A voir également:
- Virus win32
- Svchost.exe virus - Guide
- Puabundler win32 - Forum Virus
- Faux message virus iphone ✓ - Forum iPhone
- Win32:bogent - Forum Virus
- Win32:malware-gen ✓ - Forum Virus
1 réponse
Euh... voilà les rapports donc :
Logfile of HijackThis v1.99.1
Scan saved at 21:45:53, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\catchme.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Documents and Settings\M@tias\Mes documents\Hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - Global Startup: MultiFrame.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} - http://sallevirtuelle.cotesdarmor.fr/ecwplugins/ncs.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Pcac2pagenia - REDC - C:\WINDOWS\system32\drivers\rimmptsk.sys
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
et diaghelp :
DiagHelp version v1.4 - http://www.malekal.com
excute le 20/03/2008 à 21:57:48,46
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->20/03/2008 21:57:48
C:\WINDOWS\prefetch\QUICKZIP.EXE-2B664879.pf -->20/03/2008 21:57:30
C:\WINDOWS\prefetch\3O.EXE-0CDAF203.pf -->20/03/2008 21:57:24
C:\WINDOWS\prefetch\EXPLORER.EXE-02121B1A.pf -->20/03/2008 21:57:24
C:\WINDOWS\prefetch\HELP.EXE-117AC932.pf -->20/03/2008 21:56:54
C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->20/03/2008 21:56:52
C:\WINDOWS\prefetch\DRWTSN32.EXE-01DDCF15.pf -->20/03/2008 21:56:46
C:\WINDOWS\prefetch\IEDW.EXE-0F1DF43F.pf -->20/03/2008 21:56:44
C:\WINDOWS\prefetch\FIREFOX.EXE-06188867.pf -->20/03/2008 21:54:14
C:\WINDOWS\prefetch\GZIP.EXE-29F0A9A6.pf -->20/03/2008 21:52:40
C:\WINDOWS\System32\drivers\aswmon.sys -->04/12/2007 15:56:02
C:\WINDOWS\System32\drivers\aswmon2.sys -->04/12/2007 15:55:46
C:\WINDOWS\System32\drivers\aswRdr.sys -->04/12/2007 15:53:40
C:\WINDOWS\System32\drivers\aswTdi.sys -->04/12/2007 15:51:52
C:\WINDOWS\System32\drivers\aavmker4.sys -->04/12/2007 15:49:02
C:\WINDOWS\System32\drivers\AegisP.sys -->29/12/2006 18:02:28
C:\WINDOWS\System32\drivers\hardlock.sys -->22/11/2006 10:01:48
C:\WINDOWS\System32\amvo1.dll -->20/03/2008 21:56:54
C:\WINDOWS\System32\amvo.exe -->20/03/2008 21:56:52
C:\WINDOWS\System32\wpa.dbl -->17/03/2008 09:06:40
C:\WINDOWS\System32\FNTCACHE.DAT -->21/01/2008 18:38:58
C:\WINDOWS\System32\MRT.exe -->02/01/2008 10:21:38
C:\WINDOWS\System32\CONFIG.NT -->10/12/2007 08:16:48
C:\WINDOWS\System32\aswBoot.exe -->04/12/2007 14:04:28
C:\WINDOWS\System32\AvastSS.scr -->04/12/2007 13:54:04
C:\WINDOWS\System32\HLDRV.LOG -->10/11/2007 09:49:40
C:\WINDOWS\System32\hlvdd.dll -->10/11/2007 09:48:36
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->07/11/2007 07:34:06
C:\WINDOWS\System32\LegitCheckControl.dll -->11/10/2007 14:12:48
C:\WINDOWS\System32\spmsg.dll -->08/10/2007 14:46:18
C:\WINDOWS\System32\javacpl.cpl -->24/09/2007 23:31:42
C:\WINDOWS\System32\javaws.exe -->24/09/2007 23:31:42
C:\WINDOWS\System32\javaw.exe -->24/09/2007 22:30:30
C:\WINDOWS\System32\java.exe -->24/09/2007 22:30:28
C:\WINDOWS\System32\jupdate-1.6.0_02-b06.log -->04/08/2007 17:28:58
C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06
C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52
C:\WINDOWS\System32\wuaueng.dll -->30/07/2007 19:19:42
C:\WINDOWS\System32\wuapi.dll -->30/07/2007 19:19:36
C:\WINDOWS\System32\wucltui.dll -->30/07/2007 19:19:32
C:\WINDOWS\System32\wuweb.dll -->30/07/2007 19:19:28
C:\WINDOWS\System32\wuaucpl.cpl -->30/07/2007 19:19:28
C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt -->20/03/2008 21:50:32
C:\WINDOWS\0.log -->20/03/2008 21:50:14
C:\WINDOWS\wiadebug.log -->20/03/2008 21:50:12
C:\WINDOWS\bootstat.dat -->20/03/2008 21:49:48
C:\WINDOWS\WindowsUpdate.log -->20/03/2008 21:49:04
C:\WINDOWS\wiaservc.log -->20/03/2008 21:49:04
C:\WINDOWS\SchedLgU.Txt -->20/03/2008 21:49:02
C:\WINDOWS\wmsetup.log -->20/03/2008 20:43:48
C:\WINDOWS\setupapi.log -->19/03/2008 20:50:46
C:\WINDOWS\NeroDigital.ini -->17/03/2008 20:35:36
C:\WINDOWS\QTFont.qfn -->08/02/2008 08:24:08
C:\WINDOWS\medblker.Log -->05/02/2008 10:32:56
C:\WINDOWS\spupdsvc.log -->05/02/2008 10:32:56
C:\WINDOWS\MedCtrOC.log -->05/02/2008 10:32:50
C:\WINDOWS\ocmsn.log -->05/02/2008 10:30:14
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
Explorer.EXE pid: 1516
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x10000000 0x13000 1.05.0000.0012 C:\WINDOWS\system32\APSHook.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x60c60000 0x26000 16.02.0054.0000 C:\WINDOWS\system32\AcSignIcon.dll
0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x01100000 0x61000 1.22.0000.0230 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
0x7c000000 0x54000 7.00.9955.0000 C:\WINDOWS\system32\MSVCR70.dll
0x01170000 0x70000 1.21.0000.0367 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll
0x011e0000 0xa000 1.22.0000.0230 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\FRA\SFSShell.dll
0x13420000 0x1a000 11.00.5721.5145 C:\Program Files\Windows Media Player\wmpband.dll
0x60d00000 0x39000 16.02.0054.0000 C:\Program Files\Fichiers communs\Autodesk Shared\AcSignCore16.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x01e30000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll
0x02200000 0xbf000 4.00.0016.0000 C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTJBNS2.dll
0x022d0000 0x11000 2.01.0000.0000 C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTIntrfc.dll
0x02310000 0xda000 4.00.0010.0000 C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTConfig.DLL
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x023f0000 0x8a000 4.00.0010.0000 C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\JBNSRES.DLL
0x00b30000 0x7000 C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x02dd0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x03220000 0x20000 1.00.0000.0878 C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.fra
0x01b10000 0x22000 C:\WINDOWS\system32\amvo1.dll
0x01330000 0xb000 6.00.0000.0878 C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
0x016f0000 0x10000 1.01.0000.0071 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL
0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll
0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL
0x36d30000 0x19000 11.00.5510.0000 C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 700
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x10000000 0x13000 1.05.0000.0012 C:\WINDOWS\system32\APSHook.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x00fd0000 0x17000 6.14.0010.4140 C:\WINDOWS\system32\Ati2evxx.dll
0x00cf0000 0xd000 1.05.0000.0045 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
0x7c000000 0x54000 7.00.9955.0000 C:\WINDOWS\system32\MSVCR70.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x019b0000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll
0x776d0000 0x41000 2001.12.4414.0258 C:\WINDOWS\system32\ES.DLL
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\WINDOWS\temp
03/06/2005 00:36 36 864 Preload.exe
20/11/2004 02:00 574 240 KB888316_fr.exe
2 fichier(s) 611 104 octets
0 Rép(s) 40 750 055 424 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\WINDOWS\system32
24/03/2006 20:00 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 40 750 055 424 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\WINDOWS\Downloaded Program Files
18/10/2006 17:00 <REP> .
