Tom's Guide > Forum > Sécurité - Virus > Trojan bloque internet ?

Trojan bloque internet ?

Forum Sécurité - Virus : Trojan bloque internet ?

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
sokaris13   03-04-2009 à 09:58:03

Bonjour j'ai un probleme avec le net, je subi des ralentissements et des coupures sur ma connection, j'ai noté qu'a chaque demarrage du pc, mon antivirus (antivir) me detecte 2 virus :

- TR/Rookit.Gen dans le fichier C:\WINDOWS\system32\drivers\restore.sys
- TR/Dropper.Gen dans le fichier C:\WINDOWS\Temp\BN1.tmp

J'ai beau mettre n'importe quelles options ils reviennent toujours.

Je precise que j'ai effectué une analyse en mode sans echec de superantispyware et malwarebytes sans rien donner tandis qu'antivir me trouve ceci :

C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\WINDOWS\system32\spool\drivers\w32x86\EB3ST000.DAT
[0] Type d'archive: CAB SFX (self extracting)
--> \AGENTNT_t\SAgentNT.exe
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB3ST000.DAT
[0] Type d'archive: CAB SFX (self extracting)
--> \AGENTNT_t\SAgentNT.exe
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.

Merci de bien vouloir m'eclaircir svp

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
V-X   03-04-2009 à 10:15:19
- 0 +

Salut et Bienvenue sur IDN,

Je suis V-X et je vais t'aider à te débarrasser de tes soucis.
Il y aura peut-être un certain délai entre mes réponses, car je suis en formation et mes réponses doivent être validées avant d'être postées."

Merci.

------------------------------ La chasse aux virus cendrés
 Répondre à V-X
V-X   03-04-2009 à 11:02:57
- 0 +

Re,

Poste le dernier rapport complet d'antivir et de malwarebyte.

http://www.generation-upload-fr.com/upload/3015pointright.gifTélécharge DDS de sUBs sur ton bureau.
L'outil ne nécessite pas d'installation.

Lance-le en cliquant sur l'icône dds.scr
http://i75.servimg.com/u/f75/11/05/93/83/dds10.jpg
Cette fenêtre DOS va apparaitre
http://i75.servimg.com/u/f75/11/05/93/83/ddsdos10.jpg

Le scan ne doit pas dépasser trois minutes.
Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
Il te sera demandé si tu veux faire le scan optionnel.
Accepte par Oui
Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.
Tu ne le fourniras que si nécessaire.
Poste le rapport DDS.txt

------------------------------ La chasse aux virus cendrés
 Répondre à V-X
sokaris13   03-04-2009 à 11:51:47
- 0 +

Voici le dernier rapport d'antivir :

Avira AntiVir Personal
Date de création du fichier de rapport : jeudi 2 avril 2009 19:50

La recherche porte sur 1335611 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 3) [5.1.2600]
Mode Boot : Mode sans échec
Identifiant : Mickael
Nom de l'ordinateur :PERSO-9DB7B8507

Informations de version :
BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 09:57:57
ANTIVIR2.VDF : 7.1.3.0 1330176 Bytes 01/04/2009 12:47:27
ANTIVIR3.VDF : 7.1.3.1 2048 Bytes 01/04/2009 12:47:28
Version du moteur: 8.2.0.129
AEVDF.DLL : 8.1.1.0 106868 Bytes 29/03/2009 09:58:15
AESCRIPT.DLL : 8.1.1.70 369019 Bytes 29/03/2009 09:58:14
AESCN.DLL : 8.1.1.8 127346 Bytes 29/03/2009 09:58:13
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:38
AEPACK.DLL : 8.1.3.11 397687 Bytes 29/03/2009 09:58:13
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 29/03/2009 09:58:12
AEHEUR.DLL : 8.1.0.111 1679736 Bytes 29/03/2009 09:58:12
AEHELP.DLL : 8.1.2.2 119158 Bytes 29/03/2009 09:58:10
AEGEN.DLL : 8.1.1.31 340341 Bytes 29/03/2009 09:58:09
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 29/03/2009 09:58:08
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 11:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:43

Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:, G:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: marche
Fichier mode de recherche........: Tous les fichiers
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: élevé

Début de la recherche : jeudi 2 avril 2009 19:50

La recherche d'objets cachés commence.
Impossible d'initialiser le pilote.

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpgs2wnf.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SUPERAntiSpyware.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'14' processus ont été contrôlés avec '14' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'G:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '50' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\WINDOWS\system32\spool\drivers\w32x86\EB3ST000.DAT
[0] Type d'archive: CAB SFX (self extracting)
--> \AGENTNT_t\SAgentNT.exe
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB3ST000.DAT
[0] Type d'archive: CAB SFX (self extracting)
--> \AGENTNT_t\SAgentNT.exe
[AVERTISSEMENT] Aucun autre fichier n'a pu être décompressé de cette archive. L'archive est refermée.
Recherche débutant dans 'G:\'


Fin de la recherche : jeudi 2 avril 2009 21:14
Temps nécessaire: 1:23:27 Heure(s)

La recherche a été effectuée intégralement

8072 Les répertoires ont été contrôlés
326716 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
1 Impossible de contrôler des fichiers
326715 Fichiers non infectés
2480 Les archives ont été contrôlées
3 Avertissements
0 Consignes

Et le rapport de dds.scr :


DDS (Ver_09-03-16.01) - NTFSx86
Run by Mickael at 11:47:58,76 on 03/04/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.767.212 [GMT 2:00]

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
g:\PROGRA~1\FREEDO~1\fdm.exe
C:\Documents and Settings\Mickael\Bureau\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - g:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ccleaner] "c:\program files\ccleaner\ccleaner.exe" /AUTO
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
IE: Tout télécharger avec Free Download Manager - file://g:\program files\free download manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://g:\program files\free download manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://g:\program files\free download manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://g:\program files\free download manager\dlfvideo.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?LinkID=39204
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {41564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} - hxxp://dl.uc.sina.com/cab/downloader.cab
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_0_3_1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} - hxxp://securite.neuf.fr/Ols/fscax.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} - hxxp://www.systemrequirementslab.com/sysreqlab.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: {7C1BB502-9345-4FDE-9001-3CB5FFBE6C2E} = 86.64.145.140,84.103.237.140
Notify: !saswinlogon - c:\program files\superantispyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\mickael\applic~1\mozilla\firefox\profiles\3gd6qjgm.default\
FF - prefs.js: browser.search.selectedEngine - Wikipédia (fr)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: g:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll

============= SERVICES / DRIVERS ===============

R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [2008-7-14 3468904]
R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-3-29 11840]
R1 sasdifsv;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-3-23 9968]
R1 saskutil;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 72944]
R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus;c:\program files\avira\antivir personaledition classic\sched.exe [2009-3-29 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-3-29 151297]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-3-29 52032]
S2 vvdsvc;VJVodServices;c:\windows\system32\svchost.exe -k vvdsvc [2004-8-4 14336]
S3 botdrv;botdrv;\??\c:\windows\system32\driver.sys --> c:\windows\system32\driver.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-9-2 191656]
S3 restore;restore;\??\c:\windows\system32\drivers\restore.sys --> c:\windows\system32\drivers\restore.sys [?]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [2007-10-26 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [2007-10-26 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [2007-10-26 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [2007-10-26 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [2007-10-26 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [2007-10-26 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [2007-10-26 98952]
S3 sasenum;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408]

=============== Created Last 30 ================

2009-04-03 10:32 1,618 a------- c:\windows\system32\tmp.reg
2009-04-01 23:50 <DIR> --d----- c:\documents and settings\mickael\DoctorWeb
2009-04-01 16:44 161,792 a------- c:\windows\SWREG.exe
2009-04-01 16:44 98,816 a------- c:\windows\sed.exe
2009-03-31 23:51 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-03-31 23:50 <DIR> --d----- c:\windows\Internet Logs
2009-03-29 19:42 <DIR> --d----- c:\program files\Challenge Golfe De Fos
2009-03-29 19:01 579,584 ac------ c:\windows\system32\dllcache\user32.dll
2009-03-29 18:59 <DIR> --d----- c:\windows\ERUNT
2009-03-29 18:59 <DIR> --d----- C:\Backups
2009-03-29 13:56 <DIR> --d----- c:\documents and settings\mickael\Tracing
2009-03-29 13:55 <DIR> --d----- c:\program files\Microsoft
2009-03-29 13:55 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-03-29 13:52 <DIR> --d----- c:\program files\fichiers communs\Windows Live
2009-03-29 11:56 <DIR> --d----- c:\program files\Avira
2009-03-29 11:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-03-29 09:18 <DIR> --d----- c:\program files\trend micro
2009-03-28 22:03 73,728 a------- c:\windows\system32\javacpl.cpl
2009-03-28 12:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-03-28 12:43 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-03-28 12:43 <DIR> --d----- c:\docume~1\mickael\applic~1\SUPERAntiSpyware.com
2009-03-28 09:46 <DIR> --d----- c:\windows\system32\NtmsData
2009-03-26 20:14 182,656 ac------ c:\windows\system32\dllcache\ndis.sys
2009-03-20 16:59 54,156 a---h--- c:\windows\QTFont.qfn
2009-03-20 16:59 1,409 a------- c:\windows\QTFont.for
2009-03-15 18:32 <DIR> --d----- c:\documents and settings\mickael\LocalLow
2009-03-15 18:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TVU Networks

==================== Find3M ====================

2009-03-29 11:30 500,894 a------- c:\windows\system32\perfh00C.dat
2009-03-29 11:30 80,800 a------- c:\windows\system32\perfc00C.dat
2009-03-28 22:02 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-26 20:14 182,656 a------- c:\windows\system32\drivers\ndis.sys
2009-03-26 20:13 14,336 a------- c:\windows\system32\svchost.exe
2009-03-26 17:49 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-26 17:49 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-19 20:22 201,440 a------- c:\windows\system32\PnkBstrB.exe
2009-02-09 16:05 1,846,912 a------- c:\windows\system32\win32k.sys
2009-02-07 11:43 361,600 a------- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-02-07 11:43 361,600 a------- c:\windows\system32\drivers\TCPIP.SYS
2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
2009-01-15 14:46 34 a------- c:\documents and settings\mickael\jagex_runescape_preferences.dat
1999-04-06 14:27 99,840 a------- c:\program files\fichiers communs\IRAABOUT.DLL
1998-12-09 04:53 186,368 a------- c:\program files\fichiers communs\IRAREG.DLL
1998-12-09 04:53 70,144 a------- c:\program files\fichiers communs\IRAMDMTR.DLL
1998-12-09 04:53 48,640 a------- c:\program files\fichiers communs\IRALPTTR.DLL
1998-12-09 04:53 31,744 a------- c:\program files\fichiers communs\IRAWEBTR.DLL
1998-12-09 04:53 17,920 a------- c:\program files\fichiers communs\IRASRIAL.DLL
2006-12-28 11:53 2,516 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-08-29 00:30 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\historique\history.ie5\mshist012008082920080830\index.dat

============= FINISH: 11:48:40,01 ===============

Répondre à sokaris13
V-X   03-04-2009 à 12:48:34
- 0 +

Re,

Dans l'ordre:

http://www.generation-upload-fr.com/upload/3015pointright.gifTélécharge Gmer.

