> Tous les forums > Forum Sécurité
 infection: trojan-proxy.win32.agent.kjSujet résolu
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
zayadi
  Posté le 24/10/2007 @ 21:15 
Aller en bas de la page 
Petit astucien

bonjour

un scan A-SQUARED a permis la detection de deux infections sur mon pc.

- trojan-proxy.win32.agent.kj

-trace.file.killav.

que me conseillez vous SVP pour leur erradication car mon antivirus nod32 ne cesse de me signaler la corruption de winlogon.exe dont la fermeture obligatoire est devenu monnaie courante ces derniers jours.

merci d'avance

Publicité
Fill
 Posté le 24/10/2007 à 21:43 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonsoir,

Peux-tu éditer un rapport Hijackthis ? Pour cela, suis l'explication dans ma signature : pré-nettoyage.

Fill

zayadi
 Posté le 24/10/2007 à 21:56 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonsoir.merci de votre aide. rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:48:57, on 24/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\FlashGet\flashget.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192912450390
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1193007056671
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF05501D-2657-4900-A021-2E7F7A694424}: NameServer = 212.217.1.4 212.217.0.3
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 6723 bytes

Fill
 Posté le 24/10/2007 à 22:07 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

RE,

Le rapport ne montre rien.

1/ Télécharge Ccleaner Basic http://www.ccleaner.com/download/builds

Ouvre Ccleaner, clique sur "lancer le nettoyage".

2/ Télécharge AVGantispyware : http://www.ewido.net/en/download/
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente.

Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

Edite ce rapport AVGantispyware.

Fill

zayadi
 Posté le 24/10/2007 à 23:59 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonsoir. rapport avg anti spayware

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 21:51:40 24/10/2007

+ Résultat de l'analyse:

C:\Program Files\ESET\infected\DLPK2VDA.NQF -> Adware.Craagle : Nettoyé.
C:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP74\A0012795.exe -> Proxy.Agent.kj : Nettoyé.
C:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP75\A0014044.exe -> Proxy.Agent.kj : Nettoyé.
C:\Documents and Settings\Mohamed\Cookies\mohamed@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.24:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Mohamed\Cookies\mohamed@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.22:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.29:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.16:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.17:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.18:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.25:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.7:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.25:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
C:\Documents and Settings\Ahmed\Cookies\ahmed@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.35:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.36:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.38:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.39:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.17:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.18:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.19:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.20:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.37:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.13:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.16:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.20:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Mohamed\Cookies\mohamed@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.6:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.8:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.8:C:\Documents and Settings\Mourad\Application Data\Mozilla\Firefox\Profiles\13khnchi.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.9:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.31:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.32:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.33:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.34:C:\Documents and Settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\782vz2xe.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.


Fin du rapport

Fill
 Posté le 25/10/2007 à 17:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

1/

  • Télécharge DiagHelp.zip sur ton bureau(Merci Malekal) Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php
  • Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout.
  • Un nouveau dossier chercher va être créé.
  • Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
  • Une fenêtre va s'ouvrir, choisis l'option 1
  • L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
  • Pendant l'analyse après le rapport CATCHME sur l'écran rouge, tu dois appuyer sue entrée pour que l'outil continue ses recherches. Suis les consignes écrites.
  • Une fenêtre avec le rapport s'ouvre alors. Copie/colle son contenu. (Il se trouve aussi ici : c:\resultat.txt)
  • Double-clique sur ce fichier, Fais CTRL+A puis CTRL+C.
  • Dans ta prochaine réponse, colle le rapport en faisant CTRL+V.
2/
  • Télécharge SREng (de Smallfrogs).
  • Dézippe tout son contenu sur ton bureau (clic droit >Extraire ici).
  • Ouvre le dossier SReng2 et double-clique sur SREng.exe.
  • Clique sur "smart scan".
  • Clique sur le bouton "scan".
  • Quand l'analyse est terminée, clique sur le bouton "save reports".
  • Sauvegarde alors le rapport sur ton bureau.
  • Copie/colle le contenu du rapport SREnglLOG.log dans ta prochaine réponse.
Fill
zayadi
 Posté le 25/10/2007 à 22:30 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonsoir. merci pour ton aide

rapports demandés

catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-25 18:07:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Apple Software Update\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\da.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\de.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\en.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\es.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fr.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\it.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ja.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ko.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\nb.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\nl.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ru.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\sv.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_CN.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\da.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\de.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\en.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\es.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\fi.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\it.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ja.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ko.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nl.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ru.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\sv.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_TW.lproj\"=""
"C:\Program Files\Apple Software Update\plugins\"=""
"C:\WINDOWS\Installer\{74EC78BC-B379-4E29-9006-8F161DCAABA6}\"=""
"C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\QuickTime 7.2.0.240\"=""
"C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\"=""
"C:\Documents and Settings\All Users\Application Data\Apple Computer\"=""
"C:\Program Files\QuickTime\"="1"
"C:\Program Files\QuickTime\QTSystem\"="1"
"C:\Program Files\QuickTime\QTComponents\"="1"
"C:\Program Files\QuickTime\PropertyPanels\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\"=""
"C:\Documents and Settings\All Users\Menu D\xe9marrer\Programmes\QuickTime\"=""
"C:\WINDOWS\Installer\{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000140
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\\x627\x644\x645\x648\x633\x648\x639\x629 \x627\x644\x642\x631\x622\x646\x64a\x629 \x627\x644\x634\x627\x645\x644\x629]
"Order"=hex:08,00,00,00,02,00,00,00,4c,01,00,00,01,00,00,00,02,00,00,00,a6,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"drvsyskit"="C:\WINDOWS\system32\drivers\hidr.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\\x627\x644\x645\x648\x633\x648\x639\x629 \x627\x644\x642\x631\x622\x646\x64a\x629 \x627\x644\x634\x627\x645\x644\x629\AutoRun.exe"="AutoRun"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP8.exe"="~DP8"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP9.exe"="~DP9"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA450\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA711\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP10.exe"="~DP10"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP11.exe"="~DP11"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA431\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA779\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA4\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.FiX.v2.1.exe"="NOD32.FiX.v2.1"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP18.exe"="~DP18"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP19.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-KBVGF.tmp\is-5VQ4G.tmp"="Setup/Uninstall"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA754\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA428\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\WINDOWS\system32\control.exe"="Panneau de configuration Windows"
"C:\WINDOWS\winlogon.exe"="winlogon"
"@C:\WINDOWS\system32\filemgmt.dll,-3502"="Services"
"@C:\WINDOWS\system32\servdeps.dll,-1"="D\xe9pendances de service"
"@%SystemRoot%\system32\xpsp1res.dll,-10078"="Choisit les programmes par d\x00e9faut pour des activit\xe9s telles que la navigation sur le Web ou l'envoi et la r\x00e9ception de courrier \xe9lectronique, et indique quels programmes sont accessibles depuis le menu D\xe9marrer, le Bureau et d'autres emplacements."
"@%SystemRoot%\system32\shell32.dll,-22580"="Offre les mises \xe0 jour critiques de s\x00e9curit\xe9 les plus r\x00e9centes, des pilotes de p\xe9riph\xe9riques, et d'autres fonctionnalit\xe9s disponibles pour votre ordinateur Windows."
"C:\WINDOWS\system32\wupdmgr.exe"="Gestionnaire de mise \xe0 jour de Windows\xa0NT"
"@shell32.dll,-31375"="Rend le dossier s\xe9lectionn\xe9 disponible \xe0 d'autres ordinateurs sur un r\xe9seau, afin que d'autres personnes puissent l'afficher."
"C:\Program Files\jv16 PowerTools\Backups\RegEdit.exe"="\x00c9diteur du Registre"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\INS14.tmp"="INS14"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\INS7.tmp"="INS7"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-EK8G0.tmp\is-U84V5.tmp"="is-U84V5"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA243\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32view_2.06.2.exe"="NOD32view_2.06.2"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA355\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA415\NOD32.patch\NOD32.FiX.v2.1.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA544\NOD32.patch\NOD32.FiX.v2.1.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA754\Keygen.exe"="Keygen"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA776\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.FiX.v2.1.exe"="NOD32.FiX.v2.1"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA815\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.FiX.v2.1.exe"="NOD32.FiX.v2.1"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA874\Craagle.exe"="Craagle"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA875\Craagle.exe"="Craagle"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP12.exe"="~DP12"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP16.exe"="~DP16"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP6.exe"="~DP6"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DPE.exe"="~DPE"
"C:\Program Files\Drive Rescue\rescue.exe"="rescue"
"C:\Program Files\GetData\Recover My Files\RecoverMyFiles.exe"="Undelete and recover lost files"
"C:\Program Files\Quran\Quran\Quran_Kareem.exe"="Quran_Kareem"
"C:\Program Files\Webshots\Launcher.exe"="Launcher"
"C:\PROGRA~1\Webshots\UNWISE.EXE"="UNWISE"
"C:\Documents and Settings\Ahmed\Mes documents\Downloads\hijackthis(1).exe"="HijackThis"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-56RIF.tmp\is-9AEQP.tmp"="is-9AEQP"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\Unwise.exe"="Unwise"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA204\HijackThis.exe"="HijackThis"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA280\A2 Squared Personal.exe"="A2 Squared Personal"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA337\a-squared (a2) HiJackFree 3.0.0.387 [Crack].exe"="a-squared (a2) HiJackFree 3.0.0.387 [Crack]"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA723\a-squared (a2) HiJackFree 3.0.0.387 [Crack].exe"="a-squared (a2) HiJackFree 3.0.0.387 [Crack]"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA774\a-squared (a2) HiJackFree 3.0.0.387.exe"="a-squared (a2) HiJackFree 3.0.0.387"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~nsu.tmp\Au_.exe"="Au_"
"C:\Program Files\a-squared Anti-Malware\a2guard.exe"="a-squared Guard"
"C:\Program Files\a-squared Anti-Malware\a2HiJackFree.exe"="a-squared HiJackFree"
"C:\Program Files\a-squared Anti-Malware\a2scan.exe"="a-squared Malware Scanner"
"C:\Program Files\CCleaner\CCleaner.exe"="CCleaner"
"C:\Program Files\ESET\nod32.exe"="NOD32 - on-demand scanner"
"C:\Program Files\ESET\nod32krn.exe"="nod32krn"
"C:\Program Files\Eset\nod32kui.exe"="NOD32 Control Center GUI"
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"="AVG Anti-Spyware"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA123\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP1F.exe"="~DP1F"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP20.exe"="~DP20"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA68\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA958\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"@shell32.dll,-31355"="Graver ces fichiers sur le CD-ROM"
"D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP2D.exe"="~DP2D"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP2E.exe"="~DP2E"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA729\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32view_2.06.2.exe"="NOD32view_2.06.2"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP35.exe"="~DP35"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP36.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA983\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA502\NOD32.patch\NOD32.FiX.v2.1.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-KAG1P.tmp\is-EHR7I.tmp"="Setup/Uninstall"
"D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.FiX.v2.1.exe"="NOD32.FiX.v2.1"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP48.exe"="~DP48"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP49.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-OAM0E.tmp\is-RS0RC.tmp"="Setup/Uninstall"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP4A.exe"="~DP4A"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP4B.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP4C.exe"="~DP4C"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP4D.exe"="~DP4D"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA456\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA54\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA327\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP14.exe"="~DP14"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP15.exe"="~DP15"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP1A.exe"="~DP1A"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP1B.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA514\NOD32.patch\NOD32.FiX.v2.1.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-8SOP4.tmp\is-AVHS9.tmp"="Setup/Uninstall"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA643\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"@%SystemRoot%\system32\shell32.dll,-22563"="Cr\x00e9e et modifie des fichiers texte en utilisant des fonctions de formatage de base."
"@%SystemRoot%\system32\oobe\msoobe.exe,-2001"="Vous demande d'activer cette copie de Windows pour le prot\xe9ger du piratage."
"C:\WINDOWS\system32\oobe\msoobe.exe"="Microsoft Out of Box Experience"
"@%SystemRoot%\system32\usmt\migwiz.exe,-203"="Transf\xe8re les fichiers et les param\xe8tres d'un ordinateur vers un autre."
"@%SystemRoot%\system32\xpsp2res.dll,-6104"="Afficher votre statut de s\x00e9curit\xe9 et param\xe8tres de protection."
"@%SystemRoot%\system32\shell32.dll,-22539"="D\x00e9fragmente vos volumes pour que votre ordinateur fonctionne plus rapidement et plus efficacement."
"@%SystemRoot%\system32\shell32.dll,-22575"="Affiche les informations syst\xe8me actuelles."
"@shell32.dll,-31291"="Ces t\x00e2ches s'appliquent \xe0 votre ordinateur ou aux \xe9quipements mat\xe9riels que vous s\xe9lectionnez."
"@shell32.dll,-31293"="L'Assistant Recherche vous aide \xe0 rechercher des fichiers, des dossiers, des imprimantes et des personnes."
"F:\Bitdefender\BitDefender Standard 7.2.exe"="Win32 Cabinet Self-Extractor "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\IXP000.TMP\Setup.Exe"="Windows\xae Installer Bootstraper"
"F:\VotresiteWeb6-eval.exe"=" "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\Creez Votre Site Internet\demo32.exe"="DemoShield Player"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\Creez Votre Site Internet\VotresiteWeb6-eval.exe"=" "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\Votre site Web\Reg\setup.exe"="InstallShield (R) Setup Launcher"
"@%SystemRoot%\system32\shell32.dll,-22587"="Rechercher des produits d\xe9velopp\xe9s pour Windows."
"D:\DiagHelp\go.cmd"="go"
"C:\WINDOWS\system32\cmd.exe"="Interpr\xe9teur de commandes Windows"