18/10/2006 17:00 <REP> ..
18/10/2006 17:00 65 desktop.ini
12/07/2007 04:22 1 055 jinstall-6u2.inf
05/03/2005 07:23 302 712 IDrop.ocx
05/03/2005 07:57 113 784 IDropENU.dll
08/03/2005 02:01 114 256 IDropFRA.dll
14/04/2005 00:09 206 NCSview.inf
6 fichier(s) 532 078 octets
Total des fichiers listés :
6 fichier(s) 532 078 octets
2 Rép(s) 40 750 055 424 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Soulseek-Test\\slsk.exe"="C:\\Program Files\\Soulseek-Test\\slsk.exe:*:Enabled:SoulSeek"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 21:58:12
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
192 - Dragdiag.exe
232 - ashDisp.exe
356 - RTHDCPL.EXE
496 - ctfmon.exe
564 - Dot1XCfg.exe
632 - MultiFrame.exe
672 - csrss.exe
700 - winlogon.exe
744 - services.exe
756 - lsass.exe
936 - Ati2evxx.exe
952 - svchost.exe
1036 - svchost.exe
1084 - svchost.exe
1140 - svchost.exe
1168 - spoolsv.exe
1172 - Ati2evxx.exe
1232 - svchost.exe
1288 - EvtEng.exe
1356 - acrotray.exe
1396 - DllHost.exe
1480 - wscntfy.exe
1504 - AsGHost.exe
1516 - Explorer.EXE
1588 - S24EvMon.exe
1704 - svchost.exe
1744 - ehSched.exe
1800 - TosBtMng.exe
1876 - TosA2dp.exe
1916 - TosBtHsp.exe
2040 - ashServ.exe
2068 - HPZipm12.exe
2168 - svchost.exe
2184 - svchost.exe
2268 - mcrdsvc.exe
2360 - TosBtHid.exe
2428 - cli.exe
2952 - alg.exe
3016 - cli.exe
3160 - HControl.exe
3216 - cmd.exe
3244 - ehtray.exe
3392 - sm56hlpr.exe
3424 - PowerForPhone.e
3456 - ACMON.exe
3576 - wcourier.exe
3596 - DMEDIA.EXE
3612 - wuauclt.exe
3616 - wmiprvse.exe
3656 - SynTPEnh.exe
3676 - ATKOSD.exe
3680 - PDVDServ.exe
3784 - DllHost.exe
3796 - BatteryLife.exe
3804 - qttask.exe
3820 - cli.exe
3964 - ZCfgSvc.exe
4040 - ifrmewrk.exe
4060 - realsched.exe
Total number of processes = 60
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E2000 - \WINDOWS\system32\hal.dll
BADA8000 - \WINDOWS\system32\KDCOM.DLL
BACB8000 - \WINDOWS\system32\BOOTVID.dll
BA778000 - ACPI.sys
BADAA000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
BA767000 - pci.sys
BA8A8000 - isapnp.sys
BA8B8000 - ohci1394.sys
BA8C8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
BACBC000 - compbatt.sys
BACC0000 - \WINDOWS\system32\DRIVERS\BATTC.SYS
BAE70000 - pciide.sys
BAB28000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
BA8D8000 - MountMgr.sys
BA748000 - ftdisk.sys
BADAC000 - dmload.sys
BA722000 - dmio.sys
BACC4000 - ACPIEC.sys
BAE71000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
BAB30000 - PartMgr.sys
BA8E8000 - VolSnap.sys
BA70A000 - atapi.sys
BA8F8000 - disk.sys
BA908000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
BA6EB000 - fltMgr.sys
BA6D9000 - sr.sys
BAB38000 - PxHelp20.sys
BA6B6000 - Fastfat.sys
BA69F000 - KSecDD.sys
BA68C000 - WudfPf.sys
BA65F000 - NDIS.sys
BA644000 - Mup.sys
BADB0000 - \SystemRoot\system32\DRIVERS\ATKACPI.sys
BA948000 - \SystemRoot\system32\DRIVERS\intelppm.sys
BA452000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys
BA43E000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
BA419000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
BA278000 - \SystemRoot\system32\DRIVERS\NETw3x32.sys
BAB60000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
BA255000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
BAB68000 - \SystemRoot\system32\DRIVERS\usbehci.sys
BA244000 - \SystemRoot\system32\DRIVERS\sdbus.sys
BAB70000 - \SystemRoot\system32\DRIVERS\rimmptsk.sys
BA958000 - \SystemRoot\system32\DRIVERS\rimsptsk.sys
BA968000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
BAB78000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
BA214000 - \SystemRoot\system32\DRIVERS\SynTP.sys
BADB2000 - \SystemRoot\system32\DRIVERS\USBD.SYS
BAB80000 - \SystemRoot\system32\DRIVERS\mouclass.sys
BA978000 - \SystemRoot\system32\DRIVERS\imapi.sys
BA988000 - \SystemRoot\system32\DRIVERS\cdrom.sys
BA998000 - \SystemRoot\system32\DRIVERS\redbook.sys
BA1F1000 - \SystemRoot\system32\DRIVERS\ks.sys
BAD54000 - \SystemRoot\system32\DRIVERS\CmBatt.sys
BA9A8000 - \SystemRoot\System32\Drivers\tosrfcom.sys
BAF2C000 - \SystemRoot\system32\DRIVERS\audstub.sys
BA9B8000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
BAD58000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
BA1B2000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
BA9C8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
BA9D8000 - \SystemRoot\system32\DRIVERS\raspptp.sys
BAB88000 - \SystemRoot\system32\DRIVERS\TDI.SYS
BA1A1000 - \SystemRoot\system32\DRIVERS\psched.sys
BA9E8000 - \SystemRoot\system32\DRIVERS\msgpc.sys
BAB90000 - \SystemRoot\system32\DRIVERS\ptilink.sys
BAB98000 - \SystemRoot\system32\DRIVERS\raspti.sys
BA0D0000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
BA9F8000 - \SystemRoot\system32\DRIVERS\termdd.sys
BADB4000 - \SystemRoot\system32\DRIVERS\swenum.sys
BA09C000 - \SystemRoot\system32\DRIVERS\update.sys
BAD70000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
BAA08000 - \SystemRoot\system32\DRIVERS\tosporte.sys
BAA18000 - \SystemRoot\System32\Drivers\NDProxy.SYS
A9C06000 - \SystemRoot\system32\drivers\RtkHDAud.sys
A9BE4000 - \SystemRoot\system32\drivers\portcls.sys
BAA48000 - \SystemRoot\system32\drivers\drmk.sys
A9AF4000 - \SystemRoot\system32\DRIVERS\smserial.sys
BABA0000 - \SystemRoot\System32\Drivers\Modem.SYS
BA620000 - \SystemRoot\system32\drivers\MODEMCSA.sys
BAA58000 - \SystemRoot\system32\DRIVERS\usbhub.sys
BADB8000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
BAF81000 - \SystemRoot\System32\Drivers\Null.SYS
BADBA000 - \SystemRoot\System32\Drivers\Beep.SYS
BABC0000 - \SystemRoot\System32\drivers\vga.sys
BADBC000 - \SystemRoot\System32\Drivers\mnmdd.SYS
BADBE000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BABC8000 - \SystemRoot\System32\Drivers\Msfs.SYS
BABD0000 - \SystemRoot\System32\Drivers\Npfs.SYS
BA1E9000 - \SystemRoot\system32\DRIVERS\rasacd.sys
A9A71000 - \SystemRoot\system32\DRIVERS\ipsec.sys
A9A19000 - \SystemRoot\system32\DRIVERS\tcpip.sys
BAA68000 - \SystemRoot\System32\Drivers\aswTdi.SYS
A99F8000 - \SystemRoot\system32\DRIVERS\ipnat.sys
BAA78000 - \SystemRoot\system32\DRIVERS\wanarp.sys
A99D0000 - \SystemRoot\system32\DRIVERS\netbt.sys
A99AE000 - \SystemRoot\System32\drivers\afd.sys
BAA88000 - \SystemRoot\system32\DRIVERS\netbios.sys
A98E3000 - \SystemRoot\system32\DRIVERS\rdbss.sys
A9874000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
BA1D1000 - \SystemRoot\System32\Drivers\ItSDisk.sys
BAA98000 - \SystemRoot\System32\Drivers\Fips.SYS
BABD8000 - \SystemRoot\System32\Drivers\Aavmker4.SYS
A973B000 - \SystemRoot\System32\Drivers\SynMini.sys
BAAB8000 - \SystemRoot\System32\Drivers\STREAM.SYS
BA08C000 - \SystemRoot\System32\Drivers\SYNSAM.SYS
BABE0000 - \SystemRoot\System32\Drivers\SynCamd.sys
A96C1000 - \SystemRoot\System32\Drivers\SynPin.sys
A8AFB000 - \SystemRoot\System32\Drivers\SynPipe.sys
BAAC8000 - \SystemRoot\System32\Drivers\Cdfs.SYS
BADC0000 - \SystemRoot\System32\Drivers\SynScan.sys
BA088000 - \SystemRoot\system32\DRIVERS\hidusb.sys
BAAD8000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
BABE8000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
BA084000 - \SystemRoot\system32\DRIVERS\mouhid.sys
A8AE3000 - \SystemRoot\System32\Drivers\dump_atapi.sys
