11:59:48 C:\WINDOWS\SchedLgU.Txt -->28/03/2008 22:27:44 C:\WINDOWS\win.ini -->23/03/2008 22:46:39 C:\WINDOWS\wmsetup.log -->23/03/2008 19:06:38 C:\WINDOWS\tsoc.log -->23/03/2008 10:08:01 winlogon.exe Verified: Unsigned svchost.exe Verified: Unsigned ws2_32.dll Verified: Unsigned user32.dll Verified: Unsigned tcpip.sys Verified: Unsigned ndis.sys Verified: Unsigned null.sys Verified: Unsigned ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1736 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x44080000 0xcf000 7.00.6000.16608 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16608 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x44360000 0x5cd000 7.00.6000.16608 C:\WINDOWS\system32\ieframe.dll 0x44160000 0x127000 7.00.6000.16608 C:\WINDOWS\system32\urlmon.dll 0x442b0000 0x3c000 7.00.6000.16608 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 0x62350000 0x53000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll 0x60400000 0x18000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.3\program\uwinapi.dll 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\OpenOffice.org 2.3\program\MSVCR71.dll 0x61e70000 0x8e000 4.05.2003.0120 C:\Program Files\OpenOffice.org 2.3\program\stlport_vc7145.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\OpenOffice.org 2.3\program\MSVCP71.dll 0x02910000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x02970000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x00bc0000 0x7000 1.00.0004.0739 C:\Program Files\Orange\Launcher\Inactivity.Dll 0x10000000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll 0x00ef0000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll 0x011c0000 0x2a000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll 0x00ff0000 0xb000 7.00.0462.0000 C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll 0x011f0000 0x4000 5.03.0017.0000 C:\Program Files\Zone Labs\ZoneAlarm\zlavscan_Loc040c.dll 0x01280000 0x11000 7.00.0000.0010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll 0x03dc0000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL 0x012e0000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 0x01300000 0x29000 11.00.0000.0716 C:\Program Files\Microsoft Money\System\mnyside.dll 0x01330000 0x11000 11.00.0000.0716 C:\Program Files\Microsoft Money\System\misstub.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 496 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6890-BC62 Répertoire de C:\WINDOWS\system32 20/08/2004 00:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 134 416 789 504 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6890-BC62 Répertoire de C:\WINDOWS\Downloaded Program Files 23/03/2008 13:53 <REP> . 23/03/2008 13:53 <REP> .. 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 07/12/2004 17:07 32 bdcore.dll 25/05/2006 01:21 118 784 bdupd.dll 09/02/2008 19:14 65 desktop.ini 14/10/1997 18:52 697 DirectAnimation Java Classes.osd 25/05/2006 01:21 53 248 ipsupd.dll 16/03/2005 12:34 7 407 lang.ini 07/12/2004 17:07 32 libfn.dll 14/03/2005 14:38 126 live.ini 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 01/06/2006 02:57 1 331 oscan8.inf 01/06/2006 02:54 471 040 oscan8.ocx 31/05/2006 04:15 10 oscan81.ocx_x 14/03/2005 14:58 7 073 scanoptions.tsi 11/08/2004 02:22 3 036 wmv9dmo.inf 30/07/2007 19:24 293 wuweb.inf 17 fichier(s) 806 297 octets Total des fichiers listés : 17 fichier(s) 806 297 octets 2 Rép(s) 134 416 785 408 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"="C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe:*:enabled:CSS" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" REGEDIT4 [taskmgr.exe] exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 www.activexupdate.com 127.0.0.1 activexupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.exeupdate.com 127.0.0.1 exeupdate.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.msupdate.net 127.0.0.1 msupdate.net 127.0.0.1 www.msupdater.net 127.0.0.1 msupdater.net 127.0.0.1 www.necessaryupdates.com 127.0.0.1 necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.systemupdates.net 127.0.0.1 systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 update.680180.net 127.0.0.1 www.updatemysettings.com 127.0.0.1 updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 update.shareaza.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.panda-hq.com 127.0.0.1 panda-hq.com catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-29 13:55:58 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94023c0c] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a94023c0c] scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 272 - SystrayApp.exe 472 - csrss.exe 496 - winlogon.exe 540 - services.exe 552 - lsass.exe 692 - svchost.exe 960 - svchost.exe 1000 - svchost.exe 1148 - svchost.exe 1400 - spoolsv.exe 1476 - avguard.exe 1648 - sched.exe 1660 - guard.exe 1712 - incdsrv.exe 1736 - explorer.exe 1764 - nvsvc32.exe 1816 - slserv.exe 2256 - rundll32.exe 2272 - InCD.exe 2316 - ctfmon.exe 2368 - speedfan.exe 2408 - TosBtMng.exe 2724 - vsmon.exe 2760 - zlclient.exe 2904 - AlertModule.exe 2908 - CoreCom.exe 2928 - avgnt.exe 3056 - avcenter.exe 3128 - FTCOMModule.exe 3500 - OraConfigRecove 3672 - wmiprvse.exe 3848 - Deskboard.exe 4836 - wscntfy.exe 5164 - avscan.exe 5828 - firefox.exe 5844 - cmd.exe 6100 - Launcher.exe 6132 - ConnectivityMan Total number of processes = 39 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\TUKERNEL.EXE 8070E000 - \WINDOWS\system32\hal.dll F7987000 - \WINDOWS\system32\KDCOM.DLL F7897000 - \WINDOWS\system32\BOOTVID.dll F7437000 - ACPI.sys F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS F7426000 - pci.sys F7487000 - isapnp.sys F7A4F000 - pciide.sys F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS F7497000 - MountMgr.sys F7407000 - ftdisk.sys F770F000 - PartMgr.sys F74A7000 - VolSnap.sys F73EF000 - atapi.sys F73D6000 - nvatabus.sys F74B7000 - disk.sys F74C7000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F73B6000 - fltmgr.sys F73A4000 - sr.sys F738D000 - KSecDD.sys F7300000 - Ntfs.sys F72D3000 - NDIS.sys F72BF000 - srescan.sys F798B000 - speedfan.sys F7717000 - nv_agp.sys F72A4000 - Mup.sys F7A50000 - giveio.sys F7537000 - \SystemRoot\System32\DRIVERS\amdk7.sys F690D000 - \SystemRoot\System32\DRIVERS\serial.sys F797F000 - \SystemRoot\System32\DRIVERS\serenum.sys F68F9000 - \SystemRoot\System32\DRIVERS\parport.sys F7547000 - \SystemRoot\System32\DRIVERS\i8042prt.sys F777F000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F7787000 - \SystemRoot\System32\DRIVERS\mouclass.sys F778F000 - \SystemRoot\System32\DRIVERS\usbohci.sys F68D6000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS F7797000 - \SystemRoot\System32\DRIVERS\usbehci.sys F68C4000 - \SystemRoot\System32\DRIVERS\NVENET.sys F7557000 - \SystemRoot\system32\drivers\nvax.sys F6870000 - \SystemRoot\System32\DRIVERS\slntamr.sys F779F000 - \SystemRoot\System32\DRIVERS\SlWdmSup.sys F6852000 - \SystemRoot\System32\DRIVERS\Mtlmnt5.sys F77A7000 - \SystemRoot\System32\Drivers\Modem.SYS F7567000 - \SystemRoot\System32\DRIVERS\cdrom.sys F7577000 - \SystemRoot\System32\DRIVERS\redbook.sys F682F000 - \SystemRoot\System32\DRIVERS\ks.sys F77B7000 - \SystemRoot\System32\Drivers\incdrm.SYS F77BF000 - \SystemRoot\System32\DRIVERS\InCDPass.sys F6CE4000 - \SystemRoot\System32\DRIVERS\imapi.sys F645F000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys F644B000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS F6CD4000 - \SystemRoot\System32\Drivers\tosrfcom.sys F7BC5000 - \SystemRoot\System32\DRIVERS\audstub.sys F6CC4000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F7247000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F6434000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F6CB4000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F6CA4000 - \SystemRoot\System32\DRIVERS\raspptp.sys F77C7000 - \SystemRoot\System32\DRIVERS\TDI.SYS F6423000 - \SystemRoot\System32\DRIVERS\psched.sys F6C94000 - \SystemRoot\System32\DRIVERS\msgpc.sys F77CF000 - \SystemRoot\System32\DRIVERS\ptilink.sys F77D7000 - \SystemRoot\System32\DRIVERS\raspti.sys F6C84000 - \SystemRoot\System32\DRIVERS\termdd.sys F79AF000 - \SystemRoot\System32\DRIVERS\swenum.sys F63EF000 - \SystemRoot\System32\DRIVERS\update.sys F723F000 - \SystemRoot\System32\DRIVERS\mssmbios.sys EF253000 - \SystemRoot\system32\DRIVERS\tosporte.sys EF243000 - \SystemRoot\System32\Drivers\NDProxy.SYS ED623000 - \SystemRoot\System32\DRIVERS\usbhub.sys F08CB000 - \SystemRoot\System32\DRIVERS\USBD.SYS B9E9A000 - \SystemRoot\system32\drivers\nvapu.sys B9E76000 - \SystemRoot\system32\drivers\portcls.sys ED613000 - \SystemRoot\system32\drivers\drmk.sys B51B2000 - \SystemRoot\system32\drivers\nvmcp.sys B51A1000 - \SystemRoot\system32\drivers\nvarm.sys F79AB000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS EEFBB000 - \SystemRoot\System32\Drivers\Null.SYS F79AD000 - \SystemRoot\System32\Drivers\Beep.SYS EEFB9000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys ED68E000 - \SystemRoot\System32\drivers\vga.sys F79B1000 - \SystemRoot\System32\Drivers\mnmdd.SYS F0993000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F0991000 - \SystemRoot\System32\Drivers\InCDrec.SYS B5127000 - \SystemRoot\System32\Drivers\InCDfs.SYS F77E7000 - \SystemRoot\System32\Drivers\Msfs.SYS F77EF000 - \SystemRoot\System32\Drivers\Npfs.SYS F0A03000 - \SystemRoot\System32\DRIVERS\rasacd.sys B5114000 - \SystemRoot\System32\DRIVERS\ipsec.sys B50BC000 - \SystemRoot\System32\DRIVERS\tcpip.sys B5094000 - \SystemRoot\System32\DRIVERS\netbt.sys B5034000 - \SystemRoot\System32\vsdatant.sys B5012000 - \SystemRoot\System32\drivers\afd.sys B57D9000 - \SystemRoot\System32\DRIVERS\netbios.sys F77F7000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys B4FE7000 - \SystemRoot\System32\DRIVERS\rdbss.sys B4F78000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys B57B9000 - \SystemRoot\System32\Drivers\Fips.SYS B4F57000 - \SystemRoot\System32\DRIVERS\ipnat.sys B57A9000 - \SystemRoot\system32\DRIVERS\avipbb.sys F098F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys F7AB9000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys B5789000 - \SystemRoot\System32\Drivers\Cdfs.SYS F7807000 - \SystemRoot\System32\DRIVERS\usbccgp.sys EF03F000 - \SystemRoot\System32\DRIVERS\usbscan.sys F780F000 - \SystemRoot\System32\DRIVERS\usbprint.sys EF03B000 - \SystemRoot\System32\DRIVERS\hidusb.sys B5779000 - \SystemRoot\System32\DRIVERS\HIDCLASS.SYS F7817000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS B4F3E000 - \SystemRoot\System32\Drivers\dump_nvatabus.sys F0987000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F7943000 - \SystemRoot\System32\drivers\Dxapi.sys F781F000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys F7AF6000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\nv4_disp.dll B5E19000 - \SystemRoot\System32\DRIVERS\wanarp.sys B52A3000 - \SystemRoot\System32\DRIVERS\ndisuio.sys B37B8000 - \SystemRoot\System32\DRIVERS\mrxdav.sys B377D000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys F79D9000 - \SystemRoot\System32\Drivers\ParVdm.SYS B368B000 - \SystemRoot\System32\DRIVERS\srv.sys B2B7E000 - \SystemRoot\system32\drivers\wdmaud.sys B35F3000 - \SystemRoot\system32\drivers\sysaudio.sys B2867000 - \SystemRoot\System32\Drivers\HTTP.sys BFFA0000 - \SystemRoot\System32\ATMFD.DLL F7687000 - \??\C:\WINDOWS\system32\PCAMPR5.SYS B0E10000 - \SystemRoot\system32\drivers\kmixer.sys F42C6000 - \??\C:\WINDOWS\system32\PCANDIS5.SYS AF9A5000 - \SystemRoot\System32\DRIVERS\gmer.sys F7A64000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 133 Liste des programmes installes ABBYY FineReader 5.0 Sprint Plus Adobe Flash Player 9 ActiveX Adobe Reader 8.1.2 - Français Ahead InCD Ahead InCD EasyWrite Reader Ahead Nero OEM Ahead NeroVision Express AVG Anti-Spyware 7.5 Avira AntiVir PersonalEdition Classic Barre de confiance CM-CIC Bluetooth Stack for Windows by Toshiba Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows XP (KB914440) Correctif Windows XP - KB873339 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 EVEREST Home Edition v2.20 Extension Système de Microsoft Money Free Mp3 Wma Converter V 1.6.3 GIMP 2.4.5 Google Earth HijackThis 2.0.2 Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) Lecteur Windows Media 11 Lexmark X6100 Series livebox Ma-Config.com plugin Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money Microsoft National Language Support Downlevel APIs Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Word 2002 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Lecteur Windows Media 8 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933729) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB938127) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour de sécurité pour Windows XP (KB941202) Mise à jour de sécurité pour Windows XP (KB941568) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB941644) Mise à jour de sécurité pour Windows XP (KB943055) Mise à jour de sécurité pour Windows XP (KB943460) Mise à jour de sécurité pour Windows XP (KB943485) Mise à jour de sécurité pour Windows XP (KB944533) Mise à jour de sécurité pour Windows XP (KB944653) Mise à jour de sécurité pour Windows XP (KB946026) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB938828) Mise à jour pour Windows XP (KB942763) Mise à jour pour Windows XP (KB942840) Mozilla Firefox (2.0.0.13) Navigateur Orange NVIDIA Audio Driver NVIDIA Drivers NVIDIA Ethernet Driver NVIDIA Gart Driver NvMixer OpenOffice.org 2.3 Orange - Logiciels Internet OS Pack Works Suite Print to Fax Smart Link 56K Modem SpeedFan (remove only) Spelling Dictionaries Support For Adobe Reader 8 Sélecteur d'installation de Microsoft Works Suite 2003 TuneUp Utilities 2008 VirginMega.Fr Premium WebFldrs XP Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 2 ZoneAlarm Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6890-BC62 Répertoire de C:\Program Files 29/03/2008 12:23 <REP> . 29/03/2008 12:23 <REP> .. 10/02/2008 10:24 <REP> ABBYY FineReader 5.0 Sprint 22/02/2008 19:48 <REP> Adobe 16/03/2008 20:41 <REP> Ahead 09/03/2008 13:55 <REP> Alwil Software 09/03/2008 14:03 <REP> Avira 10/02/2008 10:01 <REP> BarreConfCMCIC 29/03/2008 12:05 <REP> Club-Internet 09/02/2008 20:03 <REP> Common Files 29/03/2008 12:23 <REP> Fichiers communs 16/02/2008 12:35 <REP> Free Audio Pack 22/03/2008 23:13 <REP> GIMP-2.0 09/03/2008 08:40 <REP> Google 11/02/2008 19:45 <REP> Grisoft 23/03/2008 09:34 <REP> Internet Explorer 07/03/2008 18:39 <REP> Lavalys 15/03/2008 18:25 <REP> Lexmark X6100 Series 24/03/2008 09:02 <REP> ma-config.com 17/02/2008 19:42 <REP> messenger 09/02/2008 19:15 <REP> microsoft frontpage 10/02/2008 10:18 <REP> Microsoft Money 26/02/2008 12:24 <REP> Microsoft Office 06/03/2008 20:15 <REP> Microsoft Works 10/02/2008 10:13 <REP> Microsoft Works Suite 2003 06/03/2008 19:22 <REP> Motive 16/02/2008 08:18 <REP> Movie Maker 29/03/2008 13:28 <REP> Mozilla Firefox 09/02/2008 19:13 <REP> MSN 09/02/2008 19:12 <REP> MSN Gaming Zone 16/02/2008 08:16 <REP> NetMeeting 24/03/2008 09:23 <REP> NVIDIA Corporation 10/02/2008 16:45 <REP> OpenOffice.org 2.3 29/03/2008 12:24 <REP> Orange 17/02/2008 19:41 <REP> Outlook Express 29/03/2008 12:16 <REP> SAGEM 29/03/2008 12:08 <REP> Securitoo 09/02/2008 19:13 <REP> Services en ligne 29/03/2008 12:00 <REP> SpeedFan 12/03/2008 18:11 <REP> Spybot - Search & Destroy 10/03/2008 20:18 <REP> Toshiba 24/02/2008 14:18 <REP> Trend Micro 15/03/2008 13:59 <REP> TuneUp Utilities 2008 20/03/2008 19:42 <REP> VirginMega 16/03/2008 17:31 <REP> Warcraft III 22/02/2008 22:29 <REP> Windows Media Connect 2 06/03/2008 18:38 <REP> Windows Media Player 16/02/2008 08:15 <REP> Windows NT 09/02/2008 19:15 <REP> xerox 10/02/2008 08:21 <REP> Zone Labs 0 fichier(s) 0 octets 50 Rép(s) 134 405 873 664 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6890-BC62 Répertoire de C:\Program Files\fichiers communs 29/03/2008 12:23 <REP> . 29/03/2008 12:23 <REP> .. 22/02/2008 19:48 <REP> Adobe 16/03/2008 20:38 <REP> Ahead 26/02/2008 12:24 <REP> Designer 29/03/2008 12:23 <REP> France Telecom 24/03/2008 09:20 <REP> InstallShield 06/03/2008 20:15 <REP> Microsoft Shared 06/03/2008 19:36 <REP> Motive 09/02/2008 19:13 <REP> MSSoap 24/03/2008 09:23 <REP> NVIDIA Shared 12/03/2008 06:27 <REP> ODBC 09/02/2008 19:13 <REP> Services 09/02/2008 18:54 <REP> SpeechEngines 17/02/2008 19:41 <REP> System 07/03/2008 23:14 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 16 Rép(s) 134 405 873 664 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6890-BC62 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 26/02/2008 12:24 <REP> . 26/02/2008 12:24 <REP> .. 26/02/2008 12:24 <REP> 1033 26/02/2008 12:24 <REP> 1036 15/02/2001 05:45 1 318 912 MSONSEXT.DLL 13/02/2001 08:23 58 784 MSOSV.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 07/03/2001 09:00 127 033 MSOWS40c.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 22/01/2001 03:25 69 632 PKMAXCTL.DLL 22/01/2001 03:25 872 448 PKMCDO.DLL 22/01/2001 03:25 159 744 PKMCORE.DLL 07/02/2001 09:59 106 496 PKMFORMS.DLL 12/02/2001 04:03 684 032 PKMRES.DLL 22/01/2001 03:25 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 22/01/2001 03:25 24 576 PKMTRACE.DLL 22/01/2001 03:25 86 016 PKMWS.DLL 22/01/2001 03:25 237 568 PROMDEMO.DLL 22/01/2001 03:25 184 320 SECMGR.DLL 22/01/2001 03:25 323 584 VAIDDMGR.DLL 22/01/2001 03:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 134 405 873 664 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 6890-BC62 Répertoire de C:\Program Files\common files 09/02/2008 20:03 <REP> . 09/02/2008 20:03 <REP> .. 29/03/2008 12:04 <REP> Motive 0 fichier(s) 0 octets 3 Rép(s) 134 405 869 568 octets libres c:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe c:\Documents and Settings\denis\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\denis\Application Data\U3\temp\Launchpad Removal.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\gzip.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\md5sums.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\sigcheck.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\denis\Bureau\DiagHelp\DiagHelp\tar.exe c:\Documents and Settings\denis\Bureau\gmer\gmer.exe c:\Documents and Settings\denis\Bureau\logiciels\Google Updater.exe c:\Documents and Settings\denis\Bureau\logiciels\openoffice-org_openoffice.org_2.3.1_francais_10677.exe c:\Documents and Settings\denis\Bureau\logiciels\WLinstaller.exe c:\Documents and Settings\denis\Bureau\logiciels\compression de fichiers\install_Winrar_.exe c:\Documents and Settings\denis\Bureau\logiciels\compression de fichiers\install_WinZip_.exe c:\Documents and Settings\denis\Bureau\logiciels\compression de fichiers\quickzip.exe c:\Documents and Settings\denis\Bureau\logiciels\Drivers\4.62_nforce_audio_winxp2k_international_whql.exe c:\Documents and Settings\denis\Bureau\logiciels\Drivers\6.86_nforce_win2kxp_international_whql.exe c:\Documents and Settings\denis\Bureau\logiciels\Drivers\9.64_nforce_winxp_international_whql.exe c:\Documents and Settings\denis\Bureau\logiciels\Drivers\93.71_forceware_winxp2k_international_whql.exe c:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\unins000.exe c:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe c:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\Free CD Ripper\aspi32.exe c:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe c:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\FreeConverter\FreeConverter.exe c:\Documents and Settings\denis\Bureau\logiciels\free converter\Setup_FreeConverter.exe c:\Documents and Settings\denis\Bureau\logiciels\Internet Explorer\IE7-WindowsXP-x86-fra(2).exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\java.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\javacpl.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\java-rmi.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\javaw.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\javaws.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\jucheck.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\jusched.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\keytool.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\kinit.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\klist.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\ktab.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\orbd.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\pack200.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\policytool.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\rmid.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\rmiregistry.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\servertool.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\tnameserv.exe c:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\unpack200.exe c:\Documents and Settings\denis\Bureau\logiciels\MSN\INSTALL_MSN_MESSENGER_NT.EXE c:\Documents and Settings\denis\Bureau\logiciels\OpenOffice.org 2.3 Installation Files\instmsia.exe c:\Documents and Settings\denis\Bureau\logiciels\OpenOffice.org 2.3 Installation Files\instmsiw.exe c:\Documents and Settings\denis\Bureau\logiciels\OpenOffice.org 2.3 Installation Files\setup.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\BarreConfCMCIC.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\setupfre.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\WinXP_FR_HOM_BF.EXE c:\Documents and Settings\denis\Bureau\logiciels\protection\ANTIVIRUS\antivir-personal-edition-7_antivir_personal_edition_classic_7_7.06.00.270_anglais_10821.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\AVG anti spyware\avg-anti-spyware_avg_anti-spyware_7.5.1.36_francais_27645.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\java.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\javacpl.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\java-rmi.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\javaw.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\javaws.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\jucheck.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\jusched.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\keytool.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\kinit.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\klist.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\ktab.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\orbd.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\pack200.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\policytool.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\rmid.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\rmiregistry.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\servertool.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\tnameserv.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\unpack200.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\everesthome220.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\AdAdware\aaw2007.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\aswclnr.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\setupfre.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashAvast.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashBug.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashChest.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashDisp.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashLogV.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashMaiSv.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashPopWz.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashQuick.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashServ.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashSimp2.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashSimpl.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashSkPcc.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashSkPck.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashUpd.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ashWebSv.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\aswRegSvr.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\aswUpdSv.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\copyx64.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\sched.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\VisthAux.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\VisthLic.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\VisthUpd.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\désinstalation avast\aswclear.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\SpybotS&D\spybotsd15.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\everest\everesthome220.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\HJTInstall.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\access.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\DiskDoctor.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\DiskExplorer.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\DriveDefrag.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\Integrator.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\MemOptimizer.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\OneClick.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\PMLauncher.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\ProcessManager.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\RegistryCleaner.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\RegistryDefrag.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\RegistryDefragHelper.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\RegistryEditor.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\RepairWizard.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\RescueCenter.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\Shredder.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\SilentUpdater.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\StartUpManager.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\SystemControl.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\SystemInformation.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\SystemOptimizer.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\TU2008TrialFR.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\TUMessages.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\Undelete.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\UninstallManager.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\UpdateWizard.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\WinStyler.exe c:\Documents and Settings\denis\Bureau\logiciels\protection\zone alarm\zaSetup_fr.exe c:\Documents and Settings\denis\Bureau\logiciels\retouche photo\gimp-2.4.5-i686-setup.exe c:\Documents and Settings\denis\Bureau\logiciels\Speed fan\installspeedfan432.exe c:\Documents and Settings\denis\Local Settings\Temp\_isB.exe c:\Documents and Settings\denis\Local Settings\Temp\matcleanup.exe c:\Documents and Settings\denis\Local Settings\Temp\MCCCleanup.exe c:\Documents and Settings\denis\Local Settings\Temp\setup_wm.exe c:\Documents and Settings\denis\Local Settings\Temp\war3_Install.exe c:\Documents and Settings\denis\Local Settings\Temp\WMC0000.tmp\WMPAU.exe c:\Documents and Settings\denis\Local Settings\Temp\~nsu.tmp\Au_.exe c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\components\FoxyTunes.dll c:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_SAM.tar.gz a l'adresse http://upload.malekal.com scan htj du 29032008 à 14h07 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:06:57, on 29/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Orange\systray\systrayapp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Orange\Launcher\Launcher.exe C:\Program Files\Orange\connectivity\connectivitymanager.exe C:\Program Files\Orange\Deskboard\deskboard.exe C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-internet.fr/welcome/?varcl...;version=501573 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [systrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203021963265 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 7773 bytes j'attend avec impatience le résultat. pour info j'ai changé de FAI club-internet pour orange (j'ai fais la mise à jour sur le site Zebulon) à plus.