scanning hidden files ...

C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys

scan completed successfully
hidden services: 0
hidden files: 2

zayadi
 Posté le 25/10/2007 à 22:31 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

[CODE]

2007-10-25,18:24:56

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<nvchost><C:\WINDOWS\winlogon.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<!AVG Anti-Spyware><; "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [N/A]
<Athan><; C:\Program Files\Athan\Athan.exe> [www.IslamicFinder.org]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<DrvLsnr><; C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe> [adi]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<eMuleAutoStart><; C:\Program Files\eMule\emule.exe -AutoStart> [http://www.emule-project.net]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Flashget><; C:\Program Files\FlashGet\FlashGet.exe /min> [FlashGet.com]
<igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxpers><; C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxtray><; C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Publisher]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<MSPY2002><; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)Microsoft Windows Publisher]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher]
<QuickTime Task><; "C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<RoxioDragToDisc><; "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"> [Roxio]
<RoxioEngineUtility><; "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"> [Roxio]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Skype><; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)Skype Technologies SA]

==================================
Startup Folders
[DSLMON]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk --> C:\PROGRA~1\SAGEM\SAGEMF~1\dslmon.exe []><N>

==================================
Services
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[WMDM PMSP Service / WMDM PMSP Service][Running/Auto Start]
<C:\WINDOWS\system32\MsPMSPSv.exe><Microsoft Corporation>

==================================
Drivers
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
<system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[Broadcom Advanced Server Program Driver / Blfp][Stopped/Manual Start]
<system32\DRIVERS\baspxp32.sys><Broadcom Corporation>
[USB ADSL2 WAN Adapter / e4usbaw][Running/Manual Start]
<system32\DRIVERS\e4usbaw.sys><Analog Devices Inc.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[General Purpose USB Driver (e4ldr.sys) / IKANLOADER2][Stopped/Auto Start]
<System32\Drivers\e4ldr.sys><Analog Deivces>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Megadrv3 / srosa][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\srosa.sys><N/A>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Winamp Toolbar BHO]
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[FGCatchUrl]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[FlashGet GetFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\Program Files\FlashGet\FlashGet.exe, FlashGet.com>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Winamp Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[IDMIEHlprObj Class]
{0055C089-8582-441B-A0BF-17B458C2A3A8} <, N/A>
[Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <, N/A>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Winamp Toolbar BHO]
{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[FGCatchUrl]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Winamp Toolbar]
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[Yahoo! Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <, N/A>
[FlashGet GetFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[FGAutoLive]
{F90D830D-C175-4bbe-82C7-FF94669A4C42} <C:\Program Files\FlashGet\fgupdate.dll, www.flashget.com>
[FGCatchUrl]
{FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <C:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[&Tout télécharger avec FlashGet]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[&Télécharger avec FlashGet]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[&Winamp Toolbar Search]
<C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html, N/A>
[&Windows Live Search]
<res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[Add to Windows &Live Favorites]
<http://favorites.live.com/quickadd.aspx, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 632 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 680 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 704 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 748 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 760 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 928 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 976 / SERVICE RةSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 1016 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.8]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1072 / SERVICE RةSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 1104 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 1148 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 1280 / SYSTEM][C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\1036\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[PID: 1320 / SYSTEM][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1348 / SYSTEM][C:\WINDOWS\system32\MsPMSPSv.exe] [Microsoft Corporation, 7.01.00.3055]
[PID: 1804 / Ahmed][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[C:\WINDOWS\system32\wpdshext.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\Audiodev.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\Program Files\PowerArchiver\PASHLEXT.DLL] [ConeXware, Inc., 9.1.0.0]
[C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll] [TuneUp Software GmbH, 2.0.0.4]
[PID: 1824 / Ahmed][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 1872 / Ahmed][C:\WINDOWS\winlogon.exe] [N/A, ]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 1900 / Ahmed][C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe] [, 1, 0, 0, 1]
[C:\Program Files\SAGEM\SAGEM F@st 800-840\Languages\French.dll] [, 1, 0, 0, 1]
[PID: 812 / Ahmed][C:\Program Files\FlashGet\flashget.exe] [FlashGet.com, 1, 9, 6, 1073]
[C:\Program Files\FlashGet\FGBTCORE.dll] [, 1, 0, 0, 36]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\Program Files\FlashGet\FGEMCORE.dll] [, 1, 0, 3, 1002]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\Program Files\FlashGet\debugrpt.dll] [flashget, 1, 0, 0, 1006]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\Program Files\FlashGet\fgupdate.dll] [www.flashget.com, 1, 8, 1, 1003]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 880 / Ahmed][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.8: 2007100816]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.64]
[C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\components\FoxyTunes.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[PID: 1568 / Ahmed][D:\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\Program Files\FlashGet\fgmgr.dll] [www.flashget.com, 1, 8, 4, 1007]
[D:\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 812, C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE]

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


[/CODE]

zayadi
 Posté le 26/10/2007 à 00:22 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
excuse moi d'avoir envoyé les deux rapports séparement car j'ai trouvé des difficultés pour envoyer ces message ie7 me signale une erreur de la page lorsque j'envoie le message pour le rapport de Diaghelp.je vais essayer demain sinon je vais essayer avec opera puisque firefox ne tolère pas les copier/coller sur les forums.
Publicité
zayadi
 Posté le 26/10/2007 à 01:43 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

pourquoi lorsque je veux publier le rapport diaghelp IE me signale erreur sur la page.

ceci commence a m'énerver vraiment.pas de mise à jour windows. mon antivirus devenus invisible je l'ai désinstallé pour le réinstaller et ne veux plus s'installer. idem pour bitdefender et caspersky.

j'aimerais bien receoir votre conseil svp est ce que j'opte purement et simplement pour le formatage quitte à perdre un peu de mon temps

Fill
 Posté le 26/10/2007 à 07:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

Pour le rapport Diaghelp, il est très long. Poste-le en plusieurs fois.