BADC2000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
A9AE4000 - \SystemRoot\System32\drivers\Dxapi.sys
BABF0000 - \SystemRoot\System32\watchdog.sys
BF9C1000 - \SystemRoot\System32\drivers\dxg.sys
BAFF6000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D3000 - \SystemRoot\System32\ati2dvag.dll
BFA16000 - \SystemRoot\System32\ati2cqag.dll
BFA5C000 - \SystemRoot\System32\atikvmag.dll
BFAA0000 - \SystemRoot\System32\ati3duag.dll
BFCE4000 - \SystemRoot\System32\ativvaxx.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
BAC00000 - \SystemRoot\system32\DRIVERS\AegisP.sys
A696F000 - \SystemRoot\system32\DRIVERS\s24trans.sys
A67A7000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
A643D000 - \SystemRoot\System32\Drivers\aswMon2.SYS
A61E0000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
A60E6000 - \??\C:\WINDOWS\system32\drivers\hardlock.sys
A60D1000 - \SystemRoot\system32\drivers\wdmaud.sys
A639D000 - \SystemRoot\system32\drivers\sysaudio.sys
A5F4D000 - \SystemRoot\System32\Drivers\HTTP.sys
A5DE1000 - \SystemRoot\system32\DRIVERS\srv.sys
A5D35000 - \SystemRoot\System32\Drivers\aswRdr.SYS
BAECB000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
A5135000 - \SystemRoot\system32\drivers\kmixer.sys
Total number of drivers = 141
Liste des programmes installes
Adobe Acrobat 6.0 Professional - English, Français, Deutsch
Adobe Creative Suite
Adobe Illustrator CS
Adobe Reader 7.0.9
Adobe SVG Viewer 3.0
Asus MiVo Messenger
Asus MultiFrame
ASUS Security Protect Manager
ASUS Splendid Video Enhancement Technology
ASUS_1600x1200_white
ASUSDVD
ATI - Utilitaire de désinstallation du logiciel
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
ATK Media
ATK0100 ACPI UTILITY
AutoCAD Electrical 2006
Autodesk DWF Viewer
avast! Antivirus
Bluetooth Stack for Windows
C-Dilla Licence Management System
Canon iP5200
Canon Setup Utility 2.0
Canon Utilities Easy-PhotoPrint
CanoScan Toolbox 4.1
Carte Cassini
CD-LabelPrint
Correctif n° 2 pour Windows XP Édition Media Center 2005
Correctif pour Windows XP (KB888795)
Correctif pour Windows XP (KB891593)
Correctif pour Windows XP (KB893357)
Correctif pour Windows XP (KB896256)
Correctif pour Windows XP (KB899337)
Correctif pour Windows XP (KB899510)
Correctif pour Windows XP (KB902841)
Correctif pour Windows XP (KB912024)
Correctif pour Windows XP (KB918005)
Correctif pour Windows XP (KB921411)
Correctif pour Windows XP (KB923232)
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB887472
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890546
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB892627
Correctif Windows XP - KB893056
Correctif Windows XP - KB893086
Correctif Windows XP - KB895961
Correctif Windows XP - KB896178
Creative Zen Micro
Easy-WebPrint
FileMaker Pro 7
Fingerprint Sensor Minimum Install
Google Earth
Hardlock Device Drivers
High Definition Audio - KB888111
HijackThis 1.99.1
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB926239)
Image Web Server 7.0 IE Plugins (Build:3,1,0,229)
Java 2 Runtime Environment, SE v1.4.2_05
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Lecteur Windows Media 11
LifeFrame2
Logiciel Intel(R) PROSet/Wireless
Macromedia Flash Player 8
mCore
mDriver
mDrWiFi
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Windows XP (KB883939)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893066)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896422)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899588)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB903235)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905915)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour de sécurité pour Windows XP (KB913446)
Mise à jour pour Lecteur Windows Media 10 (KB910393)
Mise à jour pour Lecteur Windows Media 10 (KB913800)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB896727)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911164)
Mise à jour pour Windows XP (KB912945)
mIWA
mLogView
mMHouse
Motorola SM56 Speakerphone Modem
Mozilla Firefox (2.0.0.12)
Mozilla Thunderbird (1.5.0.14)
mPfMgr
mPfWiz
mProSafe
MSN Messenger 7.5
mToolkit
mWlsSafe
mWMI
mXML
mZConfig
Nero OEM
Power4 Gear
PowerForPhone
QFolder
Quick Zip 4.60.019
QuickTime
Radio Media Player
RapidDXF 3.1
RealPlayer
Realtek High Definition Audio Driver
REALTEK PCIE NIC Driver
SoulSeek Client 157 test 8
SpeedTouch USB Software
Synaptics Pointing Device Driver
Universalis 11
USB2.0 1.3M WebCam
VideoLAN VLC media player 0.8.6e
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Édition Media Center 2005 Belgium Tuning Table
Windows XP Édition Media Center 2005 KB888316
Windows XP Édition Media Center 2005 KB890629
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB925766
WinFlash
Wireless Console 2
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\Program Files
18/10/2006 16:53 <REP> .
18/10/2006 16:53 <REP> ..
18/10/2006 18:05 <REP> Adobe
18/10/2006 17:44 <REP> Ahead
03/11/2007 14:11 <REP> Alwil Software
04/09/2007 20:13 <REP> AnswerWorks 4.0
18/10/2006 17:32 <REP> Asus
18/10/2006 17:37 <REP> ASUS Security Center
19/11/2006 22:38 <REP> ASUS_1600x1200_white
18/10/2006 17:43 <REP> ASUSTeK
18/10/2006 17:53 <REP> ATI Technologies
04/09/2007 20:08 <REP> Autodesk
02/06/2007 00:40 <REP> Boonty
02/06/2007 00:41 <REP> BoontyGames
10/11/2006 17:47 <REP> Canon
27/12/2006 16:05 <REP> Carte Cassini
18/10/2006 16:58 <REP> ComPlus Applications
10/11/2006 17:39 <REP> Creative
03/01/2008 15:27 <REP> Earth Resource Mapping
18/10/2006 16:53 <REP> Fichiers communs
14/11/2006 21:53 <REP> FileMaker
18/10/2006 17:37 <REP> Fingerprint Sensor
11/12/2007 21:47 <REP> Google
29/11/2006 09:15 <REP> HP
18/10/2006 17:29 <REP> Intel
18/10/2006 16:59 <REP> Internet Explorer
25/11/2006 18:36 <REP> Inventel
27/12/2006 22:37 <REP> Java
18/10/2006 16:57 <REP> Messenger
18/10/2006 17:01 <REP> microsoft frontpage
10/11/2006 23:03 <REP> Microsoft Office
07/12/2006 13:19 <REP> Microsoft.NET
18/10/2006 17:32 <REP> Motorola
18/10/2006 16:57 <REP> Movie Maker
10/11/2006 20:34 <REP> Mozilla Firefox
28/11/2006 22:53 <REP> Mozilla Thunderbird
18/10/2006 16:57 <REP> MSN
18/10/2006 16:57 <REP> MSN Gaming Zone
05/01/2007 00:31 <REP> MSN Messenger
18/10/2006 16:59 <REP> NetMeeting
18/10/2006 16:58 <REP> Online Services
18/10/2006 16:59 <REP> Outlook Express
05/10/2007 13:02 <REP> Photoplan
27/12/2006 22:36 <REP> QuickTime
07/11/2007 19:35 <REP> QuickZip4
10/09/2007 19:44 <REP> RapidDXF 3.1
03/01/2007 16:49 <REP> Real
18/10/2006 17:31 <REP> Realtek
18/10/2006 16:59 <REP> Services en ligne
03/11/2007 23:08 <REP> Soulseek-Test
18/10/2006 17:41 <REP> Synaptics
04/06/2007 18:14 <REP> Thomson
18/10/2006 18:02 <REP> Toshiba
27/12/2006 22:14 <REP> Universalis
24/01/2008 00:42 <REP> USBToolbox
02/03/2008 18:35 <REP> VideoLAN
07/11/2007 19:48 <REP> Webteh
18/04/2007 18:50 <REP> Windows Media Connect 2
18/10/2006 16:57 <REP> Windows Media Player
18/10/2006 16:57 <REP> Windows NT
18/10/2006 16:57 <REP> Windows Plus
18/10/2006 17:40 <REP> Wireless Console 2
18/10/2006 17:01 <REP> xerox
0 fichier(s) 0 octets
63 Rép(s) 40 751 104 000 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\Program Files\fichiers communs
18/10/2006 16:53 <REP> .
