DiagHelp version v1.4 - http://www.malekal.com
excute le Tue 06/17/2008 à 12:32:35.51
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->6/17/2008 12:32:32
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->6/17/2008 12:32:32
C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->6/17/2008 12:32:02
C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-1781D844.pf -->6/17/2008 12:31:40
C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->6/17/2008 12:31:31
C:\WINDOWS\prefetch\AVGCMGR.EXE-1D29CBA8.pf -->6/17/2008 12:23:00
C:\WINDOWS\prefetch\RUNDLL32.EXE-3B3584BA.pf -->6/17/2008 12:13:33
C:\WINDOWS\prefetch\RUNDLL32.EXE-2514F699.pf -->6/17/2008 12:03:55
C:\WINDOWS\prefetch\RUNDLL32.EXE-2899CD9A.pf -->6/17/2008 12:02:45
C:\WINDOWS\prefetch\MSIEXEC.EXE-2F8A8CAE.pf -->6/17/2008 12:02:30
C:\WINDOWS\System32\drivers\mbamcatchme.sys -->6/10/2008 19:02:44
C:\WINDOWS\System32\drivers\mbam.sys -->6/10/2008 19:02:40
C:\WINDOWS\System32\drivers\avgldx86.sys -->5/10/2008 12:32:05
C:\WINDOWS\System32\drivers\avgmfx86.sys -->5/10/2008 12:32:04
C:\WINDOWS\System32\drivers\rmcast.sys -->5/8/2008 8:28:49
C:\WINDOWS\System32\drivers\bthport.sys -->4/14/2008 7:01:02
C:\WINDOWS\System32\drivers\rp_skt32.sys -->3/4/2008 16:19:02
C:\WINDOWS\System32\iyvu9_32.dll -->11/27/2008 19:14:34
C:\WINDOWS\System32\iacenc.dll -->11/27/2008 19:14:34
C:\WINDOWS\System32\nvapps.xml -->6/16/2008 17:37:24
C:\WINDOWS\System32\wpa.dbl -->6/16/2008 10:24:55
C:\WINDOWS\System32\FNTCACHE.DAT -->6/10/2008 9:08:39
C:\WINDOWS\System32\MRT.exe -->5/29/2008 19:35:11
C:\WINDOWS\System32\avgrsstx.dll -->5/10/2008 12:32:08
C:\WINDOWS\System32\SDRemoveDB.db -->5/10/2008 9:48:50
C:\WINDOWS\System32\quartz.dll -->5/7/2008 0:55:40
C:\WINDOWS\System32\gyychaln.ini -->5/4/2008 17:12:55
C:\WINDOWS\System32\gyychaln.tmp -->5/4/2008 17:02:02
C:\WINDOWS\System32\keys.txt -->5/2/2008 0:28:12
C:\WINDOWS\System32\rmoc3260.dll -->5/1/2008 9:31:45
C:\WINDOWS\System32\pndx5032.dll -->5/1/2008 9:31:35
C:\WINDOWS\System32\pndx5016.dll -->5/1/2008 9:31:35
C:\WINDOWS\System32\pncrt.dll -->5/1/2008 9:31:30
C:\WINDOWS\System32\mshtml.dll -->4/23/2008 22:16:30
C:\WINDOWS\System32\wininet.dll -->4/23/2008 0:16:29
C:\WINDOWS\System32\webcheck.dll -->4/23/2008 0:16:29
C:\WINDOWS\System32\urlmon.dll -->4/23/2008 0:16:29
C:\WINDOWS\System32\url.dll -->4/23/2008 0:16:28
C:\WINDOWS\System32\pngfilt.dll -->4/23/2008 0:16:28
C:\WINDOWS\System32\occache.dll -->4/23/2008 0:16:28
C:\WINDOWS\System32\mstime.dll -->4/23/2008 0:16:28
C:\WINDOWS\System32\msrating.dll -->4/23/2008 0:16:28
C:\WINDOWS\WindowsUpdate.log -->6/17/2008 10:10:43
C:\WINDOWS\QTFont.qfn -->6/16/2008 17:51:07
C:\WINDOWS\0.log -->6/16/2008 17:39:05
C:\WINDOWS\wiadebug.log -->6/16/2008 17:37:11
C:\WINDOWS\wiaservc.log -->6/16/2008 17:37:10
C:\WINDOWS\bootstat.dat -->6/16/2008 17:35:56
C:\WINDOWS\FreedomInstallScript.log -->6/16/2008 13:15:55
C:\WINDOWS\SchedLgU.Txt -->6/16/2008 13:07:21
C:\WINDOWS\KB950759-IE7.log -->6/16/2008 12:47:04
C:\WINDOWS\updspapi.log -->6/16/2008 12:47:02
C:\WINDOWS\system.ini -->6/16/2008 9:53:51
C:\WINDOWS\NeroDigital.ini -->6/11/2008 13:56:53
C:\WINDOWS\win.ini -->6/10/2008 10:07:32
C:\WINDOWS\QTFont.for -->6/9/2008 10:25:25
C:\WINDOWS\BMd32494c3.txt -->5/10/2008 11:31:21
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1836
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x78050000 0xd0000 7.00.6000.16674 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x78000000 0x45000 7.00.6000.16674 C:\WINDOWS\system32\iertutil.dll
0x5d090000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
0x76fd0000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77050000 0xc5000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x55df0000 0xd000 17.01.0051.0000 C:\WINDOWS\system32\AcSignIcon.dll
0x782e0000 0x10f000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL
0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll
0x5d360000 0xe000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL
0x661c0000 0x21d000 12.00.6211.1000 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
0x68ef0000 0xf1000 12.00.6211.1000 C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL
0x68ff0000 0x7000 12.00.6211.1000 C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL
0x7c630000 0x1b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL
0x65e30000 0x37000 12.00.6211.1000 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
0x01100000 0x127000 7.00.6000.16674 C:\WINDOWS\system32\urlmon.dll
0x74980000 0x113000 8.90.1101.0000 C:\WINDOWS\system32\msxml3.dll
0x5f800000 0x16000 1.01.1593.0000 C:\PROGRA~1\WINDOW~4\MpShHook.dll
0x7c420000 0x87000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCP80.dll
0x42ef0000 0x5cd000 7.00.6000.16674 C:\WINDOWS\system32\ieframe.dll
0x55fe0000 0x52000 17.01.0051.0000 C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
0x76b20000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x42e40000 0x3c000 7.00.6000.16674 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x7d1e0000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
0x10000000 0x16f000 6.14.0010.11034 C:\WINDOWS\system32\nview.dll
0x66b40000 0x17f000 12.00.6211.1000 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
0x14070000 0x1b000 11.00.5721.5145 C:\WINDOWS\system32\wmpshell.dll
0x02a90000 0x1b9000 2.00.0000.0008 C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL
0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll
0x026c0000 0xe000 7.10.3077.0000 C:\WINDOWS\system32\MFC71ENU.DLL
0x55ee0000 0x1b000 17.01.0051.0000 C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
0x026f0000 0x5b000 8.01.0000.0000 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\wmvcore.dll
0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL
0x02df0000 0x15000 6.14.0010.8208 C:\WINDOWS\system32\nvwddi.dll
0x02680000 0x14000 2.07.0002.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x03230000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x02d70000 0x2c000 C:\Program Files\WinRAR\rarext.dll
0x03740000 0x63000 1.03.0011.0000 C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll
0x02da0000 0x28000 1.03.0004.0000 C:\Program Files\Sony Ericsson\Mobile2\File Manager\fmgrguil.dll
0x03d90000 0xc000 1.01.0000.0341 C:\Program Files\Common Files\Autodesk Shared\dwf Common\DWFShellExtensionRes.dll
0x74320000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x02600000 0x17000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x79000000 0x46000 2.00.50727.1433 C:\WINDOWS\system32\MSCOREE.DLL
0x60610000 0x6000 2.00.50727.1433 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
0x79e70000 0x58f000 2.00.50727.1433 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
0x03e30000 0xe1000 12.00.6211.1000 C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
0x60050000 0x1b000 6.00.0000.19305 C:\Program Files\Vidéotron\Services de sécurité Vidéotron\AVCntxtR.dll
0x00d00000 0x8000 1.00.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
0x00d20000 0x10000 5.03.0000.0198 C:\Program Files\MagicISO\misosh.dll
0x621a0000 0x1d000 8.00.0000.0080 C:\Program Files\AVG\AVG8\avgse.dll
0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 1024
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x80000 \??\C:\WINDOWS\system32\winlogon.exe
0x10000000 0x5000 8.00.0000.0080 C:\WINDOWS\system32\avgrsstx.dll
0x5d090000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x74320000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x17000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x011c0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll
0x76fd0000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77050000 0xc5000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76080000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
Volume in drive C is PRESARIO
Volume Serial Number is D017-A7F0
Directory of C:\WINDOWS\system
05/07/1998 12:04 PM 52,736 hpsysdrv.exe
1 File(s) 52,736 bytes
0 Dir(s) 110,877,552,640 bytes free
Volume in drive C is PRESARIO
Volume Serial Number is D017-A7F0
Directory of C:\WINDOWS\system32
08/10/2004 12:00 AM 6,144 csrss.exe
1 File(s) 6,144 bytes
0 Dir(s) 110,877,552,640 bytes free
Contenu de Downloaded Program Files
Volume in drive C is PRESARIO
Volume Serial Number is D017-A7F0
Directory of C:\WINDOWS\Downloaded Program Files
06/16/2008 11:47 AM <DIR> .