Télécharge ELIBAGLA en bas de cette page
http://www.zonavirus.com/datos/descargas/95/elibagla.asp (clique sur le bouton "Descargar Elibagla") sur ton bureau.
Lance-le, de préférence en mode sans échec si tu en as la possibilité, en mode normal dans le cas contraire. Patiente le temps du scan.
Lorsqu'il a terminé, poste le contenu du fichier infoSat.txt qui se trouve dans Poste de travail > Disque C:\
Et par la même occasion, précise si tu peux à nouveau démarrer en mode sans échec.

Ne pas rebooter en passant par msconfig.

Fill

zayadi
 Posté le 26/10/2007 à 11:48 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour

rapport Diaghelp:partie 1

DiagHelp version v1.3 - http://www.malekal.com
excute le 25/10/2007 à 23:15:09,18


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->25/10/2007 23:15:04
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->25/10/2007 23:15:00
C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->25/10/2007 23:12:43
C:\WINDOWS\prefetch\WUAUCLT.EXE-399A8E72.pf -->25/10/2007 23:11:10
C:\WINDOWS\prefetch\MSNTBUP.EXE-0D913FB9.pf -->25/10/2007 23:11:01
C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-2D4B6027.pf -->25/10/2007 23:03:56
C:\WINDOWS\prefetch\WINAMPTBSERVER.EXE-2D450127.pf -->25/10/2007 23:03:56
C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->25/10/2007 23:03:47
C:\WINDOWS\prefetch\MSIEXEC.EXE-2F8A8CAE.pf -->25/10/2007 23:01:53
C:\WINDOWS\prefetch\SETUP.EXE-10FD1050.pf -->25/10/2007 23:01:50

C:\WINDOWS\System32\drivers\fidbox.dat -->25/10/2007 23:13:29
C:\WINDOWS\System32\drivers\fidbox2.dat -->25/10/2007 23:03:51
C:\WINDOWS\System32\drivers\fidbox2.idx -->25/10/2007 23:02:31
C:\WINDOWS\System32\drivers\fidbox.idx -->25/10/2007 23:02:31
C:\WINDOWS\System32\drivers\adidsl.cfg -->21/10/2007 22:12:23
C:\WINDOWS\System32\drivers\update.sys -->23/04/2007 10:32:54
C:\WINDOWS\System32\drivers\PxHelp20.sys -->07/03/2007 23:51:00

C:\WINDOWS\System32\wpa.dbl -->25/10/2007 18:26:50
C:\WINDOWS\System32\mapisvc.inf -->23/10/2007 15:44:38
C:\WINDOWS\System32\FNTCACHE.DAT -->23/10/2007 15:09:45
C:\WINDOWS\System32\BASSMOD.dll -->22/10/2007 01:11:52
C:\WINDOWS\System32\fababcbeeca_s.dll -->22/10/2007 00:30:01
C:\WINDOWS\System32\eabbfdbcb4_s.ocx -->22/10/2007 00:30:01
C:\WINDOWS\System32\PerfStringBackup.INI -->21/10/2007 21:53:22
C:\WINDOWS\System32\perfh00C.dat -->21/10/2007 21:53:22
C:\WINDOWS\System32\perfh009.dat -->21/10/2007 21:53:22
C:\WINDOWS\System32\perfc00C.dat -->21/10/2007 21:53:22
C:\WINDOWS\System32\perfc009.dat -->21/10/2007 21:53:22
C:\WINDOWS\System32\TZLog.log -->21/10/2007 21:44:10
C:\WINDOWS\System32\nscompat.tlb -->20/10/2007 22:17:14
C:\WINDOWS\System32\amcompat.tlb -->20/10/2007 22:17:14
C:\WINDOWS\System32\ROXECDC6Inst.log -->20/10/2007 20:26:23
C:\WINDOWS\System32\wpa.bak -->20/10/2007 20:19:57
C:\WINDOWS\System32\msssc.dll -->20/10/2007 20:13:34
C:\WINDOWS\System32\$winnt$.inf -->20/10/2007 20:06:22
C:\WINDOWS\System32\CONFIG.NT -->20/10/2007 20:03:30
C:\WINDOWS\System32\WindowsLogon.manifest -->20/10/2007 20:02:13
C:\WINDOWS\System32\logonui.exe.manifest -->20/10/2007 20:02:13
C:\WINDOWS\System32\wuaucpl.cpl.manifest -->20/10/2007 20:02:06
C:\WINDOWS\System32\sapi.cpl.manifest -->20/10/2007 20:02:06
C:\WINDOWS\System32\nwc.cpl.manifest -->20/10/2007 20:02:06
C:\WINDOWS\System32\ncpa.cpl.manifest -->20/10/2007 20:02:06

C:\WINDOWS\0.log -->25/10/2007 21:31:12
C:\WINDOWS\WindowsUpdate.log -->25/10/2007 21:31:10
C:\WINDOWS\bootstat.dat -->25/10/2007 21:31:06
C:\WINDOWS\SchedLgU.Txt -->25/10/2007 21:15:46
C:\WINDOWS\setuplog.txt -->25/10/2007 12:59:29
C:\WINDOWS\win.ini -->25/10/2007 09:27:30
C:\WINDOWS\system.ini -->25/10/2007 09:27:30
C:\WINDOWS\winlogon.exe -->25/10/2007 01:07:57
C:\WINDOWS\NSREX.INI -->23/10/2007 16:00:25
C:\WINDOWS\iun6002ev.exe -->23/10/2007 15:04:44
C:\WINDOWS\mozver.dat -->22/10/2007 00:17:05
C:\WINDOWS\iun6002.exe -->21/10/2007 23:47:47
C:\WINDOWS\IDMan.INI -->21/10/2007 23:17:50
C:\WINDOWS\adidsl.ini -->21/10/2007 22:12:55
C:\WINDOWS\Fast800.ini -->21/10/2007 22:12:23


MD5 des fichiers sensibles
tcpip.sys b4e29943b4b04bd5e7381546848e6669
ndis.sys 558635d3af1c7546d26067d5d9b6959e
null.sys 73c1e1f395918bc2c6dd67af7591a3ad
svchost.exe 1bd6c2f707a275cb7c16fd99fe0f31ca

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 3684
Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path
0x44080000 0xcf000 7.00.6000.16544 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16544 C:\WINDOWS\system32\iertutil.dll
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
0x6bd00000 0xd000 0.01.0002.0003 C:\WINDOWS\system32\SYNCOR11.DLL
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x44160000 0x124000 7.00.6000.16544 C:\WINDOWS\system32\urlmon.dll
0x44360000 0x5cb000 7.00.6000.16544 C:\WINDOWS\system32\ieframe.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
0x442b0000 0x3c000 7.00.6000.16544 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x10000000 0xc000 6.00.0001.1091 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x02f10000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x32520000 0x12000 10.00.2609.0000 C:\Program Files\Microsoft Office\Office10\msohev.dll
0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL
0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.DLL

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 704
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x6bd00000 0xd000 0.01.0002.0003 C:\WINDOWS\system32\SYNCOR11.DLL
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x10000000 0x23000 3.00.0000.4396 C:\WINDOWS\system32\igfxdev.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
------------------------------------------------------------------------------
winlogon.exe pid: 3496
Command line: "C:\WINDOWS\winlogon.exe"

Base Size Version Path
0x00400000 0x46000 C:\WINDOWS\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll


Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C4A1-64F0

Répertoire de C:\WINDOWS\system32

05/08/2004 12:00 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 11 416 637 440 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C4A1-64F0

Répertoire de C:\WINDOWS\Downloaded Program Files

22/10/2007 23:02 <REP> .
22/10/2007 23:02 <REP> ..
20/10/2007 20:02 65 desktop.ini
30/07/2007 19:24 295 muweb.inf
11/06/2007 12:21 5 021 swflash.inf
30/07/2007 19:24 293 wuweb.inf
4 fichier(s) 5 674 octets

Total des fichiers listés :
4 fichier(s) 5 674 octets
2 Rép(s) 11 416 633 344 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..

Liste des fichiers en exception sur le pare-feu XP SP2

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

REGEDIT4

[taskmgr.exe]


exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-25 23:15:30
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Apple Software Update\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\da.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\de.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\en.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\es.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fr.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\it.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ja.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ko.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\nb.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\nl.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ru.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\sv.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_CN.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\da.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\de.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\en.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\es.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\fi.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\it.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ja.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ko.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nl.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ru.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\sv.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\"=""
"C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_TW.lproj\"=""
"C:\Program Files\Apple Software Update\plugins\"=""
"C:\WINDOWS\Installer\{74EC78BC-B379-4E29-9006-8F161DCAABA6}\"=""
"C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\QuickTime 7.2.0.240\"=""
"C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\"=""
"C:\Documents and Settings\All Users\Application Data\Apple Computer\"=""
"C:\Program Files\QuickTime\"="1"
"C:\Program Files\QuickTime\QTSystem\"="1"
"C:\Program Files\QuickTime\QTComponents\"="1"
"C:\Program Files\QuickTime\PropertyPanels\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\CoreVideo.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PanelHelperBase.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\PictureViewer.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\PropertyPanels\PropPanelHelpers.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeH264.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeImage.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QuickTimePlayer.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.Resources\zh_TW.lproj\"=""

zayadi
 Posté le 26/10/2007 à 11:51 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