bonsoir angélique merci pour ta réponse j'ai décoché la case "search for Rootkidts before scan" dans additional setting et lancé un scan (beaucoup plus complet à mon avis) pas de blocage, des découvertes de "Warning" dont je n'ai pas plus d'explications !!!! je t'envoie le rapport mais après je n'ai que le choix de fermer. ok plus de blocage mais dû à quoi? 33 warning !!! et ensuite ? si tu peux m'aiguiller sur une piste ou un autre endroit pour chercher je t'en serais reconnaissant. (comment analysre / interpréter un scan et que faire!!!) AntiVir PersonalEdition Classic Report file date: mercredi 26 mars 2008 18:36 Scanning for 1167464 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: SAM Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:07:25 ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 15:16:00 ANTIVIR3.VDF : 7.0.3.79 91648 Bytes 26/03/2008 17:32:43 AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 19/03/2008 17:56:18 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 09/03/2008 13:07:26 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: medium Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Start of the scan: mercredi 26 mars 2008 18:36 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'firefox.exe' - '1' Module(s) have been scanned Scan process 'msmsgs.exe' - '1' Module(s) have been scanned Scan process 'msimn.exe' - '1' Module(s) have been scanned Scan process 'TosBtHSP.exe' - '1' Module(s) have been scanned Scan process 'TosA2dp.exe' - '1' Module(s) have been scanned Scan process 'mpbtn.exe' - '1' Module(s) have been scanned Scan process 'TosBtMng.exe' - '1' Module(s) have been scanned Scan process 'speedfan.exe' - '1' Module(s) have been scanned Scan process 'lanceur.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'NvMixerTray.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'CFD.exe' - '1' Module(s) have been scanned Scan process 'InCD.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avgas.exe' - '1' Module(s) have been scanned Scan process 'zlclient.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'slserv.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'incdsrv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned Scan process 'vsmon.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 41 processes with 41 modules were scanned Starting master boot sector scan: Master boot sector HD0 [NOTE] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\Program Files\Ahead\InCD\ C:\Program Files\BroadJump\Client Foundation\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ActiveScan\ C:\WINDOWS\system32\ActiveScan\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ActiveScan\ C:\WINDOWS\system32\ActiveScan\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\WINDOWS\system32\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ C:\Program Files\Club-Internet\Dr Club Internet\bin\ The registry was scanned ( '33' files ). Starting the file scan: Begin scan in 'C:\' C:\ C:\pagefile.sys [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\$CTJTMP\ C:\Documents and Settings\All Users\Application Data\ C:\Documents and Settings\All Users\Application Data\Adobe\Acrobat\8.0\Replicate\Security\ C:\Documents and Settings\All Users\Application Data\Adobe\Updater5\ C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\ C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\ C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\EVENTDB\ C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\ C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\ C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\LOGFILES\ C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\ C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\REPORTS\ C:\Documents and Settings\All Users\Application Data\Downloaded Installations\{49C0DA05-1C69-45CA-9951-74B075932855}\ C:\Documents and Settings\All Users\Application Data\Google\Custom Buttons\ C:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\ C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\update\backup\Lang\ C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\update\backup\skin\ C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\update\new\Lang\ C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\update\new\skin\ C:\Documents and Settings\All Users\Application Data\Lavasoft\License\ C:\Documents and Settings\All Users\Application Data\Lavasoft\MiniMessage\ C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18\ C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\ C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\ C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\ C:\Documents and Settings\All Users\Application Data\Microsoft\Money\11.0\Webcache\ C:\Documents and Settings\All Users\Application Data\Microsoft\Money\11.0\Webcache\Home\ C:\Documents and Settings\All Users\Application Data\Microsoft\Money\11.0\Webcache\Images\ C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\ C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\ C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\ C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\Default Pictures\ C:\Documents and Settings\All Users\Application Data\Microsoft\Works\ C:\Documents and Settings\All Users\Application Data\Motive\ C:\Documents and Settings\All Users\Application Data\MotiveSysIDs\ C:\Documents and Settings\All Users\Application Data\MSN6\ C:\Documents and Settings\All Users\Application Data\NVIDIA\ C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs\ C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallOverride.zip [0] Archive type: ZIP --> sbRecovery.reg [WARNING] The archive is encrypted [WARNING] The archive is encrypted C:\Documents and Settings\All Users\Application Data\TEMP C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\Web\ C:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\ C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage\data\ C:\Documents and Settings\All Users\Bureau\ C:\Documents and Settings\All Users\Documents\ C:\Documents and Settings\All Users\Documents\Ma musique\ C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\ C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\27598E1\ C:\Documents and Settings\All Users\Documents\Mes images\ C:\Documents and Settings\All Users\Documents\Mes vidéos\ C:\Documents and Settings\All Users\DRM\ C:\Documents and Settings\All Users\DRM\Cache\ C:\Documents and Settings\All Users\Menu Démarrer\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ABBYY FineReader Tools\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Accessibilité\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Divertissement\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires\Outils système\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVir PersonalEdition Classic\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG Anti-Spyware 7.5\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Bluetooth\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Club-Internet\Assistance\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Club-Internet\Lanceur\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Free Audio Pack\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GIMP\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavalys\EVEREST Home Edition\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lexmark X6100 Series\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Ma-Config.com\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\Manuels d'Utilisation\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\Nero OEM\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\Nero Toolkit\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero\NeroVision Express 2 SE\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\NVIDIA Corporation\NvMixer\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\OpenOffice.org 2.3\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils Microsoft Office\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TuneUp Utilities 2008\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TuneUp Utilities 2008\Utilities\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VirginMega\VirginMega Premium\ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZoneAlarm\ C:\Documents and Settings\All Users\Modèles\ C:\Documents and Settings\Default User\ C:\Documents and Settings\Default User\Application Data\ C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\ C:\Documents and Settings\Default User\Cookies\ C:\Documents and Settings\Default User\Local Settings\ C:\Documents and Settings\Default User\Local Settings\Historique\ C:\Documents and Settings\Default User\Local Settings\Historique\History.IE5\ C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\ C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\ C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\05YN41UV\ C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\8XUNK9AJ\ C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\O9EN856B\ C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\WTQ30PYV\ C:\Documents and Settings\Default User\Menu Démarrer\ C:\Documents and Settings\Default User\Menu Démarrer\Programmes\ C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Accessoires\ C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Accessoires\Accessibilité\ C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Accessoires\Divertissement\ C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\ C:\Documents and Settings\Default User\Modèles\ C:\Documents and Settings\Default User\SendTo\ C:\Documents and Settings\denis\ C:\Documents and Settings\denis\NTUSER.DAT [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\denis\ntuser.dat.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\denis\.gimp-2.4\ C:\Documents and Settings\denis\Application Data\ C:\Documents and Settings\denis\Application Data\Adobe\Acrobat\8.0\ C:\Documents and Settings\denis\Application Data\Adobe\Acrobat\8.0\JavaScripts\ C:\Documents and Settings\denis\Application Data\Ahead\Nero\Nero StartSmart\temp\ C:\Documents and Settings\denis\Application Data\Google\GoogleEarth\ C:\Documents and Settings\denis\Application Data\Grisoft\AVG Antispyware 7.5\Reports\ C:\Documents and Settings\denis\Application Data\ma-config.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\earth.google.com\datastore.swf\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\fr.youtube.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\iayes.pagesjaunes.fr\Contener.swf\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\images.soapbox.msn.com\flash\soapbox1_1.swf\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\pagead2.googlesyndication.com\pagead\googleadplayer.swf\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\ssl-images-amazon.com\images\I\01PH5-tUHPL.swf\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\wat.tv\images\v2.5\flash\player.swf\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\www.miniclip.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\www.miniclip.com\swfcontent\components\highscore_v1.5.swf\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\#SharedObjects\2QLZ48P8\www.youtube.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#fr.youtube.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iayes.pagesjaunes.fr\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#images.soapbox.msn.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#pagead2.googlesyndication.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#ssl-images-amazon.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#wat.tv\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.miniclip.com\ C:\Documents and Settings\denis\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.youtube.com\ C:\Documents and Settings\denis\Application Data\Microsoft\Address Book\ C:\Documents and Settings\denis\Application Data\Microsoft\Credentials\S-1-5-21-1801674531-764733703-839522115-1004\ C:\Documents and Settings\denis\Application Data\Microsoft\CryptnetUrlCache\Content\ C:\Documents and Settings\denis\Application Data\Microsoft\CryptnetUrlCache\MetaData\ C:\Documents and Settings\denis\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1801674531-764733703-839522115-1004\ C:\Documents and Settings\denis\Application Data\Microsoft\HTML Help\ C:\Documents and Settings\denis\Application Data\Microsoft\Internet Explorer\ C:\Documents and Settings\denis\Application Data\Microsoft\Internet Explorer\Quick Launch\ C:\Documents and Settings\denis\Application Data\Microsoft\Media Player\ C:\Documents and Settings\denis\Application Data\Microsoft\MMC\ C:\Documents and Settings\denis\Application Data\Microsoft\Modèles\ C:\Documents and Settings\denis\Application Data\Microsoft\MSN Messenger\0\ C:\Documents and Settings\denis\Application Data\Microsoft\MSN Messenger\3475834072\ C:\Documents and Settings\denis\Application Data\Microsoft\Office\ C:\Documents and Settings\denis\Application Data\Microsoft\Office\Fichiers récents\ C:\Documents and Settings\denis\Application Data\Microsoft\Proof\ C:\Documents and Settings\denis\Application Data\Microsoft\Protect\ C:\Documents and Settings\denis\Application Data\Microsoft\Protect\S-1-5-21-1801674531-764733703-839522115-1004\ C:\Documents and Settings\denis\Application Data\Microsoft\Windows\Themes\ C:\Documents and Settings\denis\Application Data\Microsoft\Windows Messenger\3475834072\ C:\Documents and Settings\denis\Application Data\Microsoft\Word\ C:\Documents and Settings\denis\Application Data\Microsoft\Épreuve\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\parent.lock [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\bookmarkbackups\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\chrome\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\contenthandling\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\custombuttons\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\lib\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\chrome\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\chrome\icons\default\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\components\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\defaults\preferences\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\META-INF\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}\chrome\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}\defaults\preferences\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\FoxyTunes\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\GoogleToolbarData\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\GoogleToolbarData\feeds\ C:\Documents and Settings\denis\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\searchplugins\ C:\Documents and Settings\denis\Application Data\MSN6\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\autotext\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\basic\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\basic\Standard\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\soffice.cfg\global\accelerator\fr\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\soffice.cfg\modules\scalc\accelerator\fr\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\soffice.cfg\modules\scalc\toolbar\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\soffice.cfg\modules\sdraw\accelerator\fr\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\soffice.cfg\modules\simpress\accelerator\fr\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\soffice.cfg\modules\smath\accelerator\fr\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\soffice.cfg\modules\swriter\accelerator\fr\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\config\soffice.cfg\modules\swriter\toolbar\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\database\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\database\biblio\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\gallery\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\registry\cache\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\registry\data\org\openoffice\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\registry\data\org\openoffice\Office\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\registry\data\org\openoffice\Office\UI\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\registry\data\org\openoffice\ucb\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\uno_packages\cache\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.configuration.PackageRegistryBackend\ C:\Documents and Settings\denis\Application Data\OpenOffice.org2\user\wordbook\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\Backups\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\StartUp Manager\Objets désactivés\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\TuneUp Registry Editor\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\BootScreens\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\BootScreens\Cache\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\IconPacks\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\IconPacks\Cache\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\ C:\Documents and Settings\denis\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Cache\ C:\Documents and Settings\denis\Application Data\U3\temp\ C:\Documents and Settings\denis\Bureau\ C:\Documents and Settings\denis\Bureau\ancien pc\blagues\ C:\Documents and Settings\denis\Bureau\ancien pc\COURRIERS VALIDES\ C:\Documents and Settings\denis\Bureau\ancien pc\fanfan\ C:\Documents and Settings\denis\Bureau\ancien pc\fanfan\COURRIERS SPECIFIQUES\ C:\Documents and Settings\denis\Bureau\ancien pc\fanfan\COURRIERS VALIDES\ C:\Documents and Settings\denis\Bureau\ancien pc\fanfan\portable fanfan\ C:\Documents and Settings\denis\Bureau\ancien pc\fanfan\RECRUTEMENT 2008\ C:\Documents and Settings\denis\Bureau\ancien pc\PAPA\ C:\Documents and Settings\denis\Bureau\cd sandrine\ C:\Documents and Settings\denis\Bureau\comptes\ C:\Documents and Settings\denis\Bureau\dossier diaporama\ C:\Documents and Settings\denis\Bureau\fiches quentin\ C:\Documents and Settings\denis\Bureau\logement sociaux\ C:\Documents and Settings\denis\Bureau\logement sociaux\fiche logement mob réduite 44_fichiers\ C:\Documents and Settings\denis\Bureau\logiciels\ C:\Documents and Settings\denis\Bureau\logiciels\Drivers\ C:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\ C:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\Easy Audio Cutter\ C:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\Easy Audio Cutter\Lang\ C:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\Free CD Ripper\ C:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\Free CD Ripper\Images\ C:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\Free CD Ripper\Lang\ C:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\FreeConverter\ C:\Documents and Settings\denis\Bureau\logiciels\Free Audio Pack\FreeConverter\Lang\ C:\Documents and Settings\denis\Bureau\logiciels\free converter\ C:\Documents and Settings\denis\Bureau\logiciels\Internet Explorer\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\bin\client\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\cmm\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\deploy\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\ext\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\fonts\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\i386\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\im\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\images\cursors\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\management\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\security\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Africa\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\America\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\America\Argentina\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\America\Indiana\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\America\Kentucky\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\America\North_Dakota\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Antarctica\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Asia\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Atlantic\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Australia\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Etc\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Europe\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Indian\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\Pacific\ C:\Documents and Settings\denis\Bureau\logiciels\Java\jre1.6.0\lib\zi\SystemV\ C:\Documents and Settings\denis\Bureau\logiciels\OpenOffice.org 2.3 Installation Files\ C:\Documents and Settings\denis\Bureau\logiciels\OpenOffice.org 2.3 Installation Files\licenses\ C:\Documents and Settings\denis\Bureau\logiciels\OpenOffice.org 2.3 Installation Files\readmes\ C:\Documents and Settings\denis\Bureau\logiciels\protection\ C:\Documents and Settings\denis\Bureau\logiciels\protection\ANTIVIRUS\ C:\Documents and Settings\denis\Bureau\logiciels\protection\AVG anti spyware\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\bin\client\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\cmm\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\deploy\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\ext\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\fonts\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\i386\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\im\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\images\cursors\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\management\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\security\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Africa\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\America\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\America\Argentina\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\America\Indiana\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\America\Kentucky\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\America\North_Dakota\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Antarctica\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Asia\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Atlantic\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Australia\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Etc\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Europe\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Indian\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\Pacific\ C:\Documents and Settings\denis\Bureau\logiciels\protection\Java\jre1.6.0\lib\zi\SystemV\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\AdAdware\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\DATA\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\DATA\chest\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\DATA\integ\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\DATA\log\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\DATA\report\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\DATA\Skin\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\FRENCH\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\FRENCH\HELP\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\FRENCH\HtmlData\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\images\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\Setup\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\Setup\INF\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\Setup\INF\AMD64\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\Avast4\Setup\INF\IA64\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\Alwil Software\désinstalation avast\ C:\Documents and Settings\denis\Bureau\logiciels\protection\logiciels non instalés\SpybotS&D\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\everest\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\analyse scan 060308_fichiers\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\analyse scan 060308_fichiers\ads_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\analyse scan 080308_fichiers\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\analyse scan 080308_fichiers\ads_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\demarrage mode sans echec_fichiers\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon 090308 15h32_fichiers\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon 090308 15h32_fichiers\ads_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon 090308 15h32_fichiers\ban_728x90_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon 090308 15h32_fichiers\ban_728x90_data\AP_ADV_728x90_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon 090308 15h32_fichiers\ban_728x90_data\AP_ADV_728x90_data\AP_CPL_728x90_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon 090308 15h32_fichiers\hp_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon_fichiers\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon_fichiers\ads_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon_fichiers\ban_728x90_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon_fichiers\ban_728x90_data\AP_ADV_728x90_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon_fichiers\ban_728x90_data\AP_ADV_728x90_data\AP_CPL_728x90_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\scan et log\Hijack This\reponce apolo zebulon_fichiers\hp_data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\ C:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\Data\ C:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\Data\Integrator\ C:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\Data\Integrator\modules\ C:\Documents and Settings\denis\Bureau\logiciels\protection\TuneUp Utilities 2008\TuneUp Shop achat et activation_fichiers\ C:\Documents and Settings\denis\Bureau\logiciels\protection\zone alarm\ C:\Documents and Settings\denis\Bureau\logiciels\retouche photo\ C:\Documents and Settings\denis\Bureau\MAMAN\ C:\Documents and Settings\denis\Bureau\MAMAN\portable fanfan\ C:\Documents and Settings\denis\Bureau\MAMAN\REGIME DENIS\ C:\Documents and Settings\denis\Bureau\musique papa\ C:\Documents and Settings\denis\Bureau\musique papa\acdc mp3\CD1\ C:\Documents and Settings\denis\Bureau\musique papa\acdc mp3\CD2\ C:\Documents and Settings\denis\Bureau\musique papa\acdc mp3\CD3\ C:\Documents and Settings\denis\Bureau\musique papa\acdc mp3\CD4\ C:\Documents and Settings\denis\Bureau\musique papa\acdc mp3\CD5\ C:\Documents and Settings\denis\Bureau\musique papa\Airbourne - Runnin' Wild 2007\ C:\Documents and Settings\denis\Bureau\musique papa\Alvin Lee - Saguitar 2007\ C:\Documents and Settings\denis\Bureau\musique papa\Alvin Lee - Saguitar 2007\Disc\ C:\Documents and Settings\denis\Bureau\musique papa\chris réa\Chris Rea live cd2\ C:\Documents and Settings\denis\Bureau\musique papa\Coheed_And_Cambria-No_World_For_Tomorrow-2007-FNT\ C:\Documents and Settings\denis\Bureau\musique papa\cold year of the spider\ C:\Documents and Settings\denis\Bureau\musique papa\Crashdiet - (2005) Rest In Sleaze (VBR 256kbps)\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\Deep Purple - (1997) Machine Head 25th Anniversary (VBR 192) by Aerosmith [spanishare Hard AOR]\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\Deep Purple - (1997) Machine Head 25th Anniversary (VBR 192) by Aerosmith [spanishare Hard AOR]\cd1\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\Deep Purple - (1997) Machine Head 25th Anniversary (VBR 192) by Aerosmith [spanishare Hard AOR]\cd2\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\Deep Purple - Live at The Olympia 96 [www.osiolek.com]\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\Deep Purple - Live at The Olympia 96 [www.osiolek.com]\cd1\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\Deep Purple - Live at The Olympia 96 [www.osiolek.com]\cd2\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\Made in Japan cd2 the Encore\ C:\Documents and Settings\denis\Bureau\musique papa\Deep Purple\Shades of Deep Purple\ C:\Documents and Settings\denis\Bureau\musique papa\Def_Leppard-Yeah-(Retail)-2006-RNS\ C:\Documents and Settings\denis\Bureau\musique papa\Dio - Holy Diver Live - 2006 - www.zonaheavymetal.com\ C:\Documents and Settings\denis\Bureau\musique papa\Dream Theater - Systematic Chaos (2007)\ C:\Documents and Settings\denis\Bureau\musique papa\fastway\ C:\Documents and Settings\denis\Bureau\musique papa\G3 Joe Satriani-Steve Vai-John Petrucci live in tokyo\ C:\Documents and Settings\denis\Bureau\musique papa\Green Day - American Idiot - Album\ C:\Documents and Settings\denis\Bureau\musique papa\Heaven_And_Hell-Live_Radio_City_Music_Hall-2CD-2007-QTXMp3\ C:\Documents and Settings\denis\Bureau\musique papa\Ingwie Malmsteen\instrumental best album\ C:\Documents and Settings\denis\Bureau\musique papa\Ingwie Malmsteen\marching out\ C:\Documents and Settings\denis\Bureau\musique papa\Ingwie Malmsteen\trilogy\ C:\Documents and Settings\denis\Bureau\musique papa\John Fogerty - Revival\ C:\Documents and Settings\denis\Bureau\musique papa\Kiss_-_MTV_Unplugged_MP3_160+Covers_EMG_www.elitemusic.org\ C:\Documents and Settings\denis\Bureau\musique papa\Krokus.fire and gasoline\ C:\Documents and Settings\denis\Bureau\musique papa\MSG (McAuley Schenker Group) - Unplugged Live (1993)[92] (+Japanese bonus tracks)[+booklet] by ZIGNUS X1\ C:\Documents and Settings\denis\Bureau\musique papa\MSG (McAuley Schenker Group) - Unplugged Live (1993)[92] (+Japanese bonus tracks)[+booklet] by ZIGNUS X1\Artwork\ C:\Documents and Settings\denis\Bureau\musique papa\Métal Heart\ C:\Documents and Settings\denis\Bureau\musique papa\nickelback\ C:\Documents and Settings\denis\Bureau\musique papa\Ozzy_Osbourne__Randy_Rhoads-Tribute-2002-0MNi_(04-09)\ C:\Documents and Settings\denis\Bureau\musique papa\Richie Sambora - Undiscovered Soul (full album 192 kbps)\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\01 - 1979 - Saxon\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\02 - 1980 - Wheels Of Steel\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\03 - 1980 - Strong Arm Of The Law\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\04 - 1981 - Denim And Leather\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\05 - 1982 - The Eagle Has Landed\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\06 - 1983 - Power And The Glory\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\07 - 1984 - Crusader\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\08 - 1985 - Innocence Is No Excuse\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\09 - 1986 - Rock The Nations\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\10 - 1988 - Destiny\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\11 - 1989 - Rock 'N' Roll Gypsies\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\20 - 1999 - Metalhead\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\21 - 2000 - Live....In The Raw\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\22 - 2001 - Killing Ground\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\23 - 2002 - Heavy Metal Thunder\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\DENIM AND LEATHER\ C:\Documents and Settings\denis\Bureau\musique papa\SAXON\Saxon - The Inner Sanctum 2007\ C:\Documents and Settings\denis\Bureau\musique papa\Sirenia. at sixes and sevens\ C:\Documents and Settings\denis\Bureau\musique papa\skid row Slave to the Grind\ C:\Documents and Settings\denis\Bureau\musique papa\Sue Foley & Deborah Coleman & Roxanne Potvin\ C:\Documents and Settings\denis\Bureau\musique papa\TESLA\ C:\Documents and Settings\denis\Bureau\musique papa\TESLA\Tesla - real to reel (2007)\ C:\Documents and Settings\denis\Bureau\musique papa\TESLA\Tesla - Standing Room Only (Live) (OK)\ C:\Documents and Settings\denis\Bureau\musique papa\The Best of John Mayall &the bluesbreakers.vbr\ C:\Documents and Settings\denis\Bureau\musique papa\The Order - Metal Casino 2007 MP3 VBR by RocknWhisky ROCKFORCE\ C:\Documents and Settings\denis\Bureau\musique papa\The_Eagles-Long_Road_Out_Of_Eden-2CD-2007\ C:\Documents and Settings\denis\Bureau\musique papa\W.A.S.P - Dominator(2007)\ C:\Documents and Settings\denis\Bureau\Raccourcis Bureau non utilisés\ C:\Documents and Settings\denis\Bureau\usb papa\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\Acrobate Reader\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\BMP\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\GIF\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\html\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\JPEG\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\Nouveau dossier\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\PPS\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\PPT\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\WMV\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\WORD\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\WORD\blagues\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\WORD\maison\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\XLS\ C:\Documents and Settings\denis\Bureau\usb papa\blagues\ZIP\ C:\Documents and Settings\denis\Bureau\usb papa\dossier clef usb chat\ C:\Documents and Settings\denis\Bureau\usb papa\dossier clef usb chat\2007-07-17-0929-35\ C:\Documents and Settings\denis\Bureau\usb papa\dossier clef usb chat\chats\2007-04-26-2109-07\ C:\Documents and Settings\denis\Bureau\usb papa\tatoo\ C:\Documents and Settings\denis\Cookies\ C:\Documents and Settings\denis\Favoris\ C:\Documents and Settings\denis\Favoris\Emplois\ C:\Documents and Settings\denis\Favoris\Informatique\ C:\Documents and Settings\denis\Favoris\Jeux\ C:\Documents and Settings\denis\Favoris\Liens\ C:\Documents and Settings\denis\Favoris\Liens financiers\ C:\Documents and Settings\denis\Favoris\Sites Web Microsoft\ C:\Documents and Settings\denis\Local Settings\ C:\Documents and Settings\denis\Local Settings\Application Data\ C:\Documents and Settings\denis\Local Settings\Application Data\ABBYY\ScanManager\5.00\ C:\Documents and Settings\denis\Local Settings\Application Data\Adobe\Acrobat\8.0\Cache\ C:\Documents and Settings\denis\Local Settings\Application Data\Adobe\Acrobat\8.0\Updater\ C:\Documents and Settings\denis\Local Settings\Application Data\Adobe\Color\ C:\Documents and Settings\denis\Local Settings\Application Data\Adobe\Updater5\ C:\Documents and Settings\denis\Local Settings\Application Data\Adobe\Updater5\Data\ C:\Documents and Settings\denis\Local Settings\Application Data\Google\Custom Buttons\ C:\Documents and Settings\denis\Local Settings\Application Data\Google\Google Desktop\c0258d006d97\ C:\Documents and Settings\denis\Local Settings\Application Data\Google\Google Desktop\c0258d006d97\icons\ C:\Documents and Settings\denis\Local Settings\Application Data\Google\Google Desktop\c0258d006d97\safeweb\ C:\Documents and Settings\denis\Local Settings\Application Data\Google\Google Desktop\c0258d006d97-backup\ C:\Documents and Settings\denis\Local Settings\Application Data\Google\GoogleEarth\ C:\Documents and Settings\denis\Local Settings\Application Data\Google\GoogleEarth\icons\ C:\Documents and Settings\denis\Local Settings\Application Data\Google\Picasa2Albums\ C:\Documents and Settings\denis\Local Settings\Application Data\Identities\{E96BD63E-BE97-40DD-8EB3-4D18F66C0B03}\Microsoft\Outlook Express\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Feeds Cache\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Feeds Cache\736SA89Y\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Feeds Cache\HEO5SCM5\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Feeds Cache\N7BKBQT9\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Feeds Cache\Y8ETEPFZ\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Internet Explorer\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Media Player\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Media Player\MusicType1VirginMegaFr\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Media Player\MusicType1VirginMegaFr\fr\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Windows\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Windows Media\11.0\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Windows Media\9.0\ C:\Documents and Settings\denis\Local Settings\Application Data\Microsoft\Works\Portfolio\ C:\Documents and Settings\denis\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\ C:\Documents and Settings\denis\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\updates\ C:\Documents and Settings\denis\Local Settings\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\ C:\Documents and Settings\denis\Local Settings\Application Data\Mozilla\Firefox\Profiles\4xwlfxs1.default\Cache\ C:\Documents and Settings\denis\Local Settings\Application Data\Toshiba\BluetoothStack\V1.0\ C:\Documents and Settings\denis\Local Settings\Historique\ C:\Documents and Settings\denis\Local Settings\Historique\History.IE5\ C:\Documents and Settings\denis\Local Settings\Historique\History.IE5\MSHist012008021720080218\ C:\Documents and Settings\denis\Local Settings\Historique\History.IE5\MSHist012008032420080325\ C:\Documents and Settings\denis\Local Settings\Historique\History.IE5\MSHist012008032520080326\ C:\Documents and Settings\denis\Local Settings\Historique\History.IE5\MSHist012008032620080327\ C:\Documents and Settings\denis\Local Settings\Temp\ C:\Documents and Settings\denis\Local Settings\Temp\Perflib_Perfdata_ac8.dat [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\denis\Local Settings\Temp\conf\ C:\Documents and Settings\denis\Local Settings\Temp\fontconfig\cache\ C:\Documents and Settings\denis\Local Settings\Temp\nscC5.tmp\ C:\Documents and Settings\denis\Local Settings\Temp\nsh58E.tmp\ C:\Documents and Settings\denis\Local Settings\Temp\nsj137.tmp\ C:\Documents and Settings\denis\Local Settings\Temp\nsm4E.tmp\ C:\Documents and Settings\denis\Local Settings\Temp\nsr1D4.tmp\ C:\Documents and Settings\denis\Local Settings\Temp\testnsis\ C:\Documents and Settings\denis\Local Settings\Temp\tmp71031.WMC\ C:\Documents and Settings\denis\Local Settings\Temp\WER69a5.dir00\ C:\Documents and Settings\denis\Local Settings\Temp\WMC0000.tmp\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\AntiPhishing\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\05YN41UV\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\8XUNK9AJ\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\CRRVAKX1\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\LW8BDLK9\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\O9EN856B\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\V79JRDGW\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\WTQ30PYV\ C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\WTQ30PYV\zlsSetup_70_462_000_fr[1].exe [0] Archive type: ZIP SFX (self extracting) --> INSTMTDR.EXE [1] Archive type: ZIP SFX (self extracting) --> FILE0020.DAT [iNFO] Invalid end of file --> PROGRESS.DLL [iNFO] Invalid end of file --> WISE0001.DLL [iNFO] Invalid end of file --> W32INST.DLL [iNFO] Invalid end of file --> FILE0001.DAT [iNFO] Invalid end of file --> FILE0002.DAT [iNFO] Invalid end of file --> FILE0003.DAT [iNFO] Invalid end of file --> FILE0004.DAT [iNFO] Invalid end of file --> ASDEULA.DE [iNFO] Invalid end of file --> ASDEULA.EN [iNFO] Invalid end of file --> FILE0005.DAT [iNFO] Invalid end of file --> FILE0010.DAT [iNFO] Invalid end of file --> FILE0011.DAT [iNFO] Invalid end of file --> FILE0012.DAT [iNFO] Invalid end of file --> FILE0013.DAT [iNFO] Invalid end of file --> ADDINMON.EXE [iNFO] Invalid end of file --> DBGHELP.DLL [iNFO] Invalid end of file --> MSVCP70.DLL [iNFO] Invalid end of file --> MSVCR70.DLL [iNFO] Invalid end of file --> ASDUTIL.DLL [iNFO] Invalid end of file --> MANTISPM.EXE [iNFO] Invalid end of file --> CRSRPT.DLL [iNFO] Invalid end of file --> MLFHOOK.DLL [iNFO] Invalid end of file --> MLFOE.DLL [iNFO] Invalid end of file --> MLFOSHIM.DLL [iNFO] Invalid end of file --> MTDSDK.DLL [iNFO] Invalid end of file --> 10SECURE.DLL [iNFO] Invalid end of file --> 15HDRS.DLL [iNFO] Invalid end of file --> 20ADDRBK.DLL [iNFO] Invalid end of file --> 26FGN.DLL [iNFO] Invalid end of file --> 27PROLAB.DLL [iNFO] Invalid end of file --> 31RULES.DLL [iNFO] Invalid end of file --> 50COLLAB.DLL [iNFO] Invalid end of file --> 70CHALLN.DLL [iNFO] Invalid end of file --> 90LOGGER.DLL [iNFO] Invalid end of file --> 55BFRAUD.DLL [iNFO] Invalid end of file --> @CORPORATE@_SETTINGS.XML [iNFO] Invalid end of file --> FRAUD_DATA.XML [iNFO] Invalid end of file --> DPA_SPAM_WORDS_ENC1.XML [iNFO] Invalid end of file --> DPA_IGNORE_WORDS_ENC1.XML [iNFO] Invalid end of file --> REPEAT_IGNORE_WORDS.XML [iNFO] Invalid end of file --> REDIRECT.XML [iNFO] Invalid end of file --> NUMERIC_MATCH.XML [iNFO] Invalid end of file --> STOPWORDS_ENC1.XML [iNFO] Invalid end of file --> FEATURES.XML [iNFO] Invalid end of file --> MBMFDEU.DLL [iNFO] Invalid end of file --> MBMFENU.DLL [iNFO] Invalid end of file --> MBMFESP.DLL [iNFO] Invalid end of file --> MBMFFRA.DLL [iNFO] Invalid end of file --> MBMFITA.DLL [iNFO] Invalid end of file --> MBMFJPN.DLL [iNFO] Invalid end of file --> MBZADEU.DLL [iNFO] Invalid end of file --> MBZAENU.DLL [iNFO] Invalid end of file --> MBZAESP.DLL [iNFO] Invalid end of file --> MBZAFRA.DLL [iNFO] Invalid end of file --> MBZAITA.DLL [iNFO] Invalid end of file --> MBZAJPN.DLL [iNFO] Invalid end of file --> OEMFDEU.DLL [iNFO] Invalid end of file --> OEMFENU.DLL [iNFO] Invalid end of file --> OEMFESP.DLL [iNFO] Invalid end of file --> OEMFFRA.DLL [iNFO] Invalid end of file --> OEMFITA.DLL [iNFO] Invalid end of file --> OEMFJPN.DLL [iNFO] Invalid end of file --> OEZADEU.DLL [iNFO] Invalid end of file --> OEZAENU.DLL [iNFO] Invalid end of file --> OEZAESP.DLL [iNFO] Invalid end of file --> OEZAFRA.DLL [iNFO] Invalid end of file --> OEZAITA.DLL [iNFO] Invalid end of file --> OEZAJPN.DLL [iNFO] Invalid end of file --> OTMFDEU.DLL [iNFO] Invalid end of file --> OTMFENU.DLL [iNFO] Invalid end of file --> OTMFESP.DLL [iNFO] Invalid end of file --> OTMFFRA.DLL [iNFO] Invalid end of file --> OTMFITA.DLL [iNFO] Invalid end of file --> OTMFJPN.DLL [iNFO] Invalid end of file --> OTZADEU.DLL [iNFO] Invalid end of file --> OTZAENU.DLL [iNFO] Invalid end of file --> OTZAESP.DLL [iNFO] Invalid end of file --> OTZAFRA.DLL [iNFO] Invalid end of file --> OTZAITA.DLL [iNFO] Invalid end of file --> OTZAJPN.DLL [iNFO] Invalid end of file --> LISTLANG.TXT [iNFO] Invalid end of file --> EN_US.NGR [iNFO] Invalid end of file --> DE_DE.NGR [iNFO] Invalid end of file --> ES_ES.NGR [iNFO] Invalid end of file --> WIND.JPG [iNFO] Invalid end of file --> STATUES.JPG [iNFO] Invalid end of file --> RADIOTELE.JPG [iNFO] Invalid end of file --> PUPPY.JPG [iNFO] Invalid end of file --> PUPPIES3.JPG [iNFO] Invalid end of file --> PUPPIES.JPG [iNFO] Invalid end of file --> PENGUIN.JPG [iNFO] Invalid end of file --> PALMS.JPG [iNFO] Invalid end of file --> LIZARDS.JPG [iNFO] Invalid end of file --> KITTENS.JPG [iNFO] Invalid end of file --> JETS.JPG [iNFO] Invalid end of file --> BUNNIES.JPG [iNFO] Invalid end of file --> CATS.JPG [iNFO] Invalid end of file --> DOLPHINS.JPG [iNFO] Invalid end of file --> FISH.JPG [iNFO] Invalid end of file --> FISH4.JPG [iNFO] Invalid end of file --> FLAGS.JPG [iNFO] Invalid end of file --> GIRAFFE.JPG [iNFO] Invalid end of file --> GPIG.JPG [iNFO] Invalid end of file --> CHALLENGE.XML [iNFO] Invalid end of file --> 16XZL.ICO [iNFO] Invalid end of file --> EMAILADDR.XML [iNFO] Invalid end of file --> ASDBUY.URL [iNFO] Invalid end of file --> ASD.ICO [iNFO] Invalid end of file --> HELP.URL [iNFO] Invalid end of file --> THIRDPARTYSOFTWAREACKNOWLEDGEMENTS.TXT [iNFO] Invalid end of file --> UNWISE32.EXE [iNFO] Invalid end of file --> UNWISE.FRA [iNFO] Invalid end of file --> UNWISE.DEU [iNFO] Invalid end of file --> UNWISE.ESP [iNFO] Invalid end of file --> UNWISE.ITA [iNFO] Invalid end of file --> FILE0014.DAT [iNFO] Invalid end of file --> FILE0019.DAT [iNFO] Invalid end of file [iNFO] Invalid end of file C:\Documents and Settings\denis\Local Settings\Temporary Internet Files\Content.IE5\Y9VGXW7I\ C:\Documents and Settings\denis\Menu Démarrer\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\Accessoires\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\Accessoires\Accessibilité\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\Accessoires\Divertissement\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\Accessoires\Outils système\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\Club-Internet\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\Démarrage\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\SpeedFan\ C:\Documents and Settings\denis\Menu Démarrer\Programmes\Warcraft III\ C:\Documents and Settings\denis\Mes documents\ C:\Documents and Settings\denis\Mes documents\Bluetooth\ C:\Documents and Settings\denis\Mes documents\Ma musique\ C:\Documents and Settings\denis\Mes documents\Ma musique\Charles Aznavour\ C:\Documents and Settings\denis\Mes documents\Ma musique\Charles Aznavour\20 Chansons D'or\ C:\Documents and Settings\denis\Mes documents\Ma musique\Charles Aznavour\Bon Anniversaire Charles- Live au Palais des Congres 2004 Disc 1\ C:\Documents and Settings\denis\Mes documents\Ma musique\Charles Aznavour\Bon Anniversaire Charles- Live au Palais des Congres 2004 Disc 2\ C:\Documents and Settings\denis\Mes documents\Ma musique\Charles Aznavour\Je Voyage\ C:\Documents and Settings\denis\Mes documents\Ma musique\Henri Salvador\ C:\Documents and Settings\denis\Mes documents\Ma musique\Henri Salvador\Ses Plus Grandes- The Best of Henri Salvador Disc 2\ C:\Documents and Settings\denis\Mes documents\Ma musique\Mes sélections\ C:\Documents and Settings\denis\Mes documents\Ma musique\Michel Sardou\ C:\Documents and Settings\denis\Mes documents\Ma musique\Michel Sardou\Hors Format Disc 2\ C:\Documents and Settings\denis\Mes documents\Ma musique\Various Artists\ C:\Documents and Settings\denis\Mes documents\Ma musique\Various Artists\Celtica- Magie des Ballades Celtes\ C:\Documents and Settings\denis\Mes documents\Mes Google Gadgets\ C:\Documents and Settings\denis\Mes documents\Mes images\ C:\Documents and Settings\denis\Mes documents\Mes vidéos\ C:\Documents and Settings\denis\Modèles\ C:\Documents and Settings\denis\Recent\ C:\Documents and Settings\denis\SendTo\ C:\Documents and Settings\denis\UserData\ C:\Documents and Settings\LocalService\ C:\Documents and Settings\LocalService\NTUSER.DAT [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\LocalService\ntuser.dat.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\ C:\Documents and Settings\LocalService\Cookies\ C:\Documents and Settings\LocalService\Local Settings\ C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\ C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\11.0\ C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\9.0\ C:\Documents and Settings\LocalService\Local Settings\Historique\ C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\ C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\ C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\ C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\ C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\ C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ C:\Documents and Settings\LocalService\Menu Démarrer\Programmes\ C:\Documents and Settings\NetworkService\ C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\NetworkService\Local Settings\ C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\ C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\Documents and Settings\NetworkService\Local Settings\Historique\ C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\ C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\ C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\05YN41UV\ C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8XUNK9AJ\ C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\O9EN856B\ C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\WTQ30PYV\ C:\NVIDIA\nForceWin2k\9.64\IS\ C:\NVIDIA\nForceWin2k\9.64\IS\Ethernet\ C:\NVIDIA\nForceWin2k\9.64\IS\Ethernet\NAM\ C:\NVIDIA\nForceWin2k\9.64\IS\IDE\WinXP\raidtool\ C:\NVIDIA\nForceWin2k\9.64\IS\IDE\WinXP\sataraid\ C:\NVIDIA\nForceWin2k\9.64\IS\IDE\WinXP\sata_ide\ C:\NVIDIA\nForceWin2k\9.64\IS\SMBus\ C:\NVIDIA\nForceWin2KXP\4.62A\ C:\NVIDIA\nForceWin2KXP\4.62A\AudioDrv\ C:\NVIDIA\nForceWin2KXP\4.62A\AudioUtl\ C:\NVIDIA\nForceWin2KXP\6.86\ C:\NVIDIA\nForceWin2KXP\6.86\AudioDrv\ C:\NVIDIA\nForceWin2KXP\6.86\AudioUtl\ C:\NVIDIA\nForceWin2KXP\6.86\Ethernet\ C:\NVIDIA\nForceWin2KXP\6.86\Ethernet\NAM\ C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\legacy\ C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\raidtool\ C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sataraid\ C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sata_ide\ C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\legacy\ C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\raidtool\ C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sataraid\ C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sata_ide\ C:\NVIDIA\nForceWin2KXP\6.86\SMBus\ C:\NVIDIA\Win2KXP\93.71\ C:\Program Files\ABBYY FineReader 5.0 Sprint\ C:\Program Files\ABBYY FineReader 5.0 Sprint\Demo\ C:\Program Files\ABBYY FineReader 5.0 Sprint\Scan\ C:\Program Files\ABBYY FineReader 5.0 Sprint\Scan\TWAIN\ C:\Program Files\ABBYY FineReader 5.0 Sprint\Support\ C:\Program Files\Adobe\Adobe Help Viewer\1.0\ C:\Program Files\Adobe\Adobe Help Viewer\1.0\Resources\en\ C:\Program Files\Adobe\Adobe Help Viewer\1.0\Resources\fr\ C:\Program Files\Adobe\Reader 8.0\Esl\ C:\Program Files\Adobe\Reader 8.0\Reader\ C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\ C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\en_US\ C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\fr_FR\ C:\Program Files\Adobe\Reader 8.0\Reader\AIR\ C:\Program Files\Adobe\Reader 8.0\Reader\AMT\ C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\Onramp\ C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\FRA\Onramp\ C:\Program Files\Adobe\Reader 8.0\Reader\Browser\ C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\ C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Images\ C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\FRA\ C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\FRA\Images\ C:\Program Files\Adobe\Reader 8.0\Reader\IDTemplates\ENU\ C:\Program Files\Adobe\Reader 8.0\Reader\IDTemplates\FRA\ C:\Program Files\Adobe\Reader 8.0\Reader\Javascripts\ C:\Program Files\Adobe\Reader 8.0\Reader\Legal\en_US\ C:\Program Files\Adobe\Reader 8.0\Reader\Legal\fr_FR\ C:\Program Files\Adobe\Reader 8.0\Reader\Optional\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm\PMP\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\ENU\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\FRA\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\en_US\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\fr_FR\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia\MPP\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\ENU\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\FRA\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins3d\ C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins3d\prc\ C:\Program Files\Adobe\Reader 8.0\Reader\SPPlugins\ C:\Program Files\Adobe\Reader 8.0\Reader\Tracker\ C:\Program Files\Adobe\Reader 8.0\Resource\ C:\Program Files\Adobe\Reader 8.0\Resource\CMap\ C:\Program Files\Adobe\Reader 8.0\Resource\Font\ C:\Program Files\Adobe\Reader 8.0\Resource\Font\PFM\ C:\Program Files\Adobe\Reader 8.0\Resource\Linguistics\LanguageNames\ C:\Program Files\Adobe\Reader 8.0\Resource\Linguistics\Providers\Proximity\ C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1036-7B44-A81200000003}\ C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-5464-3428-800000000003}\ C:\Program Files\Ahead\CoverDesigner\ C:\Program Files\Ahead\CoverDesigner\Templates\ C:\Program Files\Ahead\EasyWriteReader\ C:\Program Files\Ahead\InCD\ C:\Program Files\Ahead\Nero\ C:\Program Files\Ahead\Nero\CDI\ C:\Program Files\Ahead\Nero\Uninstall\ C:\Program Files\Ahead\Nero BackItUp\ C:\Program Files\Ahead\Nero SoundTrax\ C:\Program Files\Ahead\Nero StartSmart\ C:\Program Files\Ahead\Nero Toolkit\ C:\Program Files\Ahead\Nero Wave Editor\ C:\Program Files\Ahead\NeroVision\ C:\Program Files\Ahead\NeroVision\Buttons\ C:\Program Files\Ahead\NeroVision\MenuTemplates\ C:\Program Files\Ahead\NeroVision\MenuTemplates\Pictures\ C:\Program Files\Ahead\NeroVision\NeroFiles\ C:\Program Files\Ahead\NeroVision\NeroFiles\CDI\ C:\Program Files\Ahead\NeroVision\Pictures\ C:\Program Files\Ahead\WMPBurn\ C:\Program Files\Avira\AntiVir PersonalEdition Classic\ C:\Program Files\BarreConfCMCIC\ C:\Program Files\BroadJump\Client Foundation\ C:\Program Files\BroadJump\Client Foundation\certs\ C:\Program Files\Club-Internet\Assistance\ConfModem\ C:\Program Files\Club-Internet\Assistance\ConfModem\etc\ C:\Program Files\Club-Internet\Assistance\ConfModem\modems\00_ah4222\ C:\Program Files\Club-Internet\Assistance\ConfModem\modems\01_ah4021\ C:\Program Files\Club-Internet\Assistance\ConfModem\modems\02_ct635\ C:\Program Files\Club-Internet\Assistance\ConfModem\modems\03_st530v5\ C:\Program Files\Club-Internet\Assistance\ConfModem\modems\04_st530\ C:\Program Files\Club-Internet\Dr Club Internet\ C:\Program Files\Club-Internet\Dr Club Internet\bin\ C:\Program Files\Club-Internet\Dr Club Internet\cert\ C:\Program Files\Club-Internet\Dr Club Internet\de\classic\bin\ C:\Program Files\Club-Internet\Dr Club Internet\de\classic\etc\ C:\Program Files\Club-Internet\Dr Club Internet\de\classic\lib\ C:\Program Files\Club-Internet\Dr Club Internet\de\classic\plugins\ C:\Program Files\Club-Internet\Dr Club Internet\de\jsharp\bin\ C:\Program Files\Club-Internet\Dr Club Internet\de\jsharp\etc\ C:\Program Files\Club-Internet\Dr Club Internet\de\jsharp\lib\ C:\Program Files\Club-Internet\Dr Club Internet\de\jsharp\plugins\ C:\Program Files\Club-Internet\Dr Club Internet\etc\ C:\Program Files\Club-Internet\Dr Club Internet\lib\ C:\Program Files\Club-Internet\Dr Club Internet\log\ C:\Program Files\Club-Internet\Dr Club Internet\page\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sc0\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\BBActionsProcessor.diag\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\BBActionsProcessor.mmap\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\BBEscalation.diag\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\BBEscalationMap.mmap\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\BBTechUpdate.diag\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\BBTechUpdate.mmap\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\ForceChorusPoll.diag\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\ForceChorusPoll.mmap\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\MwuiTestMap.diag\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\MwuiTestMap.mmap\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\PPPoETHT300Ini.diag\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\PPPoETHT300Ini.mmap\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\Test_Cisco800_Modem_Connectivity.diag\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\sitepath\default\cat_8\Test_Cisco800_Modem_Connectivity.mmap\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\css\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\css\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\fiches_communes\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\hitachi\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\530\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\530\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\530\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\boutons communs\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\images\boutons_communs\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\st530\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\FAQ_motive\st530v5\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\images\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\lic\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\localization\fr\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\scripts\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\scripts\GenericUSBModem\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\BroadBandAsst\scripts\ThomsonSpeedTouch530\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\driven_dev\updaters\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\content\template\page\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\maps\wt\default\maps\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\maps\wt\default\maps\__reserved\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\bin\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\css\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\css\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\fiches_communes\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\hitachi\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\530\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\530\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\530\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\images\boutons_communs\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\st530\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\FAQ_motive\st530v5\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\images\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\lic\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\localization\fr\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\scripts\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\scripts\GenericUSBModem\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\BroadBandAsst\scripts\ThomsonSpeedTouch530\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\driven_dev\updaters\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\css\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\de\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\bin\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\css\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\fiches_communes\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\hitachi\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\530\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\530\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\530\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\530v5\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\btn-menu\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\AH4021\titre\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\images\boutons_communs\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\st530\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\FAQ_motive\st530v5\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\BroadBandAsst\localization\fr\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\driven_dev\updaters\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\en\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\es\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\fr\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\images\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\ja\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\resources\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\resources\en\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\zh_CN\ C:\Program Files\Club-Internet\Dr Club Internet\vendors\TONLFR\wwwcache\wt\default\private\content\zh_TW\ C:\Program Files\Club-Internet\Dr Club Internet\wwwroot\ C:\Program Files\Club-Internet\Dr Club Internet\wwwroot\images\ C:\Program Files\Club-Internet\Lanceur\ C:\Program Files\Club-Internet\Lanceur\aide\ C:\Program Files\Club-Internet\Lanceur\aide\Images\ C:\Program Files\Club-Internet\Lanceur\etc\ C:\Program Files\Club-Internet\Lanceur\html\ C:\Program Files\Club-Internet\Lanceur\html\offline_fichiers\ C:\Program Files\Club-Internet\Lanceur\modems\00_st530\ C:\Program Files\Club-Internet\Lanceur\modems\01_st530v5\ C:\Program Files\Club-Internet\Lanceur\modems\02_ct635\ C:\Program Files\Club-Internet\Lanceur\modems\03_ah4021\ C:\Program Files\Club-Internet\Lanceur\modems\04_ah4222\ C:\Program Files\Club-Internet\Lanceur\pictures\ C:\Program Files\Common Files\Motive\ C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\ C:\Program Files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\8.0\ C:\Program Files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\8.0\images\ C:\Program Files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\8.0\ C:\Program Files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\8.0\images\ C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\ICU\ C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Adobe\ C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Mac\ C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\win\ C:\Program Files\Fichiers communs\Adobe\Updater5\ C:\Program Files\Fichiers communs\Ahead\AudioPlugins\ C:\Program Files\Fichiers communs\Ahead\DSFilter\ C:\Program Files\Fichiers communs\Ahead\Lib\ C:\Program Files\Fichiers communs\Designer\ C:\Program Files\Fichiers communs\InstallShield\Engine\6\Intel 32\ C:\Program Files\Fichiers communs\InstallShield\IScript\ C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\ C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\ C:\Program Files\Fichiers communs\Microsoft Shared\CDO\ C:\Program Files\Fichiers communs\Microsoft Shared\DAO\ C:\Program Files\Fichiers communs\Microsoft Shared\Dashboard Components\10\ C:\Program Files\Fichiers communs\Microsoft Shared\Euro\ C:\Program Files\Fichiers communs\Microsoft Shared\Grphflt\ C:\Program Files\Fichiers communs\Microsoft Shared\Money\ C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\ C:\Program Files\Fichiers communs\Microsoft Shared\MSORun\ C:\Program Files\Fichiers communs\Microsoft Shared\MSSearch\Bin\ C:\Program Files\Fichiers communs\Microsoft Shared\MSSearch\Common\ C:\Program Files\Fichiers communs\Microsoft Shared\Office10\ C:\Program Files\Fichiers communs\Microsoft Shared\Office10\1036\ C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\ C:\Program Files\Fichiers communs\Microsoft Shared\Proof\ C:\Program Files\Fichiers communs\Microsoft Shared\Proof\1036\ C:\Program Files\Fichiers communs\Microsoft Shared\Reference Titles\ C:\Program Files\Fichiers communs\Microsoft Shared\Smart Tag\ C:\Program Files\Fichiers communs\Microsoft Shared\Speech\ C:\Program Files\Fichiers communs\Microsoft Shared\Speech\1036\ C:\Program Files\Fichiers communs\Microsoft Shared\TextConv\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\Axis\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\blends\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\capsules\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\Cascade\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\Edge\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\expeditn\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\Network\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\Pixel\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\Profile\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\Refined\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\sumipntg\ C:\Program Files\Fichiers communs\Microsoft Shared\Themes\Watermar\ C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\ C:\Program Files\Fichiers communs\Microsoft Shared\VBA\VBA6\ C:\Program Files\Fichiers communs\Microsoft Shared\VBA\VBA6\1036\ C:\Program Files\Fichiers communs\Microsoft Shared\VGX\ C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\1033\ C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\1036\ C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\1036\WebView\ C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\1036\WebView\Images\ C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\40\bin\ C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\40\bin\1036\ C:\Program Files\Fichiers communs\Microsoft Shared\web server extensions\50\bin\ C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\ C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\1036\ C:\Program Files\Fichiers communs\MSSoap\Binaries\ C:\Program Files\Fichiers communs\MSSoap\Binaries\Resources\1036\ C:\Program Files\Fichiers communs\NVIDIA Shared\Audio\ C:\Program Files\Fichiers communs\Services\ C:\Program Files\Fichiers communs\SpeechEngines\Microsoft\ C:\Program Files\Fichiers communs\SpeechEngines\Microsoft\Lexicon\1033\ C:\Program Files\Fichiers communs\SpeechEngines\Microsoft\TTS\1033\ C:\Program Files\Fichiers communs\System\ C:\Program Files\Fichiers communs\System\ado\ C:\Program Files\Fichiers communs\System\msadc\ C:\Program Files\Fichiers communs\System\mui\041e\ C:\Program Files\Fichiers communs\System\Ole DB\ C:\Program Files\Fichiers communs\Wise Installation Wizard\ C:\Program Files\Free Audio Pack\ C:\Program Files\Free Audio Pack\Easy Audio Cutter\ C:\Program Files\Free Audio Pack\Easy Audio Cutter\Lang\ C:\Program Files\Free Audio Pack\Free CD Ripper\ C:\Program Files\Free Audio Pack\Free CD Ripper\Images\ C:\Program Files\Free Audio Pack\Free CD Ripper\Lang\ C:\Program Files\Free Audio Pack\FreeConverter\ C:\Program Files\Free Audio Pack\FreeConverter\Lang\ C:\Program Files\GIMP-2.0\bin\ C:\Program Files\GIMP-2.0\etc\fonts\ C:\Program Files\GIMP-2.0\etc\fonts\conf.avail\ C:\Program Files\GIMP-2.0\etc\fonts\conf.d\ C:\Program Files\GIMP-2.0\etc\gimp\2.0\ C:\Program Files\GIMP-2.0\etc\gtk-2.0\ C:\Program Files\GIMP-2.0\etc\pango\ C:\Program Files\GIMP-2.0\lib\gimp\2.0\environ\ C:\Program Files\GIMP-2.0\lib\gimp\2.0\interpreters\ C:\Program Files\GIMP-2.0\lib\gimp\2.0\modules\ C:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\ C:\Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\engines\ C:\Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\immodules\ C:\Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\ C:\Program Files\GIMP-2.0\setup\ C:\Program Files\GIMP-2.0\share\gimp\2.0\brushes\ C:\Program Files\GIMP-2.0\share\gimp\2.0\fractalexplorer\ C:\Program Files\GIMP-2.0\share\gimp\2.0\gfig\ C:\Program Files\GIMP-2.0\share\gimp\2.0\gflare\ C:\Program Files\GIMP-2.0\share\gimp\2.0\gimpressionist\Brushes\ C:\Program Files\GIMP-2.0\share\gimp\2.0\gimpressionist\Paper\ C:\Program Files\GIMP-2.0\share\gimp\2.0\gimpressionist\Presets\ C:\Program Files\GIMP-2.0\share\gimp\2.0\gradients\ C:\Program Files\GIMP-2.0\share\gimp\2.0\images\ C:\Program Files\GIMP-2.0\share\gimp\2.0\menus\ C:\Program Files\GIMP-2.0\share\gimp\2.0\palettes\ C:\Program Files\GIMP-2.0\share\gimp\2.0\patterns\ C:\Program Files\GIMP-2.0\share\gimp\2.0\scripts\ C:\Program Files\GIMP-2.0\share\gimp\2.0\scripts\images\ C:\Program Files\GIMP-2.0\share\gimp\2.0\themes\Default\ C:\Program Files\GIMP-2.0\share\gimp\2.0\themes\Default\images\ C:\Program Files\GIMP-2.0\share\gimp\2.0\themes\Default\images\preferences\ C:\Program Files\GIMP-2.0\share\gimp\2.0\themes\Small\ C:\Program Files\GIMP-2.0\share\gimp\2.0\tips\ C:\Program Files\GIMP-2.0\share\libwmf\cidToUnicode\ C:\Program Files\GIMP-2.0\share\libwmf\cMap\Adobe-CNS1\ C:\Program Files\GIMP-2.0\share\libwmf\cMap\Adobe-GB1\ C:\Program Files\GIMP-2.0\share\libwmf\cMap\Adobe-Japan1\ C:\Program Files\GIMP-2.0\share\libwmf\cMap\Adobe-Korea1\ C:\Program Files\GIMP-2.0\share\libwmf\fonts\ C:\Program Files\GIMP-2.0\share\libwmf\nameToUnicode\ C:\Program Files\GIMP-2.0\share\libwmf\unicodeMap\ C:\Program Files\GIMP-2.0\share\locale\ C:\Program Files\GIMP-2.0\share\locale\af\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\am\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ang\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ar\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\as\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\az\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\az_IR\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\be\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\be@latin\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\bg\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\bn\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\bn_IN\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\br\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\bs\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ca\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\cs\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\cy\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\da\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\de\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\dz\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\el\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\en@boldquot\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\en@quot\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\en_CA\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\en_GB\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\eo\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\es\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\et\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\eu\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\fa\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\fi\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\fr\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ga\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\gl\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\gu\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\he\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\hi\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\hr\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\hu\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\hy\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ia\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\id\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\io\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\is\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\it\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ja\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ka\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\km\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\kn\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ko\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ku\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\li\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\lt\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\lv\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\mg\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\mi\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\mk\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ml\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\mn\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\mr\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ms\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\nb\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ne\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\nl\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\nn\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\no\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\nso\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\oc\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\or\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\pa\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\pl\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\pt\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\pt_BR\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ro\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ru\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\rw\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\si\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\sk\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\sl\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\sq\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\sr\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\sr@ije\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\sr@Latn\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\sv\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ta\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\te\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\th\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\tk\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\tl\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\tr\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\tt\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\uk\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\ur\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\uz\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\uz@cyrillic\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\vi\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\wa\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\xh\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\yi\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\zh_CN\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\zh_HK\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\locale\zh_TW\LC_MESSAGES\ C:\Program Files\GIMP-2.0\share\themes\Default\gtk-2.0-key\ C:\Program Files\GIMP-2.0\share\themes\Emacs\gtk-2.0-key\ C:\Program Files\GIMP-2.0\share\themes\MS-Windows\gtk-2.0\ C:\Program Files\GIMP-2.0\share\themes\Raleigh\gtk-2.0\ C:\Program Files\Google\Google Earth\ C:\Program Files\Google\Google Earth\alchemy\dx\ C:\Program Files\Google\Google Earth\alchemy\ogl\ C:\Program Files\Google\Google Earth\alchemy\optimizations\ C:\Program Files\Google\Google Earth\kvw\ C:\Program Files\Google\Google Earth\lang\ C:\Program Files\Google\Google Earth\res\ C:\Program Files\Google\Google Earth\res\ad.country\ C:\Program Files\Google\Google Earth\res\ae.country\ C:\Program Files\Google\Google Earth\res\af.country\ C:\Program Files\Google\Google Earth\res\ag.country\ C:\Program Files\Google\Google Earth\res\ai.country\ C:\Program Files\Google\Google Earth\res\al.country\ C:\Program Files\Google\Google Earth\res\am.country\ C:\Program Files\Google\Google Earth\res\an.country\ C:\Program Files\Google\Google Earth\res\ao.country\ C:\Program Files\Google\Google Earth\res\aq.country\ C:\Program Files\Google\Google Earth\res\ar.country\ C:\Program Files\Google\Google Earth\res\ar.locale\ C:\Program Files\Google\Google Earth\res\as.country\ C:\Program Files\Google\Google Earth\res\at.country\ C:\Program Files\Google\Google Earth\res\au.country\ C:\Program Files\Google\Google Earth\res\aw.country\ C:\Program Files\Google\Google Earth\res\ax.country\ C:\Program Files\Google\Google Earth\res\az.country\ C:\Program Files\Google\Google Earth\res\ba.country\ C:\Program Files\Google\Google Earth\res\bb.country\ C:\Program Files\Google\Google Earth\res\bd.country\ C:\Program Files\Google\Google Earth\res\be.country\ C:\Program Files\Google\Google Earth\res\bf.country\ C:\Program Files\Google\Google Earth\res\bg.country\ C:\Program Files\Google\Google Earth\res\bh.country\ C:\Program Files\Google\Google Earth\res\bi.country\ C:\Program Files\Google\Google Earth\res\bj.country\ C:\Program Files\Google\Google Earth\res\bm.country\ C:\Program Files\Google\Google Earth\res\bn.country\ C:\Program Files\Google\Google Earth\res\bo.country\ C:\Program Files\Google\Google Earth\res\br.country\ C:\Program Files\Google\Google Earth\res\bs.country\ C:\Program Files\Google\Google Earth\res\bt.country\ C:\Program Files\Google\Google Earth\res\bv.country\ C:\Program Files\Google\Google Earth\res\bw.country\ C:\Program Files\Google\Google Earth\res\by.country\ C:\Program Files\Google\Google Earth\res\bz.country\ C:\Program Files\Google\Google Earth\res\ca.country\ C:\Program Files\Google\Google Earth\res\cc.country\ C:\Program Files\Google\Google Earth\res\cd.country\ C:\Program Files\Google\Google Earth\res\cf.country\ C:\Program Files\Google\Google Earth\res\cg.country\ C:\Program Files\Google\Google Earth\res\ch.country\ C:\Program Files\Google\Google Earth\res\ci.country\ C:\Program Files\Google\Google Earth\res\ck.country\ C:\Program Files\Google\Google Earth\res\cl.country\ C:\Program Files\Google\Google Earth\res\cm.country\ C:\Program Files\Google\Google Earth\res\cn.country\ C:\Program Files\Google\Google Earth\res\co.country\ C:\Program Files\Google\Google Earth\res\cr.country\ C:\Program Files\Google\Google Earth\res\cu.country\ C:\Program Files\Google\Google Earth\res\cv.country\ C:\Program Files\Google\Google Earth\res\cx.country\ C:\Program Files\Google\Google Earth\res\cy.country\ C:\Program Files\Google\Google Earth\res\cz.country\ C:\Program Files\Google\Google Earth\res\de.country\ C:\Program Files\Google\Google Earth\res\dj.country\ C:\Program Files\Google\Google Earth\res\dk.country\ C:\Program Files\Google\Google Earth\res\dm.country\ C:\Program Files\Google\Google Earth\res\do.country\ C:\Program Files\Google\Google Earth\res\dz.country\ C:\Program Files\Google\Google Earth\res\ec.country\ C:\Program Files\Google\Google Earth\res\ee.country\ C:\Program Files\Google\Google Earth\res\eg.country\ C:\Program Files\Google\Google Earth\res\eh.country\ C:\Program Files\Google\Google Earth\res\er.country\ C:\Program Files\Google\Google Earth\res\es.country\ C:\Program Files\Google\Google Earth\res\et.country\ C:\Program Files\Google\Google Earth\res\fi.country\ C:\Program Files\Google\Google Earth\res\fj.country\ C:\Program Files\Google\Google Earth\res\fk.country\ C:\Program Files\Google\Google Earth\res\flightsim\ C:\Program Files\Google\Google Earth\res\flightsim\aircraft\ C:\Program Files\Google\Google Earth\res\flightsim\controller\ C:\Program Files\Google\Google Earth\res\flightsim\hud\ C:\Program Files\Google\Google Earth\res\flightsim\keyboard\ C:\Program Files\Google\Google Earth\res\flightsim\planet\ C:\Program Files\Google\Google Earth\res\fm.country\ C:\Program Files\Google\Google Earth\res\fo.country\ C:\Program Files\Google\Google Earth\res\fr.country\ C:\Program Files\Google\Google Earth\res\ga.country\ C:\Program Files\Google\Google Earth\res\gb.country\ C:\Program Files\Google\Google Earth\res\gd.country\ C:\Program Files\Google\Google Earth\res\ge.country\ C:\Program Files\Google\Google Earth\res\gf.country\ C:\Program Files\Google\Google Earth\res\gg.country\ C:\Program Files\Google\Google Earth\res\gh.country\ C:\Program Files\Google\Google Earth\res\gi.country\ C:\Program Files\Google\Google Earth\res\gl.country\ C:\Program Files\Google\Google Earth\res\gm.country\ C:\Program Files\Google\Google Earth\res\gn.country\ C:\Program Files\Google\Google Earth\res\gp.country\ C:\Program Files\Google\Google Earth\res\gq.country\ C:\Program Files\Google\Google Earth\res\gr.country\ C:\Program Files\Google\Google Earth\res\gs.country\ C:\Program Files\Google\Google Earth\res\gt.country\ C:\Program Files\Google\Google Earth\res\gu.country\ C:\Program Files\Google\Google Earth\res\gw.country\ C:\Program Files\Google\Google Earth\res\gy.country\ C:\Program Files\Google\Google Earth\res\hk.country\ C:\Program Files\Google\Google Earth\res\hm.country\ C:\Program Files\Google\Google Earth\res\hn.country\ C:\Program Files\Google\Google Earth\res\hr.country\ C:\Program Files\Google\Google Earth\res\ht.country\ C:\Program Files\Google\Google Earth\res\hu.country\ C:\Program Files\Google\Google Earth\res\id.country\ C:\Program Files\Google\Google Earth\res\ie.country\ C:\Program Files\Google\Google Earth\res\il.country\ C:\Program Files\Google\Google Earth\res\im.country\ C:\Program Files\Google\Google Earth\res\in.country\ C:\Program Files\Google\Google Earth\res\io.country\ C:\Program Files\Google\Google Earth\res\iq.country\ C:\Program Files\Google\Google Earth\res\ir.country\ C:\Program Files\Google\Google Earth\res\is.country\ C:\Program Files\Google\Google Earth\res\it.country\ C:\Program Files\Google\Google Earth\res\je.country\ C:\Program Files\Google\Google Earth\res\jm.country\ C:\Program Files\Google\Google Earth\res\jo.country\ C:\Program Files\Google\Google Earth\res\jp.country\ C:\Program Files\Google\Google Earth\res\ke.country\ C:\Program Files\Google\Google Earth\res\kg.country\ C:\Program Files\Google\Google Earth\res\kh.country\ C:\Program Files\Google\Google Earth\res\ki.country\ C:\Program Files\Google\Google Earth\res\km.country\ C:\Program Files\Google\Google Earth\res\kn.country\ C:\Program Files\Google\Google Earth\res\ko.locale\ C:\Program Files\Google\Google Earth\res\kp.country\ C:\Program Files\Google\Google Earth\res\kr.country\ C:\Program Files\Google\Google Earth\res\kw.country\ C:\Program Files\Google\Google Earth\res\ky.country\ C:\Program Files\Google\Google Earth\res\kz.country\ C:\Program Files\Google\Google Earth\res\la.country\ C:\Program Files\Google\Google Earth\res\lb.country\ C:\Program Files\Google\Google Earth\res\lc.country\ C:\Program Files\Google\Google Earth\res\li.country\ C:\Program Files\Google\Google Earth\res\lk.country\ C:\Program Files\Google\Google Earth\res\lr.country\ C:\Program Files\Google\Google Earth\res\ls.country\ C:\Program Files\Google\Google Earth\res\lt.country\ C:\Program Files\Google\Google Earth\res\lu.country\ C:\Program Files\Google\Google Earth\res\lv.country\ C:\Program Files\Google\Google Earth\res\ly.country\ C:\Program Files\Google\Google Earth\res\ma.country\ C:\Program Files\Google\Google Earth\res\mc.country\ C:\Program Files\Google\Google Earth\res\md.country\ C:\Program Files\Google\Google Earth\res\me.country\ C:\Program Files\Google\Google Earth\res\mg.country\ C:\Program Files\Google\Google Earth\res\mh.country\ C:\Program Files\Google\Google Earth\res\mk.country\ C:\Program Files\Google\Google Earth\res\ml.country\ C:\Program Files\Google\Google Earth\res\mm.country\ C:\Program Files\Google\Google Earth\res\mn.country\ C:\Program Files\Google\Google Earth\res\mo.country\ C:\Program Files\Google\Google Earth\res\mp.country\ C:\Program Files\Google\Google Earth\res\mq.country\ C:\Program Files\Google\Google Earth\res\mr.country\ C:\Program Files\Google\Google Earth\res\ms.country\ C:\Program Files\Google\Google Earth\res\mt.country\ C:\Program Files\Google\Google Earth\res\mu.country\ C:\Program Files\Google\Google Earth\res\mv.country\ C:\Program Files\Google\Google Earth\res\mw.country\ C:\Program Files\Google\Google Earth\res\mx.country\ C:\Program Files\Google\Google Earth\res\my.country\ C:\Program Files\Google\Google Earth\res\mz.country\ C:\Program Files\Google\Google Earth\res\na.country\ C:\Program Files\Google\Google Earth\res\nc.country\ C:\Program Files\Google\Google Earth\res\ne.country\ C:\Program Files\Google\Google Earth\res\nf.country\ C:\Program Files\Google\Google Earth\res\ng.country\ C:\Program Files\Google\Google Earth\res\ni.country\ C:\Program Files\Google\Google Earth\res\nl.country\ C:\Program Files\Google\Google Earth\res\no.country\ C:\Program Files\Google\Google Earth\res\np.country\ C:\Program Files\Google\Google Earth\res\nr.country\ C:\Program Files\Google\Google Earth\res\nu.country\ C:\Program Files\Google\Google Earth\res\nz.country\ C:\Program Files\Google\Google Earth\res\om.country\ C:\Program Files\Google\Google Earth\res\pa.country\ C:\Program Files\Google\Google Earth\res\paddle\ C:\Program Files\Google\Google Earth\res\pe.country\ C:\Program Files\Google\Google Earth\res\pf.country\ C:\Program Files\Google\Google Earth\res\pg.country\ C:\Program Files\Google\Google Earth\res\ph.country\ C:\Program Files\Google\Google Earth\res\pk.country\ C:\Program Files\Google\Google Earth\res\pl.country\ C:\Program Files\Google\Google Earth\res\pm.country\ C:\Program Files\Google\Google Earth\res\pn.country\ C:\Program Files\Google\Google Earth\res\pr.country\ C:\Program Files\Google\Google Earth\res\ps.country\ C:\Program Files\Google\Google Earth\res\pt.country\ C:\Program Files\Google\Google Earth\res\pushpin\ C:\Program Files\Google\Google Earth\res\pw.country\ C:\Program Files\Google\Google Earth\res\py.country\ C:\Program Files\Google\Google Earth\res\qa.country\ C:\Program Files\Google\Google Earth\res\re.country\ C:\Program Files\Google\Google Earth\res\ro.country\ C:\Program Files\Google\Google Earth\res\rs.country\ C:\Program Files\Google\Google Earth\res\ru.country\ C:\Program Files\Google\Google Earth\res\ru.locale\ C:\Program Files\Google\Google Earth\res\rw.country\ C:\Program Files\Google\Google Earth\res\sa.country\ C:\Program Files\Google\Google Earth\res\sb.country\ C:\Program Files\Google\Google Earth\res\sc.country\ C:\Program Files\Google\Google Earth\res\sd.country\ C:\Program Files\Google\Google Earth\res\se.country\ C:\Program Files\Google\Google Earth\res\sg.country\ C:\Program Files\Google\Google Earth\res\sh.country\ C:\Program Files\Google\Google Earth\res\shapes\ C:\Program Files\Google\Google Earth\res\si.country\ C:\Program Files\Google\Google Earth\res\sj.country\ C:\Program Files\Google\Google Earth\res\sk.country\ C:\Program Files\Google\Google Earth\res\sl.country\ C:\Program Files\Google\Google Earth\res\sm.country\ C:\Program Files\Google\Google Earth\res\sn.country\ C:\Program Files\Google\Google Earth\res\so.country\ C:\Program Files\Google\Google Earth\res\sr.country\ C:\Program Files\Google\Google Earth\res\st.country\ C:\Program Files\Google\Google Earth\res\sv.country\ C:\Program Files\Google\Google Earth\res\sy.country\ C:\Program Files\Google\Google Earth\res\sz.country\ C:\Program Files\Google\Google Earth\res\tc.country\ C:\Program Files\Google\Google Earth\res\td.country\ C:\Program Files\Google\Google Earth\res\tf.country\ C:\Program Files\Google\Google Earth\res\tg.country\ C:\Program Files\Google\Google Earth\res\th.country\ C:\Program Files\Google\Google Earth\res\tj.country\ C:\Program Files\Google\Google Earth\res\tk.country\ C:\Program Files\Google\Google Earth\res\tl.country\ C:\Program Files\Google\Google Earth\res\tm.country\ C:\Program Files\Google\Google Earth\res\tn.country\ C:\Program Files\Google\Google Earth\res\to.country\ C:\Program Files\Google\Google Earth\res\tr.country\ C:\Program Files\Google\Google Earth\res\tt.country\ C:\Program Files\Google\Google Earth\res\tv.country\ C:\Program Files\Google\Google Earth\res\tw.country\ C:\Program Files\Google\Google Earth\res\tz.country\ C:\Program Files\Google\Google Earth\res\ua.country\ C:\Program Files\Google\Google Earth\res\ug.country\ C:\Program Files\Google\Google Earth\res\um.country\ C:\Program Files\Google\Google Earth\res\us.country\ C:\Program Files\Google\Google Earth\res\uy.country\ C:\Program Files\Google\Google Earth\res\uz.country\ C:\Program Files\Google\Google Earth\res\va.country\ C:\Program Files\Google\Google Earth\res\vc.country\ C:\Program Files\Google\Google Earth\res\ve.country\ C:\Program Files\Google\Google Earth\res\vg.country\ C:\Program Files\Google\Google Earth\res\vi.country\ C:\Program Files\Google\Google Earth\res\vn.country\ C:\Program Files\Google\Google Earth\res\vu.country\ C:\Program Files\Google\Google Earth\res\wf.country\ C:\Program Files\Google\Google Earth\res\ws.country\ C:\Program Files\Google\Google Earth\res\ye.country\ C:\Program Files\Google\Google Earth\res\yt.country\ C:\Program Files\Google\Google