06/16/2008 11:47 AM <DIR> ..
08/31/2005 12:00 AM 65 desktop.ini
03/24/2008 07:33 PM 1,527,056 FP_AX_CAB_INSTALLER.exe
02/12/2007 10:10 AM 302,184 IDrop.ocx
02/12/2007 10:24 AM 114,792 IDropENU.dll
03/24/2008 07:18 PM 247 swflash.inf
04/29/2008 08:49 AM 456,768 wlscBase.dll
04/29/2008 08:52 AM 320 wlscBase.inf
7 File(s) 2,401,432 bytes
Total Files Listed:
7 File(s) 2,401,432 bytes
2 Dir(s) 110,877,552,640 bytes free
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"="C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\\Program Files\\Google\\Google SketchUp 6\\SketchUp.exe"="C:\\Program Files\\Google\\Google SketchUp 6\\SketchUp.exe:*:Enabled:SketchUp Application"
"C:\\Program Files\\SightSpeed\\SightSpeed.exe"="C:\\Program Files\\SightSpeed\\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\Compaq_Administrator\\My Documents\\Azureus Downloads\\Azureus\\Azureus.exe"="C:\\Documents and Settings\\Compaq_Administrator\\My Documents\\Azureus Downloads\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
"DisableRegistryTools"=dword:00000000
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-17 12:33:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:bd,7d,1a,14,26,1f,88,67,cd,9c,9f,24,68,e8,bf,51,13,c1,a8,c4,30,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:4d,be,82,83,c8,07,a0,d7,cd,5a,04,bb,51,45,5a,2c,7d,32,43,7f,95,..
"d0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:55,d5,61,a5,37,3c,f5,61,a9,d6,f5,fb,47,d6,42,4e,39,27,8f,ea,94,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:bd,7d,1a,14,26,1f,88,67,cd,9c,9f,24,68,e8,bf,51,13,c1,a8,c4,30,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:4d,be,82,83,c8,07,a0,d7,cd,5a,04,bb,51,45,5a,2c,7d,32,43,7f,95,..
"d0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:55,d5,61,a5,37,3c,f5,61,a9,d6,f5,fb,47,d6,42,4e,39,27,8f,ea,94,..
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B1431799-5D7A-CD8F-AD75-BDF8562E09A8}]
"iaanldhmghkfgoahck"=hex:6b,61,6e,66,61,6d,64,66,69,6e,6b,67,63,63,6d,63,70,65,62,65,6c,..
"hagibhgeehdcchhm"=hex:6b,61,6d,66,6c,6c,65,65,68,66,66,61,61,68,6a,6a,6d,63,6d,68,6e,..