  • Dézippe-le dans un dossier dédié ou sur ton Bureau.
  • Déconnecte toi d'Internet puis ferme tous les programmes.
  • Double-clique sur Gmer.exe.

Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

  • Clique sur l'onglet Rootkit.
  • A droite, coche tout.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
  • Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et poste le contenu ici.

_______________________________________________________________________________________________________________________________________
Tu as des restes de symantec:

http://www.generation-upload-fr.com/upload/3015pointright.gifDésinstalle via Ajout/Suppression de Programmes (si présents) :

  • Symantec
  • Norton
  • LiveUpdate..


Télécharge et exécute le Norton Removal Tool.
Ce produit va désinstaller la majorité des traces des produits Symantec.
_______________________________________________________________________________________________________________________________________________________________________________

http://www.generation-upload-fr.com/upload/3015pointright.gifTélécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.


Aide : Comment utiliser CCleaner.
_______________________________________________________________________________________________________________________________________________________________________________
Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.

  • Autorise les Active x.
  • Clique sur Démarrer Online Scanner.
  • Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
  • Colle son rapport ici.
  • Poste un nouveau rapport Hijackthis.


Aide : Comment faire un scan en ligne avec Kaspersky.

A++


Message édité par V-X le 03-04-2009 à 12:55:55
------------------------------ La chasse aux virus cendrés
 Répondre à V-X
sokaris13   03-04-2009 à 17:40:28
- 0 +

GMER 1.0.15.14966 - http://www.gmer.net
Rootkit scan 2009-04-03 15:59:52
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

Code 83D794D0 pIofCallDriver

---- User code sections - GMER 1.0.15 ----

? C:\WINDOWS\System32\svchost.exe[248] image checksum mismatch; number of sections mismatch; time/date stamp mismatch;
? C:\WINDOWS\System32\svchost.exe[312] image checksum mismatch; number of sections mismatch; time/date stamp mismatch;

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 028001C7
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] AFE90043
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] 5600017E
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] 06C7F18B
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [00430280] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation)
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] 017EA1E8
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] 2444F600
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] 07740108
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] 7ED3E856
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] 8B590001
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] 04C25EC6
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] EC8B5500
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] FF1475FF
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] 75FF1075
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] 5D10C483
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] EC8B55C3
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] FF1475FF
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] 75FF1075
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] 0875FF0C
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] 018579E8
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 08458B00
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] 01B7F3E8
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] 89F18B00
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] 70E8F075
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] 8300017D
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] FF00FC65
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] 4E8D0875
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] 8C06C70C
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] E8004302
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] 00001DE8
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] A5E8C68B
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] C20001B8
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] 8B560004
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] 6A006AF1
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] 0C4E8D01
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] 028C06C7
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] FEE80043
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] 8B000022
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] 03E95ECE
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] 8300017E
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] 72102479
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] 10418B04
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] 10418DC3
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] F18B56C3
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] FFFFCDE8
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] 07740108
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] 7E1FE856
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] 8B590001
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] 04C25EC6
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] 9801C700
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] E9004302
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] FFFFFFAE
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] C7F18B56
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] 43029806
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] FFA0E800
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] 44F6FFFF
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] 74010824
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] F2E85607
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] 5900017D
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] C25EC68B
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] 046A0004
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] 42DBE9B8
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] B74AE800
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] F18B0001
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] 8BF07589
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] 00017D3A
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] 00FC6583
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] 570CC783
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] C70C4E8D
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] 43028C06
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] 1D3AE800
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] C68B0000
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] 01B7F7E8
IAT C:\WINDOWS\System32\svchost.exe[248] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] 0004C200
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 028001C7
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] AFE90043
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] 5600017E
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] 06C7F18B
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] [00430280] C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation)
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] 017EA1E8
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] 2444F600
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] 07740108
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!OpenThreadToken] 7ED3E856
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] 8B590001
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] 04C25EC6
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] EC8B5500
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] FF1475FF
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] 75FF1075
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] 5D10C483
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrlenW] EC8B55C3
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalFree] FF1475FF
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] 75FF1075
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThread] 0875FF0C
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] 018579E8
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 08458B00
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LCMapStringW] 01B7F3E8
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] 89F18B00
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcpyW] 70E8F075
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] 8300017D
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] FF00FC65
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!ExitProcess] 4E8D0875
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] 8C06C70C
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] E8004302
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] 00001DE8
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetErrorMode] A5E8C68B
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] C20001B8
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] 8B560004
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] 6A006AF1
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] 0C4E8D01
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] 028C06C7
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetTickCount] FEE80043
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] 8B000022
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] 03E95ECE
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] 8300017E
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!TerminateProcess] 72102479
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] 10418B04
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LocalAlloc] 10418DC3
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!lstrcmpW] F18B56C3
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] FFFFCDE8
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtQuerySecurityObject] 07740108
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlFreeHeap] 7E1FE856
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtOpenKey] 8B590001
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscat] 04C25EC6
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcscpy] 9801C700
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] E9004302
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] FFFFFFAE
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitUnicodeString] C7F18B56
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlInitializeSid] 43029806
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] FFA0E800
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] 44F6FFFF
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!NtClose] 74010824
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] F2E85607
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] 5900017D
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] C25EC68B
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlGetAce] 046A0004
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] 42DBE9B8
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!wcslen] B74AE800
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] F18B0001
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [ntdll.dll!RtlCopySid] 8BF07589
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] 00017D3A
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] 00FC6583
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] 570CC783
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] C70C4E8D
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerListen] 43028C06
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] 1D3AE800
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] C68B0000
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] 01B7F7E8
IAT C:\WINDOWS\System32\svchost.exe[312] @ C:\WINDOWS\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] 0004C200

---- Devices - GMER 1.0.15 ----

Device \Driver\NDIS \Device\Ndis [83B51984] NDIS.sys[.reloc]

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x60 0xC7 0x51 0x1F ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x5B 0x75 0x5F 0xFA ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x60 0xC7 0x51 0x1F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x5B 0x75 0x5F 0xFA ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x74 0x94 0xEC 0x5F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x60 0xC7 0x51 0x1F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x5B 0x75 0x5F 0xFA ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x74 0x94 0xEC 0x5F ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x60 0xC7 0x51 0x1F ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x5B 0x75 0x5F 0xFA ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x74 0x94 0xEC 0x5F ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Macromedia\Dreamweaver 8\Configuration\Behaviors\Events\4.0 et ultÃ\x2026Â\xbdrieurs.htm 1

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\system32\dllcache\ndis.sys (size mismatch) 213120/182656 bytes executable
File C:\WINDOWS\system32\drivers\ndis.sys (size mismatch) 213120/182656 bytes executable
File C:\WINDOWS\$NtServicePackUninstall$\ndis.sys (size mismatch) 182912/182656 bytes executable

---- EOF - GMER 1.0.15 ----


Je bataille pour me connecter donc l'analyse en ligne avec kaspersky m'ettonerait que j'y arrive :/

Répondre à sokaris13
Egwene   03-04-2009 à 18:45:06
- 0 +

:hello:

Je vais prendre le relais.

J'espère que tu as sauvegardé tes données les plus vitales, par précaution.

! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

  • Télécharge ComboFix (sUBs) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.



AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
sokaris13   03-04-2009 à 19:52:14
- 0 +

ComboFix 09-04-01.01 - Mickael 2009-04-03 19:12:40.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.767.491 [GMT 2:00]
Lancé depuis: c:\documents and settings\Mickael\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOTDRV
-------\Legacy_RESTORE
-------\Service_botdrv
-------\Service_restore


((((((((((((((((((((((((((((( Fichiers créés du 2009-03-03 au 2009-04-03 ))))))))))))))))))))))))))))))))))))
.

2009-04-03 17:44 . 2009-04-03 17:44 <REP> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-04-01 23:50 . 2009-04-02 12:21 <REP> d-------- c:\documents and settings\Mickael\DoctorWeb
2009-03-31 23:51 . 2009-03-31 23:52 4,212 --ah----- c:\windows\system32\zllictbl.dat
2009-03-31 23:50 . 2009-04-02 17:19 <REP> d-------- c:\windows\Internet Logs
2009-03-29 19:46 . 2009-03-29 19:47 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-29 19:42 . 2009-03-29 19:50 <REP> d-------- c:\program files\Challenge Golfe De Fos
2009-03-29 19:01 . 2009-03-29 19:01 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-03-29 18:59 . 2009-04-02 17:27 <REP> d-------- c:\windows\ERUNT
2009-03-29 18:59 . 2009-03-29 19:17 <REP> d-------- C:\Backups
2009-03-29 13:56 . 2009-04-03 19:15 <REP> d-------- c:\documents and settings\Mickael\Tracing
2009-03-29 13:55 . 2009-03-29 13:55 <REP> d-------- c:\program files\Windows Live SkyDrive
2009-03-29 13:55 . 2009-03-29 13:55 <REP> d-------- c:\program files\Microsoft
2009-03-29 13:52 . 2009-03-29 13:52 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-03-29 11:56 . 2009-03-29 11:56 <REP> d-------- c:\program files\Avira
2009-03-29 11:56 . 2009-03-29 11:56 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-03-29 09:18 . 2009-04-02 17:27 <REP> d-------- c:\program files\trend micro
2009-03-28 22:03 . 2009-03-28 22:02 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-28 22:02 . 2009-03-28 22:02 <REP> d-------- c:\program files\Java
2009-03-28 12:44 . 2009-03-28 12:44 <REP> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-28 12:43 . 2009-03-28 12:43 <REP> d-------- c:\program files\SUPERAntiSpyware
2009-03-28 12:43 . 2009-03-28 12:43 <REP> d-------- c:\documents and settings\Mickael\Application Data\SUPERAntiSpyware.com
2009-03-28 09:46 . 2009-03-28 09:48 <REP> d-------- c:\windows\system32\NtmsData
2009-03-27 22:37 . <REP> c:\documents and settings\Administrateur\Application Data\Dossier de téléchargement Share-to-Web
2009-03-26 23:30 . 2009-03-27 09:43 <REP> d-------- c:\windows\BDOSCAN8
2009-03-26 20:14 . 2009-03-26 20:14 213,120 --a--c--- c:\windows\system32\dllcache\ndis.sys
2009-03-20 16:59 . 2009-03-30 13:47 54,156 --ah----- c:\windows\QTFont.qfn
2009-03-20 16:59 . 2009-03-20 16:59 1,409 --a------ c:\windows\QTFont.for
2009-03-15 18:32 . 2009-03-15 18:32 <REP> d-------- c:\documents and settings\Mickael\LocalLow
2009-03-15 18:32 . 2009-03-15 18:32 <REP> d-------- c:\documents and settings\All Users\Application Data\TVU Networks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-03 12:56 --------- d-----w c:\documents and settings\Mickael\Application Data\Free Download Manager
2009-04-01 17:42 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-03-29 17:46 --------- d-----w c:\program files\MSECACHE
2009-03-29 11:55 --------- d-----w c:\program files\Windows Live
2009-03-29 09:21 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-03-28 19:57 --------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-03-27 20:19 --------- d-----w c:\program files\Kit ADSL
2009-03-27 08:55 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-03-26 18:14 213,120 ----a-w c:\windows\system32\drivers\ndis.sys
2009-03-26 18:14 --------- d-----w c:\documents and settings\Mickael\Application Data\uTorrent
2009-03-26 15:49 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-26 15:49 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-03-21 12:46 --------- d-----w c:\program files\adslTV
2009-03-01 20:05 --------- d-----w c:\program files\Veetle
2009-02-18 14:58 --------- d-----w c:\documents and settings\All Users\Application Data\FreeDownloadManager.ORG
2009-02-17 20:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-15 14:42 --------- d-----w c:\documents and settings\Mickael\Application Data\GetRightToGo
2009-02-13 19:48 --------- d-----w c:\program files\DivX
2009-02-12 21:02 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-07 09:43 361,600 ----a-w c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-02-07 09:43 361,600 ----a-w c:\windows\system32\drivers\TCPIP.SYS
2009-02-03 17:47 --------- d-----w c:\documents and settings\Mickael\Application Data\vlc
2009-01-15 12:46 34 ----a-w c:\documents and settings\Mickael\jagex_runescape_preferences.dat
1999-04-06 12:27 99,840 ----a-w c:\program files\Fichiers communs\IRAABOUT.DLL
1998-12-09 02:53 70,144 ----a-w c:\program files\Fichiers communs\IRAMDMTR.DLL
1998-12-09 02:53 48,640 ----a-w c:\program files\Fichiers communs\IRALPTTR.DLL
1998-12-09 02:53 31,744 ----a-w c:\program files\Fichiers communs\IRAWEBTR.DLL
1998-12-09 02:53 186,368 ----a-w c:\program files\Fichiers communs\IRAREG.DLL
1998-12-09 02:53 17,920 ----a-w c:\program files\Fichiers communs\IRASRIAL.DLL
2006-12-28 09:53 2,516 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-08-28 22:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008082920080830\index.dat
.