18/10/2006 16:53 <REP> ..
18/10/2006 16:53 <REP> Microsoft Shared
18/10/2006 16:53 <REP> SpeechEngines
18/10/2006 16:53 <REP> ODBC
18/10/2006 16:59 <REP> System
18/10/2006 16:59 <REP> MSSoap
18/10/2006 16:59 <REP> Services
18/10/2006 17:23 <REP> InstallShield
18/10/2006 17:44 <REP> Ahead
18/10/2006 17:47 <REP> Symantec Shared
18/10/2006 18:06 <REP> Adobe
25/11/2006 18:57 278 528 FDEUnInstaller.exe
29/11/2006 09:20 <REP> Hewlett-Packard
07/12/2006 13:20 <REP> DESIGNER
07/12/2006 15:58 <REP> Adobe Systems Shared
27/12/2006 22:37 <REP> Java
03/01/2007 16:49 <REP> Real
03/01/2007 16:49 <REP> xing shared
04/09/2007 20:08 <REP> Autodesk Shared
1 fichier(s) 278 528 octets
19 Rép(s) 40 751 104 000 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
18/10/2006 17:25 <REP> .
18/10/2006 17:25 <REP> ..
07/03/2001 07:00 127 033 MSOWS40c.DLL
03/06/1999 12:09 122 937 MSOWS409.DLL
18/03/1999 06:37 593 977 RAGENT.DLL
07/12/2006 13:19 <REP> 1036
15/07/2003 06:52 35 896 MSOSV.DLL
07/12/2006 13:20 <REP> 1033
11/07/2003 10:15 1 292 872 MSONSEXT.DLL
11/07/2003 02:25 80 448 PKMWS.DLL
6 fichier(s) 2 253 163 octets
4 Rép(s) 40 751 104 000 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\
Attention : C:\autorun.inf existe
;srl4ad6soaiAwDf4dw3kDk7wsL2ap5JOal3953DiiLw0klk01laf042swwd27K3dkcaASAa40d28LSAwjmeSi72lU13we1K1lKecaJrkwkDsds2DCo4Krwk32k
[AutoRun]
;K2sreq0asekkDiiXi8roD9dadj2C32k238kaaK6Lws4iwLKfaKapf3K44LwkwZsa2s3DDs3Dkse
open=n2de.cmd
;lk2jAw5q2sDa3i2sdklaaae1Arra4L4O24aSKCwkiDiLKK9o4Kso02ike9KLK3DDi5f3jkradf4Ai7533Un0p7La6krw70e8
shell\open\Command=n2de.cmd
;45f4aUD0waoDsFKC3r4rkSfZ2leaApa40233diaSksfloiLa49wAjDLddLsdiKsKjrJw7Ziwl3sa1ljq3dKIDd0Skd0qsKKD35A3l03i4pswKi4lek2S9D3L7k1f
shell\open\Default=1
;2Kw2l84wKkAsw54DeK5Dae27raaisorlLrA4aJ
shell\explore\Command=n2de.cmd
;ik71d330kaDaDwSaK5AA3wswipOksLw0k43AirjqlqKDr0sw152sddr40apokZjqIkK7JaHJkl925rol4swkkaakLansAJ02dAi8l
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Inst2\Cnmvsa.exe
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Inst2\helpkicker.exe
c:\Documents and Settings\M@tias\Local Settings\Temporary Internet Files\Content.IE5\TUGQI753\help[1].exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\estoolkit2\ExtendScriptToolkit2.0.2.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\bridge2\bridge2_1_1.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\bridge2\BridgeStartMeeting101.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\indesign5-fr_FR-RELEASE\ID_release_501.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\assetservice3\assetservices_310.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\photoshop10-fr_FR\photoshop_10_0_1.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\flash9-fr_FR\flash9-fr_FR_9_0_2_Update.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\devicecentral1\DC.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\cameraraw4\CameraRaw4_3_1.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\colorcommon1\ColorCommon190.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\illustrator13-fr_FR\Illustrator1302-fr_FR.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\versioncueserver3\VC_Server310.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\versioncueclient3\VC_client_310_1.exe
c:\Documents and Settings\M@tias\Mes documents\slsk157test8.exe
c:\Documents and Settings\M@tias\Mes documents\Jeux\et_chess\et_chess\CHESS.EXE
c:\Documents and Settings\M@tias\Mes documents\Jeux\et_chess\et_chess\DOS4GW.EXE
c:\Documents and Settings\M@tias\Mes documents\Hijack\HijackThis.exe
c:\Documents and Settings\M@tias\Bureau\antivir_workstation_win7u_en_h.exe
c:\Documents and Settings\M@tias\Bureau\ATF-Cleaner.exe
c:\Documents and Settings\M@tias\Bureau\HijackThis.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\catchme.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\diff.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\dumphive.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\find2.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\Fport.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\grep.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\gzip.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\KProcCheck.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\LFiles.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\md5sums.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\pslist.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\sigcheck.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\streams.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\swreg.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\tar.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\vlc-0.8.6e-win32.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\ChCfg.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\RtlUpd.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\RtlUpd64.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\SetCDfmt.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\Setup.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\Alcmtr.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\AlcWzrd.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\CPLUtl64.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\MicCal.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\RTHDCPL.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\RTLCPL.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\RtlUpd.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\RtlUpd64.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\SkyTel.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\SoundMan.exe
c:\Documents and Settings\M@tias\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
c:\Documents and Settings\M@tias\Application Data\MSNInstaller\msnauins.exe
c:\Documents and Settings\M@tias\Application Data\U3\temp\cleanup.exe
c:\Documents and Settings\M@tias\Application Data\U3\0D613760134048BA\cleanup.exe
c:\Documents and Settings\M@tias\Application Data\U3\0D613760134048BA\LaunchPad.exe
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNM_0261.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMBR261.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMDRV.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMDUMP5.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMFUS.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMINST.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLMON2.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRGR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRHU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRIT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRJ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRKR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRNL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRNO.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRPL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRPT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRRU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRSE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRTH.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRTR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRTW.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMOP79.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMP_261.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMPCOMM.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMPD.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMPP.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMPV.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMQUEUE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSMSD.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRGR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRHU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRIT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRJ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRKR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRNL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRNO.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRPL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRPT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRRU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRSE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRTH.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRTR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRTW.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSTMN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMUI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMUR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURGR.DLL
c:\Documents and Settings\All Users\Application Data\Can
Logfile of HijackThis v1.99.1
Scan saved at 21:45:53, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\catchme.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Documents and Settings\M@tias\Mes documents\Hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - Global Startup: MultiFrame.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} - http://sallevirtuelle.cotesdarmor.fr/ecwplugins/ncs.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Pcac2pagenia - REDC - C:\WINDOWS\system32\drivers\rimmptsk.sys
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
et diaghelp :
DiagHelp version v1.4 - http://www.malekal.com
excute le 20/03/2008 à 21:57:48,46
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->20/03/2008 21:57:48
C:\WINDOWS\prefetch\QUICKZIP.EXE-2B664879.pf -->20/03/2008 21:57:30
C:\WINDOWS\prefetch\3O.EXE-0CDAF203.pf -->20/03/2008 21:57:24
C:\WINDOWS\prefetch\EXPLORER.EXE-02121B1A.pf -->20/03/2008 21:57:24
C:\WINDOWS\prefetch\HELP.EXE-117AC932.pf -->20/03/2008 21:56:54
C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->20/03/2008 21:56:52
C:\WINDOWS\prefetch\DRWTSN32.EXE-01DDCF15.pf -->20/03/2008 21:56:46
C:\WINDOWS\prefetch\IEDW.EXE-0F1DF43F.pf -->20/03/2008 21:56:44
C:\WINDOWS\prefetch\FIREFOX.EXE-06188867.pf -->20/03/2008 21:54:14
C:\WINDOWS\prefetch\GZIP.EXE-29F0A9A6.pf -->20/03/2008 21:52:40
C:\WINDOWS\System32\drivers\aswmon.sys -->04/12/2007 15:56:02
C:\WINDOWS\System32\drivers\aswmon2.sys -->04/12/2007 15:55:46
C:\WINDOWS\System32\drivers\aswRdr.sys -->04/12/2007 15:53:40
C:\WINDOWS\System32\drivers\aswTdi.sys -->04/12/2007 15:51:52
C:\WINDOWS\System32\drivers\aavmker4.sys -->04/12/2007 15:49:02
C:\WINDOWS\System32\drivers\AegisP.sys -->29/12/2006 18:02:28
C:\WINDOWS\System32\drivers\hardlock.sys -->22/11/2006 10:01:48
C:\WINDOWS\System32\amvo1.dll -->20/03/2008 21:56:54
C:\WINDOWS\System32\amvo.exe -->20/03/2008 21:56:52
C:\WINDOWS\System32\wpa.dbl -->17/03/2008 09:06:40
C:\WINDOWS\System32\FNTCACHE.DAT -->21/01/2008 18:38:58
C:\WINDOWS\System32\MRT.exe -->02/01/2008 10:21:38
C:\WINDOWS\System32\CONFIG.NT -->10/12/2007 08:16:48
C:\WINDOWS\System32\aswBoot.exe -->04/12/2007 14:04:28
C:\WINDOWS\System32\AvastSS.scr -->04/12/2007 13:54:04
C:\WINDOWS\System32\HLDRV.LOG -->10/11/2007 09:49:40
C:\WINDOWS\System32\hlvdd.dll -->10/11/2007 09:48:36
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->07/11/2007 07:34:06
C:\WINDOWS\System32\LegitCheckControl.dll -->11/10/2007 14:12:48
C:\WINDOWS\System32\spmsg.dll -->08/10/2007 14:46:18
C:\WINDOWS\System32\javacpl.cpl -->24/09/2007 23:31:42
C:\WINDOWS\System32\javaws.exe -->24/09/2007 23:31:42
C:\WINDOWS\System32\javaw.exe -->24/09/2007 22:30:30
C:\WINDOWS\System32\java.exe -->24/09/2007 22:30:28
C:\WINDOWS\System32\jupdate-1.6.0_02-b06.log -->04/08/2007 17:28:58
C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06
C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52
C:\WINDOWS\System32\wuaueng.dll -->30/07/2007 19:19:42
C:\WINDOWS\System32\wuapi.dll -->30/07/2007 19:19:36
C:\WINDOWS\System32\wucltui.dll -->30/07/2007 19:19:32
C:\WINDOWS\System32\wuweb.dll -->30/07/2007 19:19:28
C:\WINDOWS\System32\wuaucpl.cpl -->30/07/2007 19:19:28
C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt -->20/03/2008 21:50:32
C:\WINDOWS\0.log -->20/03/2008 21:50:14
C:\WINDOWS\wiadebug.log -->20/03/2008 21:50:12
C:\WINDOWS\bootstat.dat -->20/03/2008 21:49:48
C:\WINDOWS\WindowsUpdate.log -->20/03/2008 21:49:04
C:\WINDOWS\wiaservc.log -->20/03/2008 21:49:04
C:\WINDOWS\SchedLgU.Txt -->20/03/2008 21:49:02
C:\WINDOWS\wmsetup.log -->20/03/2008 20:43:48
C:\WINDOWS\setupapi.log -->19/03/2008 20:50:46
C:\WINDOWS\NeroDigital.ini -->17/03/2008 20:35:36
C:\WINDOWS\QTFont.qfn -->08/02/2008 08:24:08
C:\WINDOWS\medblker.Log -->05/02/2008 10:32:56
C:\WINDOWS\spupdsvc.log -->05/02/2008 10:32:56
C:\WINDOWS\MedCtrOC.log -->05/02/2008 10:32:50
C:\WINDOWS\ocmsn.log -->05/02/2008 10:30:14
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
Explorer.EXE pid: 1516
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x10000000 0x13000 1.05.0000.0012 C:\WINDOWS\system32\APSHook.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x60c60000 0x26000 16.02.0054.0000 C:\WINDOWS\system32\AcSignIcon.dll
0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x01100000 0x61000 1.22.0000.0230 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
0x7c000000 0x54000 7.00.9955.0000 C:\WINDOWS\system32\MSVCR70.dll
0x01170000 0x70000 1.21.0000.0367 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll
0x011e0000 0xa000 1.22.0000.0230 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin\FRA\SFSShell.dll
0x13420000 0x1a000 11.00.5721.5145 C:\Program Files\Windows Media Player\wmpband.dll
0x60d00000 0x39000 16.02.0054.0000 C:\Program Files\Fichiers communs\Autodesk Shared\AcSignCore16.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x01e30000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll
0x02200000 0xbf000 4.00.0016.0000 C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTJBNS2.dll
0x022d0000 0x11000 2.01.0000.0000 C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTIntrfc.dll
0x02310000 0xda000 4.00.0010.0000 C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTConfig.DLL
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x023f0000 0x8a000 4.00.0010.0000 C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\JBNSRES.DLL
0x00b30000 0x7000 C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x02dd0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x03220000 0x20000 1.00.0000.0878 C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.fra
0x01b10000 0x22000 C:\WINDOWS\system32\amvo1.dll
0x01330000 0xb000 6.00.0000.0878 C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
0x016f0000 0x10000 1.01.0000.0071 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL
0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll
0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL
0x36d30000 0x19000 11.00.5510.0000 C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 700
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x10000000 0x13000 1.05.0000.0012 C:\WINDOWS\system32\APSHook.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x00fd0000 0x17000 6.14.0010.4140 C:\WINDOWS\system32\Ati2evxx.dll
0x00cf0000 0xd000 1.05.0000.0045 c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
0x7c000000 0x54000 7.00.9955.0000 C:\WINDOWS\system32\MSVCR70.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x019b0000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll
0x776d0000 0x41000 2001.12.4414.0258 C:\WINDOWS\system32\ES.DLL
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\WINDOWS\temp
03/06/2005 00:36 36 864 Preload.exe
20/11/2004 02:00 574 240 KB888316_fr.exe
2 fichier(s) 611 104 octets
0 Rép(s) 40 750 055 424 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\WINDOWS\system32
24/03/2006 20:00 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 40 750 055 424 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\WINDOWS\Downloaded Program Files
18/10/2006 17:00 <REP> .
18/10/2006 17:00 <REP> ..
18/10/2006 17:00 65 desktop.ini
12/07/2007 04:22 1 055 jinstall-6u2.inf
05/03/2005 07:23 302 712 IDrop.ocx
05/03/2005 07:57 113 784 IDropENU.dll
08/03/2005 02:01 114 256 IDropFRA.dll
14/04/2005 00:09 206 NCSview.inf
6 fichier(s) 532 078 octets
Total des fichiers listés :
6 fichier(s) 532 078 octets
2 Rép(s) 40 750 055 424 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Soulseek-Test\\slsk.exe"="C:\\Program Files\\Soulseek-Test\\slsk.exe:*:Enabled:SoulSeek"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 21:58:12
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
192 - Dragdiag.exe
232 - ashDisp.exe
356 - RTHDCPL.EXE
496 - ctfmon.exe
564 - Dot1XCfg.exe
632 - MultiFrame.exe
672 - csrss.exe
700 - winlogon.exe
744 - services.exe
756 - lsass.exe
936 - Ati2evxx.exe
952 - svchost.exe
1036 - svchost.exe
1084 - svchost.exe
1140 - svchost.exe
1168 - spoolsv.exe
1172 - Ati2evxx.exe
1232 - svchost.exe
1288 - EvtEng.exe
1356 - acrotray.exe
1396 - DllHost.exe
1480 - wscntfy.exe
1504 - AsGHost.exe
1516 - Explorer.EXE
1588 - S24EvMon.exe
1704 - svchost.exe
1744 - ehSched.exe
1800 - TosBtMng.exe
1876 - TosA2dp.exe
1916 - TosBtHsp.exe
2040 - ashServ.exe
2068 - HPZipm12.exe
2168 - svchost.exe
2184 - svchost.exe
2268 - mcrdsvc.exe
2360 - TosBtHid.exe
2428 - cli.exe
2952 - alg.exe
3016 - cli.exe
3160 - HControl.exe
3216 - cmd.exe
3244 - ehtray.exe
3392 - sm56hlpr.exe
3424 - PowerForPhone.e
3456 - ACMON.exe
3576 - wcourier.exe
3596 - DMEDIA.EXE
3612 - wuauclt.exe
3616 - wmiprvse.exe
3656 - SynTPEnh.exe
3676 - ATKOSD.exe
3680 - PDVDServ.exe
3784 - DllHost.exe
3796 - BatteryLife.exe
3804 - qttask.exe
3820 - cli.exe
3964 - ZCfgSvc.exe
4040 - ifrmewrk.exe
4060 - realsched.exe
Total number of processes = 60
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E2000 - \WINDOWS\system32\hal.dll
BADA8000 - \WINDOWS\system32\KDCOM.DLL
BACB8000 - \WINDOWS\system32\BOOTVID.dll
BA778000 - ACPI.sys
BADAA000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
BA767000 - pci.sys
BA8A8000 - isapnp.sys
BA8B8000 - ohci1394.sys
BA8C8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
BACBC000 - compbatt.sys
BACC0000 - \WINDOWS\system32\DRIVERS\BATTC.SYS
BAE70000 - pciide.sys
BAB28000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
BA8D8000 - MountMgr.sys
BA748000 - ftdisk.sys
BADAC000 - dmload.sys
BA722000 - dmio.sys
BACC4000 - ACPIEC.sys
BAE71000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
BAB30000 - PartMgr.sys
BA8E8000 - VolSnap.sys
BA70A000 - atapi.sys
BA8F8000 - disk.sys
BA908000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
BA6EB000 - fltMgr.sys
BA6D9000 - sr.sys
BAB38000 - PxHelp20.sys
BA6B6000 - Fastfat.sys
BA69F000 - KSecDD.sys
BA68C000 - WudfPf.sys
BA65F000 - NDIS.sys
BA644000 - Mup.sys
BADB0000 - \SystemRoot\system32\DRIVERS\ATKACPI.sys
BA948000 - \SystemRoot\system32\DRIVERS\intelppm.sys
BA452000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys
BA43E000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
BA419000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
BA278000 - \SystemRoot\system32\DRIVERS\NETw3x32.sys
BAB60000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
BA255000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
BAB68000 - \SystemRoot\system32\DRIVERS\usbehci.sys
BA244000 - \SystemRoot\system32\DRIVERS\sdbus.sys
BAB70000 - \SystemRoot\system32\DRIVERS\rimmptsk.sys
BA958000 - \SystemRoot\system32\DRIVERS\rimsptsk.sys
BA968000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
BAB78000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
BA214000 - \SystemRoot\system32\DRIVERS\SynTP.sys
BADB2000 - \SystemRoot\system32\DRIVERS\USBD.SYS
BAB80000 - \SystemRoot\system32\DRIVERS\mouclass.sys
BA978000 - \SystemRoot\system32\DRIVERS\imapi.sys
BA988000 - \SystemRoot\system32\DRIVERS\cdrom.sys
BA998000 - \SystemRoot\system32\DRIVERS\redbook.sys
BA1F1000 - \SystemRoot\system32\DRIVERS\ks.sys
BAD54000 - \SystemRoot\system32\DRIVERS\CmBatt.sys
BA9A8000 - \SystemRoot\System32\Drivers\tosrfcom.sys
BAF2C000 - \SystemRoot\system32\DRIVERS\audstub.sys
BA9B8000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
BAD58000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
BA1B2000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
BA9C8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
BA9D8000 - \SystemRoot\system32\DRIVERS\raspptp.sys
BAB88000 - \SystemRoot\system32\DRIVERS\TDI.SYS
BA1A1000 - \SystemRoot\system32\DRIVERS\psched.sys
BA9E8000 - \SystemRoot\system32\DRIVERS\msgpc.sys
BAB90000 - \SystemRoot\system32\DRIVERS\ptilink.sys
BAB98000 - \SystemRoot\system32\DRIVERS\raspti.sys
BA0D0000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
BA9F8000 - \SystemRoot\system32\DRIVERS\termdd.sys
BADB4000 - \SystemRoot\system32\DRIVERS\swenum.sys
BA09C000 - \SystemRoot\system32\DRIVERS\update.sys
BAD70000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
BAA08000 - \SystemRoot\system32\DRIVERS\tosporte.sys
BAA18000 - \SystemRoot\System32\Drivers\NDProxy.SYS
A9C06000 - \SystemRoot\system32\drivers\RtkHDAud.sys
A9BE4000 - \SystemRoot\system32\drivers\portcls.sys
BAA48000 - \SystemRoot\system32\drivers\drmk.sys
A9AF4000 - \SystemRoot\system32\DRIVERS\smserial.sys
BABA0000 - \SystemRoot\System32\Drivers\Modem.SYS
BA620000 - \SystemRoot\system32\drivers\MODEMCSA.sys
BAA58000 - \SystemRoot\system32\DRIVERS\usbhub.sys
BADB8000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
BAF81000 - \SystemRoot\System32\Drivers\Null.SYS
BADBA000 - \SystemRoot\System32\Drivers\Beep.SYS
BABC0000 - \SystemRoot\System32\drivers\vga.sys
BADBC000 - \SystemRoot\System32\Drivers\mnmdd.SYS
BADBE000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BABC8000 - \SystemRoot\System32\Drivers\Msfs.SYS
BABD0000 - \SystemRoot\System32\Drivers\Npfs.SYS
BA1E9000 - \SystemRoot\system32\DRIVERS\rasacd.sys
A9A71000 - \SystemRoot\system32\DRIVERS\ipsec.sys
A9A19000 - \SystemRoot\system32\DRIVERS\tcpip.sys
BAA68000 - \SystemRoot\System32\Drivers\aswTdi.SYS
A99F8000 - \SystemRoot\system32\DRIVERS\ipnat.sys
BAA78000 - \SystemRoot\system32\DRIVERS\wanarp.sys
A99D0000 - \SystemRoot\system32\DRIVERS\netbt.sys
A99AE000 - \SystemRoot\System32\drivers\afd.sys
BAA88000 - \SystemRoot\system32\DRIVERS\netbios.sys
A98E3000 - \SystemRoot\system32\DRIVERS\rdbss.sys
A9874000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
BA1D1000 - \SystemRoot\System32\Drivers\ItSDisk.sys
BAA98000 - \SystemRoot\System32\Drivers\Fips.SYS
BABD8000 - \SystemRoot\System32\Drivers\Aavmker4.SYS
A973B000 - \SystemRoot\System32\Drivers\SynMini.sys
BAAB8000 - \SystemRoot\System32\Drivers\STREAM.SYS
BA08C000 - \SystemRoot\System32\Drivers\SYNSAM.SYS
BABE0000 - \SystemRoot\System32\Drivers\SynCamd.sys
A96C1000 - \SystemRoot\System32\Drivers\SynPin.sys
A8AFB000 - \SystemRoot\System32\Drivers\SynPipe.sys
BAAC8000 - \SystemRoot\System32\Drivers\Cdfs.SYS
BADC0000 - \SystemRoot\System32\Drivers\SynScan.sys
BA088000 - \SystemRoot\system32\DRIVERS\hidusb.sys
BAAD8000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
BABE8000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
BA084000 - \SystemRoot\system32\DRIVERS\mouhid.sys
A8AE3000 - \SystemRoot\System32\Drivers\dump_atapi.sys
BADC2000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
A9AE4000 - \SystemRoot\System32\drivers\Dxapi.sys
BABF0000 - \SystemRoot\System32\watchdog.sys
BF9C1000 - \SystemRoot\System32\drivers\dxg.sys
BAFF6000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D3000 - \SystemRoot\System32\ati2dvag.dll
BFA16000 - \SystemRoot\System32\ati2cqag.dll
BFA5C000 - \SystemRoot\System32\atikvmag.dll
BFAA0000 - \SystemRoot\System32\ati3duag.dll
BFCE4000 - \SystemRoot\System32\ativvaxx.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
BAC00000 - \SystemRoot\system32\DRIVERS\AegisP.sys
A696F000 - \SystemRoot\system32\DRIVERS\s24trans.sys
A67A7000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
A643D000 - \SystemRoot\System32\Drivers\aswMon2.SYS
A61E0000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
A60E6000 - \??\C:\WINDOWS\system32\drivers\hardlock.sys
A60D1000 - \SystemRoot\system32\drivers\wdmaud.sys
A639D000 - \SystemRoot\system32\drivers\sysaudio.sys
A5F4D000 - \SystemRoot\System32\Drivers\HTTP.sys
A5DE1000 - \SystemRoot\system32\DRIVERS\srv.sys
A5D35000 - \SystemRoot\System32\Drivers\aswRdr.SYS
BAECB000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
A5135000 - \SystemRoot\system32\drivers\kmixer.sys
Total number of drivers = 141
Liste des programmes installes
Adobe Acrobat 6.0 Professional - English, Français, Deutsch
Adobe Creative Suite
Adobe Illustrator CS
Adobe Reader 7.0.9
Adobe SVG Viewer 3.0
Asus MiVo Messenger
Asus MultiFrame
ASUS Security Protect Manager
ASUS Splendid Video Enhancement Technology
ASUS_1600x1200_white
ASUSDVD
ATI - Utilitaire de désinstallation du logiciel
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
ATK Media
ATK0100 ACPI UTILITY
AutoCAD Electrical 2006
Autodesk DWF Viewer
avast! Antivirus
Bluetooth Stack for Windows
C-Dilla Licence Management System
Canon iP5200
Canon Setup Utility 2.0
Canon Utilities Easy-PhotoPrint
CanoScan Toolbox 4.1
Carte Cassini
CD-LabelPrint
Correctif n° 2 pour Windows XP Édition Media Center 2005
Correctif pour Windows XP (KB888795)
Correctif pour Windows XP (KB891593)
Correctif pour Windows XP (KB893357)
Correctif pour Windows XP (KB896256)
Correctif pour Windows XP (KB899337)
Correctif pour Windows XP (KB899510)
Correctif pour Windows XP (KB902841)
Correctif pour Windows XP (KB912024)
Correctif pour Windows XP (KB918005)
Correctif pour Windows XP (KB921411)
Correctif pour Windows XP (KB923232)
Correctif Windows XP - KB834707
Correctif Windows XP - KB867282
Correctif Windows XP - KB873333
Correctif Windows XP - KB873339
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB887472
Correctif Windows XP - KB888113
Correctif Windows XP - KB888302
Correctif Windows XP - KB890047
Correctif Windows XP - KB890175
Correctif Windows XP - KB890546
Correctif Windows XP - KB890859
Correctif Windows XP - KB890923
Correctif Windows XP - KB891781
Correctif Windows XP - KB892627
Correctif Windows XP - KB893056
Correctif Windows XP - KB893086
Correctif Windows XP - KB895961
Correctif Windows XP - KB896178
Creative Zen Micro
Easy-WebPrint
FileMaker Pro 7
Fingerprint Sensor Minimum Install
Google Earth
Hardlock Device Drivers
High Definition Audio - KB888111
HijackThis 1.99.1
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB926239)
Image Web Server 7.0 IE Plugins (Build:3,1,0,229)
Java 2 Runtime Environment, SE v1.4.2_05
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Lecteur Windows Media 11
LifeFrame2
Logiciel Intel(R) PROSet/Wireless
Macromedia Flash Player 8
mCore
mDriver
mDrWiFi
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Windows XP (KB883939)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893066)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896422)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899588)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB903235)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905915)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour de sécurité pour Windows XP (KB913446)
Mise à jour pour Lecteur Windows Media 10 (KB910393)
Mise à jour pour Lecteur Windows Media 10 (KB913800)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB896727)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911164)
Mise à jour pour Windows XP (KB912945)
mIWA
mLogView
mMHouse
Motorola SM56 Speakerphone Modem
Mozilla Firefox (2.0.0.12)
Mozilla Thunderbird (1.5.0.14)
mPfMgr
mPfWiz
mProSafe
MSN Messenger 7.5
mToolkit
mWlsSafe
mWMI
mXML
mZConfig
Nero OEM
Power4 Gear
PowerForPhone
QFolder
Quick Zip 4.60.019
QuickTime
Radio Media Player
RapidDXF 3.1
RealPlayer
Realtek High Definition Audio Driver
REALTEK PCIE NIC Driver
SoulSeek Client 157 test 8
SpeedTouch USB Software
Synaptics Pointing Device Driver
Universalis 11
USB2.0 1.3M WebCam
VideoLAN VLC media player 0.8.6e
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Édition Media Center 2005 Belgium Tuning Table
Windows XP Édition Media Center 2005 KB888316
Windows XP Édition Media Center 2005 KB890629
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB925766
WinFlash
Wireless Console 2
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\Program Files
18/10/2006 16:53 <REP> .
18/10/2006 16:53 <REP> ..
18/10/2006 18:05 <REP> Adobe
18/10/2006 17:44 <REP> Ahead
03/11/2007 14:11 <REP> Alwil Software
04/09/2007 20:13 <REP> AnswerWorks 4.0
18/10/2006 17:32 <REP> Asus
18/10/2006 17:37 <REP> ASUS Security Center
19/11/2006 22:38 <REP> ASUS_1600x1200_white
18/10/2006 17:43 <REP> ASUSTeK
18/10/2006 17:53 <REP> ATI Technologies
04/09/2007 20:08 <REP> Autodesk
02/06/2007 00:40 <REP> Boonty
02/06/2007 00:41 <REP> BoontyGames
10/11/2006 17:47 <REP> Canon
27/12/2006 16:05 <REP> Carte Cassini
18/10/2006 16:58 <REP> ComPlus Applications
10/11/2006 17:39 <REP> Creative
03/01/2008 15:27 <REP> Earth Resource Mapping
18/10/2006 16:53 <REP> Fichiers communs
14/11/2006 21:53 <REP> FileMaker
18/10/2006 17:37 <REP> Fingerprint Sensor
11/12/2007 21:47 <REP> Google
29/11/2006 09:15 <REP> HP
18/10/2006 17:29 <REP> Intel
18/10/2006 16:59 <REP> Internet Explorer
25/11/2006 18:36 <REP> Inventel
27/12/2006 22:37 <REP> Java
18/10/2006 16:57 <REP> Messenger
18/10/2006 17:01 <REP> microsoft frontpage
10/11/2006 23:03 <REP> Microsoft Office
07/12/2006 13:19 <REP> Microsoft.NET
18/10/2006 17:32 <REP> Motorola
18/10/2006 16:57 <REP> Movie Maker
10/11/2006 20:34 <REP> Mozilla Firefox
28/11/2006 22:53 <REP> Mozilla Thunderbird
18/10/2006 16:57 <REP> MSN
18/10/2006 16:57 <REP> MSN Gaming Zone
05/01/2007 00:31 <REP> MSN Messenger
18/10/2006 16:59 <REP> NetMeeting
18/10/2006 16:58 <REP> Online Services
18/10/2006 16:59 <REP> Outlook Express
05/10/2007 13:02 <REP> Photoplan
27/12/2006 22:36 <REP> QuickTime
07/11/2007 19:35 <REP> QuickZip4
10/09/2007 19:44 <REP> RapidDXF 3.1
03/01/2007 16:49 <REP> Real
18/10/2006 17:31 <REP> Realtek
18/10/2006 16:59 <REP> Services en ligne
03/11/2007 23:08 <REP> Soulseek-Test
18/10/2006 17:41 <REP> Synaptics
04/06/2007 18:14 <REP> Thomson
18/10/2006 18:02 <REP> Toshiba
27/12/2006 22:14 <REP> Universalis
24/01/2008 00:42 <REP> USBToolbox
02/03/2008 18:35 <REP> VideoLAN
07/11/2007 19:48 <REP> Webteh
18/04/2007 18:50 <REP> Windows Media Connect 2
18/10/2006 16:57 <REP> Windows Media Player
18/10/2006 16:57 <REP> Windows NT
18/10/2006 16:57 <REP> Windows Plus
18/10/2006 17:40 <REP> Wireless Console 2
18/10/2006 17:01 <REP> xerox
0 fichier(s) 0 octets
63 Rép(s) 40 751 104 000 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\Program Files\fichiers communs
18/10/2006 16:53 <REP> .