Earth\res\za.country\ C:\Program Files\Google\Google Earth\res\zh-hant.locale\ C:\Program Files\Google\Google Earth\res\zm.country\ C:\Program Files\Google\Google Earth\res\zw.country\ C:\Program Files\Google\Google Earth\xml\ C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\ C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\ C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Translations\ C:\Program Files\InstallShield Installation Information\{5BF2B19D-9C79-492A-8969-F059F06A627F}\ C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\ C:\Program Files\Internet Explorer\ C:\Program Files\Internet Explorer\Connection Wizard\ C:\Program Files\Internet Explorer\en-US\ C:\Program Files\Internet Explorer\fr-fr\ C:\Program Files\Internet Explorer\mui\041e\ C:\Program Files\Internet Explorer\SIGNUP\ C:\Program Files\Lavalys\EVEREST Home Edition\ C:\Program Files\Lavalys\EVEREST Home Edition\Language\ C:\Program Files\Lexmark X6100 Series\ C:\Program Files\Lexmark X6100 Series\Drivers\ C:\Program Files\Lexmark X6100 Series\Drivers\French\ C:\Program Files\Lexmark X6100 Series\FaxTools\ C:\Program Files\Lexmark X6100 Series\FaxTools\Cover Pages\ C:\Program Files\Lexmark X6100 Series\FaxTools\Install\ C:\Program Files\ma-config.com\ C:\Program Files\ma-config.com\Drivers\ C:\Program Files\ma-config.com\Langues\ C:\Program Files\messenger\ C:\Program Files\Microsoft Money\ C:\Program Files\Microsoft Money\Calcs\ C:\Program Files\Microsoft Money\Calcs\C_Erorg\ C:\Program Files\Microsoft Money\Calcs\Images\ C:\Program Files\Microsoft Money\Media\Sounds\ C:\Program Files\Microsoft Money\System\ C:\Program Files\Microsoft Money\System\1036\ C:\Program Files\Microsoft Money\System\Passport\ C:\Program Files\Microsoft Money\Works\ C:\Program Files\Microsoft Office\media\cagcat\ C:\Program Files\Microsoft Office\media\cagcat\1036\ C:\Program Files\Microsoft Office\media\cagcat10\ C:\Program Files\Microsoft Office\media\cagcat10\1036\ C:\Program Files\Microsoft Office\media\office10\ C:\Program Files\Microsoft Office\media\office10\1036\ C:\Program Files\Microsoft Office\media\office10\autoshap\ C:\Program Files\Microsoft Office\media\office10\bullets\ C:\Program Files\Microsoft Office\media\office10\lines\ C:\Program Files\Microsoft Office\Office\ C:\Program Files\Microsoft Office\Office\1036\ C:\Program Files\Microsoft Office\Office10\ C:\Program Files\Microsoft Office\Office10\1033\ C:\Program Files\Microsoft Office\Office10\1033\botstyle\ C:\Program Files\Microsoft Office\Office10\1036\ C:\Program Files\Microsoft Office\Office10\1036\botstyle\ C:\Program Files\Microsoft Office\Office10\1036\DataServices\ C:\Program Files\Microsoft Office\Office10\HTML\ C:\Program Files\Microsoft Office\Office10\Migration\ C:\Program Files\Microsoft Office\Office10\Shortcut Bar\Office\ C:\Program Files\Microsoft Office\Templates\1036\ C:\Program Files\Microsoft Office\Templates\3084\ C:\Program Files\Microsoft Works\ C:\Program Files\Microsoft Works\1033\ C:\Program Files\Microsoft Works Suite 2003\Setup\ C:\Program Files\Motive\AsstCommon\ C:\Program Files\Motive\AsstCommon\log\ C:\Program Files\Movie Maker\ C:\Program Files\Movie Maker\MUI\040c\ C:\Program Files\Movie Maker\shared\ C:\Program Files\Movie Maker\shared\profiles\ C:\Program Files\Mozilla Firefox\ C:\Program Files\Mozilla Firefox\chrome\ C:\Program Files\Mozilla Firefox\components\ C:\Program Files\Mozilla Firefox\defaults\autoconfig\ C:\Program Files\Mozilla Firefox\defaults\pref\ C:\Program Files\Mozilla Firefox\defaults\profile\ C:\Program Files\Mozilla Firefox\defaults\profile\chrome\ C:\Program Files\Mozilla Firefox\dictionaries\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\defaults\preferences\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\af\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ar\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\be\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\bg\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ca\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\cs\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\da\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\de\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\el\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\en-GB\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\en-US\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\es-AR\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\es-ES\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\eu\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\fi\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\fr\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\fy-NL\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ga-IE\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\gu-IN\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\he\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\hu\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\it\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ja\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ja-JP-mac\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ka\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ko\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ku\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\lt\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\mk\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\mn\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\nb-NO\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\nl\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\nn-NO\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\pa-IN\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\pl\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\pt-BR\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\pt-PT\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ro\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\ru\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\sk\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\sl\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\sv-SE\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\tr\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\uk\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\zh-CN\ C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com\locale\zh-TW\ C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\ C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\firefox\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\google3\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\tb-amulet-of-protection\content\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\contenthandling\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\custombuttons\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\lib\ C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF\ C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\ C:\Program Files\Mozilla Firefox\greprefs\ C:\Program Files\Mozilla Firefox\plugins\ C:\Program Files\Mozilla Firefox\res\ C:\Program Files\Mozilla Firefox\res\dtd\ C:\Program Files\Mozilla Firefox\res\entityTables\ C:\Program Files\Mozilla Firefox\res\fonts\ C:\Program Files\Mozilla Firefox\res\html\ C:\Program Files\Mozilla Firefox\searchplugins\ C:\Program Files\Mozilla Firefox\uninstall\ C:\Program Files\MSN\ C:\Program Files\MSN\MSNCoreFiles\ C:\Program Files\MSN\MSNCoreFiles\1036\ C:\Program Files\MSN\MSNCoreFiles\Markets\20\ C:\Program Files\MSN\MSNCoreFiles\Markets\36\ C:\Program Files\MSN\MSNCoreFiles\Markets\40\ C:\Program Files\MSN\MSNCoreFiles\Markets\71\ C:\Program Files\MSN\MSNCoreFiles\Setup\ C:\Program Files\MSN Gaming Zone\Windows\ C:\Program Files\NetMeeting\ C:\Program Files\NVIDIA Corporation\NvMixer\ C:\Program Files\OpenOffice.org 2.3\ C:\Program Files\OpenOffice.org 2.3\help\ C:\Program Files\OpenOffice.org 2.3\help\fr\ C:\Program Files\OpenOffice.org 2.3\help\fr\sbasic.idx\ C:\Program Files\OpenOffice.org 2.3\help\fr\scalc.idx\ C:\Program Files\OpenOffice.org 2.3\help\fr\schart.idx\ C:\Program Files\OpenOffice.org 2.3\help\fr\sdatabase.idx\ C:\Program Files\OpenOffice.org 2.3\help\fr\sdraw.idx\ C:\Program Files\OpenOffice.org 2.3\help\fr\simpress.idx\ C:\Program Files\OpenOffice.org 2.3\help\fr\smath.idx\ C:\Program Files\OpenOffice.org 2.3\help\fr\swriter.idx\ C:\Program Files\OpenOffice.org 2.3\licenses\ C:\Program Files\OpenOffice.org 2.3\presets\autotext\ C:\Program Files\OpenOffice.org 2.3\presets\basic\ C:\Program Files\OpenOffice.org 2.3\presets\basic\Standard\ C:\Program Files\OpenOffice.org 2.3\presets\config\ C:\Program Files\OpenOffice.org 2.3\presets\database\ C:\Program Files\OpenOffice.org 2.3\presets\database\biblio\ C:\Program Files\OpenOffice.org 2.3\presets\gallery\ C:\Program Files\OpenOffice.org 2.3\program\ C:\Program Files\OpenOffice.org 2.3\program\assembly\ C:\Program Files\OpenOffice.org 2.3\program\classes\ C:\Program Files\OpenOffice.org 2.3\program\components\ C:\Program Files\OpenOffice.org 2.3\program\defaults\autoconfig\ C:\Program Files\OpenOffice.org 2.3\program\defaults\pref\ C:\Program Files\OpenOffice.org 2.3\program\greprefs\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\bin\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\bsddb\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\compiler\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\curses\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\distutils\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\distutils\command\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\email\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\encodings\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\hotshot\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\idlelib\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\idlelib\Icons\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\lib-old\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\lib-tk\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\logging\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\plat-linux2\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\site-packages\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\test\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\test\output\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\xml\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\xml\dom\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\xml\parsers\ C:\Program Files\OpenOffice.org 2.3\program\python-core-2.3.4\lib\xml\sax\ C:\Program Files\OpenOffice.org 2.3\program\resource\ C:\Program Files\OpenOffice.org 2.3\readmes\ C:\Program Files\OpenOffice.org 2.3\share\autocorr\ C:\Program Files\OpenOffice.org 2.3\share\autotext\fr\ C:\Program Files\OpenOffice.org 2.3\share\basic\Depot\ C:\Program Files\OpenOffice.org 2.3\share\basic\Euro\ C:\Program Files\OpenOffice.org 2.3\share\basic\FormWizard\ C:\Program Files\OpenOffice.org 2.3\share\basic\Gimmicks\ C:\Program Files\OpenOffice.org 2.3\share\basic\ImportWizard\ C:\Program Files\OpenOffice.org 2.3\share\basic\Launcher\ C:\Program Files\OpenOffice.org 2.3\share\basic\Schedule\ C:\Program Files\OpenOffice.org 2.3\share\basic\ScriptBindingLibrary\ C:\Program Files\OpenOffice.org 2.3\share\basic\Template\ C:\Program Files\OpenOffice.org 2.3\share\basic\Tools\ C:\Program Files\OpenOffice.org 2.3\share\basic\Tutorials\ C:\Program Files\OpenOffice.org 2.3\share\config\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\global\accelerator\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\global\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\global\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\BasicIDE\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\BasicIDE\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\BasicIDE\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\BasicIDE\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbapp\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbapp\accelerator\en-GB\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbapp\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbapp\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbapp\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbapp\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbapp\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbapp\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbbrowser\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbbrowser\accelerator\en-GB\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbbrowser\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbbrowser\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbbrowser\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbbrowser\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbbrowser\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbquery\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbquery\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbquery\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbquery\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbrelation\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbrelation\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbreport\accelerator\de-DE\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbreport\accelerator\en-GB\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbreport\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbreport\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbreport\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbreport\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbtable\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\dbtable\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sbibliography\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\scalc\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\scalc\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\scalc\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\scalc\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\scalc\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\scalc\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\scalc\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\schart\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\schart\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\schart\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\schart\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sdraw\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sdraw\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sdraw\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sdraw\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sdraw\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sdraw\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sdraw\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sglobal\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sglobal\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sglobal\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sglobal\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sglobal\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sglobal\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sglobal\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\simpress\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\simpress\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\simpress\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\simpress\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\simpress\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\simpress\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\simpress\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\smath\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\smath\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\smath\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\smath\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\StartModule\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\StartModule\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\StartModule\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\StartModule\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sweb\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sweb\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sweb\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sweb\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sweb\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sweb\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\sweb\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swform\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swform\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swform\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swform\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swform\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swform\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swform\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swreport\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swreport\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swreport\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swreport\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swreport\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swreport\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swreport\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swriter\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swriter\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swriter\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swriter\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swriter\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swriter\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swriter\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swxform\accelerator\de\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swxform\accelerator\en-US\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swxform\accelerator\es\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swxform\accelerator\fr\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swxform\menubar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swxform\statusbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\modules\swxform\toolbar\ C:\Program Files\OpenOffice.org 2.3\share\config\soffice.cfg\simpress\ C:\Program Files\OpenOffice.org 2.3\share\config\symbol\ C:\Program Files\OpenOffice.org 2.3\share\config\webcast\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\form\styles\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\buttons\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\images\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\diagonal\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\frame_bottom\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\frame_left\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\frame_right\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\frame_top\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\simple\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\table_2\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\table_3\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\layouts\zigzag\ C:\Program Files\OpenOffice.org 2.3\share\config\wizard\web\styles\ C:\Program Files\OpenOffice.org 2.3\share\dict\ooo\ C:\Program Files\OpenOffice.org 2.3\share\dtd\math\1_01\ C:\Program Files\OpenOffice.org 2.3\share\dtd\officedocument\1_0\ C:\Program Files\OpenOffice.org 2.3\share\fingerprint\ C:\Program Files\OpenOffice.org 2.3\share\gallery\ C:\Program Files\OpenOffice.org 2.3\share\gallery\bullets\ C:\Program Files\OpenOffice.org 2.3\share\gallery\htmlexpo\ C:\Program Files\OpenOffice.org 2.3\share\gallery\rulers\ C:\Program Files\OpenOffice.org 2.3\share\gallery\sounds\ C:\Program Files\OpenOffice.org 2.3\share\gallery\www-back\ C:\Program Files\OpenOffice.org 2.3\share\gallery\www-graf\ C:\Program Files\OpenOffice.org 2.3\share\readme\ C:\Program Files\OpenOffice.org 2.3\share\registry\data\org\openoffice\ C:\Program Files\OpenOffice.org 2.3\share\registry\data\org\openoffice\Office\ C:\Program Files\OpenOffice.org 2.3\share\registry\data\org\openoffice\Office\UI\ C:\Program Files\OpenOffice.org 2.3\share\registry\data\org\openoffice\TypeDetection\ C:\Program Files\OpenOffice.org 2.3\share\registry\data\org\openoffice\ucb\ C:\Program Files\OpenOffice.org 2.3\share\registry\ldap\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\Office\Addons\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\Office\Common\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\Office\Embedding\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\Office\Jobs\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\Office\Scripting\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\Office\Writer\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\Setup\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\TypeDetection\Filter\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\TypeDetection\GraphicFilter\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\TypeDetection\Misc\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\TypeDetection\Types\ C:\Program Files\OpenOffice.org 2.3\share\registry\modules\org\openoffice\TypeDetection\UISort\ C:\Program Files\OpenOffice.org 2.3\share\registry\res\fr\org\openoffice\ C:\Program Files\OpenOffice.org 2.3\share\registry\res\fr\org\openoffice\Office\ C:\Program Files\OpenOffice.org 2.3\share\registry\res\fr\org\openoffice\Office\UI\ C:\Program Files\OpenOffice.org 2.3\share\registry\res\fr\org\openoffice\TypeDetection\ C:\Program Files\OpenOffice.org 2.3\share\registry\schema\org\openoffice\ C:\Program Files\OpenOffice.org 2.3\share\registry\schema\org\openoffice\Office\ C:\Program Files\OpenOffice.org 2.3\share\registry\schema\org\openoffice\Office\UI\ C:\Program Files\OpenOffice.org 2.3\share\registry\schema\org\openoffice\TypeDetection\ C:\Program Files\OpenOffice.org 2.3\share\registry\schema\org\openoffice\ucb\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\beanshell\Capitalise\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\beanshell\HelloWorld\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\beanshell\Highlight\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\beanshell\MemoryUsage\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\beanshell\WordCount\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\java\HelloWorld\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\java\Highlight\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\java\MemoryUsage\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\javascript\ExportSheetsToHTML\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\javascript\HelloWorld\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\javascript\Highlight\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\python\ C:\Program Files\OpenOffice.org 2.3\share\Scripts\python\pythonSamples\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\internal\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\layout\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\presnt\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\wizard\agenda\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\wizard\bitmap\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\wizard\fax\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\wizard\letter\fr\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\wizard\report\ C:\Program Files\OpenOffice.org 2.3\share\template\fr\wizard\styles\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\bg\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\cs\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\da\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\de\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\en-GB\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\en-US\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\es\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\fr\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\hu\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\it\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\ja\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\km\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\ko\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\nl\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\pl\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\pt\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\pt-BR\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\ru\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\sk\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\sl\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\sv\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\tr\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\zh-CN\ C:\Program Files\OpenOffice.org 2.3\share\template\wizard\letter\zh-TW\ C:\Program Files\OpenOffice.org 2.3\share\wordbook\fr\ C:\Program Files\OpenOffice.org 2.3\share\xslt\common\ C:\Program Files\OpenOffice.org 2.3\share\xslt\docbook\ C:\Program Files\OpenOffice.org 2.3\share\xslt\export\common\ C:\Program Files\OpenOffice.org 2.3\share\xslt\export\common\styles\ C:\Program Files\OpenOffice.org 2.3\share\xslt\export\common\table\ C:\Program Files\OpenOffice.org 2.3\share\xslt\export\spreadsheetml\ C:\Program Files\OpenOffice.org 2.3\share\xslt\export\wordml\ C:\Program Files\OpenOffice.org 2.3\share\xslt\export\xhtml\ C:\Program Files\OpenOffice.org 2.3\share\xslt\import\common\ C:\Program Files\OpenOffice.org 2.3\share\xslt\import\spreadsheetml\ C:\Program Files\OpenOffice.org 2.3\share\xslt\import\wordml\ C:\Program Files\OpenOffice.org 2.3\share\xslt\wiki\ C:\Program Files\Outlook Express\ C:\Program Files\Services en ligne\ C:\Program Files\SpeedFan\ C:\Program Files\Spybot - Search & Destroy\ C:\Program Files\Spybot - Search & Destroy\Help\ C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ C:\Program Files\Trend Micro\HijackThis\ C:\Program Files\Trend Micro\HijackThis\backups\ C:\Program Files\TuneUp Utilities 2008\ C:\Program Files\TuneUp Utilities 2008\Data\ C:\Program Files\TuneUp Utilities 2008\Data\Integrator\ C:\Program Files\TuneUp Utilities 2008\Data\Integrator\modules\ C:\Program Files\VirginMega\VirginMegaPremium\ C:\Program Files\Warcraft III\ C:\Program Files\Warcraft III\Maps\ C:\Program Files\Warcraft III\Maps\Scenario\ C:\Program Files\Warcraft III\Movies\ C:\Program Files\Warcraft III\redist\miles\ C:\Program Files\Warcraft III\save\Profile1\ C:\Program Files\Warcraft III\support\BattleNet\ C:\Program Files\Warcraft III\support\Images\ C:\Program Files\Warcraft III\support\Layout\ C:\Program Files\Warcraft III\support\Readme\ C:\Program Files\Warcraft III\support\Support\ C:\Program Files\Warcraft III\support\WorldEdit\ C:\Program Files\Windows Media Connect 2\ C:\Program Files\Windows Media Player\ C:\Program Files\Windows Media Player\Network Sharing\ C:\Program Files\Windows Media Player\Skins\ C:\Program Files\Windows NT\ C:\Program Files\Windows NT\Accessoires\ C:\Program Files\Windows NT\Pinball\ C:\Program Files\Zone Labs\ZoneAlarm\ C:\Program Files\Zone Labs\ZoneAlarm\instmtdr.exe [0] Archive type: ZIP SFX (self extracting) --> FILE0020.DAT [iNFO] Invalid end of file --> PROGRESS.DLL [iNFO] Invalid end of file --> WISE0001.DLL [iNFO] Invalid end of file --> W32INST.DLL [iNFO] Invalid end of file --> FILE0001.DAT [iNFO] Invalid end of file --> FILE0002.DAT [iNFO] Invalid end of file --> FILE0003.DAT [iNFO] Invalid end of file --> FILE0004.DAT [iNFO] Invalid end of file --> ASDEULA.DE [iNFO] Invalid end of file --> ASDEULA.EN [iNFO] Invalid end of file --> FILE0005.DAT [iNFO] Invalid end of file --> FILE0010.DAT [iNFO] Invalid end of file --> FILE0011.DAT [iNFO] Invalid end of file --> FILE0012.DAT [iNFO] Invalid end of file --> FILE0013.DAT [iNFO] Invalid end of file --> ADDINMON.EXE [iNFO] Invalid end of file --> DBGHELP.DLL [iNFO] Invalid end of file --> MSVCP70.DLL [iNFO] Invalid end of file --> MSVCR70.DLL [iNFO] Invalid end of file --> ASDUTIL.DLL [iNFO] Invalid end of file --> MANTISPM.EXE [iNFO] Invalid end of file --> CRSRPT.DLL [iNFO] Invalid end of file --> MLFHOOK.DLL [iNFO] Invalid end of file --> MLFOE.DLL [iNFO] Invalid end of file --> MLFOSHIM.DLL [iNFO] Invalid end of file --> MTDSDK.DLL [iNFO] Invalid end of file --> 10SECURE.DLL [iNFO] Invalid end of file --> 15HDRS.DLL [iNFO] Invalid end of file --> 20ADDRBK.DLL [iNFO] Invalid end of file --> 26FGN.DLL [iNFO] Invalid end of file --> 27PROLAB.DLL [iNFO] Invalid end of file --> 31RULES.DLL [iNFO] Invalid end of file --> 50COLLAB.DLL [iNFO] Invalid end of file --> 70CHALLN.DLL [iNFO] Invalid end of file --> 90LOGGER.DLL [iNFO] Invalid end of file --> 55BFRAUD.DLL [iNFO] Invalid end of file --> @CORPORATE@_SETTINGS.XML [iNFO] Invalid end of file --> FRAUD_DATA.XML [iNFO] Invalid end of file --> DPA_SPAM_WORDS_ENC1.XML [iNFO] Invalid end of file --> DPA_IGNORE_WORDS_ENC1.XML [iNFO] Invalid end of file --> REPEAT_IGNORE_WORDS.XML [iNFO] Invalid end of file --> REDIRECT.XML [iNFO] Invalid end of file --> NUMERIC_MATCH.XML [iNFO] Invalid end of file --> STOPWORDS_ENC1.XML [iNFO] Invalid end of file --> FEATURES.XML [iNFO] Invalid end of file --> MBMFDEU.DLL [iNFO] Invalid end of file --> MBMFENU.DLL [iNFO] Invalid end of file --> MBMFESP.DLL [iNFO] Invalid end of file --> MBMFFRA.DLL [iNFO] Invalid end of file --> MBMFITA.DLL [iNFO] Invalid end of file --> MBMFJPN.DLL [iNFO] Invalid end of file --> MBZADEU.DLL [iNFO] Invalid end of file --> MBZAENU.DLL [iNFO] Invalid end of file --> MBZAESP.DLL [iNFO] Invalid end of file --> MBZAFRA.DLL [iNFO] Invalid end of file --> MBZAITA.DLL [iNFO] Invalid end of file --> MBZAJPN.DLL [iNFO] Invalid end of file --> OEMFDEU.DLL [iNFO] Invalid end of file --> OEMFENU.DLL [iNFO] Invalid end of file --> OEMFESP.DLL [iNFO] Invalid end of file --> OEMFFRA.DLL [iNFO] Invalid end of file --> OEMFITA.DLL [iNFO] Invalid end of file --> OEMFJPN.DLL [iNFO] Invalid end of file --> OEZADEU.DLL [iNFO] Invalid end of file --> OEZAENU.DLL [iNFO] Invalid end of file --> OEZAESP.DLL [iNFO] Invalid end of file --> OEZAFRA.DLL [iNFO] Invalid end of file --> OEZAITA.DLL [iNFO] Invalid end of file --> OEZAJPN.DLL [iNFO] Invalid end of file --> OTMFDEU.DLL [iNFO] Invalid end of file --> OTMFENU.DLL [iNFO] Invalid end of file --> OTMFESP.DLL [iNFO] Invalid end of file --> OTMFFRA.DLL [iNFO] Invalid end of file --> OTMFITA.DLL [iNFO] Invalid end of file --> OTMFJPN.DLL [iNFO] Invalid end of file --> OTZADEU.DLL [iNFO] Invalid end of file --> OTZAENU.DLL [iNFO] Invalid end of file --> OTZAESP.DLL [iNFO] Invalid end of file --> OTZAFRA.DLL [iNFO] Invalid end of file --> OTZAITA.DLL [iNFO] Invalid end of file --> OTZAJPN.DLL [iNFO] Invalid end of file --> LISTLANG.TXT [iNFO] Invalid end of file --> EN_US.NGR [iNFO] Invalid end of file --> DE_DE.NGR [iNFO] Invalid end of file --> ES_ES.NGR [iNFO] Invalid end of file --> WIND.JPG [iNFO] Invalid end of file --> STATUES.JPG [iNFO] Invalid end of file --> RADIOTELE.JPG [iNFO] Invalid end of file --> PUPPY.JPG [iNFO] Invalid end of file --> PUPPIES3.JPG [iNFO] Invalid end of file --> PUPPIES.JPG [iNFO] Invalid end of file --> PENGUIN.JPG [iNFO] Invalid end of file --> PALMS.JPG [iNFO] Invalid end of file --> LIZARDS.JPG [iNFO] Invalid end of file --> KITTENS.JPG [iNFO] Invalid end of file --> JETS.JPG [iNFO] Invalid end of file --> BUNNIES.JPG [iNFO] Invalid end of file --> CATS.JPG [iNFO] Invalid end of file --> DOLPHINS.JPG [iNFO] Invalid end of file --> FISH.JPG [iNFO] Invalid end of file --> FISH4.JPG [iNFO] Invalid end of file --> FLAGS.JPG [iNFO] Invalid end of file --> GIRAFFE.JPG [iNFO] Invalid end of file --> GPIG.JPG [iNFO] Invalid end of file --> CHALLENGE.XML [iNFO] Invalid end of file --> 16XZL.ICO [iNFO] Invalid end of file --> EMAILADDR.XML [iNFO] Invalid end of file --> ASDBUY.URL [iNFO] Invalid end of file --> ASD.ICO [iNFO] Invalid end of file --> HELP.URL [iNFO] Invalid end of file --> THIRDPARTYSOFTWAREACKNOWLEDGEMENTS.TXT [iNFO] Invalid end of file --> UNWISE32.EXE [iNFO] Invalid end of file --> UNWISE.FRA [iNFO] Invalid end of file --> UNWISE.DEU [iNFO] Invalid end of file --> UNWISE.ESP [iNFO] Invalid end of file --> UNWISE.ITA [iNFO] Invalid end of file --> FILE0014.DAT [iNFO] Invalid end of file --> FILE0019.DAT [iNFO] Invalid end of file [iNFO] Invalid end of file C:\Program Files\Zone Labs\ZoneAlarm\Aide\ C:\Program Files\Zone Labs\ZoneAlarm\images\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\PluginDefault\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\PluginDefault\bfraud\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\PluginDefault\challn\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\PluginDefault\collab\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\PluginDefault\common\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\PluginDefault\fraud\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\plugins\ C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\resources\ C:\Program Files\Zone Labs\ZoneAlarm\repair\ C:\RECYCLER\S-1-5-21-1801674531-764733703-839522115-1004\ C:\System Volume Information\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP0\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP1\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP1\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP1\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP1\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP10\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP10\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP10\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP10\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP100\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP100\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP100\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP100\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP101\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP101\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP101\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP101\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP102\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP102\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP102\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP102\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP103\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP103\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP103\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP103\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP104\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP104\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP104\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP104\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP105\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP105\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP105\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP105\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP106\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP106\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP106\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP106\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP107\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP107\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP107\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP107\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP108\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP108\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP108\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP108\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP109\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP109\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP109\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP109\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP11\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP11\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP11\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP11\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP110\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP110\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP110\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP110\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP111\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP111\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP111\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP111\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP112\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP112\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP112\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP112\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP113\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP113\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP113\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP113\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP114\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP114\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP114\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP114\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP115\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP115\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP115\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP115\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP116\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP116\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP116\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP116\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP117\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP117\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP117\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP117\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP118\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP118\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP118\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP118\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP119\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP119\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP119\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP119\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP12\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP12\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP12\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP12\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP120\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP120\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP120\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP120\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP121\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP121\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP121\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP121\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP122\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP122\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP122\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP122\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP123\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP123\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP123\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP123\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP124\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP124\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP124\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP124\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP125\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP125\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP125\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP125\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP126\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP126\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP126\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP126\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP127\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP127\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP127\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP127\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP128\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP128\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP128\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP128\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP129\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP129\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP129\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP129\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP13\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP13\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP13\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP13\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP130\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP130\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP130\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP130\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP131\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP131\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP131\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP131\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP132\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP132\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP132\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP132\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP133\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP133\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP133\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP133\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP134\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP134\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP134\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP134\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP135\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP135\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP135\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP135\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP136\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP136\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP136\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP136\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP137\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP137\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP137\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP137\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP138\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP138\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP138\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP138\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP139\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP139\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP139\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP139\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP14\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP14\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP14\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP14\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP140\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP140\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP140\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP140\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP141\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP141\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP141\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP141\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP142\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP142\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP142\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP142\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP143\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP143\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP143\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP143\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP144\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP144\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP144\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP144\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP145\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP145\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP145\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP145\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP146\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP146\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP146\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP146\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP147\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP147\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP147\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP147\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP148\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP148\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP148\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP148\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP149\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP149\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP149\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP149\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP15\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP15\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP15\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP15\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP16\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP16\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP16\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP16\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP17\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP17\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP17\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP17\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP18\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP18\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP18\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP18\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP19\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP19\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP19\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP19\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP2\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP2\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP2\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP2\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP20\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP20\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP20\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP20\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP21\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP21\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP21\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP21\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP22\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP22\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP22\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP22\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP23\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP23\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP23\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP23\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP24\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP24\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP24\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP24\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP25\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP25\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP25\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP25\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP26\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP26\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP26\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP26\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP27\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP27\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP27\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP27\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP28\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP28\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP28\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP28\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP29\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP29\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP29\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP29\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP3\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP3\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP3\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP3\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP30\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP30\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP30\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP30\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP31\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP31\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP31\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP31\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP32\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP32\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP32\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP32\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP33\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP33\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP33\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP33\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP34\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP34\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP34\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP34\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP35\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP35\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP35\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP35\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP36\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP36\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP36\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP36\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP37\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP37\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP37\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP37\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP38\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP38\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP38\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP38\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP39\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP39\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP39\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP39\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP4\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP4\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP4\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP4\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP40\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP40\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP40\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP40\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP41\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP41\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP41\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP41\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP42\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP42\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP42\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP42\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP43\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP43\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP43\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP43\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP44\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP44\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP44\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP44\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP45\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP45\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP45\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP45\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP46\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP46\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP46\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP46\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP47\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP47\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP47\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP47\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP48\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP48\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP48\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP48\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP49\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP49\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP49\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP49\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP5\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP5\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP5\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP5\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP50\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP50\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP50\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP50\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP51\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP51\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP51\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP51\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP52\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP52\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP52\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP52\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP53\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP53\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP53\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP53\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP54\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP54\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP54\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP54\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP55\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP55\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP55\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP55\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP56\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP56\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP56\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP56\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP57\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP57\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP57\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP57\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP58\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP58\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP58\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP58\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP59\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP59\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP59\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP59\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP6\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP6\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP6\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP6\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP60\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP60\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP60\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP60\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP61\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP61\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP61\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP61\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP62\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP62\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP62\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP62\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP63\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP63\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP63\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP63\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP64\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP64\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP64\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP64\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP65\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP65\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP65\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP65\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP66\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP66\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP66\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP66\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP67\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP67\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP67\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP67\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP68\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP68\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP68\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP68\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP69\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP69\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP69\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP69\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP7\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP7\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP7\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP7\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP70\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP70\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP70\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP70\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP71\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP71\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP71\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP71\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP72\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP72\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP72\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP72\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP73\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP73\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP73\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP73\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP74\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP74\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP74\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP74\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP75\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP75\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP75\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP75\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP76\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP76\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP76\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP76\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP77\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP77\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP77\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP77\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP78\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP78\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP78\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP78\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP79\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP79\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP79\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP79\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP8\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP8\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP8\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP8\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP80\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP80\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP80\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP80\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP81\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP81\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP81\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP81\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP82\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP82\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP82\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP82\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP83\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP83\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP83\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP83\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP84\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP84\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP84\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP84\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP85\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP85\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP85\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP85\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP86\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP86\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP86\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP86\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP87\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP87\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP87\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP87\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP88\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP88\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP88\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP88\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP89\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP89\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP89\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP89\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP9\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP9\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP9\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP9\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP90\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP90\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP90\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP90\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP91\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP91\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP91\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP91\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP92\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP92\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP92\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP92\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP93\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP93\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP93\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP93\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP94\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP94\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP94\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP94\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP95\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP95\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP95\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP95\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP96\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP96\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP96\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP96\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP97\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP97\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP97\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP97\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP98\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP98\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP98\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP98\snapshot\Repository\FS\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP99\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP99\snapshot\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP99\snapshot\Repository\ C:\System Volume Information\_restore{EB03EDF4-647C-4C40-9877-515CA0DBFCAA}\RP99\snapshot\Repository\FS\ C:\WINDOWS\ C:\WINDOWS\$hf_mig$\KB873339\ C:\WINDOWS\$hf_mig$\KB873339\SP2GDR\ C:\WINDOWS\$hf_mig$\KB873339\SP2QFE\ C:\WINDOWS\$hf_mig$\KB873339\update\ C:\WINDOWS\$hf_mig$\KB885835\ C:\WINDOWS\$hf_mig$\KB885835\SP2GDR\ C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\ C:\WINDOWS\$hf_mig$\KB885835\update\ C:\WINDOWS\$hf_mig$\KB885836\ C:\WINDOWS\$hf_mig$\KB885836\SP2GDR\ C:\WINDOWS\$hf_mig$\KB885836\SP2QFE\ C:\WINDOWS\$hf_mig$\KB885836\update\ C:\WINDOWS\$hf_mig$\KB886185\ C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ C:\WINDOWS\$hf_mig$\KB886185\update\ C:\WINDOWS\$hf_mig$\KB887472\ C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\ C:\WINDOWS\$hf_mig$\KB887472\update\ C:\WINDOWS\$hf_mig$\KB888302\ C:\WINDOWS\$hf_mig$\KB888302\SP2GDR\ C:\WINDOWS\$hf_mig$\KB888302\SP2QFE\ C:\WINDOWS\$hf_mig$\KB888302\update\ C:\WINDOWS\$hf_mig$\KB890046\ C:\WINDOWS\$hf_mig$\KB890046\SP2GDR\ C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\ C:\WINDOWS\$hf_mig$\KB890046\update\ C:\WINDOWS\$hf_mig$\KB890859\ C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\ C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ C:\WINDOWS\$hf_mig$\KB890859\update\ C:\WINDOWS\$hf_mig$\KB891781\ C:\WINDOWS\$hf_mig$\KB891781\SP2GDR\ C:\WINDOWS\$hf_mig$\KB891781\SP2QFE\ C:\WINDOWS\$hf_mig$\KB891781\update\ C:\WINDOWS\$hf_mig$\KB893756\ C:\WINDOWS\$hf_mig$\KB893756\SP2GDR\ C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\ C:\WINDOWS\$hf_mig$\KB893756\update\ C:\WINDOWS\$hf_mig$\KB896358\ C:\WINDOWS\$hf_mig$\KB896358\SP2GDR\ C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\ C:\WINDOWS\$hf_mig$\KB896358\update\ C:\WINDOWS\$hf_mig$\KB896423\ C:\WINDOWS\$hf_mig$\KB896423\SP2GDR\ C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\ C:\WINDOWS\$hf_mig$\KB896423\update\ C:\WINDOWS\$hf_mig$\KB896424\ C:\WINDOWS\$hf_mig$\KB896424\SP2GDR\ C:\WINDOWS\$hf_mig$\KB896424\SP2QFE\ C:\WINDOWS\$hf_mig$\KB896424\update\ C:\WINDOWS\$hf_mig$\KB896428\ C:\WINDOWS\$hf_mig$\KB896428\SP2GDR\ C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\ C:\WINDOWS\$hf_mig$\KB896428\update\ C:\WINDOWS\$hf_mig$\KB898461\ C:\WINDOWS\$hf_mig$\KB898461\update\ C:\WINDOWS\$hf_mig$\KB899587\ C:\WINDOWS\$hf_mig$\KB899587\SP2GDR\ C:\WINDOWS\$hf_mig$\KB899587\SP2QFE\ C:\WINDOWS\$hf_mig$\KB899587\update\ C:\WINDOWS\$hf_mig$\KB899591\ C:\WINDOWS\$hf_mig$\KB899591\SP2GDR\ C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\ C:\WINDOWS\$hf_mig$\KB899591\update\ C:\WINDOWS\$hf_mig$\KB900485\ C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\ C:\WINDOWS\$hf_mig$\KB900485\update\ C:\WINDOWS\$hf_mig$\KB900725\ C:\WINDOWS\$hf_mig$\KB900725\SP2GDR\ C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\ C:\WINDOWS\$hf_mig$\KB900725\update\ C:\WINDOWS\$hf_mig$\KB901017\ C:\WINDOWS\$hf_mig$\KB901017\SP2GDR\ C:\WINDOWS\$hf_mig$\KB901017\SP2QFE\ C:\WINDOWS\$hf_mig$\KB901017\update\ C:\WINDOWS\$hf_mig$\KB901214\ C:\WINDOWS\$hf_mig$\KB901214\SP2GDR\ C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\ C:\WINDOWS\$hf_mig$\KB901214\update\ C:\WINDOWS\$hf_mig$\KB902400\ C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\ C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ C:\WINDOWS\$hf_mig$\KB902400\update\ C:\WINDOWS\$hf_mig$\KB904706\ C:\WINDOWS\$hf_mig$\KB904706\SP2GDR\ C:\WINDOWS\$hf_mig$\KB904706\SP2QFE\ C:\WINDOWS\$hf_mig$\KB904706\update\ C:\WINDOWS\$hf_mig$\KB904942\ C:\WINDOWS\$hf_mig$\KB904942\SP2QFE\ C:\WINDOWS\$hf_mig$\KB904942\update\ C:\WINDOWS\$hf_mig$\KB905414\ C:\WINDOWS\$hf_mig$\KB905414\SP2GDR\ C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\ C:\WINDOWS\$hf_mig$\KB905414\update\ C:\WINDOWS\$hf_mig$\KB905749\ C:\WINDOWS\$hf_mig$\KB905749\SP2GDR\ C:\WINDOWS\$hf_mig$\KB905749\SP2QFE\ C:\WINDOWS\$hf_mig$\KB905749\update\ C:\WINDOWS\$hf_mig$\KB908519\ C:\WINDOWS\$hf_mig$\KB908519\SP2GDR\ C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\ C:\WINDOWS\$hf_mig$\KB908519\update\ C:\WINDOWS\$hf_mig$\KB908531\ C:\WINDOWS\$hf_mig$\KB908531\SP2GDR\ C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\ C:\WINDOWS\$hf_mig$\KB908531\update\ C:\WINDOWS\$hf_mig$\KB910437\ C:\WINDOWS\$hf_mig$\KB910437\SP2GDR\ C:\WINDOWS\$hf_mig$\KB910437\SP2QFE\ C:\WINDOWS\$hf_mig$\KB910437\update\ C:\WINDOWS\$hf_mig$\KB911280\ C:\WINDOWS\$hf_mig$\KB911280\SP2GDR\ C:\WINDOWS\$hf_mig$\KB911280\SP2QFE\ C:\WINDOWS\$hf_mig$\KB911280\update\ C:\WINDOWS\$hf_mig$\KB911562\ C:\WINDOWS\$hf_mig$\KB911562\SP2GDR\ C:\WINDOWS\$hf_mig$\KB911562\SP2QFE\ C:\WINDOWS\$hf_mig$\KB911562\update\ C:\WINDOWS\$hf_mig$\KB911927\ C:\WINDOWS\$hf_mig$\KB911927\SP2GDR\ C:\WINDOWS\$hf_mig$\KB911927\SP2QFE\ C:\WINDOWS\$hf_mig$\KB911927\update\ C:\WINDOWS\$hf_mig$\KB912919\ C:\WINDOWS\$hf_mig$\KB912919\SP2GDR\ C:\WINDOWS\$hf_mig$\KB912919\SP2QFE\ C:\WINDOWS\$hf_mig$\KB912919\update\ C:\WINDOWS\$hf_mig$\KB913580\ C:\WINDOWS\$hf_mig$\KB913580\SP2GDR\ C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\ C:\WINDOWS\$hf_mig$\KB913580\update\ C:\WINDOWS\$hf_mig$\KB914388\ C:\WINDOWS\$hf_mig$\KB914388\SP2GDR\ C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\ C:\WINDOWS\$hf_mig$\KB914388\update\ C:\WINDOWS\$hf_mig$\KB914389\ C:\WINDOWS\$hf_mig$\KB914389\SP2GDR\ C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\ C:\WINDOWS\$hf_mig$\KB914389\update\ C:\WINDOWS\$hf_mig$\KB915865\ C:\WINDOWS\$hf_mig$\KB915865\SP2QFE\ C:\WINDOWS\$hf_mig$\KB915865\update\ C:\WINDOWS\$hf_mig$\KB916595\ C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\ C:\WINDOWS\$hf_mig$\KB916595\update\ C:\WINDOWS\$hf_mig$\KB917344\ C:\WINDOWS\$hf_mig$\KB917344\SP2GDR\ C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\ C:\WINDOWS\$hf_mig$\KB917344\update\ C:\WINDOWS\$hf_mig$\KB917422\ C:\WINDOWS\$hf_mig$\KB917422\SP2GDR\ C:\WINDOWS\$hf_mig$\KB917422\SP2QFE\ C:\WINDOWS\$hf_mig$\KB917422\update\ C:\WINDOWS\$hf_mig$\KB917953\ C:\WINDOWS\$hf_mig$\KB917953\SP2GDR\ C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\ C:\WINDOWS\$hf_mig$\KB917953\update\ C:\WINDOWS\$hf_mig$\KB918118\ C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\ C:\WINDOWS\$hf_mig$\KB918118\update\ C:\WINDOWS\$hf_mig$\KB919007\ C:\WINDOWS\$hf_mig$\KB919007\SP2GDR\ C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\ C:\WINDOWS\$hf_mig$\KB919007\update\ C:\WINDOWS\$hf_mig$\KB920213\ C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\ C:\WINDOWS\$hf_mig$\KB920213\update\ C:\WINDOWS\$hf_mig$\KB920670\ C:\WINDOWS\$hf_mig$\KB920670\SP2GDR\ C:\WINDOWS\$hf_mig$\KB920670\SP2QFE\ C:\WINDOWS\$hf_mig$\KB920670\update\ C:\WINDOWS\$hf_mig$\KB920683\ C:\WINDOWS\$hf_mig$\KB920683\SP2GDR\ C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\ C:\WINDOWS\$hf_mig$\KB920683\update\ C:\WINDOWS\$hf_mig$\KB920685\ C:\WINDOWS\$hf_mig$\KB920685\SP2GDR\ C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\ C:\WINDOWS\$hf_mig$\KB920685\update\ C:\WINDOWS\$hf_mig$\KB920872\ C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\ C:\WINDOWS\$hf_mig$\KB920872\update\ C:\WINDOWS\$hf_mig$\KB921398\ C:\WINDOWS\$hf_mig$\KB921398\SP2GDR\ C:\WINDOWS\$hf_mig$\KB921398\SP2QFE\ C:\WINDOWS\$hf_mig$\KB921398\update\ C:\WINDOWS\$hf_mig$\KB921883\ C:\WINDOWS\$hf_mig$\KB921883\SP2GDR\ C:\WINDOWS\$hf_mig$\KB921883\SP2QFE\ C:\WINDOWS\$hf_mig$\KB921883\update\ C:\WINDOWS\$hf_mig$\KB922582\ C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\ C:\WINDOWS\$hf_mig$\KB922582\update\ C:\WINDOWS\$hf_mig$\KB922616\ C:\WINDOWS\$hf_mig$\KB922616\SP2GDR\ C:\WINDOWS\$hf_mig$\KB922616\SP2QFE\ C:\WINDOWS\$hf_mig$\KB922616\update\ C:\WINDOWS\$hf_mig$\KB922819\ C:\WINDOWS\$hf_mig$\KB922819\SP2GDR\ C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\ C:\WINDOWS\$hf_mig$\KB922819\update\ C:\WINDOWS\$hf_mig$\KB923191\ C:\WINDOWS\$hf_mig$\KB923191\SP2QFE\ C:\WINDOWS\$hf_mig$\KB923191\update\ C:\WINDOWS\$hf_mig$\KB923414\ C:\WINDOWS\$hf_mig$\KB923414\SP2GDR\ C:\WINDOWS\$hf_mig$\KB923414\SP2QFE\ C:\WINDOWS\$hf_mig$\KB923414\update\ C:\WINDOWS\$hf_mig$\KB923980\ C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\ C:\WINDOWS\$hf_mig$\KB923980\update\ C:\WINDOWS\$hf_mig$\KB924191\ C:\WINDOWS\$hf_mig$\KB924191\SP2GDR\ C:\WINDOWS\$hf_mig$\KB924191\SP2QFE\ C:\WINDOWS\$hf_mig$\KB924191\update\ C:\WINDOWS\$hf_mig$\KB924270\ C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\ C:\WINDOWS\$hf_mig$\KB924270\update\ C:\WINDOWS\$hf_mig$\KB924496\ C:\WINDOWS\$hf_mig$\KB924496\SP2GDR\ C:\WINDOWS\$hf_mig$\KB924496\SP2QFE\ C:\WINDOWS\$hf_mig$\KB924496\update\ C:\WINDOWS\$hf_mig$\KB925902\ C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\ C:\WINDOWS\$hf_mig$\KB925902\update\ C:\WINDOWS\$hf_mig$\KB926255\ C:\WINDOWS\$hf_mig$\KB926255\SP2QFE\ C:\WINDOWS\$hf_mig$\KB926255\update\ C:\WINDOWS\$hf_mig$\KB926436\ C:\WINDOWS\$hf_mig$\KB926436\SP2QFE\ C:\WINDOWS\$hf_mig$\KB926436\update\ C:\WINDOWS\$hf_mig$\KB927779\ C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\ C:\WINDOWS\$hf_mig$\KB927779\update\ C:\WINDOWS\$hf_mig$\KB927802\ C:\WINDOWS\$hf_mig$\KB927802\SP2QFE\ C:\WINDOWS\$hf_mig$\KB927802\update\ C:\WINDOWS\$hf_mig$\KB927891\ C:\WINDOWS\$hf_mig$\KB927891\SP2QFE\ C:\WINDOWS\$hf_mig$\KB927891\update\ C:\WINDOWS\$hf_mig$\KB928255\ C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\ C:\WINDOWS\$hf_mig$\KB928255\update\ C:\WINDOWS\$hf_mig$\KB928843\ C:\WINDOWS\$hf_mig$\KB928843\SP2QFE\ C:\WINDOWS\$hf_mig$\KB928843\update\ C:\WINDOWS\$hf_mig$\KB929123\ C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\ C:\WINDOWS\$hf_mig$\KB929123\update\ C:\WINDOWS\$hf_mig$\KB930178\ C:\WINDOWS\$hf_mig$\KB930178\SP2QFE\ C:\WINDOWS\$hf_mig$\KB930178\update\ C:\WINDOWS\$hf_mig$\KB930916\ C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ C:\WINDOWS\$hf_mig$\KB930916\update\ C:\WINDOWS\$hf_mig$\KB931261\ C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\ C:\WINDOWS\$hf_mig$\KB931261\update\ C:\WINDOWS\$hf_mig$\KB931784\ C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ C:\WINDOWS\$hf_mig$\KB931784\update\ C:\WINDOWS\$hf_mig$\KB932168\ C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\ C:\WINDOWS\$hf_mig$\KB932168\update\ C:\WINDOWS\$hf_mig$\KB933729\ C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\ C:\WINDOWS\$hf_mig$\KB933729\update\ C:\WINDOWS\$hf_mig$\KB935839\ C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\ C:\WINDOWS\$hf_mig$\KB935839\update\ C:\WINDOWS\$hf_mig$\KB935840\ C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\ C:\WINDOWS\$hf_mig$\KB935840\update\ C:\WINDOWS\$hf_mig$\KB936021\ C:\WINDOWS\$hf_mig$\KB936021\SP2QFE\ C:\WINDOWS\$hf_mig$\KB936021\update\ C:\WINDOWS\$hf_mig$\KB938127\ C:\WINDOWS\$hf_mig$\KB938127\SP2QFE\ C:\WINDOWS\$hf_mig$\KB938127\update\ C:\WINDOWS\$hf_mig$\KB938127-IE7\ C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\ C:\WINDOWS\$hf_mig$\KB938127-IE7\update\ C:\WINDOWS\$hf_mig$\KB938828\ C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\ C:\WINDOWS\$hf_mig$\KB938828\update\ C:\WINDOWS\$hf_mig$\KB938829\ C:\WINDOWS\$hf_mig$\KB938829\SP2QFE\ C:\WINDOWS\$hf_mig$\KB938829\update\ C:\WINDOWS\$hf_mig$\KB941202\ C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\ C:\WINDOWS\$hf_mig$\KB941202\update\ C:\WINDOWS\$hf_mig$\KB941568\ C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\ C:\WINDOWS\$hf_mig$\KB941568\update\ C:\WINDOWS\$hf_mig$\KB941644\ C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\ C:\WINDOWS\$hf_mig$\KB941644\update\ C:\WINDOWS\$hf_mig$\KB942615-IE7\ C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ C:\WINDOWS\$hf_mig$\KB942615-IE7\update\ C:\WINDOWS\$hf_mig$\KB942763\ C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\ C:\WINDOWS\$hf_mig$\KB942763\update\ C:\WINDOWS\$hf_mig$\KB942840\ C:\WINDOWS\$hf_mig$\KB942840\SP2QFE\ C:\WINDOWS\$hf_mig$\KB942840\update\ C:\WINDOWS\$hf_mig$\KB943055\ C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\ C:\WINDOWS\$hf_mig$\KB943055\update\ C:\WINDOWS\$hf_mig$\KB943460\ C:\WINDOWS\$hf_mig$\KB943460\SP2QFE\ C:\WINDOWS\$hf_mig$\KB943460\update\ C:\WINDOWS\$hf_mig$\KB943485\ C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\ C:\WINDOWS\$hf_mig$\KB943485\update\ C:\WINDOWS\$hf_mig$\KB944533\ C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\ C:\WINDOWS\$hf_mig$\KB944533\update\ C:\WINDOWS\$hf_mig$\KB944533-IE7\ C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ C:\WINDOWS\$hf_mig$\KB944533-IE7\update\ C:\WINDOWS\$hf_mig$\KB944653\ C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\ C:\WINDOWS\$hf_mig$\KB944653\update\ C:\WINDOWS\$hf_mig$\KB946026\ C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\ C:\WINDOWS\$hf_mig$\KB946026\update\ C:\WINDOWS\$MSI31Uninstall_KB893803v2$\ C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\ C:\WINDOWS\$NtServicePackUninstall$\ C:\WINDOWS\$NtServicePackUninstall$\spuninst\ C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\ C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\ C:\WINDOWS\$NtUninstallKB835409$\ C:\WINDOWS\$NtUninstallKB835409$\spuninst\ C:\WINDOWS\$NtUninstallKB835732$\ C:\WINDOWS\$NtUninstallKB835732$\spuninst\ C:\WINDOWS\$NtUninstallKB842773$\ C:\WINDOWS\$NtUninstallKB842773$\spuninst\ C:\WINDOWS\$NtUninstallKB873339$\ C:\WINDOWS\$NtUninstallKB873339$\spuninst\ C:\WINDOWS\$NtUninstallKB873339_0$\ C:\WINDOWS\$NtUninstallKB873339_0$\spuninst\ C:\WINDOWS\$NtUninstallKB885835$\ C:\WINDOWS\$NtUninstallKB885835$\spuninst\ C:\WINDOWS\$NtUninstallKB885835_0$\ C:\WINDOWS\$NtUninstallKB885835_0$\spuninst\ C:\WINDOWS\$NtUninstallKB885836$\ C:\WINDOWS\$NtUninstallKB885836$\spuninst\ C:\WINDOWS\$NtUninstallKB885836_0$\ C:\WINDOWS\$NtUninstallKB885836_0$\spuninst\ C:\WINDOWS\$NtUninstallKB885884$\spuninst\ C:\WINDOWS\$NtUninstallKB886185$\ C:\WINDOWS\$NtUninstallKB886185$\spuninst\ C:\WINDOWS\$NtUninstallKB887472$\ C:\WINDOWS\$NtUninstallKB887472$\spuninst\ C:\WINDOWS\$NtUninstallKB888302$\ C:\WINDOWS\$NtUninstallKB888302$\spuninst\ C:\WINDOWS\$NtUninstallKB888302_0$\ C:\WINDOWS\$NtUninstallKB888302_0$\spuninst\ C:\WINDOWS\$NtUninstallKB890046$\ C:\WINDOWS\$NtUninstallKB890046$\spuninst\ C:\WINDOWS\$NtUninstallKB890046_0$\ C:\WINDOWS\$NtUninstallKB890046_0$\spuninst\ C:\WINDOWS\$NtUninstallKB890859$\ C:\WINDOWS\$NtUninstallKB890859$\spuninst\ C:\WINDOWS\$NtUninstallKB890859_0$\ C:\WINDOWS\$NtUninstallKB890859_0$\spuninst\ C:\WINDOWS\$NtUninstallKB891781$\ C:\WINDOWS\$NtUninstallKB891781$\spuninst\ C:\WINDOWS\$NtUninstallKB891781_0$\ C:\WINDOWS\$NtUninstallKB891781_0$\spuninst\ C:\WINDOWS\$NtUninstallKB893756$\ C:\WINDOWS\$NtUninstallKB893756$\spuninst\ C:\WINDOWS\$NtUninstallKB893756_0$\ C:\WINDOWS\$NtUninstallKB893756_0$\spuninst\ C:\WINDOWS\$NtUninstallKB896358$\ C:\WINDOWS\$NtUninstallKB896358$\spuninst\ C:\WINDOWS\$NtUninstallKB896358_0$\ C:\WINDOWS\$NtUninstallKB896358_0$\spuninst\ C:\WINDOWS\$NtUninstallKB896423$\ C:\WINDOWS\$NtUninstallKB896423$\spuninst\ C:\WINDOWS\$NtUninstallKB896423_0$\ C:\WINDOWS\$NtUninstallKB896423_0$\spuninst\ C:\WINDOWS\$NtUninstallKB896424$\ C:\WINDOWS\$NtUninstallKB896424$\spuninst\ C:\WINDOWS\$NtUninstallKB896424_0$\ C:\WINDOWS\$NtUninstallKB896424_0$\spuninst\ C:\WINDOWS\$NtUninstallKB896428$\ C:\WINDOWS\$NtUninstallKB896428$\spuninst\ C:\WINDOWS\$NtUninstallKB896428_0$\ C:\WINDOWS\$NtUninstallKB896428_0$\spuninst\ C:\WINDOWS\$NtUninstallKB898461$\spuninst\ C:\WINDOWS\$NtUninstallKB899587$\ C:\WINDOWS\$NtUninstallKB899587$\spuninst\ C:\WINDOWS\$NtUninstallKB899587_0$\ C:\WINDOWS\$NtUninstallKB899587_0$\spuninst\ C:\WINDOWS\$NtUninstallKB899591$\ C:\WINDOWS\$NtUninstallKB899591$\spuninst\ C:\WINDOWS\$NtUninstallKB899591_0$\ C:\WINDOWS\$NtUninstallKB899591_0$\spuninst\ C:\WINDOWS\$NtUninstallKB900485$\ C:\WINDOWS\$NtUninstallKB900485$\spuninst\ C:\WINDOWS\$NtUninstallKB900725$\ C:\WINDOWS\$NtUninstallKB900725$\spuninst\ C:\WINDOWS\$NtUninstallKB900725_0$\ C:\WINDOWS\$NtUninstallKB900725_0$\spuninst\ C:\WINDOWS\$NtUninstallKB901017$\ C:\WINDOWS\$NtUninstallKB901017$\spuninst\ C:\WINDOWS\$NtUninstallKB901017_0$\ C:\WINDOWS\$NtUninstallKB901017_0$\spuninst\ C:\WINDOWS\$NtUninstallKB901214$\ C:\WINDOWS\$NtUninstallKB901214$\spuninst\ C:\WINDOWS\$NtUninstallKB901214_0$\ C:\WINDOWS\$NtUninstallKB901214_0$\spuninst\ C:\WINDOWS\$NtUninstallKB902400$\ C:\WINDOWS\$NtUninstallKB902400$\spuninst\ C:\WINDOWS\$NtUninstallKB902400_0$\ C:\WINDOWS\$NtUninstallKB902400_0$\spuninst\ C:\WINDOWS\$NtUninstallKB904706$\ C:\WINDOWS\$NtUninstallKB904706$\spuninst\ C:\WINDOWS\$NtUninstallKB904706_0$\ C:\WINDOWS\$NtUninstallKB904706_0$\spuninst\ C:\WINDOWS\$NtUninstallKB904942$\ C:\WINDOWS\$NtUninstallKB904942$\spuninst\ C:\WINDOWS\$NtUninstallKB905414$\ C:\WINDOWS\$NtUninstallKB905414$\spuninst\ C:\WINDOWS\$NtUninstallKB905414_0$\ C:\WINDOWS\$NtUninstallKB905414_0$\spuninst\ C:\WINDOWS\$NtUninstallKB905495$\ C:\WINDOWS\$NtUninstallKB905495$\spuninst\ C:\WINDOWS\$NtUninstallKB905749$\ C:\WINDOWS\$NtUninstallKB905749$\spuninst\ C:\WINDOWS\$NtUninstallKB908519$\ C:\WINDOWS\$NtUninstallKB908519$\spuninst\ C:\WINDOWS\$NtUninstallKB908531$\ C:\WINDOWS\$NtUninstallKB908531$\spuninst\ C:\WINDOWS\$NtUninstallKB910437$\ C:\WINDOWS\$NtUninstallKB910437$\spuninst\ C:\WINDOWS\$NtUninstallKB911280$\ C:\WINDOWS\$NtUninstallKB911280$\spuninst\ C:\WINDOWS\$NtUninstallKB911562$\ C:\WINDOWS\$NtUninstallKB911562$\spuninst\ C:\WINDOWS\$NtUninstallKB911564$\ C:\WINDOWS\$NtUninstallKB911564$\spuninst\ C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\ C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\spuninst\ C:\WINDOWS\$NtUninstallKB911927$\ C:\WINDOWS\$NtUninstallKB911927$\spuninst\ C:\WINDOWS\$NtUninstallKB912919$\ C:\WINDOWS\$NtUninstallKB912919$\spuninst\ C:\WINDOWS\$NtUninstallKB913580$\ C:\WINDOWS\$NtUninstallKB913580$\spuninst\ C:\WINDOWS\$NtUninstallKB914388$\ C:\WINDOWS\$NtUninstallKB914388$\spuninst\ C:\WINDOWS\$NtUninstallKB914389$\ C:\WINDOWS\$NtUninstallKB914389$\spuninst\ C:\WINDOWS\$NtUninstallKB914440$\spuninst\ C:\WINDOWS\$NtUninstallKB915865$\spuninst\ C:\WINDOWS\$NtUninstallKB916595$\ C:\WINDOWS\$NtUninstallKB916595$\spuninst\ C:\WINDOWS\$NtUninstallKB917344$\ C:\WINDOWS\$NtUninstallKB917344$\spuninst\ C:\WINDOWS\$NtUninstallKB917422$\ C:\WINDOWS\$NtUninstallKB917422$\spuninst\ C:\WINDOWS\$NtUninstallKB917734_WMP8$\ C:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\ C:\WINDOWS\$NtUninstallKB917953$\ C:\WINDOWS\$NtUninstallKB917953$\spuninst\ C:\WINDOWS\$NtUninstallKB918118$\ C:\WINDOWS\$NtUninstallKB918118$\spuninst\ C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$\ C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$\spuninst\ C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$\ C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$\spuninst\ C:\WINDOWS\$NtUninstallKB919007$\ C:\WINDOWS\$NtUninstallKB919007$\spuninst\ C:\WINDOWS\$NtUninstallKB920213$\ C:\WINDOWS\$NtUninstallKB920213$\spuninst\ C:\WINDOWS\$NtUninstallKB920670$\ C:\WINDOWS\$NtUninstallKB920670$\spuninst\ C:\WINDOWS\$NtUninstallKB920683$\ C:\WINDOWS\$NtUninstallKB920683$\spuninst\ C:\WINDOWS\$NtUninstallKB920685$\ C:\WINDOWS\$NtUninstallKB920685$\spuninst\ C:\WINDOWS\$NtUninstallKB920872$\ C:\WINDOWS\$NtUninstallKB920872$\spuninst\ C:\WINDOWS\$NtUninstallKB921398$\ C:\WINDOWS\$NtUninstallKB921398$\spuninst\ C:\WINDOWS\$NtUninstallKB921883$\ C:\WINDOWS\$NtUninstallKB921883$\spuninst\ C:\WINDOWS\$NtUninstallKB922582$\ C:\WINDOWS\$NtUninstallKB922582$\spuninst\ C:\WINDOWS\$NtUninstallKB922616$\ C:\WINDOWS\$NtUninstallKB922616$\spuninst\ C:\WINDOWS\$NtUninstallKB922819$\ C:\WINDOWS\$NtUninstallKB922819$\spuninst\ C:\WINDOWS\$NtUninstallKB923191$\ C:\WINDOWS\$NtUninstallKB923191$\spuninst\ C:\WINDOWS\$NtUninstallKB923414$\ C:\WINDOWS\$NtUninstallKB923414$\spuninst\ C:\WINDOWS\$NtUninstallKB923980$\ C:\WINDOWS\$NtUninstallKB923980$\spuninst\ C:\WINDOWS\$NtUninstallKB924191$\ C:\WINDOWS\$NtUninstallKB924191$\spuninst\ C:\WINDOWS\$NtUninstallKB924270$\ C:\WINDOWS\$NtUninstallKB924270$\spuninst\ C:\WINDOWS\$NtUninstallKB924496$\ C:\WINDOWS\$NtUninstallKB924496$\spuninst\ C:\WINDOWS\$NtUninstallKB924667$\ C:\WINDOWS\$NtUninstallKB924667$\spuninst\ C:\WINDOWS\$NtUninstallKB925398_WMP64$\ C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\ C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$\ C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$\spuninst\ C:\WINDOWS\$NtUninstallKB925902$\ C:\WINDOWS\$NtUninstallKB925902$\spuninst\ C:\WINDOWS\$NtUninstallKB926239$\ C:\WINDOWS\$NtUninstallKB926239$\spuninst\ C:\WINDOWS\$NtUninstallKB926255$\ C:\WINDOWS\$NtUninstallKB926255$\spuninst\ C:\WINDOWS\$NtUninstallKB926436$\ C:\WINDOWS\$NtUninstallKB926436$\spuninst\ C:\WINDOWS\$NtUninstallKB927779$\ C:\WINDOWS\$NtUninstallKB927779$\spuninst\ C:\WINDOWS\$NtUninstallKB927802$\ C:\WINDOWS\$NtUninstallKB927802$\spuninst\ C:\WINDOWS\$NtUninstallKB927891$\ C:\WINDOWS\$NtUninstallKB927891$\spuninst\ C:\WINDOWS\$NtUninstallKB928255$\ C:\WINDOWS\$NtUninstallKB928255$\spuninst\ C:\WINDOWS\$NtUninstallKB928843$\ C:\WINDOWS\$NtUninstallKB928843$\spuninst\ C:\WINDOWS\$NtUninstallKB929123$\ C:\WINDOWS\$NtUninstallKB929123$\spuninst\ C:\WINDOWS\$NtUninstallKB929399$\ C:\WINDOWS\$NtUninstallKB929399$\spuninst\ C:\WINDOWS\$NtUninstallKB930178$\ C:\WINDOWS\$NtUninstallKB930178$\spuninst\ C:\WINDOWS\$NtUninstallKB930916$\ C:\WINDOWS\$NtUninstallKB930916$\spuninst\ C:\WINDOWS\$NtUninstallKB931261$\ C:\WINDOWS\$NtUninstallKB931261$\spuninst\ C:\WINDOWS\$NtUninstallKB931784$\ C:\WINDOWS\$NtUninstallKB931784$\spuninst\ C:\WINDOWS\$NtUninstallKB932168$\ C:\WINDOWS\$NtUninstallKB932168$\spuninst\ C:\WINDOWS\$NtUninstallKB933729$\ C:\WINDOWS\$NtUninstallKB933729$\spuninst\ C:\WINDOWS\$NtUninstallKB935839$\ C:\WINDOWS\$NtUninstallKB935839$\spuninst\ C:\WINDOWS\$NtUninstallKB935840$\ C:\WINDOWS\$NtUninstallKB935840$\spuninst\ C:\WINDOWS\$NtUninstallKB936021$\ C:\WINDOWS\$NtUninstallKB936021$\spuninst\ C:\WINDOWS\$NtUninstallKB936782_WMP11$\ C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\ C:\WINDOWS\$NtUninstallKB936782_WMP9$\ C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\ C:\WINDOWS\$NtUninstallKB938127$\ C:\WINDOWS\$NtUninstallKB938127$\spuninst\ C:\WINDOWS\$NtUninstallKB938828$\ C:\WINDOWS\$NtUninstallKB938828$\spuninst\ C:\WINDOWS\$NtUninstallKB938829$\ C:\WINDOWS\$NtUninstallKB938829$\spuninst\ C:\WINDOWS\$NtUninstallKB939683$\ C:\WINDOWS\$NtUninstallKB939683$\spuninst\ C:\WINDOWS\$NtUninstallKB941202$\ C:\WINDOWS\$NtUninstallKB941202$\spuninst\ C:\WINDOWS\$NtUninstallKB941568$\ C:\WINDOWS\$NtUninstallKB941568$\spuninst\ C:\WINDOWS\$NtUninstallKB941569$\ C:\WINDOWS\$NtUninstallKB941569$\spuninst\ C:\WINDOWS\$NtUninstallKB941644$\ C:\WINDOWS\$NtUninstallKB941644$\spuninst\ C:\WINDOWS\$NtUninstallKB942763$\spuninst\ C:\WINDOWS\$NtUninstallKB942840$\ C:\WINDOWS\$NtUninstallKB942840$\spuninst\ C:\WINDOWS\$NtUninstallKB943055$\ C:\WINDOWS\$NtUninstallKB943055$\spuninst\ C:\WINDOWS\$NtUninstallKB943460$\ C:\WINDOWS\$NtUninstallKB943460$\spuninst\ C:\WINDOWS\$NtUninstallKB943485$\ C:\WINDOWS\$NtUninstallKB943485$\spuninst\ C:\WINDOWS\$NtUninstallKB944533$\ C:\WINDOWS\$NtUninstallKB944533$\spuninst\ C:\WINDOWS\$NtUninstallKB944653$\ C:\WINDOWS\$NtUninstallKB944653$\spuninst\ C:\WINDOWS\$NtUninstallKB946026$\ C:\WINDOWS\$NtUninstallKB946026$\spuninst\ C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\ C:\WINDOWS\$NtUninstallWMFDist11$\ C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\ C:\WINDOWS\$NtUninstallwmp11$\ C:\WINDOWS\$NtUninstallwmp11$\spuninst\ C:\WINDOWS\$NtUninstallWudf01000$\spuninst\ C:\WINDOWS\AppPatch\ C:\WINDOWS\BDOSCAN8\ C:\WINDOWS\BDOSCAN8\plugins\ C:\WINDOWS\Cursors\ C:\WINDOWS\Debug\ C:\WINDOWS\Downloaded Program Files\ C:\WINDOWS\Driver Cache\i386\ C:\WINDOWS\EHome\ C:\WINDOWS\Fonts\ C:\WINDOWS\Help\ C:\WINDOWS\Help\nvcpl\ C:\WINDOWS\Help\starter\ C:\WINDOWS\Help\starter\help_mell\ C:\WINDOWS\Help\Tours\htmlTour\ C:\WINDOWS\Help\Tours\mmTour\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\Wav\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Css\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\Btn\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Img\WMarks\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Scr\ C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Video\ C:\WINDOWS\Icons\AnimalKingdom\ C:\WINDOWS\Icons\AppleGreen\ C:\WINDOWS\ie7\ C:\WINDOWS\ie7\spuninst\ C:\WINDOWS\ie7updates\KB938127-IE7\ C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\ C:\WINDOWS\ie7updates\KB942615-IE7\ C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\ C:\WINDOWS\ie7updates\KB944533-IE7\ C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\ C:\WINDOWS\ime\ C:\WINDOWS\inf\ C:\WINDOWS\inf\IEM\0409\ C:\WINDOWS\inf\IEM\040c\ C:\WINDOWS\Installer\ C:\WINDOWS\Installer\{01A2E33A-8ADA-42D1-9173-8F65149E952F}\ C:\WINDOWS\Installer\{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}\ C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\ C:\WINDOWS\Installer\{331DFBF7-734D-4545-8A9D-48CB5D73AF07}\ C:\WINDOWS\Installer\{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}\ C:\WINDOWS\Installer\{64D114CE-4234-45C2-B60A-2B07D5A48F72}\ C:\WINDOWS\Installer\{6F06A42D-525C-49ED-8622-E16790956CD8}\ C:\WINDOWS\Installer\{911B040C-6000-11D3-8CFE-0050048383C9}\ C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81200000003}\ C:\WINDOWS\Installer\{AC76BA86-7AD7-5464-3428-800000000003}\ C:\WINDOWS\Installer\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}\ C:\WINDOWS\Installer\{D1696920-9794-4BBC-8A30-7A88763DE5A2}\ C:\WINDOWS\Installer\{E38D381A-ABCF-4D97-9D9C-B3A8529DCA15}\ C:\WINDOWS\Installer\{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5}\ C:\WINDOWS\Internet Logs\ C:\WINDOWS\java\classes\ C:\WINDOWS\java\Packages\ C:\WINDOWS\java\Packages\Data\ C:\WINDOWS\LastGood\INF\ C:\WINDOWS\Media\ C:\WINDOWS\Minidump\ C:\WINDOWS\Modio\ C:\WINDOWS\Modio\SLAMR2KO\ C:\WINDOWS\Modio\SLAMR2KO\SLExtBU\ C:\WINDOWS\Motive\TONLFR\ C:\WINDOWS\msagent\ C:\WINDOWS\msagent\chars\ C:\WINDOWS\msagent\intl\ C:\WINDOWS\network diagnostic\ C:\WINDOWS\nview\ C:\WINDOWS\Offline Web Pages\ C:\WINDOWS\PCHealth\ErrorRep\UserDumps\ C:\WINDOWS\PCHealth\HelpCtr\Binaries\ C:\WINDOWS\PCHealth\HelpCtr\Config\ C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\ C:\WINDOWS\PCHealth\HelpCtr\Database\ C:\WINDOWS\PCHealth\HelpCtr\DataColl\ C:\WINDOWS\PCHealth\HelpCtr\Indices\ C:\WINDOWS\PCHealth\HelpCtr\Logs\ C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\ C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Personal_32#040c\ C:\WINDOWS\PCHealth\HelpCtr\PackageStore\ C:\WINDOWS\PCHealth\HelpCtr\System\ C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\ C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\ C:\WINDOWS\PCHealth\HelpCtr\System\css\ C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\ C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\ C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ C:\WINDOWS\PCHealth\HelpCtr\System\errors\ C:\WINDOWS\PCHealth\HelpCtr\System\images\ C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\ C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\ C:\WINDOWS\PCHealth\HelpCtr\System\images\32x32\ C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\ C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\ C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\ C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\ C:\WINDOWS\PCHealth\HelpCtr\System\panels\ C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\ C:\WINDOWS\PCHealth\HelpCtr\System\rc\ C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\ C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\ C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\ C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\ C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\ C:\WINDOWS\PCHealth\HelpCtr\System\scripts\ C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\ C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\ C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\ C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\ C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\ C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\ C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\ C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\ C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\ C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\ C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\ C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited\ C:\WINDOWS\PCHealth\UploadLB\Binaries\ C:\WINDOWS\PCHealth\UploadLB\Config\ C:\WINDOWS\peernet\ C:\WINDOWS\Prefetch\ C:\WINDOWS\provisioning\schemas\ C:\WINDOWS\pss\ C:\WINDOWS\Registration\ C:\WINDOWS\repair\ C:\WINDOWS\Resources\Themes\ C:\WINDOWS\Resources\Themes\Luna\ C:\WINDOWS\Resources\Themes\Luna\Shell\Homestead\ C:\WINDOWS\Resources\Themes\Luna\Shell\Metallic\ C:\WINDOWS\Resources\Themes\Luna\Shell\NormalColor\ C:\WINDOWS\security\ C:\WINDOWS\security\Database\ C:\WINDOWS\security\logs\ C:\WINDOWS\security\templates\ C:\WINDOWS\ServicePackFiles\i386\ C:\WINDOWS\ServicePackFiles\i386\lang\ C:\WINDOWS\ShellNew\ C:\WINDOWS\SoftwareDistribution\ C:\WINDOWS\SoftwareDistribution\DataStore\ C:\WINDOWS\SoftwareDistribution\DataStore\Logs\ C:\WINDOWS\SoftwareDistribution\Download\ C:\WINDOWS\SoftwareDistribution\Download\011cdeb527c0ded3735dde8070aaf659\ C:\WINDOWS\SoftwareDistribution\Download\011cdeb527c0ded3735dde8070aaf659\sp2gdr\ C:\WINDOWS\SoftwareDistribution\Download\011cdeb527c0ded3735dde8070aaf659\sp2qfe\ C:\WINDOWS\SoftwareDistribution\Download\011cdeb527c0ded3735dde8070aaf659\update\ C:\WINDOWS\SoftwareDistribution\Download\2dce20bc43d87c5ad11562143f87f0c5\ C:\WINDOWS\SoftwareDistribution\Download\2dce20bc43d87c5ad11562143f87f0c5\SP2GDR\ C:\WINDOWS\SoftwareDistribution\Download\2dce20bc43d87c5ad11562143f87f0c5\SP2QFE\ C:\WINDOWS\SoftwareDistribution\Download\2dce20bc43d87c5ad11562143f87f0c5\update\ C:\WINDOWS\SoftwareDistribution\Download\3da5fb25f9bca1c53dde30405d5bbc6e\ C:\WINDOWS\SoftwareDistribution\Download\3da5fb25f9bca1c53dde30405d5bbc6e\SP2GDR\ C:\WINDOWS\SoftwareDistribution\Download\3da5fb25f9bca1c53dde30405d5bbc6e\SP2QFE\ C:\WINDOWS\SoftwareDistribution\Download\3da5fb25f9bca1c53dde30405d5bbc6e\update\ C:\WINDOWS\SoftwareDistribution\Download\46cd47035087b17a775667e2fc66a071\ C:\WINDOWS\SoftwareDistribution\Download\46cd47035087b17a775667e2fc66a071\sp2gdr\ C:\WINDOWS\SoftwareDistribution\Download\46cd47035087b17a775667e2fc66a071\sp2qfe\ C:\WINDOWS\SoftwareDistribution\Download\46cd47035087b17a775667e2fc66a071\update\ C:\WINDOWS\SoftwareDistribution\Download\550530d3b934e720deb3ca1851e75ba0\ C:\WINDOWS\SoftwareDistribution\Download\550530d3b934e720deb3ca1851e75ba0\SP2QFE\ C:\WINDOWS\SoftwareDistribution\Download\550530d3b934e720deb3ca1851e75ba0\update\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\10\msft\windows\gdiplus\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\10\policy\msft\windows\gdiplus\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\51\msft\windows\system\default\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\51\policy\msft\windows\system\default\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\52\msft\windows\net\dxmrtp\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\52\msft\windows\net\rtcdll\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\52\msft\windows\net\rtcres\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\52\policy\msft\windows\networking\dxmrtp\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\52\policy\msft\windows\networking\rtcdll\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\60\msft\windows\common\controls\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\60\policy\60\comctl\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\70\msft\windows\mswincrt\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asms\70\policy\msft\mswincrt\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ic\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\new\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\root\cmpnents\tabletpc\i386\ C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\ C:\WINDOWS\SoftwareDistribution\Download\8e09a65615c8797f1ad03293be9a380b\ C:\WINDOWS\SoftwareDistribution\Download\cc102203f99c8c6ebf1523556f8411b6\ C:\WINDOWS\SoftwareDistribution\EventCache\ C:\WINDOWS\SoftwareDistribution\EventCache\{3A8B9BB2-0C90-467A-80D3-302BE54229D8}.bin [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\ C:\WINDOWS\SoftwareDistribution\WebSetup\ C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\ C:\WINDOWS\srchasst\ C:\WINDOWS\srchasst\chars\ C:\WINDOWS\srchasst\mui\040C\ C:\WINDOWS\srchasst\mui\041e\ C:\WINDOWS\system\ C:\WINDOWS\system32\ C:\WINDOWS\system32\1033\ C:\WINDOWS\system32\1036\ C:\WINDOWS\system32\ActiveScan\ C:\WINDOWS\system32\bits\ C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ C:\WINDOWS\system32\CatRoot2\ C:\WINDOWS\system32\CatRoot2\edb.log [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\CatRoot2\edbtmp.log [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\CatRoot2\tmp.edb [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\ C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ C:\WINDOWS\system32\Com\ C:\WINDOWS\system32\config\ C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\system32\config\systemprofile\ C:\WINDOWS\system32\config\systemprofile\Application Data\ C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\ C:\WINDOWS\system32\config\systemprofile\Cookies\ C:\WINDOWS\system32\config\systemprofile\Local Settings\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008020420080211\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008021620080217\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\05YN41UV\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\8XUNK9AJ\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O9EN856B\ C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WTQ30PYV\ C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\ C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\ C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\ C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité\ C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement\ C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\ C:\WINDOWS\system32\config\systemprofile\Modèles\ C:\WINDOWS\system32\config\systemprofile\SendTo\ C:\WINDOWS\system32\DirectX\Dinput\ C:\WINDOWS\system32\dllcache\ C:\WINDOWS\system32\drivers\ C:\WINDOWS\system32\drivers\etc\ C:\WINDOWS\system32\drivers\UMDF\ C:\WINDOWS\system32\en-US\ C:\WINDOWS\system32\fr-fr\ C:\WINDOWS\system32\ias\ C:\WINDOWS\system32\icsxml\ C:\WINDOWS\system32\Macromed\Flash\ C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\ C:\WINDOWS\system32\MsDtc\ C:\WINDOWS\system32\MsDtc\Trace\ C:\WINDOWS\system32\mui\000C\ C:\WINDOWS\system32\mui\041e\ C:\WINDOWS\system32\npp\ C:\WINDOWS\system32\oobe\ C:\WINDOWS\system32\oobe\actsetup\ C:\WINDOWS\system32\oobe\error\ C:\WINDOWS\system32\oobe\html\dslmain\ C:\WINDOWS\system32\oobe\html\iconnect\ C:\WINDOWS\system32\oobe\html\isptype\ C:\WINDOWS\system32\oobe\html\mouse\ C:\WINDOWS\system32\oobe\html\mouse\images\ C:\WINDOWS\system32\oobe\html\sconnect\ C:\WINDOWS\system32\oobe\icserror\ C:\WINDOWS\system32\oobe\images\ C:\WINDOWS\system32\oobe\isperror\ C:\WINDOWS\system32\oobe\mui\041e\ C:\WINDOWS\system32\oobe\mui\041e\actsetup\ C:\WINDOWS\system32\oobe\regerror\ C:\WINDOWS\system32\oobe\setup\ C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_040C_v1\ C:\WINDOWS\system32\ras\ C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\ C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\ C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\ C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\ C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\ C:\WINDOWS\system32\Restore\ C:\WINDOWS\system32\Setup\ C:\WINDOWS\system32\spool\drivers\color\ C:\WINDOWS\system32\spool\drivers\w32x86\ C:\WINDOWS\system32\spool\drivers\w32x86\3\ C:\WINDOWS\system32\spool\drivers\w32x86\lexmark_x6100_seriesa4c3\ C:\WINDOWS\system32\spool\prtprocs\w32x86\ C:\WINDOWS\system32\usmt\ C:\WINDOWS\system32\wbem\ C:\WINDOWS\system32\wbem\AutoRecover\ C:\WINDOWS\system32\wbem\Logs\ C:\WINDOWS\system32\wbem\mof\good\ C:\WINDOWS\system32\wbem\Performance\ C:\WINDOWS\system32\wbem\Repository\ C:\WINDOWS\system32\wbem\Repository\FS\ C:\WINDOWS\system32\wbem\xml\ C:\WINDOWS\system32\ZoneLabs\ C:\WINDOWS\system32\ZoneLabs\avsys\ C:\WINDOWS\system32\ZoneLabs\avsys\bases\ C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2kxp32\ C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32\ C:\WINDOWS\system32\ZoneLabs\lib\ C:\WINDOWS\system32\ZoneLabs\lib\pyd\ C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\ C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\ C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\ C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\ C:\WINDOWS\system32\ZoneLabs\Updates\ C:\WINDOWS\Tasks\ C:\WINDOWS\Temp\ C:\WINDOWS\Temp\ZLT0069f.TMP [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\Temp\ZLT05d26.TMP [WARNING] The file could not be opened! [WARNING] Error code: 0x000D [WARNING] Access error/file locked! C:\WINDOWS\twain_32\ C:\WINDOWS\twain_32\Lexmark\X6100 Series\ C:\WINDOWS\WBEM\ C:\WINDOWS\Web\ C:\WINDOWS\Web\printers\ C:\WINDOWS\Web\printers\images\ C:\WINDOWS\Web\Wallpaper\ C:\WINDOWS\WinSxS\Manifests\ C:\WINDOWS\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\ C:\WINDOWS\WinSxS\Policies\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510\ C:\WINDOWS\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd\ C:\WINDOWS\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f\ C:\WINDOWS\WinSxS\Policies\x86_policy.6.0.Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_x-ww_527a1c68\ C:\WINDOWS\WinSxS\Policies\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ C:\WINDOWS\WinSxS\Policies\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3\ C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_5f0bbcff\ C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\ C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries.Resources_6595b64144ccf1df_6.0.0.0_fr-FR_9d8c4a39\ C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\ C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\ C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\ C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1740_x-ww_7cb8ab44\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1816_x-ww_7d33ba0e\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1873_x-ww_7d39bb85\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1891_x-ww_7d3bbc01\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3 d\ End of the scan: mercredi 26 mars 2008 19:23 Used time: 46:47 min The scan has been done completely. 4344 Scanning directories 309664 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 31 Files cannot be scanned 309664 Files not concerned 2870 Archives were scanned 33 Warnings 240 Notes bonne soirée et Kenavo

:P bonsoir à tous comme je ne sais toujours pas comment donner de nouvelles infos sur mon soucis ou comment le compléter, j'utilise cette méthode (je serais heureux d'apprendre à faire autrement avec votre aide.) nouveau scan et nouveau blocage sur une autre clé!!!! voici le rapport partiel de antivir que j'ai mis en route ce matin avant de partir. "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\Setup\Registrando Panda Almacen" AntiVir PersonalEdition Classic Report file date: mardi 25 mars 2008 05:49 Scanning for 1161960 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: SAM Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:07:25 ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 15:16:00 ANTIVIR3.VDF : 7.0.3.64 16384 Bytes 22/03/2008 05:26:15 AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 19/03/2008 17:56:18 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 09/03/2008 13:07:26 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: medium Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Start of the scan: mardi 25 mars 2008 05:49 Starting search for hidden objects. In the module 'AVARKT.DLL' an exception occured. Calling the function ARK_Scan Error description:ACCESS_VIOLATION EAX = 02A6E498 EBX = 0000004E ECX = 051B51F0 EDX = 00000000 ESI = 00000000 EDI = 051b51f0 EIP = 02A58AF0 EBP = 0229E9E8 ESP = 0229E9D0 Flg = 00010246 CS = 00000023 SS = 0000001B End of the scan: mardi 25 mars 2008 19:35 Used time: 13:45:56 min The scan has been canceled! 0 Scanning directories 0 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 0 Files cannot be scanned 0 Files not concerned 0 Archives were scanned 0 Warnings 0 Notes 48421 Objects were scanned with rootkit scan 0 Hidden objects were found le blocage se fait dans les deux ou trois minutes qui suivent le début du scan (13h45min?????) merci pour votre aide.

bonjours à tous petit soucis, lorsque je scan mon pc avec antivir (gratuit) il se bloque sur : " HKEY_LOCAL_MACHINE\system\Controlset001\Enum\Root\SYSTEM\0002\Capabilities. je l'ai laissé scanner toute la nuit, arrêter le scan et recommencer plusieurs fois mais à chaque fois blocage au même endroit. je vous joint un rapport partiel du scan et un log hitjackthis. j'ai effectué un scan en ligne avec bit defender qui ne m'a rien signalé. rapport antivir: AntiVir PersonalEdition Classic Report file date: dimanche 23 mars 2008 14:16 Scanning for 1161960 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: SAM Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:07:25 ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 15:16:00 ANTIVIR3.VDF : 7.0.3.64 16384 Bytes 22/03/2008 05:26:15 AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 19/03/2008 17:56:18 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 09/03/2008 13:07:26 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: medium Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Start of the scan: dimanche 23 mars 2008 14:16 Starting search for hidden objects. In the module 'AVARKT.DLL' an exception occured. Calling the function ARK_Scan Error description:ACCESS_VIOLATION EAX = 7EFEFEFC EBX = 00000044 ECX = 051CA000 EDX = 86F206F1 ESI = 00000000 EDI = 051c9f98 EIP = 02A58AF0 EBP = 0229E9E8 ESP = 0229E9D0 Flg = 00010246 CS = 00000023 SS = 0000001B End of the scan: dimanche 23 mars 2008 14:19 Used time: 03:25 min The scan has been canceled! 0 Scanning directories 0 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 0 Files cannot be scanned 0 Files not concerned 0 Archives were scanned 0 Warnings 0 Notes 47779 Objects were scanned with rootkit scan 0 Hidden objects were found log hitjackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:22:05, on 23/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Club-Internet\Lanceur\Lanceur.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-internet.fr/welcome/?varcl...;version=501573 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203021963265 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 6860 bytes merci pour votre aide et bon week end Pascal

Bonsoir Gibé j'ai suivi ton avis, j'ai emmené mon pc à l'usine et j'ai passé la soufflette!!!!! et moi qui croyais qu'il était propre!!!! bon, reconnecté, temp de départ 27°C je tente un scan spybot il monte à 40°C un petite pointe à 60 °C qui redescend rapide vers 47 °C le scan nickel "pas de mouchards" et surtout pas de coupure. température après scan 27°C. je vous dois une très fière chandelle et je vais vous faire de la pub. si vous voyez une amélioration pour mon PC n'hésitez pas je vous fais confiance. encore une fois milles merci à toi et à Apollo 1 pour votre disponibilité et le partage de votre savoir. bonne journée et bonne continuation à vous deux. Kenavo. ps promis je désinstalle spybot :P :P

bonsoir suivi de température avec speed fan 4.32 je suis impressionné par l'évolution de la température lors du scan de spyboot.115200 fichiers départ du scan f1 3261rpm / t1 43 C/ t2 33 C / HDO 36 C fichiers 63500 f1 3261 rpm / t1 87C / t2 34 C HDO 36 C fichiers 75000 f1 3245 rpm / t1 90 C / t2 35 C HDO 36 C fichiers 85800 f1 3245 rpm / t1 93 C / t2 35 C HDO 36 C fichiers 88900 f1 3261 rpm / t1 94 C / t2 35 C HDO 36 C fichiers 103900 f1 3245 rpm / t1 94 C / t2 35 C HDO 36 C fin du scan 115220 f1 3245 rpm / t1 94 C / t2 35 C HDO 36 C. les speed 1 ; 2 ; 3 sont annonces a 100% et la cpu était presque tout le temps à 100% par contre j'en ai recommencé un dans la foulée qui n'a pas dépassé les 20000 fichiers. là actuellement t1 44 C pour 3261 rpm cpu à 6% comment puis je régler cela? le ventilo tourne sans bruit et est propre merci pour le coup de main

j'ai chargé speedFan par contre je ne vois pas où copier un rapport donc voici ce qu'il ecrit dans l'onglet Readings: Fan1:3261 RPM temp 1: 43C / Fan2: 0 RPM temp 2: 33C / Fan3: 0 RPM temp3:-1C CPU usage 6% je vais surveiller la variation pendant un scan SB S&D. il vien de me planter deux fois sur le scan arrivé sur "...Zlob Downloader.ZIB..."

bonsoir j'ai utilisé Everest comme conseillé. par contre le rapport est immense j'ai vu une section sonde suivie de processeur j'en joint une copie. --------[ Sonde ]------------------------------------------------------------------------------------------------------- Propriétés de la sonde: Type de la sonde ITE IT8712F (ISA 290h) Nom de la carte mère Asus A7N8X-VM Series Températures: Carte mère 33 °C (91 °F) WDC WD1600LB-55EDA0 36 °C (97 °F) Ventilateurs: Processeur 3261 RPM Valeurs de voltage: Noyau CPU 1.63 V +3.3 V 3.33 V +5 V 4.97 V +12 V 12.35 V Debug Info F CF FF FF Debug Info T 41 33 255 Debug Info V 66 FF D0 B9 C1 FF FF (F7) --------[ Processeur ]-------------------------------------------------------------------------------------------------- Propriétés du processeur: Type de processeur AMD Athlon XP, 1913 MHz (11.5 x 166) Alias du processeur Barton Stepping du processeur A2 Jeu d'instructions x86, MMX, 3DNow!, SSE Cache de code de niveau 1 64 Ko Cache de données de niveau 1 64 Ko Cache de niveau 2 512 Ko (On-Die, Full-Speed) Informations physiques: Forme du composant 453 Pin PGA Taille du composant 4.95 cm x 4.95 cm Transistors 54.3 million(s) Technologie utilisée 6Mi, 0.13 um, CMOS, Cu Taille interne 101 mm2 Voltage au coeur 1.65 V Voltage d'entrée/sortie 1.6 V Puissance typique 53.7 - 60.4 W (dépendant de la vitesse d'horloge) Puissance maximale 68.3 - 76.8 W (dépendant de la vitesse d'horloge) Fabricant du processeur: Nom de l'entreprise Advanced Micro Devices, Inc. Information sur le produit http://www.amd.com/us-en/Processors/Produc...,30_118,00.html Utilisation du processeur: Processeur nº1 0 % autre info mon fils a essayé Warcraft III qui éteignait systématiquement mon pc et là une partie de 1 h sans dommage il vous dit merci. est ce que l'info sonde est suffisante sinon quelle parti du rapport de everest je dois envoyer ?????

ok j'ai activé search for rootkits.je suis en train de refaire un scan. sinon spybot m'a encore éteind mon pc !!!!!! @ +

ok jai migré de avast à antivir. j'ai fais un scan dont voici le rapport. AntiVir PersonalEdition Classic Report file date: dimanche 9 mars 2008 14:12 Scanning for 1137323 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: SAM Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:07:25 ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 13:07:25 ANTIVIR3.VDF : 7.0.3.4 2048 Bytes 07/03/2008 13:07:25 AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 09/03/2008 13:07:26 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 09/03/2008 13:07:26 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: dimanche 9 mars 2008 14:12 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'MOTIVE~1.EXE' - '1' Module(s) have been scanned Scan process 'mpbtn.exe' - '1' Module(s) have been scanned Scan process 'mad.exe' - '1' Module(s) have been scanned Scan process 'lanceur.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'slserv.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '0' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'CFD.exe' - '1' Module(s) have been scanned Scan process 'reader_sl.exe' - '1' Module(s) have been scanned Scan process 'avgas.exe' - '1' Module(s) have been scanned Scan process 'zlclient.exe' - '0' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned Scan process 'vsmon.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 32 processes with 32 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '18' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! End of the scan: dimanche 9 mars 2008 14:46 Used time: 33:24 min The scan has been done completely. 3637 Scanning directories 256042 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 256042 Files not concerned 1940 Archives were scanned 1 Warnings 2 Notes pour Adobe reader j'ai procéder à sa mise à jour. j'ai désinstallé spyware doctor. / doctor club -internet / j'ai supprimé le lanceur club-internet du menu demarrage. je refais un scan hitjackthis que je te joins. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:16:24, on 09/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Club-Internet\Lanceur\lanceur.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-internet.fr/welcome/?varcl...;version=501573 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203021963265 O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 4851 bytes ensuite avant de désinstaller spybot je relance un scan par curiosité. je te tiens informé. en tout cas merci pour ton aide. kenavo!