rapport Diaghelp: partie 2


"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVR.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeVRAuthoring.Resources\zh_TW.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\da.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\de.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\es.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fi.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\fr.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\it.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ja.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ko.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nb.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\nl.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\ru.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\sv.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_CN.lproj\"=""
"C:\Program Files\QuickTime\QTSystem\QuickTimeWebHelper.Resources\zh_TW.lproj\"=""
"C:\Documents and Settings\All Users\Menu D\xe9marrer\Programmes\QuickTime\"=""
"C:\WINDOWS\Installer\{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}\"=""
"C:\Program Files\Opera\"="1"
"C:\Program Files\Opera\program\"="1"
"C:\Program Files\Opera\program\plugins\"="1"
"C:\Documents and Settings\Ahmed\Application Data\Microsoft\Installer\{16913489-B5E3-403E-AFD3-2B19BBE464D4}\"=""
"C:\Documents and Settings\Ahmed\Application Data\Microsoft\Installer\"=""
"C:\Program Files\Opera\locale\"="1"
"C:\Program Files\Opera\locale\af\"="1"
"C:\Program Files\Opera\locale\bg\"="1"
"C:\Program Files\Opera\locale\cs\"="1"
"C:\Program Files\Opera\locale\da\"="1"
"C:\Program Files\Opera\locale\de\"="1"
"C:\Program Files\Opera\locale\es-ES\"="1"
"C:\Program Files\Opera\locale\es-LA\"="1"
"C:\Program Files\Opera\locale\fi\"="1"
"C:\Program Files\Opera\locale\fr\"="1"
"C:\Program Files\Opera\locale\fr-CA\"="1"
"C:\Program Files\Opera\locale\fy\"="1"
"C:\Program Files\Opera\locale\hi\"="1"
"C:\Program Files\Opera\locale\hr\"="1"
"C:\Program Files\Opera\locale\hu\"="1"
"C:\Program Files\Opera\locale\it\"="1"
"C:\Program Files\Opera\locale\ja\"="1"
"C:\Program Files\Opera\locale\ko\"="1"
"C:\Program Files\Opera\locale\mk\"="1"
"C:\Program Files\Opera\locale\nb\"="1"
"C:\Program Files\Opera\locale\nl\"="1"
"C:\Program Files\Opera\locale\nn\"="1"
"C:\Program Files\Opera\locale\pl\"="1"
"C:\Program Files\Opera\locale\pt\"="1"
"C:\Program Files\Opera\locale\pt-BR\"="1"
"C:\Program Files\Opera\locale\ru\"="1"
"C:\Program Files\Opera\locale\sv\"="1"
"C:\Program Files\Opera\locale\tr\"="1"
"C:\Program Files\Opera\locale\zh-cn\"="1"
"C:\Program Files\Opera\locale\zh-tw\"="1"
"C:\Program Files\Opera\defaults\"=""
"C:\Program Files\Opera\skin\"=""
"C:\Program Files\Opera\styles\"=""
"C:\Program Files\Opera\classes\"=""
"C:\Program Files\Opera\styles\images\"=""
"C:\Program Files\Opera\styles\user\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\TempPackages]
"C:\Documents and Settings\Ahmed\Application Data\Microsoft\Installer\{16913489-B5E3-403E-AFD3-2B19BBE464D4}\ARPPRODUCTICON.exe"=dword:00000001
"C:\WINDOWS\Installer\b9ace6.mst"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\\x627\x644\x645\x648\x633\x648\x639\x629 \x627\x644\x642\x631\x622\x646\x64a\x629 \x627\x644\x634\x627\x645\x644\x629]
"Order"=hex:08,00,00,00,02,00,00,00,4c,01,00,00,01,00,00,00,02,00,00,00,a6,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"drvsyskit"="C:\WINDOWS\system32\drivers\hidr.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\\x627\x644\x645\x648\x633\x648\x639\x629 \x627\x644\x642\x631\x622\x646\x64a\x629 \x627\x644\x634\x627\x645\x644\x629\AutoRun.exe"="AutoRun"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP8.exe"="~DP8"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP9.exe"="~DP9"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA450\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA711\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP10.exe"="~DP10"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP11.exe"="~DP11"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA431\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA779\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA4\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.FiX.v2.1.exe"="NOD32.FiX.v2.1"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP18.exe"="~DP18"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP19.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-KBVGF.tmp\is-5VQ4G.tmp"="Setup/Uninstall"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA754\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA428\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\WINDOWS\system32\control.exe"="Panneau de configuration Windows"
"C:\WINDOWS\winlogon.exe"="winlogon"
"@C:\WINDOWS\system32\filemgmt.dll,-3502"="Services"
"@C:\WINDOWS\system32\servdeps.dll,-1"="D\xe9pendances de service"
"@%SystemRoot%\system32\xpsp1res.dll,-10078"="Choisit les programmes par d\x00e9faut pour des activit\xe9s telles que la navigation sur le Web ou l'envoi et la r\x00e9ception de courrier \xe9lectronique, et indique quels programmes sont accessibles depuis le menu D\xe9marrer, le Bureau et d'autres emplacements."
"@%SystemRoot%\system32\shell32.dll,-22580"="Offre les mises \xe0 jour critiques de s\x00e9curit\xe9 les plus r\x00e9centes, des pilotes de p\xe9riph\xe9riques, et d'autres fonctionnalit\xe9s disponibles pour votre ordinateur Windows."
"C:\WINDOWS\system32\wupdmgr.exe"="Gestionnaire de mise \xe0 jour de Windows\xa0NT"
"@shell32.dll,-31375"="Rend le dossier s\xe9lectionn\xe9 disponible \xe0 d'autres ordinateurs sur un r\xe9seau, afin que d'autres personnes puissent l'afficher."
"C:\Program Files\jv16 PowerTools\Backups\RegEdit.exe"="\x00c9diteur du Registre"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\INS14.tmp"="INS14"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\INS7.tmp"="INS7"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-EK8G0.tmp\is-U84V5.tmp"="is-U84V5"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA243\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32view_2.06.2.exe"="NOD32view_2.06.2"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA355\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA415\NOD32.patch\NOD32.FiX.v2.1.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA544\NOD32.patch\NOD32.FiX.v2.1.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA754\Keygen.exe"="Keygen"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA776\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.FiX.v2.1.exe"="NOD32.FiX.v2.1"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA815\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.FiX.v2.1.exe"="NOD32.FiX.v2.1"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA874\Craagle.exe"="Craagle"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA875\Craagle.exe"="Craagle"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP12.exe"="~DP12"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP16.exe"="~DP16"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP6.exe"="~DP6"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DPE.exe"="~DPE"
"C:\Program Files\Drive Rescue\rescue.exe"="rescue"
"C:\Program Files\GetData\Recover My Files\RecoverMyFiles.exe"="Undelete and recover lost files"
"C:\Program Files\Quran\Quran\Quran_Kareem.exe"="Quran_Kareem"
"C:\Program Files\Webshots\Launcher.exe"="Launcher"
"C:\PROGRA~1\Webshots\UNWISE.EXE"="UNWISE"
"C:\Documents and Settings\Ahmed\Mes documents\Downloads\hijackthis(1).exe"="HijackThis"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-56RIF.tmp\is-9AEQP.tmp"="is-9AEQP"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\Unwise.exe"="Unwise"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA204\HijackThis.exe"="HijackThis"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA280\A2 Squared Personal.exe"="A2 Squared Personal"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA337\a-squared (a2) HiJackFree 3.0.0.387 [Crack].exe"="a-squared (a2) HiJackFree 3.0.0.387 [Crack]"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA723\a-squared (a2) HiJackFree 3.0.0.387 [Crack].exe"="a-squared (a2) HiJackFree 3.0.0.387 [Crack]"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA774\a-squared (a2) HiJackFree 3.0.0.387.exe"="a-squared (a2) HiJackFree 3.0.0.387"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~nsu.tmp\Au_.exe"="Au_"
"C:\Program Files\a-squared Anti-Malware\a2guard.exe"="a-squared Guard"
"C:\Program Files\a-squared Anti-Malware\a2HiJackFree.exe"="a-squared HiJackFree"
"C:\Program Files\a-squared Anti-Malware\a2scan.exe"="a-squared Malware Scanner"
"C:\Program Files\CCleaner\CCleaner.exe"="CCleaner"
"C:\Program Files\ESET\nod32.exe"="NOD32 - on-demand scanner"
"C:\Program Files\ESET\nod32krn.exe"="nod32krn"
"C:\Program Files\Eset\nod32kui.exe"="NOD32 Control Center GUI"
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe"="AVG Anti-Spyware"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA123\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP1F.exe"="~DP1F"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP20.exe"="~DP20"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA68\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA958\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"@shell32.dll,-31355"="Graver ces fichiers sur le CD-ROM"
"D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP2D.exe"="~DP2D"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP2E.exe"="~DP2E"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA729\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32view_2.06.2.exe"="NOD32view_2.06.2"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP35.exe"="~DP35"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP36.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA983\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA502\NOD32.patch\NOD32.FiX.v2.1.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-KAG1P.tmp\is-EHR7I.tmp"="Setup/Uninstall"
"D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN\NOD32.FiX.v2.1.exe"="NOD32.FiX.v2.1"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP48.exe"="~DP48"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP49.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-OAM0E.tmp\is-RS0RC.tmp"="Setup/Uninstall"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP4A.exe"="~DP4A"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP4B.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP4C.exe"="~DP4C"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP4D.exe"="~DP4D"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA456\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA54\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA327\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP14.exe"="~DP14"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP15.exe"="~DP15"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP1A.exe"="~DP1A"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\~DP1B.exe"="NOD32 Update Viewer"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA514\NOD32.patch\NOD32.FiX.v2.1.exe"="Makes your NOD32 trial last forever. "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\is-8SOP4.tmp\is-AVHS9.tmp"="Setup/Uninstall"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA643\NOD32_2.70.23_standard.exe"="NOD32_2.70.23_standard"
"@%SystemRoot%\system32\shell32.dll,-22563"="Cr\x00e9e et modifie des fichiers texte en utilisant des fonctions de formatage de base."
"@%SystemRoot%\system32\oobe\msoobe.exe,-2001"="Vous demande d'activer cette copie de Windows pour le prot\xe9ger du piratage."
"C:\WINDOWS\system32\oobe\msoobe.exe"="Microsoft Out of Box Experience"
"@%SystemRoot%\system32\usmt\migwiz.exe,-203"="Transf\xe8re les fichiers et les param\xe8tres d'un ordinateur vers un autre."
"@%SystemRoot%\system32\xpsp2res.dll,-6104"="Afficher votre statut de s\x00e9curit\xe9 et param\xe8tres de protection."
"@%SystemRoot%\system32\shell32.dll,-22539"="D\x00e9fragmente vos volumes pour que votre ordinateur fonctionne plus rapidement et plus efficacement."
"@%SystemRoot%\system32\shell32.dll,-22575"="Affiche les informations syst\xe8me actuelles."
"@shell32.dll,-31291"="Ces t\x00e2ches s'appliquent \xe0 votre ordinateur ou aux \xe9quipements mat\xe9riels que vous s\xe9lectionnez."
"@shell32.dll,-31293"="L'Assistant Recherche vous aide \xe0 rechercher des fichiers, des dossiers, des imprimantes et des personnes."
"F:\Bitdefender\BitDefender Standard 7.2.exe"="Win32 Cabinet Self-Extractor "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\IXP000.TMP\Setup.Exe"="Windows\xae Installer Bootstraper"
"F:\VotresiteWeb6-eval.exe"=" "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\Creez Votre Site Internet\demo32.exe"="DemoShield Player"
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\Creez Votre Site Internet\VotresiteWeb6-eval.exe"=" "
"C:\DOCUME~1\Ahmed\LOCALS~1\Temp\Votre site Web\Reg\setup.exe"="InstallShield (R) Setup Launcher"
"@%SystemRoot%\system32\shell32.dll,-22587"="Rechercher des produits d\xe9velopp\xe9s pour Windows."
"D:\DiagHelp\go.cmd"="go"
"C:\WINDOWS\system32\cmd.exe"="Interpr\xe9teur de commandes Windows"
"D:\SREngPS.EXE"="System Repair Engineer"
"D:\Opera_9.24_International_Setup.exe"="Setup Launcher "
"C:\Program Files\Opera\Opera.exe"="Opera Internet Browser"
"E:\autorun.exe"="Application MFC langautorun"
"E:\Version Fran\x00e7aise\autorun.exe"="autorun"
"E:\Version Fran\x00e7aise\BitDefender Standard 7.2.exe"="Win32 Cabinet Self-Extractor "
"D:\kis7.0.0.125fr.exe"=" "