------- Sigcheck -------

2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2008-06-20 12:44 360960 744e57c99232201ae98c49168b918f48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
2008-06-20 13:59 361600 ad978a1b783b5719720cff204b666c8e c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
2008-06-20 12:45 360320 2a5554fc5b1e04e131230e3ce035c3f9 c:\windows\$NtServicePackUninstall$\tcpip.sys
2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB917953$\tcpip.sys
2006-04-20 13:51 359808 1dbf125862891817f374f407626967f4 c:\windows\$NtUninstallKB941644$\tcpip.sys
2008-04-13 21:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\$NtUninstallKB951748$\tcpip.sys
2007-10-30 19:20 360064 90caff4b094573449a0872a0f919b178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
2008-04-13 21:20 361344 93ea8d04ec73a85db02eb8805988f733 c:\windows\ServicePackFiles\i386\TCPIP.SYS
2009-02-07 11:43 361600 d24ea301e2b36c4e975fd216ca85d8e7 c:\windows\system32\dllcache\TCPIP.SYS
2009-02-07 11:43 361600 d24ea301e2b36c4e975fd216ca85d8e7 c:\windows\system32\drivers\TCPIP.SYS

2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\$NtServicePackUninstall$\ndis.sys
2008-04-13 21:20 182656 1df7f42665c94b825322fae71721130d c:\windows\ServicePackFiles\i386\ndis.sys
2009-03-26 20:14 213120 f822b76094d2f27ee01a4399a64ef934 c:\windows\system32\dllcache\ndis.sys
2009-03-26 20:14 213120 f822b76094d2f27ee01a4399a64ef934 c:\windows\system32\drivers\ndis.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"ccleaner"="c:\program files\CCleaner\ccleaner.exe" [2006-10-19 585728]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
EPSON Status Monitor 3 Environment Check.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV03.EXE [1999-10-22 217600]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
2008-12-22 13:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"g:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Program Files\\aMSN\\bin\\wish.exe"=
"g:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Documents and Settings\\Mickael\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"g:\\Program Files\\Metin2_France\\metin2.bin"=
"g:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"g:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"g:\\Program Files\\eChanblard\\emule.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"48565:TCP"= 48565:TCP:echanblard
"48575:UDP"= 48575:UDP:echanblard

R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [2008-07-14 3468904]
R1 sasdifsv;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-03-23 9968]
R1 saskutil;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-03-23 72944]
S2 vvdsvc;VJVodServices;c:\windows\System32\svchost.exe -k vvdsvc [2004-08-04 14336]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [2007-10-26 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [2007-10-26 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [2007-10-26 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s716mgmt.sys [2007-10-26 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\drivers\s716nd5.sys [2007-10-26 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\drivers\s716obex.sys [2007-10-26 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\drivers\s716unic.sys [2007-10-26 98952]
S3 sasenum;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
.
Contenu du dossier 'Tâches planifiées'

2009-03-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 18:13]
.
.
------- Examen supplémentaire -------
.
IE: Tout télécharger avec Free Download Manager - file://g:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://g:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://g:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://g:\program files\Free Download Manager\dlfvideo.htm
TCP: {7C1BB502-9345-4FDE-9001-3CB5FFBE6C2E} = 86.64.145.140,84.103.237.140
DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} - hxxp://dl.uc.sina.com/cab/downloader.cab
FF - ProfilePath - c:\documents and settings\Mickael\Application Data\Mozilla\Firefox\Profiles\3gd6qjgm.default\
FF - prefs.js: browser.search.selectedEngine - Wikipédia (fr)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: g:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-03 19:16:02
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-602162358-1123561945-725345543-1003\Software\G*e*n*i*e*"!\FM Genie Scout]
"GameDir"="g:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data\\games"
"ShortlistDir"="g:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data\\shortlists"
"ScreenshotsDir"="g:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data"
"SaveDir"="g:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data"
"HistoryDir"="c:\\Documents and Settings\\Mickael\\Bureau\\FM Genie Scout 2007\\History Points"
"LangDB"="g:\\Program Files\\Sports Interactive\\Football Manager 2007\\data\\db\\700\\lang_db.dat"
"LastSaveGame"="c:\\Documents and Settings\\Mickael\\Mes documents\\Sports Interactive\\Football Manager 2007\\games\\mars.fm"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"ShowHistory"=dword:00000001
"WindowState"=dword:00000002
"WindowHeight"=dword:00000250
"WindowWidth"=dword:000003d6
"WindowLeft"=dword:00000015
"WindowTop"=dword:00000058
"Currency"=dword:0000001c
"MinCondition"=dword:00000050
"LastUpdateCheck"=dword:000099ba
"HighQualityGUI"=dword:00000000
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000001
"Language"="English"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001

[HKEY_USERS\S-1-5-21-602162358-1123561945-725345543-1003\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Clubs]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000032
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000032
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:00000050
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000050
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000002d
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000001e
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000001e
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000001e
"Position13"=dword:0000000d
"Visible13"=dword:00000001
"Width13"=dword:0000003c
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000032
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:00000032
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000032
"Position17"=dword:00000011
"Visible17"=dword:00000001
"Width17"=dword:00000050
"Position18"=dword:00000012
"Visible18"=dword:00000001
"Width18"=dword:00000050
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050