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
644 - RPS.exe
808 - avgwdsvc.exe
844 - VideotronSA.exe
876 - rundll32.exe
904 - PDAgent.exe
1000 - csrss.exe
1024 - winlogon.exe
1096 - services.exe
1108 - lsass.exe
1260 - svchost.exe
1368 - svchost.exe
1412 - svchost.exe
1492 - MsMpEng.exe
1532 - svchost.exe
1568 - svchost.exe
1644 - Fws.exe
1692 - avgtray.exe
1836 - explorer.exe
1856 - nvsvc32.exe
1896 - svchost.exe
2108 - dllhost.exe
2332 - msnmsgr.exe
2352 - mcrdsvc.exe
2384 - alg.exe
2536 - cmd.exe
2908 - VideotronSAComH
3244 - iexplore.exe
3352 - wmiprvse.exe
Total number of processes = 29
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806CE000 - \WINDOWS\system32\hal.dll
F7A9C000 - \WINDOWS\system32\KDCOM.DLL
F79AC000 - \WINDOWS\system32\BOOTVID.dll
F73B3000 - sptd.sys
F7A9E000 - \WINDOWS\System32\Drivers\WMILIB.SYS
F739B000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS
F736D000 - ACPI.sys
F735C000 - pci.sys
F759C000 - ohci1394.sys
F75AC000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
F75BC000 - isapnp.sys
F7B64000 - pciide.sys
F781C000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
F7AA0000 - viaide.sys
F7AA2000 - intelide.sys
F75CC000 - MountMgr.sys
F733D000 - ftdisk.sys
F7AA4000 - dmload.sys
F7317000 - dmio.sys
F7824000 - PartMgr.sys
F75DC000 - VolSnap.sys
F72FF000 - atapi.sys
F72BC000 - ftsata2.sys
F75EC000 - disk.sys
F75FC000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F729C000 - fltMgr.sys
F728A000 - sr.sys
F760C000 - bb-run.sys
F761C000 - PxHelp20.sys
F7273000 - KSecDD.sys
F7260000 - WudfPf.sys
F724D000 - DefragFS.sys
F71C0000 - Ntfs.sys
F7193000 - NDIS.sys
F7178000 - Mup.sys
F764C000 - \SystemRoot\system32\DRIVERS\AmdK8.sys
F793C000 - \SystemRoot\system32\DRIVERS\aracpi.sys
F651B000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
F6507000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F7944000 - \SystemRoot\system32\DRIVERS\usbohci.sys
F64E4000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
F794C000 - \SystemRoot\system32\DRIVERS\usbehci.sys
F765C000 - \SystemRoot\system32\DRIVERS\imapi.sys
F766C000 - \SystemRoot\system32\DRIVERS\cdrom.sys
F767C000 - \SystemRoot\system32\DRIVERS\redbook.sys
F64C1000 - \SystemRoot\system32\DRIVERS\ks.sys
F7954000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
F647C000 - \SystemRoot\system32\DRIVERS\HSXHWBS2.sys
F6385000 - \SystemRoot\system32\DRIVERS\HSX_DP.sys
F62CF000 - \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
F795C000 - \SystemRoot\System32\Drivers\Modem.SYS
F62AA000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
F7128000 - \SystemRoot\system32\DRIVERS\nvnetbus.sys
F625F000 - \SystemRoot\system32\DRIVERS\NVNRM.SYS
F6228000 - \SystemRoot\system32\DRIVERS\NVSNPU.SYS
F7124000 - \SystemRoot\system32\DRIVERS\arpolicy.sys
F6211000 - \SystemRoot\System32\Drivers\ezplay.sys
F7C1B000 - \SystemRoot\system32\DRIVERS\audstub.sys
F768C000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
F7120000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
F61FA000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
F769C000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
F76AC000 - \SystemRoot\system32\DRIVERS\raspptp.sys
F7964000 - \SystemRoot\system32\DRIVERS\TDI.SYS
F61E9000 - \SystemRoot\system32\DRIVERS\psched.sys
F76BC000 - \SystemRoot\system32\DRIVERS\msgpc.sys
F796C000 - \SystemRoot\system32\DRIVERS\ptilink.sys
F7974000 - \SystemRoot\system32\DRIVERS\raspti.sys
F76CC000 - \SystemRoot\system32\DRIVERS\rp_skt32.sys
F6118000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
F770C000 - \SystemRoot\system32\DRIVERS\termdd.sys
F7984000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
F798C000 - \SystemRoot\system32\DRIVERS\mouclass.sys
F771C000 - \SystemRoot\system32\DRIVERS\rp_pkt32.sys
F6101000 - \SystemRoot\system32\DRIVERS\mcdbus.sys
F7AE8000 - \SystemRoot\system32\DRIVERS\swenum.sys
F60CD000 - \SystemRoot\system32\DRIVERS\update.sys
F688F000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
F772C000 - \SystemRoot\system32\DRIVERS\NVENETFD.sys
F773C000 - \SystemRoot\System32\Drivers\NDProxy.SYS
F774C000 - \SystemRoot\system32\DRIVERS\usbhub.sys
F7AEA000 - \SystemRoot\system32\DRIVERS\USBD.SYS
F36BC000 - \SystemRoot\system32\drivers\RtkHDAud.sys
F369A000 - \SystemRoot\system32\drivers\portcls.sys
F776C000 - \SystemRoot\system32\drivers\drmk.sys
F7AF4000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7CD0000 - \SystemRoot\System32\Drivers\Null.SYS
F7AF6000 - \SystemRoot\System32\Drivers\Beep.SYS
F786C000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
F7874000 - \SystemRoot\System32\drivers\vga.sys
F7AFA000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F7AFC000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
F787C000 - \SystemRoot\System32\Drivers\Msfs.SYS
F7884000 - \SystemRoot\System32\Drivers\Npfs.SYS
F60C5000 - \SystemRoot\system32\DRIVERS\rasacd.sys
F363F000 - \SystemRoot\system32\DRIVERS\ipsec.sys
F35E7000 - \SystemRoot\system32\DRIVERS\tcpip.sys
F35BF000 - \SystemRoot\system32\DRIVERS\netbt.sys
F359D000 - \SystemRoot\System32\drivers\afd.sys
F77AC000 - \SystemRoot\system32\DRIVERS\netbios.sys
F788C000 - \SystemRoot\System32\Drivers\StarOpen.SYS
F3572000 - \SystemRoot\system32\DRIVERS\rdbss.sys
F3503000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
F77CC000 - \SystemRoot\System32\Drivers\Fips.SYS
F34E2000 - \SystemRoot\system32\DRIVERS\ipnat.sys
F77DC000 - \SystemRoot\system32\DRIVERS\wanarp.sys
F789C000 - \SystemRoot\System32\Drivers\avgmfx86.sys
F3404000 - \SystemRoot\System32\Drivers\avgldx86.sys
F33E1000 - \SystemRoot\System32\Drivers\Fastfat.SYS
F77FC000 - \SystemRoot\System32\Drivers\Cdfs.SYS
F6099000 - \SystemRoot\system32\DRIVERS\hidusb.sys
F780C000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
F78BC000 - \SystemRoot\system32\DRIVERS\arhidfltr.sys
F78C4000 - \SystemRoot\system32\DRIVERS\usbprint.sys
F78CC000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
F78D4000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
F6095000 - \SystemRoot\system32\DRIVERS\mouhid.sys
F78DC000 - \SystemRoot\system32\DRIVERS\point32.sys
F7B12000 - \SystemRoot\system32\DRIVERS\armoucfltr.sys
F6091000 - \SystemRoot\system32\DRIVERS\kbdhid.sys
F7B16000 - \SystemRoot\system32\DRIVERS\arkbcfltr.sys
F3379000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F7B18000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
F7A74000 - \SystemRoot\System32\drivers\Dxapi.sys
F78E4000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F7C19000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
BA1B3000 - \SystemRoot\system32\drivers\wdmaud.sys
BA2D8000 - \SystemRoot\system32\drivers\sysaudio.sys
B9F57000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
B9EEC000 - \SystemRoot\system32\DRIVERS\atksgt.sys
B9E20000 - \SystemRoot\system32\DRIVERS\css-dvp.sys
B9CC7000 - \SystemRoot\System32\Drivers\HTTP.sys
F791C000 - \SystemRoot\system32\DRIVERS\lirsgt.sys
F7B14000 - \SystemRoot\System32\Drivers\MCSTRM.SYS
B9E08000 - \SystemRoot\system32\DRIVERS\mdmxsdk.sys
B9B85000 - \SystemRoot\system32\DRIVERS\srv.sys
F6149000 - \SystemRoot\system32\DRIVERS\secdrv.sys
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
B0976000 - \SystemRoot\system32\drivers\kmixer.sys
F7BBF000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 144
Liste des programmes installes
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Reader 8.1.2
Adobe Shockwave Player 11
Agent de service Vidéotron 1.5.13
Apple Mobile Device Support
Apple Software Update
Authentium AntiVirus SDK - 2
AutoCAD 2008 - English
AutoCAD 2008 - English
Autodesk DWF Viewer 7
AVG Free 8.0
Azureus Vuze
Cabos
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon i450
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CCleaner (remove only)
Chainz 2: Relinked
Compaq Connections (remove only)
ConvertXtoDVD 2.1.14.223
Cradle Of Persia
Creative Photo Manager
Creative WebCam Center
Creative WebCam Instant Driver (1.03.02.0425)
Customer Experience Enhancement
Customer Experience Enhancement
Data Fax SoftModem with SmartCP
Director
Disc2Phone
DocProc
DocumentViewer
DVD Decrypter (Remove Only)
Easy Internet Sign-up
Easy Internet Sign-up
Enregistrement du produit WebCam Instant
Google SketchUp 6
Google SketchUp 6 Exporters
Google SketchUp LayOut 6
Google SketchUp Pro 6
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
HP Boot Optimizer
HP DVD Play 2.1
HP Update
HP Web Helper
HpSdpAppCoreApp
HPSystemDiagnostics
ichat Active X Chat Client
ichat ROOMS(TM) Client for Internet Explorer
ISEngineUpdate
iTunes
J2SE Runtime Environment 5.0 Update 10
Java(TM) 6 Update 5
Java(TM) SE Runtime Environment 6 Update 1
LightScribe 1.4.105.1
Magic ISO Maker v5.4 (build 0248)
MagicDisc 2.5.79
Malwarebytes' Anti-Malware
Manuel d'utilisation de Creative WebCam Instant (Français)
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Away Mode
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft IntelliPoint 5.3
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
MSXML4 Parser
Nero 7 Ultra Edition
Nero Media Player
NVIDIA Drivers
Otto
PerfectDisk
Polly Pride™ Pet Detective
PPSDKRedistributables
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Rhapsody
Rhapsody Player Engine
RPS Ad Blocker
RPS AntiFraud
RPS AntiSpyware
RPS AntiVirus
RPS App Detector
RPS AsRealtime
RPS Backup
RPS Burn
RPS Diagnostic Utility
RPS Firewall
RPS ParentalControl
RPS Performance Tool
RPS PopupBlocker
RPS Privacy Manager
RPS RpsCore
RPS Security Cleanup
RPS Zip
Sandlot Games Client Services
Sandlot Games Client Services 1.2.2
Sansa Media Converter
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Excel 2007 (KB946974)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Office 2007 (KB947801)
Security Update for Outlook 2007 (KB946983)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Services de sécurité Vidéotron
SightSpeed (remove only)
Sony Ericsson PC Suite 1.20.224
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb950378)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB953356)
Update Rollup 2 for Windows XP Media Center Edition 2005
VBA (2627.01)
Virtual Villagers® - The Secret City
WebFldrs XP
WebReg
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
XoftSpySE
Volume in drive C is PRESARIO
Volume Serial Number is D017-A7F0
Directory of C:\Program Files
06/16/2008 11:52 AM <DIR> .
06/16/2008 11:52 AM <DIR> ..
08/14/2007 11:28 PM <DIR> Absolute Video Converter
03/03/2008 05:51 PM <DIR> Adobe
03/03/2008 05:51 PM <DIR> Apple Software Update
03/16/2007 09:14 AM <DIR> Ares