scanning hidden files ...

C:\WINDOWS\system32\drivers\hidr.exe
C:\WINDOWS\system32\drivers\srosa.sys

scan completed successfully
hidden services: 0
hidden files: 2


KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
680 - csrss.exe
704 - winlogon.exe
748 - services.exe
760 - lsass.exe
988 - svchost.exe
1028 - svchost.exe
1084 - svchost.exe
1116 - svchost.exe
1300 - mdm.exe
2440 - dslmon.exe
3280 - cmd.exe
3312 - firefox.exe
3496 - winlogon.exe
3652 - ctfmon.exe
3684 - explorer.exe

Total number of processes = 16
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntoskrnl.exe
806FD000 - \WINDOWS\system32\hal.dll
F8A41000 - \WINDOWS\system32\KDCOM.DLL
F8951000 - \WINDOWS\system32\BOOTVID.dll
F84F1000 - ACPI.sys
F8A43000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
F84E0000 - pci.sys
F8541000 - isapnp.sys
F8B09000 - PCIIde.sys
F87C1000 - \WINDOWS\System32\Drivers\PCIIDEX.SYS
F8A45000 - intelide.sys
F8551000 - MountMgr.sys
F84C1000 - ftdisk.sys
F8A47000 - dmload.sys
F849B000 - dmio.sys
F87C9000 - PartMgr.sys
F8561000 - VolSnap.sys
F8483000 - atapi.sys
F8571000 - disk.sys
F8581000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F8463000 - fltMgr.sys
F8451000 - sr.sys
F8591000 - PxHelp20.sys
F843A000 - KSecDD.sys
F83AD000 - Ntfs.sys
F8380000 - NDIS.sys
F8365000 - Mup.sys
F81DF000 - \SystemRoot\system32\DRIVERS\ialmnt5.sys
F81CB000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F8841000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
F81A8000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
F8849000 - \SystemRoot\system32\DRIVERS\usbehci.sys
F817E000 - \SystemRoot\system32\DRIVERS\b57xp32.sys
F86C1000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
F8851000 - \SystemRoot\system32\DRIVERS\mouclass.sys
F8859000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
F816A000 - \SystemRoot\system32\DRIVERS\parport.sys
F8159000 - \SystemRoot\system32\DRIVERS\serial.sys
F89F1000 - \SystemRoot\system32\DRIVERS\serenum.sys
F8861000 - \SystemRoot\system32\DRIVERS\fdc.sys
F86D1000 - \SystemRoot\system32\DRIVERS\imapi.sys
F86E1000 - \SystemRoot\system32\DRIVERS\cdrom.sys
F86F1000 - \SystemRoot\system32\DRIVERS\redbook.sys
F8136000 - \SystemRoot\system32\DRIVERS\ks.sys
F8119000 - \SystemRoot\System32\Drivers\pwd_2k.SYS
F8094000 - \SystemRoot\system32\drivers\smwdm.sys
F8070000 - \SystemRoot\system32\drivers\portcls.sys
F8701000 - \SystemRoot\system32\drivers\drmk.sys
F8058000 - \SystemRoot\system32\drivers\aeaudio.sys
F8711000 - \SystemRoot\system32\DRIVERS\intelppm.sys
F8B39000 - \SystemRoot\system32\DRIVERS\audstub.sys
F8721000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
F89F9000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
F8041000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
F8731000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
F8741000 - \SystemRoot\system32\DRIVERS\raspptp.sys
F8869000 - \SystemRoot\system32\DRIVERS\TDI.SYS
F8030000 - \SystemRoot\system32\DRIVERS\psched.sys
F8751000 - \SystemRoot\system32\DRIVERS\msgpc.sys
F8871000 - \SystemRoot\system32\DRIVERS\ptilink.sys
F8879000 - \SystemRoot\system32\DRIVERS\raspti.sys
F7FFF000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
F8761000 - \SystemRoot\system32\DRIVERS\termdd.sys
F8A5B000 - \SystemRoot\system32\DRIVERS\swenum.sys
F7F7E000 - \SystemRoot\system32\DRIVERS\update.sys
F8A21000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
F8881000 - \SystemRoot\System32\Drivers\dvd_2K.SYS
F8781000 - \SystemRoot\System32\Drivers\NDProxy.SYS
F8791000 - \SystemRoot\system32\DRIVERS\usbhub.sys
F8A5D000 - \SystemRoot\system32\DRIVERS\USBD.SYS
F8889000 - \SystemRoot\system32\DRIVERS\flpydisk.sys
F8B9D000 - \SystemRoot\System32\Drivers\Cdr4_xp.SYS
F8BA3000 - \SystemRoot\System32\Drivers\Cdralw2k.SYS
F8A5F000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F8BA4000 - \SystemRoot\System32\Drivers\Null.SYS
F8A61000 - \SystemRoot\System32\Drivers\Beep.SYS
F8899000 - \SystemRoot\System32\drivers\vga.sys
F8A63000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F8A65000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
EFDA9000 - \SystemRoot\System32\Drivers\cdudf_xp.SYS
F88A1000 - \SystemRoot\System32\Drivers\Msfs.SYS
F88A9000 - \SystemRoot\System32\Drivers\Npfs.SYS
EFD62000 - \SystemRoot\System32\Drivers\UdfReadr_xp.SYS
F89E1000 - \SystemRoot\system32\DRIVERS\rasacd.sys
EFD15000 - \SystemRoot\system32\DRIVERS\ipsec.sys
EFCBD000 - \SystemRoot\system32\DRIVERS\tcpip.sys
EFC95000 - \SystemRoot\system32\DRIVERS\netbt.sys
EFC73000 - \SystemRoot\System32\drivers\afd.sys
F85B1000 - \SystemRoot\system32\DRIVERS\netbios.sys
EFC62000 - \??\C:\WINDOWS\system32\drivers\srosa.sys
EFC37000 - \SystemRoot\system32\DRIVERS\rdbss.sys
EFBA0000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
F85C1000 - \SystemRoot\System32\Drivers\Fips.SYS
F7FEB000 - \SystemRoot\system32\DRIVERS\hidusb.sys
F85E1000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
F88B1000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
F85F1000 - \SystemRoot\system32\DRIVERS\wanarp.sys
F7FDB000 - \SystemRoot\system32\DRIVERS\mouhid.sys
EFB88000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F8A6D000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
EFE21000 - \SystemRoot\System32\drivers\Dxapi.sys
F88C9000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F8C4C000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9E3000 - \SystemRoot\System32\ialmdnt5.dll
BFA05000 - \SystemRoot\System32\ialmdev5.DLL
EF8DB000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
EF898000 - \SystemRoot\system32\DRIVERS\e4usbaw.sys
F8A87000 - \SystemRoot\System32\Drivers\ParVdm.SYS
EF756000 - \SystemRoot\system32\DRIVERS\srv.sys
EF651000 - \SystemRoot\system32\drivers\wdmaud.sys
EF6FE000 - \SystemRoot\system32\drivers\sysaudio.sys
EF33A000 - \SystemRoot\System32\Drivers\HTTP.sys
EF5BB000 - \SystemRoot\System32\Drivers\Cdfs.SYS
EEF77000 - \SystemRoot\system32\drivers\kmixer.sys
EEE84000 - \SystemRoot\System32\Drivers\Fastfat.SYS
BF9D5000 - \SystemRoot\System32\ialmrnt5.dll
BFA3A000 - \SystemRoot\System32\ialmdd5.DLL
F8949000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
EED06000 - \??\C:\WINDOWS\system32\drivers\klif.sys
F8BFF000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