[HKEY_USERS\S-1-5-21-602162358-1123561945-725345543-1003\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Players]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000008e
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:0000008c
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000063
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000023
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:0000003a
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000031
"Visible7"=dword:00000001
"Width7"=dword:0000004b
"Position8"=dword:00000032
"Visible8"=dword:00000001
"Width8"=dword:0000004b
"Position9"=dword:00000033
"Visible9"=dword:00000001
"Width9"=dword:00000058
"Position10"=dword:00000034
"Visible10"=dword:00000000
"Width10"=dword:00000050
"Position11"=dword:00000035
"Visible11"=dword:00000000
"Width11"=dword:0000004b
"Position12"=dword:00000036
"Visible12"=dword:00000000
"Width12"=dword:0000002d
"Position13"=dword:00000037
"Visible13"=dword:00000000
"Width13"=dword:0000003c
"Position14"=dword:00000038
"Visible14"=dword:00000000
"Width14"=dword:0000004b
"Position15"=dword:00000039
"Visible15"=dword:00000000
"Width15"=dword:00000064
"Position16"=dword:0000003a
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:0000003b
"Visible17"=dword:00000000
"Width17"=dword:0000004b
"Position18"=dword:0000003c
"Visible18"=dword:00000000
"Width18"=dword:00000064
"Position19"=dword:0000003d
"Visible19"=dword:00000000
"Width19"=dword:0000003c
"Position20"=dword:0000003e
"Visible20"=dword:00000000
"Width20"=dword:0000004b
"Position21"=dword:0000003f
"Visible21"=dword:00000000
"Width21"=dword:00000050
"Position22"=dword:00000040
"Visible22"=dword:00000000
"Width22"=dword:00000073
"Position23"=dword:00000041
"Visible23"=dword:00000000
"Width23"=dword:00000050
"Position24"=dword:00000042
"Visible24"=dword:00000000
"Width24"=dword:0000005a
"Position25"=dword:00000043
"Visible25"=dword:00000000
"Width25"=dword:0000006e
"Position26"=dword:00000044
"Visible26"=dword:00000000
"Width26"=dword:00000064
"Position27"=dword:00000045
"Visible27"=dword:00000000
"Width27"=dword:00000087
"Position28"=dword:00000046
"Visible28"=dword:00000000
"Width28"=dword:00000064
"Position29"=dword:00000047
"Visible29"=dword:00000000
"Width29"=dword:00000064
"Position30"=dword:00000048
"Visible30"=dword:00000000
"Width30"=dword:00000046
"Position31"=dword:00000049
"Visible31"=dword:00000000
"Width31"=dword:0000004b
"Position32"=dword:0000004a
"Visible32"=dword:00000000
"Width32"=dword:00000046
"Position33"=dword:0000004b
"Visible33"=dword:00000000
"Width33"=dword:0000004b
"Position34"=dword:0000004c
"Visible34"=dword:00000000
"Width34"=dword:0000003c
"Position35"=dword:0000004d
"Visible35"=dword:00000000
"Width35"=dword:00000064
"Position36"=dword:0000004e
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:0000004f
"Visible37"=dword:00000000
"Width37"=dword:0000005f
"Position38"=dword:00000050
"Visible38"=dword:00000000
"Width38"=dword:00000091
"Position39"=dword:00000051
"Visible39"=dword:00000000
"Width39"=dword:0000003c
"Position40"=dword:00000052
"Visible40"=dword:00000000
"Width40"=dword:0000005a
"Position41"=dword:00000053
"Visible41"=dword:00000000
"Width41"=dword:00000041
"Position42"=dword:00000054
"Visible42"=dword:00000000
"Width42"=dword:00000050
"Position43"=dword:00000055
"Visible43"=dword:00000000
"Width43"=dword:00000055
"Position44"=dword:00000056
"Visible44"=dword:00000000
"Width44"=dword:0000005f
"Position45"=dword:00000057
"Visible45"=dword:00000000
"Width45"=dword:00000050
"Position46"=dword:00000058
"Visible46"=dword:00000000
"Width46"=dword:0000004b
"Position47"=dword:00000059
"Visible47"=dword:00000000
"Width47"=dword:0000004b
"Position48"=dword:0000005a
"Visible48"=dword:00000000
"Width48"=dword:00000046
"Position49"=dword:0000005b
"Visible49"=dword:00000000
"Width49"=dword:00000032
"Position50"=dword:0000005c
"Visible50"=dword:00000000
"Width50"=dword:0000003c
"Position51"=dword:0000005d
"Visible51"=dword:00000000
"Width51"=dword:0000004b
"Position52"=dword:0000005e
"Visible52"=dword:00000000
"Width52"=dword:0000003c
"Position53"=dword:0000005f
"Visible53"=dword:00000000
"Width53"=dword:00000037
"Position54"=dword:00000060
"Visible54"=dword:00000000
"Width54"=dword:00000069
"Position55"=dword:00000061
"Visible55"=dword:00000000
"Width55"=dword:0000005a
"Position56"=dword:00000062
"Visible56"=dword:00000000
"Width56"=dword:0000004b
"Position57"=dword:00000063
"Visible57"=dword:00000000
"Width57"=dword:0000004b
"Position58"=dword:00000064
"Visible58"=dword:00000000
"Width58"=dword:00000037
"Position59"=dword:00000065
"Visible59"=dword:00000000
"Width59"=dword:0000003c
"Position60"=dword:00000066
"Visible60"=dword:00000000
"Width60"=dword:0000003c
"Position61"=dword:00000067
"Visible61"=dword:00000000
"Width61"=dword:00000041
"Position62"=dword:00000068
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:00000069
"Visible63"=dword:00000000
"Width63"=dword:0000003c
"Position64"=dword:0000006a
"Visible64"=dword:00000000
"Width64"=dword:0000003c
"Position65"=dword:0000006b
"Visible65"=dword:00000000
"Width65"=dword:0000004b
"Position66"=dword:0000006c
"Visible66"=dword:00000000
"Width66"=dword:0000003c
"Position67"=dword:0000006d
"Visible67"=dword:00000000
"Width67"=dword:00000046
"Position68"=dword:0000006e
"Visible68"=dword:00000000
"Width68"=dword:00000028
"Position69"=dword:0000006f
"Visible69"=dword:00000000
"Width69"=dword:00000041
"Position70"=dword:00000070
"Visible70"=dword:00000000
"Width70"=dword:0000003c
"Position71"=dword:00000071
"Visible71"=dword:00000000
"Width71"=dword:00000069
"Position72"=dword:00000072
"Visible72"=dword:00000000
"Width72"=dword:00000041
"Position73"=dword:00000073
"Visible73"=dword:00000000
"Width73"=dword:0000005f
"Position74"=dword:00000074
"Visible74"=dword:00000000
"Width74"=dword:0000003c
"Position75"=dword:00000075
"Visible75"=dword:00000000
"Width75"=dword:00000037
"Position76"=dword:00000076
"Visible76"=dword:00000000
"Width76"=dword:0000004b
"Position77"=dword:00000077
"Visible77"=dword:00000000
"Width77"=dword:00000050
"Position78"=dword:00000078
"Visible78"=dword:00000000
"Width78"=dword:00000037
"Position79"=dword:00000079
"Visible79"=dword:00000000
"Width79"=dword:00000037
"Position80"=dword:0000007a
"Visible80"=dword:00000000
"Width80"=dword:0000005a
"Position81"=dword:0000007b
"Visible81"=dword:00000000
"Width81"=dword:0000004b
"Position82"=dword:0000007c
"Visible82"=dword:00000000
"Width82"=dword:00000055
"Position83"=dword:0000007d
"Visible83"=dword:00000000
"Width83"=dword:0000002d
"Position84"=dword:0000007e
"Visible84"=dword:00000000
"Width84"=dword:00000037
"Position85"=dword:0000007f
"Visible85"=dword:00000000
"Width85"=dword:0000003c
"Position86"=dword:00000080
"Visible86"=dword:00000000
"Width86"=dword:00000046
"Position87"=dword:00000081
"Visible87"=dword:00000000
"Width87"=dword:0000003c
"Position88"=dword:00000082
"Visible88"=dword:00000000
"Width88"=dword:0000005a
"Position89"=dword:00000083
"Visible89"=dword:00000000
"Width89"=dword:0000003c
"Position90"=dword:00000084
"Visible90"=dword:00000000
"Width90"=dword:00000050
"Position91"=dword:00000085
"Visible91"=dword:00000000
"Width91"=dword:00000046
"Position92"=dword:00000086
"Visible92"=dword:00000000
"Width92"=dword:0000005a
"Position93"=dword:00000087
"Visible93"=dword:00000000
"Width93"=dword:00000037
"Position94"=dword:00000088
"Visible94"=dword:00000000
"Width94"=dword:0000003c
"Position95"=dword:00000089
"Visible95"=dword:00000000
"Width95"=dword:0000003c
"Position96"=dword:0000008a
"Visible96"=dword:00000000
"Width96"=dword:00000046
"Position97"=dword:0000008b
"Visible97"=dword:00000000
"Width97"=dword:00000046
"Position98"=dword:0000008c
"Visible98"=dword:00000000
"Width98"=dword:00000055
"Position99"=dword:0000008d
"Visible99"=dword:00000000
"Width99"=dword:00000073
"Position100"=dword:0000008e
"Visible100"=dword:00000000
"Width100"=dword:00000041
"Position101"=dword:0000008f
"Visible101"=dword:00000000
"Width101"=dword:0000003c
"Position102"=dword:00000090
"Visible102"=dword:00000000
"Width102"=dword:0000003c
"Position103"=dword:00000091
"Visible103"=dword:00000000
"Width103"=dword:00000046
"Position104"=dword:00000092
"Visible104"=dword:00000000
"Width104"=dword:0000003c
"Position105"=dword:00000093
"Visible105"=dword:00000000
"Width105"=dword:00000041
"Position106"=dword:00000094
"Visible106"=dword:00000001
"Width106"=dword:00000065
"Position107"=dword:00000008
"Visible107"=dword:00000001
"Width107"=dword:0000002b
"Position108"=dword:00000009
"Visible108"=dword:00000000
"Width108"=dword:00000050
"Position109"=dword:0000000a
"Visible109"=dword:00000000
"Width109"=dword:00000050
"Position110"=dword:0000000b
"Visible110"=dword:00000000
"Width110"=dword:00000055
"Position111"=dword:0000000c
"Visible111"=dword:00000000
"Width111"=dword:00000082
"Position112"=dword:0000000d
"Visible112"=dword:00000000
"Width112"=dword:00000087
"Position113"=dword:0000000e
"Visible113"=dword:00000000
"Width113"=dword:0000000a
"Position114"=dword:0000000f
"Visible114"=dword:00000000
"Width114"=dword:0000000a
"Position115"=dword:00000010
"Visible115"=dword:00000000
"Width115"=dword:00000072
"Position116"=dword:00000011
"Visible116"=dword:00000000
"Width116"=dword:0000000a
"Position117"=dword:00000012
"Visible117"=dword:00000000
"Width117"=dword:0000000a
"Position118"=dword:00000013
"Visible118"=dword:00000000
"Width118"=dword:0000000a
"Position119"=dword:00000014
"Visible119"=dword:00000000
"Width119"=dword:0000000a
"Position120"=dword:00000015
"Visible120"=dword:00000000
"Width120"=dword:0000000a
"Position121"=dword:00000016
"Visible121"=dword:00000000
"Width121"=dword:0000000a
"Position122"=dword:00000017
"Visible122"=dword:00000000
"Width122"=dword:0000000a
"Position123"=dword:00000018
"Visible123"=dword:00000000
"Width123"=dword:0000000a
"Position124"=dword:00000019
"Visible124"=dword:00000000
"Width124"=dword:0000000a
"Position125"=dword:0000001a
"Visible125"=dword:00000000
"Width125"=dword:0000000a
"Position126"=dword:0000001b
"Visible126"=dword:00000000
"Width126"=dword:0000000a
"Position127"=dword:0000001c
"Visible127"=dword:00000000
"Width127"=dword:0000000a
"Position128"=dword:0000001d
"Visible128"=dword:00000000
"Width128"=dword:0000000a
"Position129"=dword:0000001e
"Visible129"=dword:00000000
"Width129"=dword:0000000a
"Position130"=dword:0000001f
"Visible130"=dword:00000000
"Width130"=dword:0000000a
"Position131"=dword:00000020
"Visible131"=dword:00000000
"Width131"=dword:0000000a
"Position132"=dword:00000021
"Visible132"=dword:00000000
"Width132"=dword:0000000a
"Position133"=dword:00000022
"Visible133"=dword:00000000
"Width133"=dword:0000000a
"Position134"=dword:00000023
"Visible134"=dword:00000000
"Width134"=dword:0000000a
"Position135"=dword:00000024
"Visible135"=dword:00000000
"Width135"=dword:0000000a
"Position136"=dword:00000025
"Visible136"=dword:00000000
"Width136"=dword:0000000a
"Position137"=dword:00000026
"Visible137"=dword:00000000
"Width137"=dword:0000000a
"Position138"=dword:00000027
"Visible138"=dword:00000000
"Width138"=dword:0000000a
"Position139"=dword:00000028
"Visible139"=dword:00000000
"Width139"=dword:0000000a
"Position140"=dword:00000029
"Visible140"=dword:00000000
"Width140"=dword:0000000a
"Position141"=dword:0000002a
"Visible141"=dword:00000000
"Width141"=dword:0000000a
"Position142"=dword:0000002b
"Visible142"=dword:00000000
"Width142"=dword:0000000a
"Position143"=dword:0000002c
"Visible143"=dword:00000000
"Width143"=dword:0000000a
"Position144"=dword:0000002d
"Visible144"=dword:00000000
"Width144"=dword:0000000a
"Position145"=dword:0000002e
"Visible145"=dword:00000000
"Width145"=dword:00000050
"Position146"=dword:00000007
"Visible146"=dword:00000000
"Width146"=dword:00000037
"Position147"=dword:0000002f
"Visible147"=dword:00000000
"Width147"=dword:00000028
"Position148"=dword:00000030
"Visible148"=dword:00000000
"Width148"=dword:00000037
"Position149"=dword:00000095
"Visible149"=dword:00000001
"Width149"=dword:00000028