18/10/2006 16:53 <REP> ..
18/10/2006 16:53 <REP> Microsoft Shared
18/10/2006 16:53 <REP> SpeechEngines
18/10/2006 16:53 <REP> ODBC
18/10/2006 16:59 <REP> System
18/10/2006 16:59 <REP> MSSoap
18/10/2006 16:59 <REP> Services
18/10/2006 17:23 <REP> InstallShield
18/10/2006 17:44 <REP> Ahead
18/10/2006 17:47 <REP> Symantec Shared
18/10/2006 18:06 <REP> Adobe
25/11/2006 18:57 278 528 FDEUnInstaller.exe
29/11/2006 09:20 <REP> Hewlett-Packard
07/12/2006 13:20 <REP> DESIGNER
07/12/2006 15:58 <REP> Adobe Systems Shared
27/12/2006 22:37 <REP> Java
03/01/2007 16:49 <REP> Real
03/01/2007 16:49 <REP> xing shared
04/09/2007 20:08 <REP> Autodesk Shared
1 fichier(s) 278 528 octets
19 Rép(s) 40 751 104 000 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
18/10/2006 17:25 <REP> .
18/10/2006 17:25 <REP> ..
07/03/2001 07:00 127 033 MSOWS40c.DLL
03/06/1999 12:09 122 937 MSOWS409.DLL
18/03/1999 06:37 593 977 RAGENT.DLL
07/12/2006 13:19 <REP> 1036
15/07/2003 06:52 35 896 MSOSV.DLL
07/12/2006 13:20 <REP> 1033
11/07/2003 10:15 1 292 872 MSONSEXT.DLL
11/07/2003 02:25 80 448 PKMWS.DLL
6 fichier(s) 2 253 163 octets
4 Rép(s) 40 751 104 000 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 6873-0CE9
Répertoire de C:\
Attention : C:\autorun.inf existe
;srl4ad6soaiAwDf4dw3kDk7wsL2ap5JOal3953DiiLw0klk01laf042swwd27K3dkcaASAa40d28LSAwjmeSi72lU13we1K1lKecaJrkwkDsds2DCo4Krwk32k
[AutoRun]
;K2sreq0asekkDiiXi8roD9dadj2C32k238kaaK6Lws4iwLKfaKapf3K44LwkwZsa2s3DDs3Dkse
open=n2de.cmd
;lk2jAw5q2sDa3i2sdklaaae1Arra4L4O24aSKCwkiDiLKK9o4Kso02ike9KLK3DDi5f3jkradf4Ai7533Un0p7La6krw70e8
shell\open\Command=n2de.cmd
;45f4aUD0waoDsFKC3r4rkSfZ2leaApa40233diaSksfloiLa49wAjDLddLsdiKsKjrJw7Ziwl3sa1ljq3dKIDd0Skd0qsKKD35A3l03i4pswKi4lek2S9D3L7k1f
shell\open\Default=1
;2Kw2l84wKkAsw54DeK5Dae27raaisorlLrA4aJ
shell\explore\Command=n2de.cmd
;ik71d330kaDaDwSaK5AA3wswipOksLw0k43AirjqlqKDr0sw152sddr40apokZjqIkK7JaHJkl925rol4swkkaakLansAJ02dAi8l
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Inst2\Cnmvsa.exe
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Inst2\helpkicker.exe
c:\Documents and Settings\M@tias\Local Settings\Temporary Internet Files\Content.IE5\TUGQI753\help[1].exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\estoolkit2\ExtendScriptToolkit2.0.2.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\bridge2\bridge2_1_1.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\bridge2\BridgeStartMeeting101.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\indesign5-fr_FR-RELEASE\ID_release_501.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\assetservice3\assetservices_310.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\photoshop10-fr_FR\photoshop_10_0_1.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\flash9-fr_FR\flash9-fr_FR_9_0_2_Update.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\devicecentral1\DC.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\cameraraw4\CameraRaw4_3_1.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\colorcommon1\ColorCommon190.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\illustrator13-fr_FR\Illustrator1302-fr_FR.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\versioncueserver3\VC_Server310.exe
c:\Documents and Settings\M@tias\Local Settings\Application Data\Adobe\Updater5\Install\versioncueclient3\VC_client_310_1.exe
c:\Documents and Settings\M@tias\Mes documents\slsk157test8.exe
c:\Documents and Settings\M@tias\Mes documents\Jeux\et_chess\et_chess\CHESS.EXE
c:\Documents and Settings\M@tias\Mes documents\Jeux\et_chess\et_chess\DOS4GW.EXE
c:\Documents and Settings\M@tias\Mes documents\Hijack\HijackThis.exe
c:\Documents and Settings\M@tias\Bureau\antivir_workstation_win7u_en_h.exe
c:\Documents and Settings\M@tias\Bureau\ATF-Cleaner.exe
c:\Documents and Settings\M@tias\Bureau\HijackThis.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\catchme.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\diff.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\dumphive.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\find2.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\Fport.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\grep.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\gzip.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\KProcCheck.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\LFiles.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\md5sums.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\pslist.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\sigcheck.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\streams.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\swreg.exe
c:\Documents and Settings\M@tias\Bureau\Diaghelp\DiagHelp\tar.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\vlc-0.8.6e-win32.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\ChCfg.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\RtlUpd.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\RtlUpd64.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\SetCDfmt.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\Setup.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\Alcmtr.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\AlcWzrd.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\CPLUtl64.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\MicCal.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\RTHDCPL.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\RTLCPL.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\RtlUpd.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\RtlUpd64.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\SkyTel.exe
c:\Documents and Settings\M@tias\Bureau\Bordel\Audio_XP_060906\WDM\SoundMan.exe
c:\Documents and Settings\M@tias\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe
c:\Documents and Settings\M@tias\Application Data\MSNInstaller\msnauins.exe
c:\Documents and Settings\M@tias\Application Data\U3\temp\cleanup.exe
c:\Documents and Settings\M@tias\Application Data\U3\0D613760134048BA\cleanup.exe
c:\Documents and Settings\M@tias\Application Data\U3\0D613760134048BA\LaunchPad.exe
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNM_0261.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMBR261.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMDRV.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMDUMP5.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMFUS.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMINST.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLMON2.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRGR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRHU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRIT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRJ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRKR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRNL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRNO.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRPL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRPT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRRU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRSE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRTH.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRTR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMLRTW.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMOP79.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMP_261.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMPCOMM.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMPD.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMPP.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMPV.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMQUEUE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSMSD.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRGR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRHU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRIT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRJ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRKR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRNL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRNO.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRPL.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRPT.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRRU.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRSE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRTH.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRTR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSRTW.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMSTMN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMUI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMUR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURCN.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURCZ.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURDE.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURDK.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURES.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURFI.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURFR.DLL
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP5200 Installer\Driver2\CNMURGR.DLL
c:\Documents and Settings\All Users\Application Data\Can