Total number of drivers = 122

Liste des programmes installes

Adobe Reader 6.0.1 - Français
Apple Software Update
Athan Pro 3.0
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
Bloqueur de fenêtres pop-up (Windows Live Toolbar)
Broadcom Management Programs
Broadcom NetXtreme Ethernet Controller
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows XP (KB914440)
Correctif Windows XP - KB873339
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB885884
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB888302
Correctif Windows XP - KB890859
Correctif Windows XP - KB891781
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
Easy CD & DVD Creator 6
eMule
Extension de Windows Live Toolbar (Windows Live Toolbar)
FlashGet 1.9.6.1073
Free Mp3 Wma Converter V 1.4.0
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Intel(R) Extreme Graphics 2 Driver
jv16 PowerTools 1.3
Lecteur Windows Media 11
Menus intelligents (Windows Live Toolbar)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional avec FrontPage
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918118)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour de sécurité pour Windows XP (KB921503)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923789)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924667)
Mise à jour de sécurité pour Windows XP (KB925902)
Mise à jour de sécurité pour Windows XP (KB926255)
Mise à jour de sécurité pour Windows XP (KB926436)
Mise à jour de sécurité pour Windows XP (KB927779)
Mise à jour de sécurité pour Windows XP (KB927802)
Mise à jour de sécurité pour Windows XP (KB928255)
Mise à jour de sécurité pour Windows XP (KB928843)
Mise à jour de sécurité pour Windows XP (KB929123)
Mise à jour de sécurité pour Windows XP (KB930178)
Mise à jour de sécurité pour Windows XP (KB931261)
Mise à jour de sécurité pour Windows XP (KB931784)
Mise à jour de sécurité pour Windows XP (KB932168)
Mise à jour de sécurité pour Windows XP (KB933729)
Mise à jour de sécurité pour Windows XP (KB935839)
Mise à jour de sécurité pour Windows XP (KB935840)
Mise à jour de sécurité pour Windows XP (KB936021)
Mise à jour de sécurité pour Windows XP (KB938829)
Mise à jour de sécurité pour Windows XP (KB941202)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB904942)
Mise à jour pour Windows XP (KB908531)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour pour Windows XP (KB916595)
Mise à jour pour Windows XP (KB920872)
Mise à jour pour Windows XP (KB922582)
Mise à jour pour Windows XP (KB927891)
Mise à jour pour Windows XP (KB930916)
Mise à jour pour Windows XP (KB933360)
Mise à jour pour Windows XP (KB936357)
Mise à jour pour Windows XP (KB938828)
Mozilla Firefox (2.0.0.8)
OneCare Advisor (Windows Live Toolbar)
Opera 9.24
PowerArchiver
QuickTime
SAGEM F@st 800-840
Skype 2.5
SoundMAX
TuneUp Utilities 2007
WebFldrs XP
Winamp
Winamp Toolbar
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Favorites pour Windows Live Toolbar
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11



Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C4A1-64F0

Répertoire de C:\Program Files

25/10/2007 23:02 <REP> .
25/10/2007 23:02 <REP> ..
20/10/2007 21:46 <REP> Adobe
20/10/2007 20:13 <REP> Analog Devices
24/10/2007 16:43 <REP> Apple Software Update
25/10/2007 00:43 <REP> a-squared Anti-Malware
23/10/2007 20:18 <REP> Athan
20/10/2007 20:13 <REP> Broadcom
20/10/2007 20:00 <REP> ComPlus Applications
24/10/2007 17:00 <REP> DivX
24/10/2007 23:16 <REP> eMule
25/10/2007 18:04 <REP> ESET
25/10/2007 22:43 <REP> Fichiers communs
25/10/2007 19:48 <REP> FlashGet
20/10/2007 21:49 <REP> Free Audio Pack
21/10/2007 22:47 <REP> Internet Explorer
23/10/2007 20:16 <REP> jv16 PowerTools
21/10/2007 21:47 <REP> Messenger
20/10/2007 20:03 <REP> microsoft frontpage
20/10/2007 21:42 <REP> Microsoft Office
20/10/2007 21:42 <REP> Microsoft Visual Studio
20/10/2007 20:01 <REP> Movie Maker
25/10/2007 22:36 <REP> Mozilla Firefox
20/10/2007 19:59 <REP> MSN
20/10/2007 19:59 <REP> MSN Gaming Zone
23/10/2007 20:18 <REP> MSN Messenger
20/10/2007 20:01 <REP> NetMeeting
20/10/2007 19:59 <REP> Online Services
25/10/2007 21:00 <REP> Opera
21/10/2007 21:46 <REP> Outlook Express
20/10/2007 20:47 <REP> PowerArchiver
24/10/2007 16:44 <REP> QuickTime
24/10/2007 16:18 <REP> RealVNC
20/10/2007 20:26 <REP> Roxio
21/10/2007 22:12 <REP> SAGEM
20/10/2007 20:01 <REP> Services en ligne
20/10/2007 22:16 <REP> Skype
24/10/2007 19:48 <REP> Trend Micro
23/10/2007 20:17 <REP> TuneUp Utilities 2007
23/10/2007 20:19 <REP> Winamp
23/10/2007 20:19 <REP> Winamp Toolbar
23/10/2007 20:20 <REP> Windows Live Favorites
23/10/2007 20:16 <REP> Windows Live Toolbar
20/10/2007 22:17 <REP> Windows Media Connect 2
21/10/2007 21:47 <REP> Windows Media Player
20/10/2007 19:59 <REP> Windows NT
20/10/2007 20:03 <REP> xerox
25/10/2007 00:38 <REP> Yahoo!
0 fichier(s) 0 octets
48 Rép(s) 11 416 383 488 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C4A1-64F0

Répertoire de C:\Program Files\fichiers communs

25/10/2007 22:43 <REP> .
25/10/2007 22:43 <REP> ..
21/10/2007 18:33 <REP> Adobe
20/10/2007 21:42 <REP> Designer
25/10/2007 13:53 <REP> InstallShield
23/10/2007 20:19 <REP> Microsoft Shared
20/10/2007 20:01 <REP> MSSoap
20/10/2007 19:46 <REP> ODBC
20/10/2007 20:26 <REP> Roxio Shared
20/10/2007 20:01 <REP> Services
20/10/2007 19:46 <REP> SpeechEngines
21/10/2007 21:46 <REP> System
21/10/2007 20:14 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
13 Rép(s) 11 416 379 392 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est C4A1-64F0

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

23/10/2007 20:19 <REP> .
23/10/2007 20:19 <REP> ..
20/10/2007 21:42 <REP> 1033
23/10/2007 20:19 <REP> 1036
29/01/2004 14:08 1 277 952 MSONSEXT.DLL
13/02/2001 08:23 58 784 MSOSV.DLL
03/06/1999 12:09 122 937 MSOWS409.DLL
07/03/2001 07:00 127 033 MSOWS40c.DLL
06/08/2000 09:04 401 462 MSVCP60.DLL
29/01/2004 14:08 69 632 PKMAXCTL.DLL
29/01/2004 14:08 868 352 PKMCDO.DLL
29/01/2004 14:08 53 248 PKMCORE.DLL
29/01/2004 14:08 102 400 PKMFORMS.DLL
29/01/2004 14:38 634 880 PKMRES.DLL
29/01/2004 14:08 28 672 PKMSSTLB.DLL
22/01/2001 03:25 40 960 PKMTEMPL.DLL
29/01/2004 14:08 24 576 PKMTRACE.DLL
29/01/2004 14:08 86 016 PKMWS.DLL
29/01/2004 14:08 237 568 PROMDEMO.DLL
29/01/2004 14:08 184 320 SECMGR.DLL
29/01/2004 14:08 315 392 VAIDDMGR.DLL
29/01/2004 14:08 32 768 VAIMEM.DLL
18 fichier(s) 4 666 952 octets
4 Rép(s) 11 416 379 392 octets libres




c:\Documents and Settings\Ahmed\Application Data\Microsoft\Installer\{16913489-B5E3-403E-AFD3-2B19BBE464D4}\ARPPRODUCTICON.exe
c:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\FlashGot.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP10.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP11.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP13.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP14.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP15.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP17.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP18.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP19.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP1A.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP1B.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP1F.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP20.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP2D.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP2E.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP35.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP36.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP48.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP49.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP4A.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP4B.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP4C.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP4D.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP7.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP8.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DP9.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\~DPF.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\unyt_ping.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\ycomp_setup.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\Creez Votre Site Internet\demo32.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\Creez Votre Site Internet\VotresiteWeb6-eval.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\nstBF8.tmp\LatestDivXInstaller.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\Votre site Web\WebEasy_Pry_Fra_GM3.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\Votre site Web\Reg\setup.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\WebshotsTemp\wssetup.exe
c:\Documents and Settings\Ahmed\Local Settings\Temp\\_PA54\NOD32 Update Viewer 2.06.2.0\NOD32view_2.06.2.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\a2AntiMalwareSetup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\AdbeRdr60_fra_full.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\avgas-setup-7.5.1.43.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\ccsetup201.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\DivXInstaller.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\DivXPro502GAINBundle.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\eMule0.48a-Installer.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\fgen_305.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\Firefox Setup 1.5.0.12.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\Firefox Setup 2.0.0.8.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\idman511.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\IE7-WindowsXP-x86-fra.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\Install_Messenger.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\iTunesSetup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\jv16pt_setup1.3.0.195.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\powarc911.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\QuickTimeInstaller.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\RecoverMyFiles-Setup-French.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\Setup_FreeConverter.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SkypeSetup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\vnc-4.0-x86_win32.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\webshots_setup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\wm_avcodec_interface_setup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\wmp11-windowsxp-x86-FR-FR.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\XviD-1.1.2-01112006.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\PowerArchiver.2004.v9.11.01.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\psp702fv\instmsia.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\psp702fv\instmsiw.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\psp702fv\setup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\psp702fv\Crack Psp\paintshop702\Crack.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\AEEnable.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\DrvLsnr.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\RemADI.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\Setup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SMAXWDM\SE\ADI_RMV.EXE
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SMAXWDM\SE\inst16.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SMAXWDM\W2K_XP\install.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SMAXWDM\W2K_XP\Remove.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SM_Micro\Sys\SMWizard.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SM_Panel\Sys\SMAgent.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SM_Panel\Sys\SMAgentI.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SM_Panel\Sys\SMAgentX.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SM_Panel\Sys\SMTray.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SoundMAX Synthesizer\\_iscppr.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SoundMAX Synthesizer\DLSLoader.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\SoundMAX Synthesizer\SynCor.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\Sys\CleanUp.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP24465\Sys\DSndUp.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Setup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Win2000\hkcmd.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Win2000\ialmudlg.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Win2000\igfxcfg.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Win2000\igfxext.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Win2000\igfxpers.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Win2000\igfxsrvc.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Win2000\igfxtray.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\sp31335\Win2000\igfxzoom.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP36378\demo32.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP36378\Launch.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP36378\RunInstl.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP36378\setup.exe
c:\Documents and Settings\Ahmed\Mes documents\Downloads\Software\SWSetup\SP36378\MgmtApps\setup.exe
c:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
c:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
c:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\components\FoxyTunes.dll
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\winamptbres.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_NASSIF-XP.tar.gz a l'adresse http://upload.malekal.com