[HKEY_USERS\S-1-5-21-602162358-1123561945-725345543-1003\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Staff]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000069
"Position4"=dword:00000005
"Visible4"=dword:00000001
"Width4"=dword:00000028
"Position5"=dword:00000006
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:00000004
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000067
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000004b
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000002d
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000003c
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000004b
"Position13"=dword:0000000d
"Visible13"=dword:00000000
"Width13"=dword:00000064
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000064
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:0000004b
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000011
"Visible17"=dword:00000000
"Width17"=dword:0000003c
"Position18"=dword:00000012
"Visible18"=dword:00000000
"Width18"=dword:0000004b
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
"Position20"=dword:00000014
"Visible20"=dword:00000000
"Width20"=dword:00000046
"Position21"=dword:00000015
"Visible21"=dword:00000000
"Width21"=dword:0000004b
"Position22"=dword:00000016
"Visible22"=dword:00000000
"Width22"=dword:00000046
"Position23"=dword:00000017
"Visible23"=dword:00000000
"Width23"=dword:00000046
"Position24"=dword:00000018
"Visible24"=dword:00000000
"Width24"=dword:0000003c
"Position25"=dword:00000019
"Visible25"=dword:00000000
"Width25"=dword:00000041
"Position26"=dword:0000001a
"Visible26"=dword:00000000
"Width26"=dword:0000003c
"Position27"=dword:0000001b
"Visible27"=dword:00000000
"Width27"=dword:00000055
"Position28"=dword:0000001c
"Visible28"=dword:00000000
"Width28"=dword:00000069
"Position29"=dword:0000001d
"Visible29"=dword:00000000
"Width29"=dword:0000006e
"Position30"=dword:0000001e
"Visible30"=dword:00000000
"Width30"=dword:00000064
"Position31"=dword:0000001f
"Visible31"=dword:00000000
"Width31"=dword:00000078
"Position32"=dword:00000020
"Visible32"=dword:00000000
"Width32"=dword:00000064
"Position33"=dword:00000021
"Visible33"=dword:00000000
"Width33"=dword:00000087
"Position34"=dword:00000022
"Visible34"=dword:00000000
"Width34"=dword:00000069
"Position35"=dword:00000023
"Visible35"=dword:00000000
"Width35"=dword:0000006e
"Position36"=dword:00000024
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000025
"Visible37"=dword:00000000
"Width37"=dword:0000004b
"Position38"=dword:00000026
"Visible38"=dword:00000000
"Width38"=dword:0000002d
"Position39"=dword:00000027
"Visible39"=dword:00000000
"Width39"=dword:00000055
"Position40"=dword:00000028
"Visible40"=dword:00000000
"Width40"=dword:00000046
"Position41"=dword:00000029
"Visible41"=dword:00000000
"Width41"=dword:0000004b
"Position42"=dword:0000002a
"Visible42"=dword:00000000
"Width42"=dword:0000003c
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000046
"Position44"=dword:0000002c
"Visible44"=dword:00000000
"Width44"=dword:00000073
"Position45"=dword:0000002d
"Visible45"=dword:00000000
"Width45"=dword:0000004b
"Position46"=dword:0000002e
"Visible46"=dword:00000000
"Width46"=dword:00000073
"Position47"=dword:0000002f
"Visible47"=dword:00000000
"Width47"=dword:0000007d
"Position48"=dword:00000030
"Visible48"=dword:00000000
"Width48"=dword:0000006e
"Position49"=dword:00000031
"Visible49"=dword:00000000
"Width49"=dword:00000037
"Position50"=dword:00000032
"Visible50"=dword:00000000
"Width50"=dword:00000064
"Position51"=dword:00000033
"Visible51"=dword:00000000
"Width51"=dword:00000037
"Position52"=dword:00000034
"Visible52"=dword:00000000
"Width52"=dword:0000004b
"Position53"=dword:00000035
"Visible53"=dword:00000000
"Width53"=dword:00000046
"Position54"=dword:00000036
"Visible54"=dword:00000000
"Width54"=dword:00000037
"Position55"=dword:00000037
"Visible55"=dword:00000000
"Width55"=dword:0000003c
"Position56"=dword:00000038
"Visible56"=dword:00000000
"Width56"=dword:00000055
"Position57"=dword:00000039
"Visible57"=dword:00000000
"Width57"=dword:0000003c
"Position58"=dword:0000003a
"Visible58"=dword:00000000
"Width58"=dword:0000003c
"Position59"=dword:0000003b
"Visible59"=dword:00000000
"Width59"=dword:00000055
"Position60"=dword:0000003c
"Visible60"=dword:00000000
"Width60"=dword:00000046
"Position61"=dword:0000003d
"Visible61"=dword:00000000
"Width61"=dword:0000004b
"Position62"=dword:0000003e
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000003f
"Visible63"=dword:00000000
"Width63"=dword:0000005a
"Position64"=dword:00000040
"Visible64"=dword:00000000
"Width64"=dword:0000006e
"Position65"=dword:00000041
"Visible65"=dword:00000000
"Width65"=dword:00000050
"Position66"=dword:00000042
"Visible66"=dword:00000000
"Width66"=dword:00000032
"Position67"=dword:00000043
"Visible67"=dword:00000000
"Width67"=dword:00000064
"Position68"=dword:00000044
"Visible68"=dword:00000000
"Width68"=dword:0000004b
"Position69"=dword:00000045
"Visible69"=dword:00000000
"Width69"=dword:0000002d
"Position70"=dword:00000046
"Visible70"=dword:00000000
"Width70"=dword:0000004b
"Position71"=dword:00000047
"Visible71"=dword:00000000
"Width71"=dword:0000005a
"Position72"=dword:00000048
"Visible72"=dword:00000000
"Width72"=dword:0000005a
"Position73"=dword:00000049
"Visible73"=dword:00000000
"Width73"=dword:00000050
"Position74"=dword:0000004a
"Visible74"=dword:00000000
"Width74"=dword:0000004b
"Position75"=dword:0000004b
"Visible75"=dword:00000000
"Width75"=dword:00000050
"Position76"=dword:0000004c
"Visible76"=dword:00000000
"Width76"=dword:0000005a
"Position77"=dword:0000004d
"Visible77"=dword:00000000
"Width77"=dword:00000041
"Position78"=dword:0000004e
"Visible78"=dword:00000000
"Width78"=dword:00000041
"Position79"=dword:0000004f
"Visible79"=dword:00000000
"Width79"=dword:00000041
"Position80"=dword:00000050
"Visible80"=dword:00000000
"Width80"=dword:00000041
"Position81"=dword:00000051
"Visible81"=dword:00000000
"Width81"=dword:00000041
"Position82"=dword:00000052
"Visible82"=dword:00000000
"Width82"=dword:00000041
"Position83"=dword:00000053
"Visible83"=dword:00000000
"Width83"=dword:00000041
"Position84"=dword:00000054
"Visible84"=dword:00000000
"Width84"=dword:00000041
"Position85"=dword:00000055
"Visible85"=dword:00000000
"Width85"=dword:00000041
"Position86"=dword:00000056
"Visible86"=dword:00000000
"Width86"=dword:00000050

[HKEY_USERS\S-1-5-21-602162358-1123561945-725345543-1003\Software\G*e*n*i*e*"!\FM Genie Scout\Questionnaire]
"FormCountry"=dword:ffffffff
"FormAge"=dword:00000000
"FormFMStart"=dword:ffffffff
"FormScoutStart"=dword:ffffffff
"FormFMPeriodicity"=dword:ffffffff
"FormScoutPeriodicity"=dword:ffffffff
"FormScoutFrequency"=dword:ffffffff
"FormScoutRate"=dword:ffffffff
"FormInternetFrequency"=dword:ffffffff
"FormScoutPrice"=dword:00000000
"QuestionnaireComplete"=dword:00000000
"QuestionnaireReminds"=dword:00000004