06/09/2008 10:28 AM <DIR> AutoCAD 2008
01/18/2008 09:11 PM <DIR> Autodesk
05/10/2008 12:31 PM <DIR> AVG
08/16/2007 02:29 PM <DIR> Azada
04/05/2008 12:25 PM <DIR> Azureus
02/27/2007 10:59 PM <DIR> BFG
03/04/2008 03:16 PM <DIR> CA
03/16/2007 09:20 AM <DIR> Cabos
11/20/2007 12:47 PM <DIR> Canon
06/16/2008 11:52 AM <DIR> CCleaner
06/09/2008 10:14 AM <DIR> Common Files
09/11/2006 09:38 PM <DIR> Compaq Connections
09/11/2006 09:15 PM <DIR> CONEXANT
02/14/2008 01:08 PM <DIR> Cradle Of Persia
08/28/2007 04:29 PM <DIR> Creative
02/23/2007 03:43 PM <DIR> Disc2Phone
06/15/2008 08:55 PM <DIR> Dofus
06/09/2007 01:26 PM <DIR> DVD Decrypter
08/14/2007 11:28 PM <DIR> DVD Shrink
03/23/2008 03:25 PM <DIR> DVDXCopyInternational
03/28/2007 11:01 AM <DIR> EnglishOtto
05/11/2008 12:28 PM <DIR> Escape the Museum
01/27/2007 02:26 PM <DIR> Eye Games
05/05/2008 03:35 PM <DIR> Google
03/08/2008 03:36 PM <DIR> HP
06/09/2007 02:28 PM <DIR> ImTOO
03/01/2008 11:33 PM 2,166 INSTALL.LOG
08/03/2007 05:45 PM <DIR> InterMute
06/12/2008 03:06 AM <DIR> Internet Explorer
03/10/2008 12:01 PM <DIR> iPod
03/10/2008 12:01 PM <DIR> iTunes
03/27/2008 09:46 AM <DIR> Java
05/05/2008 01:23 PM <DIR> Leroy Merlin
03/14/2007 05:30 PM <DIR> Macrogaming
01/21/2008 11:23 AM <DIR> MagicDisc
01/18/2008 05:30 PM <DIR> MagicISO
06/11/2008 02:04 PM <DIR> Malwarebytes' Anti-Malware
08/31/2007 12:23 PM <DIR> Maxis
03/28/2007 11:01 AM <DIR> Messenger
06/05/2008 08:42 AM <DIR> Messenger Plus! Live
05/09/2007 10:50 PM <DIR> Microsoft CAPICOM 2.1.0.2
01/20/2008 06:36 PM <DIR> Microsoft Expression
11/14/2005 09:06 PM <DIR> microsoft frontpage
07/02/2007 05:23 PM <DIR> Microsoft IntelliPoint
06/09/2008 10:11 AM <DIR> Microsoft Office
01/17/2008 02:38 PM <DIR> Microsoft SQL Server Compact Edition
01/20/2008 02:49 PM <DIR> Microsoft Visual Studio
05/05/2008 12:10 PM <DIR> Microsoft Visual Studio 8
05/29/2008 12:30 AM <DIR> Microsoft Works
01/20/2008 02:48 PM <DIR> Microsoft.NET
03/03/2008 05:51 PM <DIR> Movie Collection
11/14/2005 09:07 PM <DIR> Movie Maker
01/20/2008 02:49 PM <DIR> MSBuild
11/14/2005 09:07 PM <DIR> MSN
11/14/2005 09:07 PM <DIR> MSN Gaming Zone
06/10/2008 09:51 AM <DIR> MSXML 6.0
03/28/2007 11:01 AM <DIR> music_now
01/12/2008 01:52 PM <DIR> Neoact
09/08/2007 06:44 PM <DIR> Nero
11/14/2005 09:07 PM <DIR> NetMeeting
06/14/2007 03:04 AM <DIR> Outlook Express
05/06/2008 11:17 AM <DIR> Panicware
01/03/2007 05:29 PM <DIR> Quicken
03/10/2008 11:59 AM <DIR> QuickTime
03/04/2008 03:16 PM <DIR> Raxco
09/28/2007 08:24 AM <DIR> Real
12/30/2006 07:57 PM <DIR> Rhapsody
12/25/2007 05:59 PM <DIR> SanDisk
06/15/2008 09:02 PM <DIR> Shockwave.com
01/27/2007 01:30 PM <DIR> SightSpeed
02/02/2007 08:59 AM <DIR> Sonic
02/23/2007 03:38 PM <DIR> Sony Ericsson
03/04/2008 03:16 PM <DIR> Vidéotron
12/09/2007 09:47 AM <DIR> vso
05/05/2008 04:52 PM <DIR> Webroot
05/05/2008 03:39 PM <DIR> Windows Defender
02/27/2008 04:01 AM <DIR> Windows Live
05/08/2008 05:10 PM <DIR> Windows Live Safety Center
10/04/2007 01:50 PM <DIR> Windows Media Connect 2
03/03/2008 05:52 PM <DIR> Windows Media Player
11/14/2005 09:07 PM <DIR> Windows NT
11/14/2005 09:08 PM <DIR> Windows Plus
04/09/2007 08:34 AM <DIR> WinRAR
11/14/2005 09:08 PM <DIR> xerox
06/17/2008 09:48 AM <DIR> XoftSpySE
05/28/2008 10:16 PM <DIR> Yahoo!
05/05/2008 01:14 PM <DIR> Zylom Games
1 File(s) 2,166 bytes
92 Dir(s) 110,877,159,424 bytes free
Volume in drive C is PRESARIO
Volume Serial Number is D017-A7F0
Directory of C:\Program Files\common files
06/09/2008 10:14 AM <DIR> .
06/09/2008 10:14 AM <DIR> ..
02/18/2008 09:46 AM <DIR> Adobe
09/08/2007 06:45 PM <DIR> Ahead
09/04/2007 07:33 PM <DIR> Apple
12/25/2007 05:59 PM <DIR> ArcSoft
03/04/2008 03:16 PM <DIR> Authentium
06/09/2008 10:29 AM <DIR> Autodesk Shared
11/20/2007 12:45 PM <DIR> Canon
06/09/2008 10:11 AM <DIR> DESIGNER
05/28/2007 11:51 AM <DIR> Hewlett-Packard
03/08/2008 03:45 PM <DIR> HP
09/10/2007 11:54 AM <DIR> InstallShield
05/09/2008 10:34 PM <DIR> iS3
09/11/2006 08:59 PM <DIR> Java
12/31/2006 01:08 PM <DIR> LightScribe
09/11/2006 09:30 PM <DIR> LS Getting Started
06/09/2008 10:11 AM <DIR> Microsoft Shared
03/03/2008 05:52 PM <DIR> Motive
11/14/2005 09:06 PM <DIR> MSSoap
03/11/2008 11:06 PM <DIR> ODBC
05/01/2008 09:31 AM <DIR> Real
05/10/2008 02:23 PM <DIR> Sandlot Shared
03/30/2008 01:28 AM <DIR> Scanner
11/14/2005 09:06 PM <DIR> Services
11/14/2005 09:06 PM <DIR> SpeechEngines
12/30/2006 07:18 PM <DIR> Symantec Shared
01/20/2008 02:56 PM <DIR> System
05/12/2008 08:32 AM <DIR> Teleca Shared
05/01/2008 09:32 AM <DIR> xing shared
0 File(s) 0 bytes
30 Dir(s) 110,877,155,328 bytes free
c:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.6.1.9\iTunesSetupAdmin.exe
c:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\InstMsiA.Exe
c:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\InstMsiW.Exe
c:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\Setup.Exe
c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
c:\Documents and Settings\All Users\Application Data\WildTangent\My HP Game Console\Downloads\Installers\flipwords-setup.exe_cache
c:\Documents and Settings\All Users\Application Data\WildTangent\My HP Game Console\Downloads\Installers\flipwords-setup.exe_filedata
c:\Documents and Settings\All Users\Application Data\WildTangent\My HP Game Console\Downloads\Installers\SetupGamesClient.exe
c:\Documents and Settings\All Users\Application Data\WildTangent\My HP Game Console\Downloads\Installers\SetupGamesClient.exe_filedata
c:\Documents and Settings\Compaq_Administrator\Application Data\Azureus\plugins\azemp\azmplay.exe
c:\Documents and Settings\Compaq_Administrator\Application Data\Real\Update\setup\schedule.exe
c:\Documents and Settings\Compaq_Administrator\Application Data\Real\Update\setup\setup.exe
c:\Documents and Settings\Compaq_Administrator\Application Data\Real\Update\setup\data~0\RealPlayer11GOLD.exe
c:\Documents and Settings\Compaq_Administrator\Application Data\U3\temp\cleanup.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\AcDelTree.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Setup.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\msi\WindowsInstaller-KB893803-v2-x86.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Common Files\Autodesk Shared\ACHELP.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Common Files\Autodesk Shared\mtstack16.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Common Files\Autodesk Shared\PLU26.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Common Files\Autodesk Shared\WSCOMMCNTR1.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Common Files\Autodesk Shared\AcDwgFilter\ACDWGFILTERIMP16.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Common Files\Autodesk Shared\AcShellEx\ACLAUNCHER.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Common Files\Autodesk Shared\Service\ADSKNETSRV.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\ACGGE.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\ACSIGNAPPLY.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\ADDPLWIZ.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\ADMIGRATOR.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\ADREFMAN.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\ADSUBAWARE.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\DWGCHECKSTANDARDS.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\HPSETUP.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\PC3EXE.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\SENDDMP.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\SFXFE32.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\SLIDELIB.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\STYEXE.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\STYSHWIZ.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\Express\ALIAS.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\Express\DUMPSHX.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\Express\LSPSURF.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\Program Files\Root\Locked\ACAD.EXE
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\mdac_typ.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\CADManager\Setup.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\CADManager\Program Files\Autodesk\CAD Manager Tools\AdPM.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\CADManager\Program Files\Autodesk\CAD Manager Tools\CMControl.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\CADManagerControl\CMControl.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\DirectX\DXSETUP.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\dotnetfx.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1028\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1029\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1031\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1034\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1036\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1038\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1040\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1041\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1042\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1043\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1045\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1046\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1049\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\1053\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\dotnetfx\2052\langpack.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\nlm\Setup.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\nlm\Program Files\Autodesk Network License Manager\adskflex.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\nlm\Program Files\Autodesk Network License Manager\lmgrd.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\nlm\Program Files\Autodesk Network License Manager\lmtools.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\nlm\Program Files\Autodesk Network License Manager\lmutil.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\NSA\Setup.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\NSA\Program Files\NLM\NLA\enu\ACD2008NLA.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\SAMreport-Lite\SAMreport.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\VBA\pFiles\Common\MSShared\Vba\Vba6\link.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\VBA\pFiles\MSOffice\Office10\makecert.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\music Melanie\programe ecole\a graver\autocad\support\VBA\pFiles\MSOffice\Office10\selfcert.exe
c:\Documents and Settings\Compaq_Administrator\Desktop\m
Comment formater son ordinateur