zayadi
 Posté le 26/10/2007 à 11:55 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Rapport Elibagla effectué en mode sans echec (f8)


Fri Oct 26 07:46:14 2007
EliBagle v10.62 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acciَn Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\HIDR.EXE.Muestra EliBagle v10.62
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HIDR.EXE --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\SROSA.SYS.Muestra EliBagle v10.62
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Eliminado Bagle
Eliminada Carpeta "%WinDir%\exefld"
Restaurada Clave: "SafeBoot\Minimal y Network"

Fri Oct 26 07:59:10 2007
EliBagle v10.62 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acciَn Directa):

Fri Oct 26 07:59:21 2007
EliBagle v10.62 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploraciَn):
Explorando Unidad C:\

N؛ Total de Directorios: 3447
N؛ Total de Ficheros: 27451
N؛ de Ficheros Analizados: 7884
N؛ de Ficheros Infectados: 0
N؛ de Ficheros Limpiados: 0

Fri Oct 26 08:05:48 2007
EliBagle v10.62 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acciَn Directa):

Fill
 Posté le 26/10/2007 à 18:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

Evite les cracks. Ce sont eux qui sont responsables de cette infection. Il me faut un autre rapport SREng.

Fill

zayadi
 Posté le 26/10/2007 à 18:55 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir. Merci du conseil.Vraiment tu a raison. j'éviterai ça dans l'avenir pour éviter des problèmes semblables.

rapport demand

[CODE]

2007-10-26,16:43:02

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<eMuleAutoStart><; C:\Program Files\eMule\emule.exe -AutoStart> [http://www.emule-project.net]
<MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows XP Publisher]
<Skype><; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)Skype Technologies SA]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<nvchost><C:\WINDOWS\winlogon.exe> []
<!AVG Anti-Spyware><; "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [N/A]
<Athan><; C:\Program Files\Athan\Athan.exe> [www.IslamicFinder.org]
<DrvLsnr><; C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe> [adi]
<Flashget><; C:\Program Files\FlashGet\FlashGet.exe /min> [FlashGet.com]
<igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxpers><; C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<igfxtray><; C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher]
<MSPY2002><; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)Microsoft Windows Publisher]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<QuickTime Task><; "C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<RoxioDragToDisc><; "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"> [Roxio]
<RoxioEngineUtility><; "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"> [Roxio]
<nod32kui><"C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE> [Eset ]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
<WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]

==================================
Startup Folders
[DSLMON]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk --> C:\PROGRA~1\SAGEM\SAGEMF~1\dslmon.exe []><N>

==================================
Services
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
<"C:\Program Files\Eset\nod32krn.exe"><Eset>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[WMDM PMSP Service / WMDM PMSP Service][Running/Auto Start]
<C:\WINDOWS\system32\MsPMSPSv.exe><Microsoft Corporation>

==================================
Drivers
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[AMON / AMON][Running/Auto Start]
<\SystemRoot\system32\drivers\amon.sys><Eset>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
<system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[Broadcom Advanced Server Program Driver / Blfp][Stopped/Manual Start]
<system32\DRIVERS\baspxp32.sys><Broadcom Corporation>
[USB ADSL2 WAN Adapter / e4usbaw][Running/Manual Start]
<system32\DRIVERS\e4usbaw.sys><Analog Devices Inc.>
[ialm / ialm][Running/Manual Start]
<system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[General Purpose USB Driver (e4ldr.sys) / IKANLOADER2][Stopped/Auto Start]
<System32\Drivers\e4ldr.sys><Analog Deivces>
[nod32drv / nod32drv][Running/System Start]
<\SystemRoot\system32\drivers\nod32drv.sys><N/A>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Winamp Toolbar BHO]
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[FGCatchUrl]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[FlashGet GetFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\Program Files\FlashGet\FlashGet.exe, FlashGet.com>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Winamp Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[IDMIEHlprObj Class]
{0055C089-8582-441B-A0BF-17B458C2A3A8} <, N/A>
[Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <, N/A>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Winamp Toolbar BHO]
{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[FGCatchUrl]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, Microsoft Corporation>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Winamp Toolbar]
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} <C:\Program Files\Winamp Toolbar\winamptb.dll, AOL LLC>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[Yahoo! Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <, N/A>
[FlashGet GetFlash Class]
{F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, www.flashget.com>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[FGAutoLive]
{F90D830D-C175-4bbe-82C7-FF94669A4C42} <C:\Program Files\FlashGet\fgupdate.dll, www.flashget.com>
[FGCatchUrl]
{FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <C:\Program Files\FlashGet\jccatch.dll, www.flashget.com>
[&Tout télécharger avec FlashGet]
<C:\Program Files\FlashGet\jc_all.htm, N/A>
[&Télécharger avec FlashGet]
<C:\Program Files\FlashGet\jc_link.htm, N/A>
[&Winamp Toolbar Search]
<C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html, N/A>
[&Windows Live Search]
<res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[Add to Windows &Live Favorites]
<http://favorites.live.com/quickadd.aspx, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 448 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 672 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 696 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 740 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 752 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[PID: 908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 976 / SERVICE RةSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[PID: 1028 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[c:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.8]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 1084 / SERVICE RةSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[PID: 1120 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[PID: 1164 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 1368 / SYSTEM][C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\1036\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[PID: 1408 / SYSTEM][C:\Program Files\Eset\nod32krn.exe] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\ps_amon.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\ps_dmon.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\ps_emon.dll] [Eset , 2, 70, 23 ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\ps_nod32.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\ps_upd.dll] [Eset , 2, 70, 23 ]
[PID: 1448 / SYSTEM][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1552 / SYSTEM][C:\WINDOWS\system32\MsPMSPSv.exe] [Microsoft Corporation, 7.01.00.3055]
[PID: 1768 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[PID: 536 / Ahmed][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\WPDShServiceObj.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.1.2003110300]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[PID: 564 / Ahmed][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[PID: 620 / Ahmed][C:\WINDOWS\winlogon.exe] [N/A, ]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[PID: 628 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
[PID: 408 / Ahmed][C:\Program Files\Eset\nod32kui.exe] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\pu_amon.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\pu_dmon.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\pu_emon.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\pu_imon.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\pu_nod32.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Eset\pu_upd.dll] [Eset , 2, 70, 23 ]
[PID: 660 / Ahmed][C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe] [, 1, 0, 0, 1]
[C:\Program Files\SAGEM\SAGEM F@st 800-840\Languages\French.dll] [, 1, 0, 0, 1]
[PID: 2064 / Ahmed][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.8: 2007100816]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]
[C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] [N/A, ]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.64]
[C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\yprf3jhv.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\components\FoxyTunes.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.8: 2007100816]
[C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll] [, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3188 / Ahmed][D:\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\Normaliz.dll] [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll] [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\SYNCOR11.DLL] [SoundMAX, 1.2.3]
[D:\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 23 ]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
NOD32 protected [MSAFD Tcpip [TCP/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32
C:\WINDOWS\system32\imon.dll(Eset , NOD32 IMON - Internet scanning support)

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
N/A

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


[/CODE]

Fill
 Posté le 26/10/2007 à 20:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

1/ Télécharge Ccleaner Basic http://www.ccleaner.com/download/builds

Ouvre Ccleaner, clique sur "lancer le nettoyage".

2/ Télécharge AVGantispyware : http://www.ewido.net/en/download/

Tu l'installes.

Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente.

Clique sur le bouton Analyse (de la barre d'outils)

Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.

Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.

Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

3/ Edite le rapport AVGantispyware et un nouveau rapport Hijackthis.

Fill

Publicité
zayadi
 Posté le 26/10/2007 à 22:54 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir

rapport AVG avant désinstallation nod 32

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 20:03:57 26/10/2007

+ Résultat de l'analyse:

D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN.zip/ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN/NOD32.FiX.v2.1.exe -> Dropper.Delf.xo : Nettoyé et sauvegardé (mise en quarantaine).
D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN.zip/ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN/NOD32_2.70.23_standard.exe -> Dropper.Delf.xo : Nettoyé et sauvegardé (mise en quarantaine).
D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN.zip/ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN/NOD32view_2.06.2.exe -> Dropper.Delf.xo : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP94\A0014950.exe -> Heuristic.Win32.AVKiller : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP94\A0014949.exe -> Proxy.Agent.kj : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport

Rapport AVG après désinstallation Nod 32

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 20:39:25 26/10/2007

+ Résultat de l'analyse:

D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN.zip/ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN/NOD32.FiX.v2.1.exe -> Dropper.Delf.xo : Nettoyé.
D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN.zip/ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN/NOD32_2.70.23_standard.exe -> Dropper.Delf.xo : Nettoyé.
D:\ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN.zip/ESET.NOD32.v2.70.23.WinNT2K2K3XP.Cracked-FYN/NOD32view_2.06.2.exe -> Dropper.Delf.xo : Nettoyé.


Fin du rapport

Rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:13, on 26/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\winamp toolbar\WinampTbServer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\Ahmed\LOCALS~1\Temp\\_PA465\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192912450390
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1193007056671
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF05501D-2657-4900-A021-2E7F7A694424}: NameServer = 212.217.1.4 212.217.0.3
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 6037 bytes

Fill
 Posté le 26/10/2007 à 23:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

1/ Tu peux ré-nistaller l'antivirus de ton choix. Je te conseille Antivir, performant et gratuit, mais en anglais.

2/

  • Fais un scan en ligne en cliquant ici.
  • Choisis Kaspersky.
  • Tu dois réaliser le scan en utilisant Internet explorer. Une information apparait en haut, près de la barre d'état. Tu dois accepter et installer l'activeX proposé. La mise à jour de l'antivirus se lance.
  • Réalise un scan complet du système.
  • Sauvegarde le rapport en mode texte à l'issue du scan.

Edite le rapport Kaspersky.

Fill

zayadi
 Posté le 27/10/2007 à 01:36 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonjour.

scan KAV en ligne:

KASPERSKY ONLINE SCANNER REPORT
Friday, October 26, 2007 11:30:26 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 27/10/2007
Kaspersky Anti-Virus database records: 446766
Scan Settings
Scan using the following antivirus databaseextended
Scan Archivestrue
Scan Mail Basestrue
Scan TargetMy Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects44303
Number of viruses found4
Number of infected objects28
Number of suspicious objects0
Duration of the scan process00:50:43

Infected Object NameVirus NameLast Action
C:\Documents and Settings\Ahmed\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\Ahmed\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Messenger\ahmed.amor@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Messenger\ahmed.amor@hotmail.com\SharingMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Messenger\ahmed.amor@hotmail.com\SharingMetadata\Working\database_A4C4_A190_C4A1_64F0\dfsr.db Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Messenger\ahmed.amor@hotmail.com\SharingMetadata\Working\database_A4C4_A190_C4A1_64F0\fsr.log Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Messenger\ahmed.amor@hotmail.com\SharingMetadata\Working\database_A4C4_A190_C4A1_64F0\fsrtmp.log Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Messenger\ahmed.amor@hotmail.com\SharingMetadata\Working\database_A4C4_A190_C4A1_64F0\tmp.edb Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Windows Live Contacts\ahmed.amor@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Windows Live Contacts\ahmed.amor@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Historique\History.IE5\MSHist012007102620071027\index.dat Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Temp\Perflib_Perfdata_a8c.dat Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Temp\~DF18E9.tmp Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Temp\~DFD34C.tmp Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Temp\~DFD357.tmp Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Temp\~DFE2AC.tmp Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Temp\~DFE2B7.tmp Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Ahmed\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Ahmed\ntuser.dat Object is locked skipped
C:\Documents and Settings\Ahmed\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\ESET\cache\CACHE.NDB Object is locked skipped
C:\Program Files\ESET\logs\virlog.dat Object is locked skipped
C:\Program Files\ESET\logs\warnlog.dat Object is locked skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP10.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP14.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP18.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP1A.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP1F.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP2D.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP35.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP48.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP4A.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP4C.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar/DOCUME~1/Ahmed/LOCALS~1/Temp/~DP8.exe Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz/upload_moi.tar Infected: Trojan-Proxy.Win32.Agent.kj skipped
C:\RECYCLER\S-1-5-21-725345543-1993962763-1801674531-1003\Dc46.gz GZIP: infected - 12 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP75\A0014043.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP94\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\Downloads\Software\DivXPro502GAINBundle.exe/Gain_Trickler.exe Infected: not-a-virus:AdWare.Win32.Gator.3202 skipped
D:\Downloads\Software\DivXPro502GAINBundle.exe Vise: infected - 1 skipped
D:\Downloads\Software\vnc-4.0-x86_win32.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
D:\Downloads\Software\vnc-4.0-x86_win32.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
D:\Downloads\Software\vnc-4.0-x86_win32.exe/data0006 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
D:\Downloads\Software\vnc-4.0-x86_win32.exe Inno: infected - 3 skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\\_restore{44CD71AA-C7F6-4B33-BB28-2FCB649A563A}\RP48\A0020595.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
D:\System Volume Information\\_restore{44CD71AA-C7F6-4B33-BB28-2FCB649A563A}\RP48\A0020595.exe 7-Zip: infected - 1 skipped
D:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP63\A0009488.exe/Gain_Trickler.exe Infected: not-a-virus:AdWare.Win32.Gator.3202 skipped
D:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP63\A0009488.exe Vise: infected - 1 skipped
D:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP63\A0009500.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
D:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP63\A0009500.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
D:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP63\A0009500.exe/data0006 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
D:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP63\A0009500.exe Inno: infected - 3 skipped
D:\System Volume Information\\_restore{ECB7F0A9-EDDA-4D76-993C-C068C4445EF3}\RP94\change.log Object is locked skipped
Scan process completed.

Fill
 Posté le 27/10/2007 à 16:55 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

  • Télécharge OTMoveIt (de Old_Timer) sur ton bureau,
  • Double-clique sur OTMoveIt.exe pour lancer le programme,
  • Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
D:\Downloads\Software\DivXPro502GAINBundle.exe
D:\Downloads\Software\vnc-4.0-x86_win32.exe
  • Clique sur MoveIt! pour lancer la suppression,
  • Le résultat appraraîtra dans le cadre Results.
  • Clique sur Exit pour fermer le programme.
  • Poste le rapport qui est situé ici : C:\\\\_OTMoveIt\MovedFiles
  • Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

Si tu n'as plus de problème, on passe à la dernière étape.

Fill

Fill
 Posté le 28/10/2007 à 09:30 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

1/

  • Lance OTmoveIT.
  • Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargés).
NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder à internet, Autorise le.
  • Une liste apparaît dans la partie gauche d'OTmoveIT.
  • Un message apparaît pour confirmer le nettoyage. Confirme.
  • Les fichiers infectés qui se trouvent dans les quarantaines seront supprimés aussi.

2/Ouvre Ccleaner, clique sur "lancer le nettoyage".

3/

  • Il est fortement recommandé d'avoir tous ses logiciels de sécurité à jour, afin d'éviter les failles par lesquelles s'engouffrent les infections.

  • Tu peux supprimer tous les logiciels que nous avons utilisés (Type: SmitFraufix, Blacklight, SDFix, lopxpMH, ect.....) qui traitent des infections spécifiques et qui sont mis à jour régulièrement. Il est inutile de les garder sur ton PC.
  • Tu peux par contre, garder AVG Antispyware et CCleaner.

=========================================================================

/!\ Maintenant que ton PC n'est plus infecté, désactive ta "Restauration du système" afin de créer un point de restauration sain.

Pour désactiver ou activer la Restauration du système, vous devez ouvrir une session Administrateur sous Windows XP.

Désactivation:
Cliquer droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > cocher la case "Désactiver la Restauration du système sur tous les lecteurs"
> Appliquer et Ok.

Activation:
Suivre le même chemin ; décocher la case "Désactiver la Restauration du système sur tous les lecteurs"
> Appliquer et Ok. Redémarrer l'ordinateur.

Comment faire pour...(lettre A): https://forum.pcastuces.com/sujet.asp?f=25&s=3902

=========================================================================

Pour améliorer la sécurité de ton PC prend quelques instants pour lire:

Sécuriser son PC +WIFI (versions "hot" & "light"): https://forum.pcastuces.com/sujet.asp?f=25&s=25892

==========================================================================

Dénonce ton infection pour faire condamner les auteurs.


Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être les plus nombreux possibles, alors rends compte de ton infection :

- Voir les règles du forum : http://www.malwarecomplaints.info/viewtopic.php?t=5
- Après t'être enregistré à l'aide du bouton en haut se nommant "Register"
Si tu as plus de 13 ans, choisir : "I Agree to these terms and am over or exactly 13 years of age"
Si tu as moins, clique sur : "I Agree to these terms and am under 13 years of age"

Tu as alors, sous forme de liste, un sujet par type d'infection (Look2Me, Smitfraud, SpywareQuake etc..).

*** Tes infections : BAGLE, Dropper.Delf.xo ***

>> http://www.malwarecomplaints.info/viewforum.php?f=10

Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections, conforme au règle du forum (âge, ville, département etc..)


Indique aussi le nom du Forum qui t'a aidé, PCAstuces Sécurité

============================================================================

S'il te plait, note ton sujet en (Résolu)

Sur ton premier message, à droite =>


ou <= à gauche, en bas de la page. Merci !

Prudence sur Internet et parle de PC Astuces autour de toi!

Fill



Modifié par Fill le 28/10/2007 09:31
Publicité
Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
infection rogue et Trojan:Win32/Agent.BI
Infection par win32.Banker.fs Trojan.Spy.Agent.DA
Infection par trojan Ramsom.win32.foreign.ecma
trojan downloader.win32.agent!E2
Infection MBR/TDL4, trojan proxy
Infection Win32.FraudLoad / Win32.Agent.ieu
Trojan win32.agent.fbx dangereux?
infection par Trojan:Win32/Lodap!rts
Trojan win32.agent.bkr
Rootkit, trojan agent, Win32/TrojanClicker.Agent.N
Plus de sujets relatifs à infection: trojan-proxy.win32.agent.kj
 > Tous les forums > Forum Sécurité