[HKEY_USERS\S-1-5-21-602162358-1123561945-725345543-1003\Software\G*e*n*i*e*"!\FM Genie Scout\Rating]
"GKPositionCoef"=dword:00000000
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000005
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000005
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:0000000a
"GKPenaltiesCoef"=dword:00000005
"GKTacklingCoef"=dword:0000000a
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000005
"GKRightFootCoef"=dword:00000005
"GKAggressionCoef"=dword:0000001e
"GKAnticipationCoef"=dword:0000000a
"GKBraveryCoef"=dword:0000001e
"GKComposureCoef"=dword:0000001e
"GKConcentrationCoef"=dword:00000014
"GKConsistencyCoef"=dword:00000014
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:0000001e
"GKDeterminationCoef"=dword:00000014
"GKDirtinessCoef"=dword:fffffff6
"GKFlairCoef"=dword:00000005
"GKImportantMatchesCoef"=dword:00000014
"GKInfluenceCoef"=dword:0000000f
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:0000003c
"GKTeamworkCoef"=dword:0000000a
"GKWorkRateCoef"=dword:00000005
"GKAccelerationCoef"=dword:0000000a
"GKAgilityCoef"=dword:00000014
"GKBalanceCoef"=dword:00000014
"GKInjuryPronenessCoef"=dword:fffffff6
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:0000000a
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000005
"GKStrengthCoef"=dword:0000001e
"GKVersatilityCoef"=dword:00000005
"GKAerialAbilityCoef"=dword:00000050
"GKCommandOfAreaCoef"=dword:00000032
"GKCommunicationCoef"=dword:0000003c
"GKEccentricityCoef"=dword:ffffffe7
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:00000019
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:0000001e
"GKTendencyToPunchCoef"=dword:ffffffe7
"GKThrowingCoef"=dword:00000019
"GKAdaptabilityCoef"=dword:0000000a
"GKAmbitionCoef"=dword:00000014
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:0000000a
"GKPressureCoef"=dword:00000014
"GKProfessionalismCoef"=dword:0000000f
"GKSportsmanshipCoef"=dword:0000000a
"GKTemperamentCoef"=dword:00000005
"SWPositionCoef"=dword:00000000
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:0000000a
"SWCrossingCoef"=dword:00000005
"SWDribblingCoef"=dword:00000005
"SWFinishingCoef"=dword:00000005
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:00000005
"SWLongThrowsCoef"=dword:00000005
"SWMarkingCoef"=dword:00000064
"SWPassingCoef"=dword:00000014
"SWPenaltiesCoef"=dword:00000005
"SWTacklingCoef"=dword:00000064
"SWTechniqueCoef"=dword:0000000f
"SWLeftFootCoef"=dword:0000000a
"SWRightFootCoef"=dword:0000000a
"SWAggressionCoef"=dword:0000000f
"SWAnticipationCoef"=dword:00000014
"SWBraveryCoef"=dword:00000028
"SWComposureCoef"=dword:00000028
"SWConcentrationCoef"=dword:00000028
"SWConsistencyCoef"=dword:00000014
"SWCreativityCoef"=dword:00000005
"SWDecisionsCoef"=dword:0000001e
"SWDeterminationCoef"=dword:00000014
"SWDirtinessCoef"=dword:ffffffe7
"SWFlairCoef"=dword:00000005
"SWImportantMatchesCoef"=dword:00000014
"SWInfluenceCoef"=dword:0000000f
"SWOffTheBallCoef"=dword:00000005
"SWPositioningCoef"=dword:00000064
"SWTeamworkCoef"=dword:00000028
"SWWorkRateCoef"=dword:0000000a
"SWAccelerationCoef"=dword:00000019
"SWAgilityCoef"=dword:00000005
"SWBalanceCoef"=dword:00000014
"SWInjuryPronenessCoef"=dword:fffffff6
"SWJumpingCoef"=dword:00000050
"SWNaturalFitnessCoef"=dword:0000000a
"SWPaceCoef"=dword:00000019
"SWStaminaCoef"=dword:0000000f
"SWStrengthCoef"=dword:0000003c
"SWVersatilityCoef"=dword:00000005
"SWAerialAbilityCoef"=dword:00000000
"SWCommandOfAreaCoef"=dword:00000000
"SWCommunicationCoef"=dword:00000000
"SWEccentricityCoef"=dword:00000000
"SWHandlingCoef"=dword:00000000
"SWKickingCoef"=dword:00000000
"SWOneOnOnesCoef"=dword:00000005
"SWReflexesCoef"=dword:00000005
"SWRushingOutCoef"=dword:00000000
"SWTendencyToPunchCoef"=dword:00000000
"SWThrowingCoef"=dword:00000000
"SWAdaptabilityCoef"=dword:0000000a
"SWAmbitionCoef"=dword:00000014
"SWControversyCoef"=dword:fffffffb
"SWLoyalityCoef"=dword:0000000a
"SWPressureCoef"=dword:00000014
"SWProfessionalismCoef"=dword:0000000f
"SWSportsmanshipCoef"=dword:0000000a
"SWTemperamentCoef"=dword:00000005
"CBPositionCoef"=dword:00000000
"CBCurrentAbilityCoef"=dword:00000000
"CBCornersCoef"=dword:00000014
"CBCrossingCoef"=dword:0000000a
"CBDribblingCoef"=dword:00000005
"CBFinishingCoef"=dword:00000005
"CBFirstTouchCoef"=dword:00000014
"CBFreeKicksCoef"=dword:00000014
"CBHeadingCoef"=dword:00000064
"CBLongShotsCoef"=dword:00000005
"CBLongThrowsCoef"=dword:00000005
"CBMarkingCoef"=dword:00000050
"CBPassingCoef"=dword:0000001e
"CBPenaltiesCoef"=dword:00000005
"CBTacklingCoef"=dword:00000064
"CBTechniqueCoef"=dword:0000000f
"CBLeftFootCoef"=dword:0000000a
"CBRightFootCoef"=dword:0000000a
"CBAggressionCoef"=dword:0000000f
"CBAnticipationCoef"=dword:00000014
"CBBraveryCoef"=dword:00000028
"CBComposureCoef"=dword:0000001e
"CBConcentrationCoef"=dword:0000001e
"CBConsistencyCoef"=dword:00000014
"CBCreativityCoef"=dword:00000005
"CBDecisionsCoef"=dword:0000001e
"CBDeterminationCoef"=dword:00000014
"CBDirtinessCoef"=dword:ffffffec
"CBFlairCoef"=dword:00000005
"CBImportantMatchesCoef"=dword:00000014
"CBInfluenceCoef"=dword:0000000f
"CBOffTheBallCoef"=dword:0000000a
"CBPositioningCoef"=dword:00000050
"CBTeamworkCoef"=dword:00000028
"CBWorkRateCoef"=dword:0000000a
"CBAccelerationCoef"=dword:00000023
"CBAgilityCoef"=dword:00000005
"CBBalanceCoef"=dword:00000014
"CBInjuryPronenessCoef"=dword:fffffff6
"CBJumpingCoef"=dword:00000050
"CBNaturalFitnessCoef"=dword:0000000a
"CBPaceCoef"=dword:00000023
"CBStaminaCoef"=dword:00000014
"CBStrengthCoef"=dword:00000032
"CBVersatilityCoef"=dword:00000005
"CBAerialAbilityCoef"=dword:00000000
"CBCommandOfAreaCoef"=dword:00000000
"CBCommunicationCoef"=dword:00000000
"CBEccentricityCoef"=dword:00000000
"CBHandlingCoef"=dword:00000000
"CBKickingCoef"=dword:00000000
"CBOneOnOnesCoef"=dword:00000005
"CBReflexesCoef"=dword:00000005
"CBRushingOutCoef"=dword:00000000
"CBTendencyToPunchCoef"=dword:00000000
"CBThrowingCoef"=dword:00000000
"CBAdaptabilityCoef"=dword:0000000a
"CBAmbitionCoef"=dword:00000014
"CBControversyCoef"=dword:fffffffb
"CBLoyalityCoef"=dword:0000000a
"CBPressureCoef"=dword:00000014
"CBProfessionalismCoef"=dword:0000000f
"CBSportsmanshipCoef"=dword:0000000a
"CBTemperamentCoef"=dword:00000005
"FBPositionCoef"=dword:00000000
"FBCurrentAbilityCoef"=dword:00000000
"FBCornersCoef"=dword:00000014
"FBCrossingCoef"=dword:00000023
"FBDribblingCoef"=dword:0000001e
"FBFinishingCoef"=dword:0000000a
"FBFirstTouchCoef"=dword:00000014
"FBFreeKicksCoef"=dword:00000014
"FBHeadingCoef"=dword:0000003c
"FBLongShotsCoef"=dword:0000000a
"FBLongThrowsCoef"=dword:0000000a
"FBMarkingCoef"=dword:00000050
"FBPassingCoef"=dword:00000023
"FBPenaltiesCoef"=dword:00000005
"FBTacklingCoef"=dword:00000064
"FBTechniqueCoef"=dword:0000001e
"FBLeftFootCoef"=dword:0000000a
"FBRightFootCoef"=dword:0000000a
"FBAggressionCoef"=dword:0000000f
"FBAnticipationCoef"=dword:0000003c
"FBBraveryCoef"=dword:00000019
"FBComposureCoef"=dword:00000019
"FBConcentrationCoef"=dword:0000001e
"FBConsistencyCoef"=dword:00000014
"FBCreativityCoef"=dword:0000000a
"FBDecisionsCoef"=dword:00000019
"FBDeterminationCoef"=dword:00000014
"FBDirtinessCoef"=dword:fffffff1
"FBFlairCoef"=dword:00000005
"FBImportantMatchesCoef"=dword:00000014
"FBInfluenceCoef"=dword:0000000f
"FBOffTheBallCoef"=dword:0000000f
"FBPositioningCoef"=dword:00000050
"FBTeamworkCoef"=dword:00000014
"FBWorkRateCoef"=dword:00000014
"FBAccelerationCoef"=dword:00000032
"FBAgilityCoef"=dword:00000005
"FBBalanceCoef"=dword:00000014
"FBInjuryPronenessCoef"=dword:fffffff6
"FBJumpingCoef"=dword:0000003c
"FBNaturalFitnessCoef"=dword:0000000a
"FBPaceCoef"=dword:00000032
"FBStaminaCoef"=dword:0000001e
"FBStrengthCoef"=dword:00000028
"FBVersatilityCoef"=dword:00000005
"FBAerialAbilityCoef"=dword:00000000
"FBCommandOfAreaCoef"=dword:00000000
"FBCommunicationCoef"=dword:00000000
"FBEccentricityCoef"=dword:00000000
"FBHandlingCoef"=dword:00000000
"FBKickingCoef"=dword:00000000
"FBOneOnOnesCoef"=dword:00000005
"FBReflexesCoef"=dword:00000005
"FBRushingOutCoef"=dword:00000000
"FBTendencyToPunchCoef"=dword:00000000
"FBThrowingCoef"=dword:00000000
"FBAdaptabilityCoef"=dword:0000000a
"FBAmbitionCoef"=dword:00000014
"FBControversyCoef"=dword:fffffffb
"FBLoyalityCoef"=dword:0000000a
"FBPressureCoef"=dword:00000014
"FBProfessionalismCoef"=dword:0000000f
"FBSportsmanshipCoef"=dword:0000000a
"FBTemperamentCoef"=dword:00000005
"WBPositionCoef"=dword:00000000
"WBCurrentAbilityCoef"=dword:00000000
"WBCornersCoef"=dword:00000014
"WBCrossingCoef"=dword:0000004b
"WBDribblingCoef"=dword:0000003c
"WBFinishingCoef"=dword:0000001e
"WBFirstTouchCoef"=dword:00000019
"WBFreeKicksCoef"=dword:00000014
"WBHeadingCoef"=dword:00000019
"WBLongShotsCoef"=dword:0000000f
"WBLongThrowsCoef"=dword:0000000f
"WBMarkingCoef"=dword:0000003c
"WBPassingCoef"=dword:00000028
"WBPenaltiesCoef"=dword:00000005
"WBTacklingCoef"=dword:00000050
"WBTechniqueCoef"=dword:00000032
"WBLeftFootCoef"=dword:0000000a
"WBRightFootCoef"=dword:0000000a
"WBAggressionCoef"=dword:0000000a
"WBAnticipationCoef"=dword:00000032
"WBBraveryCoef"=dword:0000000f
"WBComposureCoef"=dword:00000014
"WBConcentrationCoef"=dword:00000019
"WBConsistencyCoef"=dword:00000014
"WBCreativityCoef"=dword:00000014
"WBDecisionsCoef"=dword:00000014
"WBDeterminationCoef"=dword:00000014
"WBDirtinessCoef"=dword:fffffff6
"WBFlairCoef"=dword:0000000a
"WBImportantMatchesCoef"=dword:00000014
"WBInfluenceCoef"=dword:0000000a
"WBOffTheBallCoef"=dword:00000014
"WBPositioningCoef"=dword:0000003c
"WBTeamworkCoef"=dword:00000014
"WBWorkRateCoef"=dword:0000001e
"WBAccelerationCoef"=dword:00000050
"WBAgilityCoef"=dword:00000005
"WBBalanceCoef"=dword:0000000f
"WBInjuryPronenessCoef"=dword:fffffff6
"WBJumpingCoef"=dword:00000019
"WBNaturalFitnessCoef"=dword:0000000a
"WBPaceCoef"=dword:0000005a
"WBStaminaCoef"=dword:0000004b
"WBStrengthCoef"=dword:00000028
"WBVersatilityCoef"=dword:00000005
"WBAerialAbilityCoef"=dword:00000000
"WBCommandOfAreaCoef"=dword:00000000
"WBCommunicationCoef"=dword:00000000
"WBEccentricityCoef"=dword:00000000
"WBHandlingCoef"=dword:00000000
"WBKickingCoef"=dword:00000000
"WBOneOnOnesCoef"=dword:00000005
"WBReflexesCoef"=dword:00000005
"WBRushingOutCoef"=dword:00000000
"WBTendencyToPunchCoef"=dword:00000000
"WBThrowingCoef"=dword:00000000
"WBAdaptabilityCoef"=dword:0000000a
"WBAmbitionCoef"=dword:00000014
"WBControversyCoef"=dword:fffffffb
"WBLoyalityCoef"=dword:0000000a
"WBPressureCoef"=dword:00000014
"WBProfessionalismCoef"=dword:0000000f
"WBSportsmanshipCoef"=dword:0000000a
"WBTemperamentCoef"=dword:00000005
"DMPositionCoef"=dword:00000000
"DMCurrentAbilityCoef"=dword:00000000
"DMCornersCoef"=dword:00000014
"DMCrossingCoef"=dword:00000028
"DMDribblingCoef"=dword:00000019
"DMFinishingCoef"=dword:0000001e
"DMFirstTouchCoef"=dword:00000019
"DMFreeKicksCoef"=dword:00000014
"DMHeadingCoef"=dword:00000032
"DMLongShotsCoef"=dword:00000014
"DMLongThrowsCoef"=dword:0000000a
"DMMarkingCoef"=dword:0000004b
"DMPassingCoef"=dword:00000032
"DMPenaltiesCoef"=dword:00000005
"DMTacklingCoef"=dword:00000050
"DMTechniqueCoef"=dword:0000001e
"DMLeftFootCoef"=dword:0000000a
"DMRightFootCoef"=dword:0000000a
"DMAggressionCoef"=dword:00000028
"DMAnticipationCoef"=dword:00000028
"DMBraveryCoef"=dword:0000000f
"DMComposureCoef"=dword:00000014
"DMConcentrationCoef"=dword:00000019
"DMConsistencyCoef"=dword:00000014
"DMCreativityCoef"=dword:00000019
"DMDecisionsCoef"=dword:00000014
"DMDeterminationCoef"=dword:00000014
"DMDirtinessCoef"=dword:fffffff6
"DMFlairCoef"=dword:0000000f
"DMImportantMatchesCoef"=dword:00000014
"DMInfluenceCoef"=dword:0000000f
"DMOffTheBallCoef"=dword:00000019
"DMPositioningCoef"=dword:0000003c
"DMTeamworkCoef"=dword:0000001e
"DMWorkRateCoef"=dword:0000003c
"DMAccelerationCoef"=dword:00000028
"DMAgilityCoef"=dword:00000005
"DMBalanceCoef"=dword:0000000f
"DMInjuryPronenessCoef"=dword:fffffff6
"DMJumpingCoef"=dword:00000028
"DMNaturalFitnessCoef"=dword:0000000a
"DMPaceCoef"=dword:00000023
"DMStaminaCoef"=dword:00000041
"DMStrengthCoef"=dword:00000032
"DMVersatilityCoef"=dword:00000005
"DMAerialAbilityCoef"=dword:00000000
"DMCommandOfAreaCoef"=dword:00000000
"DMCommunicationCoef"=dword:00000000
"DMEccentricityCoef"=dword:00000000
"DMHandlingCoef"=dword:00000000
"DMKickingCoef"=dword:00000000
"DMOneOnOnesCoef"=dword:00000005
"DMReflexesCoef"=dword:00000005
"DMRushingOutCoef"=dword:00000000
"DMTendencyToPunchCoef"=dword:00000000
"DMThrowingCoef"=dword:00000000
"DMAdaptabilityCoef"=dword:0000000a
"DMAmbitionCoef"=dword:00000014
"DMControversyCoef"=dword:fffffffb
"DMLoyalityCoef"=dword:0000000a
"DMPressureCoef"=dword:00000014
"DMProfessionalismCoef"=dword:0000000f
"DMSportsmanshipCoef"=dword:0000000a
"DMTemperamentCoef"=dword:00000005
"MPositionCoef"=dword:00000000
"MCurrentAbilityCoef"=dword:00000000
"MCornersCoef"=dword:00000019
"MCrossingCoef"=dword:00000032
"MDribblingCoef"=dword:00000032
"MFinishingCoef"=dword:00000028
"MFirstTouchCoef"=dword:0000001e
"MFreeKicksCoef"=dword:00000014
"MHeadingCoef"=dword:00000028
"MLongShotsCoef"=dword:00000019
"MLongThrowsCoef"=dword:0000000a
"MMarkingCoef"=dword:00000028
"MPassingCoef"=dword:0000004b
"MPenaltiesCoef"=dword:00000005
"MTacklingCoef"=dword:00000028
"MTechniqueCoef"=dword:00000032
"MLeftFootCoef"=dword:0000000a
"MRightFootCoef"=dword:0000000a
"MAggressionCoef"=dword:0000001e
"MAnticipationCoef"=dword:00000028
"MBraveryCoef"=dword:0000000a
"MComposureCoef"=dword:00000014
"MConcentrationCoef"=dword:00000014
"MConsistencyCoef"=dword:00000014
"MCreativityCoef"=dword:0000003c
"MDecisionsCoef"=dword:00000014
"MDeterminationCoef"=dword:00000014
"MDirtinessCoef"=dword:fffffffb
"MFlairCoef"=dword:00000014
"MImportantMatchesCoef"=dword:00000014
"MInfluenceCoef"=dword:0000000a
"MOffTheBallCoef"=dword:0000001e
"MPositioningCoef"=dword:00000028
"MTeamworkCoef"=dword:00000023
"MWorkRateCoef"=dword:00000032
"MAccelerationCoef"=dword:0000002d
"MAgilityCoef"=dword:00000005
"MBalanceCoef"=dword:0000000a
"MInjuryPronenessCoef"=dword:fffffff6
"MJumpingCoef"=dword:0000001e
"MNaturalFitnessCoef"=dword:0000000a
"MPaceCoef"=dword:00000028
"MStaminaCoef"=dword:0000003c
"MStrengthCoef"=dword:00000023
"MVersatilityCoef"=dword:00000005
"MAerialAbilityCoef"=dword:00000000
"MCommandOfAreaCoef"=dword:00000000
"MCommunicationCoef"=dword:00000000
"MEccentricityCoef"=dword:00000000
"MHandlingCoef"=dword:00000000
"MKickingCoef"=dword:00000000
"MOneOnOnesCoef"=dword:00000005
"MReflexesCoef"=dword:00000005
"MRushingOutCoef"=dword:00000000
"MTendencyToPunchCoef"=dword:00000000
"MThrowingCoef"=dword:00000000
"MAdaptabilityCoef"=dword:0000000a
"MAmbitionCoef"=dword:00000014
"MControversyCoef"=dword:fffffffb
"MLoyalityCoef"=dword:0000000a
"MPressureCoef"=dword:00000014
"MProfessionalismCoef"=dword:0000000f
"MSportsmanshipCoef"=dword:0000000a
"MTemperamentCoef"=dword:00000005
"AMPositionCoef"=dword:00000000
"AMCurrentAbilityCoef"=dword:00000000
"AMCornersCoef"=dword:00000019
"AMCrossingCoef"=dword:00000046
"AMDribblingCoef"=dword:00000046
"AMFinishingCoef"=dword:00000032
"AMFirstTouchCoef"=dword:00000028
"AMFreeKicksCoef"=dword:00000014
"AMHeadingCoef"=dword:0000001e
"AMLongShotsCoef"=dword:0000001e
"AMLongThrowsCoef"=dword:00000005
"AMMarkingCoef"=dword:0000000f
"AMPassingCoef"=dword:00000064
"AMPenaltiesCoef"=dword:00000005
"AMTacklingCoef"=dword:0000000a
"AMTechniqueCoef"=dword:00000050
"AMLeftFootCoef"=dword:0000000a
"AMRightFootCoef"=dword:0000000a
"AMAggressionCoef"=dword:0000000a
"AMAnticipationCoef"=dword:00000023
"AMBraveryCoef"=dword:0000000a
"AMComposureCoef"=dword:00000014
"AMConcentrationCoef"=dword:00000014
"AMConsistencyCoef"=dword:00000014
"AMCreativityCoef"=dword:00000064
"AMDecisionsCoef"=dword:00000014
"AMDeterminationCoef"=dword:00000014
"AMDirtinessCoef"=dword:fffffffb
"AMFlairCoef"=dword:0000001e
"AMImportantMatchesCoef"=dword:00000014
"AMInfluenceCoef"=dword:0000000a
"AMOffTheBallCoef"=dword:00000028
"AMPositioningCoef"=dword:00000014
"AMTeamworkCoef"=dword:00000028
"AMWorkRateCoef"=dword:00000019
"AMAccelerationCoef"=dword:00000032
"AMAgilityCoef"=dword:0000000a
"AMBalanceCoef"=dword:0000000a
"AMInjuryPronenessCoef"=dword:fffffff6
"AMJumpingCoef"=dword:00000014
"AMNaturalFitnessCoef"=dword:0000000a
"AMPaceCoef"=dword:00000032
"AMStaminaCoef"=dword:00000028
"AMStrengthCoef"=dword:00000014
"AMVersatilityCoef"=dword:00000005
"AMAerialAbilityCoef"=dword:00000000
"AMCommandOfAreaCoef"=dword:00000000
"AMCommunicationCoef"=dword:00000000
"AMEccentricityCoef"=dword:00000000
"AMHandlingCoef"=dword:00000000
"AMKickingCoef"=dword:00000000
"AMOneOnOnesCoef"=dword:00000005
"AMReflexesCoef"=dword:00000005
"AMRushingOutCoef"=dword:00000000
"AMTendencyToPunchCoef"=dword:00000000
"AMThrowingCoef"=dword:00000000
"AMAdaptabilityCoef"=dword:0000000a
"AMAmbitionCoef"=dword:00000014
"AMControversyCoef"=dword:fffffffb
"AMLoyalityCoef"=dword:0000000a
"AMPressureCoef"=dword:00000014
"AMProfessionalismCoef"=dword:0000000f
"AMSportsmanshipCoef"=dword:0000000a
"AMTemperamentCoef"=dword:00000005
"WPositionCoef"=dword:00000000
"WCurrentAbilityCoef"=dword:00000000
"WCornersCoef"=dword:00000019
"WCrossingCoef"=dword:00000064
"WDribblingCoef"=dword:00000064
"WFinishingCoef"=dword:0000003c
"WFirstTouchCoef"=dword:0000001e
"WFreeKicksCoef"=dword:00000014
"WHeadingCoef"=dword:00000014
"WLongShotsCoef"=dword:00000019
"WLongThrowsCoef"=dword:0000000a
"WMarkingCoef"=dword:00000019
"WPassingCoef"=dword:0000003c
"WPenaltiesCoef"=dword:00000005
"WTacklingCoef"=dword:00000014
"WTechniqueCoef"=dword:00000050
"WLeftFootCoef"=dword:0000000a
"WRightFootCoef"=dword:0000000a
"WAggressionCoef"=dword:0000000a
"WAnticipationCoef"=dword:00000023
"WBraveryCoef"=dword:0000000a
"WComposureCoef"=dword:00000014
"WConcentrationCoef"=dword:00000014
"WConsistencyCoef"=dword:00000014
"WCreativityCoef"=dword:00000032
"WDecisionsCoef"=dword:0000000f
"WDeterminationCoef"=dword:00000014
"WDirtinessCoef"=dword:fffffffb
"WFlairCoef"=dword:0000001e
"WImportantMatchesCoef"=dword:00000014
"WInfluenceCoef"=dword:00000005
"WOffTheBallCoef"=dword:00000032
"WPositioningCoef"=dword:00000019
"WTeamworkCoef"=dword:0000001e
"WWorkRateCoef"=dword:0000001e
"WAccelerationCoef"=dword:00000050
"WAgilityCoef"=dword:00000014
"WBalanceCoef"=dword:0000000a
"WInjuryPronenessCoef"=dword:fffffff6
"WJumpingCoef"=dword:00000014
"WNaturalFitnessCoef"=dword:0000000a
"WPaceCoef"=dword:00000064
"WStaminaCoef"=dword:00000032
"WStrengthCoef"=dword:00000014
"WVersatilityCoef"=dword:00000005
"WAerialAbilityCoef"=dword:00000000
"WCommandOfAreaCoef"=dword:00000000
"WCommunicationCoef"=dword:00000000
"WEccentricityCoef"=dword:00000000
"WHandlingCoef"=dword:00000000
"WKickingCoef"=dword:00000000
"WOneOnOnesCoef"=dword:00000005
"WReflexesCoef"=dword:00000005
"WRushingOutCoef"=dword:00000000
"WTendencyToPunchCoef"=dword:00000000
"WThrowingCoef"=dword:00000000
"WAdaptabilityCoef"=dword:0000000a
"WAmbitionCoef"=dword:00000014
"WControversyCoef"=dword:fffffffb
"WLoyalityCoef"=dword:0000000a
"WPressureCoef"=dword:00000014
"WProfessionalismCoef"=dword:0000000f
"WSportsmanshipCoef"=dword:0000000a
"WTemperamentCoef"=dword:00000005
"FSTPositionCoef"=dword:00000000
"FSTCurrentAbilityCoef"=dword:00000000
"FSTCornersCoef"=dword:00000014
"FSTCrossingCoef"=dword:0000001e
"FSTDribblingCoef"=dword:00000050
"FSTFinishingCoef"=dword:00000064
"FSTFirstTouchCoef"=dword:00000028
"FSTFreeKicksCoef"=dword:00000014
"FSTHeadingCoef"=dword:0000003c
"FSTLongShotsCoef"=dword:0000001e
"FSTLongThrowsCoef"=dword:00000005
"FSTMarkingCoef"=dword:0000000a
"FSTPassingCoef"=dword:00000028
"FSTPenaltiesCoef"=dword:00000005
"FSTTacklingCoef"=dword:0000000a
"FSTTechniqueCoef"=dword:0000004b
"FSTLeftFootCoef"=dword:0000000a
"FSTRightFootCoef"=dword:0000000a
"FSTAggressionCoef"=dword:00000014
"FSTAnticipationCoef"=dword:00000014
"FSTBraveryCoef"=dword:0000000f
"FSTComposureCoef"=dword:00000014
"FSTConcentrationCoef"=dword:00000014
"FSTConsistencyCoef"=dword:00000014
"FSTCreativityCoef"=dword:00000032
"FSTDecisionsCoef"=dword:0000000a
"FSTDeterminationCoef"=dword:00000014
"FSTDirtinessCoef"=dword:fffffffb
"FSTFlairCoef"=dword:00000019
"FSTImportantMatchesCoef"=dword:00000014
"FSTInfluenceCoef"=dword:00000005
"FSTOffTheBallCoef"=dword:0000003c
"FSTPositioningCoef"=dword:0000000a
"FSTTeamworkCoef"=dword:0000000a
"FSTWorkRateCoef"=dword:0000000a
"FSTAccelerationCoef"=dword:00000064
"FSTAgilityCoef"=dword:0000001e
"FSTBalanceCoef"=dword:00000014
"FSTInjuryPronenessCoef"=dword:fffffff6
"FSTJumpingCoef"=dword:00000014
"FSTNaturalFitnessCoef"=dword:0000000a
"FSTPaceCoef"=dword:0000005a
"FSTStaminaCoef"=dword:00000014
"FSTStrengthCoef"=dword:00000014
"FSTVersatilityCoef"=dword:00000005
"FSTAerialAbilityCoef"=dword:00000000
"FSTCommandOfAreaCoef"=dword:00000000
"FSTCommunicationCoef"=dword:00000000
"FSTEccentricityCoef"=dword:00000000
"FSTHandlingCoef"=dword:00000000
"FSTKickingCoef"=dword:00000000
"FSTOneOnOnesCoef"=dword:00000005
"FSTReflexesCoef"=dword:00000005
"FSTRushingOutCoef"=dword:00000000
"FSTTendencyToPunchCoef"=dword:00000000
"FSTThrowingCoef"=dword:00000000
"FSTAdaptabilityCoef"=dword:0000000a
"FSTAmbitionCoef"=dword:00000014
"FSTControversyCoef"=dword:fffffffb
"FSTLoyalityCoef"=dword:0000000a
"FSTPressureCoef"=dword:00000014
"FSTProfessionalismCoef"=dword:0000000f
"FSTSportsmanshipCoef"=dword:0000000a
"FSTTemperamentCoef"=dword:00000005
"TSTPositionCoef"=dword:00000000
"TSTCurrentAbilityCoef"=dword:00000000
"TSTCornersCoef"=dword:00000014
"TSTCrossingCoef"=dword:0000001e
"TSTDribblingCoef"=dword:0000003c
"TSTFinishingCoef"=dword:0000003c
"TSTFirstTouchCoef"=dword:00000028
"TSTFreeKicksCoef"=dword:00000014
"TSTHeadingCoef"=dword:00000064
"TSTLongShotsCoef"=dword:0000001e
"TSTLongThrowsCoef"=dword:00000005
"TSTMarkingCoef"=dword:0000000a
"TSTPassingCoef"=dword:0000001e
"TSTPenaltiesCoef"=dword:00000005
"TSTTacklingCoef"=dword:0000000a
"TSTTechniqueCoef"=dword:00000028
"TSTLeftFootCoef"=dword:0000000a
"TSTRightFootCoef"=dword:0000000a
"TSTAggressionCoef"=dword:00000014
"TSTAnticipationCoef"=dword:00000014
"TSTBraveryCoef"=dword:00000014
"TSTComposureCoef"=dword:00000014
"TSTConcentrationCoef"=dword:00000014
"TSTConsistencyCoef"=dword:00000014
"TSTCreativityCoef"=dword:00000028
"TSTDecisionsCoef"=dword:0000000a
"TSTDeterminationCoef"=dword:00000014
"TSTDirtinessCoef"=dword:fffffffb
"TSTFlairCoef"=dword:00000019
"TSTImportantMatchesCoef"=dword:00000014
"TSTInfluenceCoef"=dword:00000005
"TSTOffTheBallCoef"=dword:00000050
"TSTPositioningCoef"=dword:0000000a
"TSTTeamworkCoef"=dword:0000000a
"TSTWorkRateCoef"=dword:0000000a
"TSTAccelerationCoef"=dword:00000028
"TSTAgilityCoef"=dword:00000014
"TSTBalanceCoef"=dword:00000014
"TSTInjuryPronenessCoef"=dword:fffffff6
"TSTJumpingCoef"=dword:00000064
"TSTNaturalFitnessCoef"=dword:0000000a
"TSTPaceCoef"=dword:00000023
"TSTStaminaCoef"=dword:0000000f
"TSTStrengthCoef"=dword:00000050
"TSTVersatilityCoef"=dword:00000005
"TSTAerialAbilityCoef"=dword:00000000
"TSTCommandOfAreaCoef"=dword:00000000
"TSTCommunicationCoef"=dword:00000000
"TSTEccentricityCoef"=dword:00000000
"TSTHandlingCoef"=dword:00000000
"TSTKickingCoef"=dword:00000000
"TSTOneOnOnesCoef"=dword:00000005
"TSTReflexesCoef"=dword:00000005
"TSTRushingOutCoef"=dword:00000000
"TSTTendencyToPunchCoef"=dword:00000000
"TSTThrowingCoef"=dword:00000000
"TSTAdaptabilityCoef"=dword:0000000a
"TSTAmbitionCoef"=dword:00000014
"TSTControversyCoef"=dword:fffffffb
"TSTLoyalityCoef"=dword:0000000a
"TSTPressureCoef"=dword:00000014
"TSTProfessionalismCoef"=dword:0000000f
"TSTSportsmanshipCoef"=dword:0000000a
"TSTTemperamentCoef"=dword:00000005

[HKEY_USERS\S-1-5-21-602162358-1123561945-725345543-1003\Software\G*e*n*i*e*"!\FM Genie Scout\Rating Coefficients]
"GKWeightCoef"=dword:00000062
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000000
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000000
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:00000000
"GKPenaltiesCoef"=dword:00000000
"GKTacklingCoef"=dword:00000005
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000000
"GKRightFootCoef"=dword:00000000
"GKAggressionCoef"=dword:0000000a
"GKAnticipationCoef"=dword:00000005
"GKBraveryCoef"=dword:00000014
"GKComposureCoef"=dword:00000014
"GKConcentrationCoef"=dword:0000000a
"GKConsistencyCoef"=dword:0000000a
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:00000014
"GKDeterminationCoef"=dword:0000000a
"GKDirtinessCoef"=dword:fffffffb
"GKFlairCoef"=dword:00000000
"GKImportantMatchesCoef"=dword:0000000a
"GKInfluenceCoef"=dword:0000000a
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:00000050
"GKTeamworkCoef"=dword:00000005
"GKWorkRateCoef"=dword:00000000
"GKAccelerationCoef"=dword:00000005
"GKAgilityCoef"=dword:0000000a
"GKBalanceCoef"=dword:0000000a
"GKInjuryPronenessCoef"=dword:fffffffb
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:00000005
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000000
"GKStrengthCoef"=dword:0000000a
"GKVersatilityCoef"=dword:00000000
"GKAerialAbilityCoef"=dword:00000032
"GKCommandOfAreaCoef"=dword:00000014
"GKCommunicationCoef"=dword:00000032
"GKEccentricityCoef"=dword:ffffffec
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:0000000a
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:00000014
"GKTendencyToPunchCoef"=dword:fffffff6
"GKThrowingCoef"=dword:0000000a
"GKAdaptabilityCoef"=dword:00000005
"GKAmbitionCoef"=dword:0000000a
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:00000005
"GKPressureCoef"=dword:00000005
"GKProfessionalismCoef"=dword:00000005
"GKSportsmanshipCoef"=dword:00000005
"GKTemperamentCoef"=dword:00000005
"SWWeightCoef"=dword:00000066
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:00000000
"SWCrossingCoef"=dword:00000000
"SWDribblingCoef"=dword:00000000
"SWFinishingCoef"=dword:00000000
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:0000000a
"SWLongThrowsCoef"=dword:00000000
"SWMarking

Répondre à sokaris13
Egwene   03-04-2009 à 23:00:57
- 0 +

Re,

Il me manque une partie du rapport.

Pourquoi n'avoir pas accepté l'installation de la console de récupération ?

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
sokaris13   03-04-2009 à 23:19:42
- 0 +

http://www.cijoint.fr/cjlink.php?f [...] WhXgei.txt

Je n'ai pas installer la console de recuperation car je n'avais plus internet a ce moment la malheuresement

Répondre à sokaris13
Egwene   03-04-2009 à 23:29:41
- 0 +

Re,

Peux-tu réessayer ?

C'est important que tu arrives à l'installer, si c'est possible, sinon on fera sans.

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
sokaris13   03-04-2009 à 23:51:02
- 0 +

Voila c'est fait, j'ai refait un rapport au cas ou : http://www.cijoint.fr/cjlink.php?f [...] FtyAaK.txt

Répondre à sokaris13
Egwene   04-04-2009 à 18:47:44
- 0 +

Je t'envoie un MP.

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Trojan bloque internet ?
Aller à :

Il y a 1284 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,552 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens