MON PC RAME TE TOUTES PART / IRUS
Résolu/Fermé
NAVINO
-
22 sept. 2008 à 22:59
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 - 4 oct. 2008 à 22:22
ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 - 4 oct. 2008 à 22:22
A voir également:
- MON PC RAME TE TOUTES PART / IRUS
- Pc qui rame - Guide
- Benchmark pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
30 réponses
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
22 sept. 2008 à 23:00
22 sept. 2008 à 23:00
Bonjour
Ne t'inquiète pas je vais te guider et t'aider à désinfecter ton PC.
Télécharge sur le Bureau HijackThis
http://download.hijackthis.eu/HJTInstall.exe
= Double-clique sur dessus pour l'installer
= Clique sur Do a system scan and save the log
= Colle le rapport
si problème voir l'aide
http://www.swl1f.net/viewtopic.php?f=14&t=153&p=1100#p1100
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
@+
Ne t'inquiète pas je vais te guider et t'aider à désinfecter ton PC.
Télécharge sur le Bureau HijackThis
http://download.hijackthis.eu/HJTInstall.exe
= Double-clique sur dessus pour l'installer
= Clique sur Do a system scan and save the log
= Colle le rapport
si problème voir l'aide
http://www.swl1f.net/viewtopic.php?f=14&t=153&p=1100#p1100
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
@+
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
22 sept. 2008 à 23:41
22 sept. 2008 à 23:41
C'est partit
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
= Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
= Appuie sur Y pour commencer le processus de nettoyage.
= Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
= Appuie sur une touche pour redémarrer le PC.
= Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
= Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
= Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
= Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
= Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse
Si SDFix ne se lance pas
Clique sur Démarrer > Exécuter
Copie/colle ceci :
%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe
Clique sur Ok.
Redémarre et essaie de relancer SDFix.
@+
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
= Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
= Appuie sur Y pour commencer le processus de nettoyage.
= Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
= Appuie sur une touche pour redémarrer le PC.
= Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
= Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
= Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
= Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
= Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse
Si SDFix ne se lance pas
Clique sur Démarrer > Exécuter
Copie/colle ceci :
%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe
Clique sur Ok.
Redémarre et essaie de relancer SDFix.
@+
[b]SDFix: Version 1.228 [/b]
Run by Propri‚taire on 2008-09-23 at 00:33
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 00:48:41
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="300"
"USERProcessHandleQuota"=dword:00002710
"AppInit_DLLs"=""
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Enabled:Navigateur Internet"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe:*:Enabled:TerraTec ChannelEditor"
"C:\\Program Files\\Warez\\Warez.exe"="C:\\Program Files\\Warez\\Warez.exe:*:Enabled:Warez3"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"="C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin:*:Disabled:AIDA32 - Worldwide SysInfo Tool"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Fichiers communs\\XpressUpdate\\XPressUpdate.exe"="C:\\Program Files\\Fichiers communs\\XpressUpdate\\XPressUpdate.exe:*:Enabled:XPressUpdate"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Thu 6 Sep 2001 1,700,352 A..H. --- "C:\gdiplus.dll"
Thu 14 Sep 2006 4,908,960 ...H. --- "C:\Program Files\Picasa2\setup.exe"
Sun 30 May 2004 0 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS"
Sat 5 Mar 2005 56 ..SHR --- "C:\WINDOWS\system32\600F43451F.sys"
Thu 3 Mar 2005 56 ..SHR --- "C:\WINDOWS\system32\6253F84B4E.sys"
Mon 25 Jul 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 6 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp"
Wed 4 Jun 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f7db876e78b88fd8276fd7d29cb7e4eb\BIT10.tmp"
[b]Finished![/b]
Run by Propri‚taire on 2008-09-23 at 00:33
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 00:48:41
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="300"
"USERProcessHandleQuota"=dword:00002710
"AppInit_DLLs"=""
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Enabled:Navigateur Internet"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe:*:Enabled:TerraTec ChannelEditor"
"C:\\Program Files\\Warez\\Warez.exe"="C:\\Program Files\\Warez\\Warez.exe:*:Enabled:Warez3"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"="C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin:*:Disabled:AIDA32 - Worldwide SysInfo Tool"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Fichiers communs\\XpressUpdate\\XPressUpdate.exe"="C:\\Program Files\\Fichiers communs\\XpressUpdate\\XPressUpdate.exe:*:Enabled:XPressUpdate"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Thu 6 Sep 2001 1,700,352 A..H. --- "C:\gdiplus.dll"
Thu 14 Sep 2006 4,908,960 ...H. --- "C:\Program Files\Picasa2\setup.exe"
Sun 30 May 2004 0 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS"
Sat 5 Mar 2005 56 ..SHR --- "C:\WINDOWS\system32\600F43451F.sys"
Thu 3 Mar 2005 56 ..SHR --- "C:\WINDOWS\system32\6253F84B4E.sys"
Mon 25 Jul 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 6 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp"
Wed 4 Jun 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f7db876e78b88fd8276fd7d29cb7e4eb\BIT10.tmp"
[b]Finished![/b]
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
23 sept. 2008 à 18:58
23 sept. 2008 à 18:58
Bonjour
Pour la suite
Télécharge malwarebytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Une aide pour l'installation
http://www.swl1f.net/viewtopic.php?f=14&t=68
=> Installe le
=> Ensuite va en mode sans echec
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
=> Lance malwarebytes
=> Coche "Executer un examen complet"
=> Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
=> Clique sur Supprimer la sélection
=> Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
=> Fait copier coller et poste le rapport
--------------------------
ensuite
* Télécharge CCleaner
https://filehippo.com/download_ccleaner/
=> Aide toi de ce tuto pour l'utiliser
http://www.swl1f.net/viewtopic.php?f=14&t=69
--------------------------
Ensuite refais un nouveau HijackThis
@+
Pour la suite
Télécharge malwarebytes
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Une aide pour l'installation
http://www.swl1f.net/viewtopic.php?f=14&t=68
=> Installe le
=> Ensuite va en mode sans echec
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
=> Lance malwarebytes
=> Coche "Executer un examen complet"
=> Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
=> Clique sur Supprimer la sélection
=> Pour poster le rapport Clique sur l'onglet Rapports/Logs, sélectionne celui t'intéresse et clique sur Ouvrir
=> Fait copier coller et poste le rapport
--------------------------
ensuite
* Télécharge CCleaner
https://filehippo.com/download_ccleaner/
=> Aide toi de ce tuto pour l'utiliser
http://www.swl1f.net/viewtopic.php?f=14&t=69
--------------------------
Ensuite refais un nouveau HijackThis
@+
BONSOIR!
Déjà fait ce matin voilà tout est là
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1194
Windows 5.1.2600 Service Pack 3
2008-09-23 08:35:18
mbam-log-2008-09-23 (08-35-00).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 237134
Temps écoulé: 3 hour(s), 43 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP62\A0019720.sys (Trojan.FakeAlert) -> No action taken.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01, on 2008-09-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\Installer\MSI129.tmp
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\rmctrl.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDVR.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eo.st
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 81.253.149.1 80.10.246.3
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI129.tmp
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Déjà fait ce matin voilà tout est là
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1194
Windows 5.1.2600 Service Pack 3
2008-09-23 08:35:18
mbam-log-2008-09-23 (08-35-00).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 237134
Temps écoulé: 3 hour(s), 43 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{71098F3C-A1EB-4A91-B548-B2C12F310422}\RP62\A0019720.sys (Trojan.FakeAlert) -> No action taken.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01, on 2008-09-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\Installer\MSI129.tmp
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\rmctrl.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDVR.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eo.st
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 81.253.149.1 80.10.246.3
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI129.tmp
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
bonjour voilà pour malwarebytes refai! cette nuit en mode sans echec!
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1200
Windows 5.1.2600 Service Pack 3
2008-09-24 06:47:24
mbam-log-2008-09-24 (06-47-24).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 247950
Temps écoulé: 3 hour(s), 29 minute(s), 26 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1200
Windows 5.1.2600 Service Pack 3
2008-09-24 06:47:24
mbam-log-2008-09-24 (06-47-24).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 247950
Temps écoulé: 3 hour(s), 29 minute(s), 26 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
23 sept. 2008 à 22:04
23 sept. 2008 à 22:04
tu n'as pas appliquer les actions avec Malwarebytes
recommence stp
ensuite
Télécharge sur ton bureau RHosts (Merci à S!ri) disponible ici,
http://siri.urz.free.fr/Softs/RHosts.exe
Double-clique sur Rhosts.exe et clique sur "restaurer".
et reposte un HijackThis stp
recommence stp
ensuite
Télécharge sur ton bureau RHosts (Merci à S!ri) disponible ici,
http://siri.urz.free.fr/Softs/RHosts.exe
Double-clique sur Rhosts.exe et clique sur "restaurer".
et reposte un HijackThis stp
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:32, on 2008-09-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\Installer\MSI129.tmp
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\rmctrl.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\FlashGet\flashget.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eo.st
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 80.10.246.130 81.253.149.10
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI129.tmp
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Scan saved at 07:32, on 2008-09-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\Installer\MSI129.tmp
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\rmctrl.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\FlashGet\flashget.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eo.st
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 80.10.246.130 81.253.149.10
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI129.tmp
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
24 sept. 2008 à 19:59
24 sept. 2008 à 19:59
Bonsoir
Relance HijackThis et clique sur "Do a system scan only"
Ensuite recherche ces lignes et coches les cases
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eo.st
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
Une fois coché, ferme toutes les fenêtres et applications et clique sur "Fix checked"
Ensuite
fait un scan en ligne
avec bitdefender et colle le rapport
https://www.bitdefender.com/toolbox/
Scan à faire sous Internet Explorer
un tuto
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
ensuite un nouveau rapport hijack stp et dit moi comment se porte ton PC
@+
Relance HijackThis et clique sur "Do a system scan only"
Ensuite recherche ces lignes et coches les cases
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eo.st
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
Une fois coché, ferme toutes les fenêtres et applications et clique sur "Fix checked"
Ensuite
fait un scan en ligne
avec bitdefender et colle le rapport
https://www.bitdefender.com/toolbox/
Scan à faire sous Internet Explorer
un tuto
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
ensuite un nouveau rapport hijack stp et dit moi comment se porte ton PC
@+
bon le scan de bitdefender c'est solde par un plantage car il c mis a anlyser tous les disques dur et ceux en externe dans c: il a trouvé des virus et certains ont ete desinfecté
je n'ai, pas le rapport car j'ai du rebooter dois refaire le scan!!!
j'ai le mot uStart inscrit en permanence dans la barre google??? et un son style "ploc" dans la fermeture de windows juste avant la musique qui vas avec????
je joins le rapport de hijckthis
j'espere avoir une reponse cette nuit car attendre le lendemain soir c long!!
merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:04, on 2008-09-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\Installer\MSI129.tmp
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\rmctrl.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe"
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI129.tmp
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
je n'ai, pas le rapport car j'ai du rebooter dois refaire le scan!!!
j'ai le mot uStart inscrit en permanence dans la barre google??? et un son style "ploc" dans la fermeture de windows juste avant la musique qui vas avec????
je joins le rapport de hijckthis
j'espere avoir une reponse cette nuit car attendre le lendemain soir c long!!
merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:04, on 2008-09-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\Installer\MSI129.tmp
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\rmctrl.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe"
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI129.tmp
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
25 sept. 2008 à 00:52
25 sept. 2008 à 00:52
ok on pousse la recherche
Télécharge DiagHelp.zip sur ton bureau http://www.malekal.com/download/DiagHelp.zip
==> Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
==> Un nouveau dossier chercher va être créé DiagHelp
==> Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
==> Une fenêtre va s'ouvrir, choisis l'option 1
==> L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
==> Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
==> Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
==> A nouveau menu Edition / copier
==> Dans un nouveau message ici, faire un clic droit / coller (le rapport se trouve dans C:\ resultat.txt
@+
Télécharge DiagHelp.zip sur ton bureau http://www.malekal.com/download/DiagHelp.zip
==> Ne double-clic pas dessus !! Fais un clic droit sur le fichier et extraire tout
==> Un nouveau dossier chercher va être créé DiagHelp
==> Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
==> Une fenêtre va s'ouvrir, choisis l'option 1
==> L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
==> Copie/colle le contenu du bloc-note qui s'ouvre, pour cela :
==> Dans le bloc-note, cliquez sur le menu Edition / Selectionner tout
==> A nouveau menu Edition / copier
==> Dans un nouveau message ici, faire un clic droit / coller (le rapport se trouve dans C:\ resultat.txt
@+
BONJOUR VOILA
dans la barre d'adresse de recherche jai google et uStart qui est la recherche par defaut??? alors que precedement c'etais google commment enlever le defaut uStart et lorsque je quitte par la fermeture de windows j'ai ce son "PLOC" qui viens avec la musique de fermeture
voilà à bientot...............?
DiagHelp version v1.4 - http://www.malekal.com
excute le 2008-09-25 à 9:37:48.71
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->2008-09-25 09:37:45
C:\WINDOWS\prefetch\WATCH.EXE-27B8EEDC.pf -->2008-09-25 09:35:29
C:\WINDOWS\prefetch\WUAUCLT.EXE-1360D60A.pf -->2008-09-25 09:35:27
C:\WINDOWS\prefetch\POLLINGMODULE.EXE-2AD5A1B6.pf -->2008-09-25 09:35:26
C:\WINDOWS\prefetch\ALERTM~1.EXE-217C3F7A.pf -->2008-09-25 09:35:26
C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->2008-09-25 09:35:25
C:\WINDOWS\prefetch\TOASTER.EXE-097A4853.pf -->2008-09-25 09:35:25
C:\WINDOWS\prefetch\INACTIVITY.EXE-346F276A.pf -->2008-09-25 09:35:20
C:\WINDOWS\prefetch\IPODSERVICE.EXE-37043579.pf -->2008-09-25 09:35:18
C:\WINDOWS\prefetch\HVIDEOS.EXE-22132D1F.pf -->2008-09-25 09:35:17
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->2008-09-10 00:04:02
C:\WINDOWS\System32\drivers\mbam.sys -->2008-09-10 00:03:56
C:\WINDOWS\System32\drivers\avipbb.sys -->2008-07-18 12:47:00
C:\WINDOWS\System32\drivers\adidsl.cfg -->2008-06-30 10:43:19
C:\WINDOWS\System32\drivers\tcpip.sys -->2008-06-20 13:51:12
C:\WINDOWS\System32\drivers\afd.sys -->2008-06-20 13:40:08
C:\WINDOWS\System32\drivers\tcpip6.sys -->2008-06-20 13:08:27
C:\WINDOWS\System32\wpa.dbl -->2008-09-25 09:35:12
C:\WINDOWS\System32\nvapps.xml -->2008-09-25 09:34:04
C:\WINDOWS\System32\FNTCACHE.DAT -->2008-09-18 19:04:22
C:\WINDOWS\System32\settings.aaw -->2008-09-06 22:29:53
C:\WINDOWS\System32\history.aaw -->2008-09-06 22:29:53
C:\WINDOWS\System32\QuickTimeVR.qtx -->2008-09-06 15:09:18
C:\WINDOWS\System32\QuickTime.qts -->2008-09-06 15:09:18
C:\WINDOWS\System32\Thumbs.db -->2008-09-04 03:31:05
C:\WINDOWS\System32\lvcoinst.log -->2008-09-03 22:36:47
C:\WINDOWS\System32\FOXIT_PDF -->2008-09-03 14:32:24
C:\WINDOWS\System32\dns-sd.exe -->2008-08-29 10:18:58
C:\WINDOWS\System32\dnssd.dll -->2008-08-29 09:53:50
C:\WINDOWS\System32\MRT.exe -->2008-08-26 22:28:12
C:\WINDOWS\System32\TZLog.log -->2008-08-14 10:10:22
C:\WINDOWS\System32\TuneUpDefragService.exe -->2008-08-14 00:49:33
C:\WINDOWS\System32\ssprs.tgz -->2008-08-11 17:03:20
C:\WINDOWS\System32\ssprs.dll -->2008-08-11 17:03:20
C:\WINDOWS\System32\lsprst7.tgz -->2008-08-11 17:03:19
C:\WINDOWS\System32\lsprst7.dll -->2008-08-11 17:03:19
C:\WINDOWS\System32\sysprs7.tgz -->2008-08-11 16:39:22
C:\WINDOWS\System32\clauth2.dll -->2008-08-11 16:39:22
C:\WINDOWS\System32\clauth1.dll -->2008-08-11 16:39:22
C:\WINDOWS\System32\sysprs7.dll -->2008-08-11 16:39:21
C:\WINDOWS\System32\solidlocalui.dll -->2008-08-01 18:32:24
C:\WINDOWS\System32\solidlocalmon.dll -->2008-08-01 18:32:18
C:\WINDOWS\pfirewall.log -->2008-09-25 09:37:43
C:\WINDOWS\WindowsUpdate.log -->2008-09-25 09:35:20
C:\WINDOWS\wiadebug.log -->2008-09-25 09:33:59
C:\WINDOWS\wiaservc.log -->2008-09-25 09:33:54
C:\WINDOWS\bootstat.dat -->2008-09-25 09:33:29
C:\WINDOWS\SchedLgU.Txt -->2008-09-25 09:32:04
C:\WINDOWS\pfirewall.log.old -->2008-09-24 16:41:43
C:\WINDOWS\NeroDigital.ini -->2008-09-23 12:26:59
C:\WINDOWS\mmproxy_40.mdb -->2008-09-19 00:35:14
C:\WINDOWS\QTFont.qfn -->2008-09-18 22:35:14
C:\WINDOWS\QTFont.for -->2008-09-17 15:09:35
C:\WINDOWS\avisplitter.INI -->2008-09-17 13:14:03
C:\WINDOWS\hpoins07.dat -->2008-09-15 20:33:14
C:\WINDOWS\hpoins07.dat.temp -->2008-09-15 20:29:27
C:\WINDOWS\HPFCSS13.INI -->2008-09-10 13:22:14
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1708
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll
0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll
0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll
0x10000000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x00c70000 0xf000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
0x73e60000 0x5c000 5.03.2600.5512 C:\WINDOWS\system32\DSOUND.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\System32\wshext.dll
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 844
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x012f0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system
1998-05-07 17:04 52,736 hpsysdrv.exe
1999-09-10 13:06 4,672 wowpost.exe
2 fichier(s) 57,408 octets
0 Rép(s) 33,280,954,368 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system32
2008-04-14 04:33 6,144 csrss.exe
1 fichier(s) 6,144 octets
0 Rép(s) 33,280,954,368 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\Downloaded Program Files
2008-09-24 21:54 <REP> .
2008-09-24 21:54 <REP> ..
2008-05-21 12:56 124,208 as2stubie.dll
2008-05-22 16:04 395 as2stubie.inf
2006-08-24 09:28 141,424 asinst.dll
2006-08-22 10:06 537 asinst.inf
2004-12-07 17:07 32 bdcore.dll
2006-05-25 01:21 118,784 bdupd.dll
2003-05-07 13:26 192,512 CamCli.dll
2008-06-06 21:55 <REP> CONFLICT.1
2004-01-02 02:33 65 desktop.ini
1997-10-15 02:52 697 DirectAnimation Java Classes.osd
2002-07-25 17:13 24,576 dwusplay.dll
2002-07-25 17:13 196,608 dwusplay.exe
2006-06-25 13:50 1,793 erma.inf
2000-04-10 18:12 1,765 fhg.inf
2003-05-07 13:26 180,224 ijl11.dll
2006-05-25 01:21 53,248 ipsupd.dll
2004-06-16 06:02 323,584 isusweb.dll
2006-10-12 05:07 896 jinstall-1_5_0_09.inf
2008-04-25 05:02 1,060 jinstall-6u6.inf
2005-03-16 12:34 7,407 lang.ini
2006-12-11 17:44 367 LegitCheckControl.inf
2007-07-18 14:49 12,592 libcomm.dll
2004-12-07 17:07 32 libfn.dll
2008-02-13 17:55 130 live.ini
2000-01-20 16:25 1,162 Microsoft XML Parser for Java.osd
2007-07-30 19:24 295 muweb.inf
2007-09-12 08:46 259 NvidiaSmartScan.inf
2007-10-04 07:52 323,584 NvidiaSmartScan.ocx
2007-10-29 16:45 1,244 oscan8.inf
2007-10-25 16:54 471,040 oscan8.ocx
2004-09-22 16:59 110,592 PURen-us.dll
2004-10-15 08:59 110,592 PURfr-xx.dll
2003-10-09 11:32 144 QTPlugin.inf
2005-03-14 14:58 7,073 scanoptions.tsi
2005-02-16 10:04 116,880 setup.exe
2006-11-09 15:36 5,019 swflash.inf
2008-05-28 15:06 267,568 sysreqlab3.dll
2008-05-28 15:06 667 SysReqLab3.osd
2006-07-27 16:33 452,920 wlscBase.dll
2005-11-02 18:01 1,777 xscan.inf
2005-11-02 18:07 435,712 xscan53.ocx
40 fichier(s) 3,689,464 octets
Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1
2008-06-06 21:55 <REP> .
2008-06-06 21:55 <REP> ..
2006-08-24 09:28 141,424 asinst.dll
2006-08-22 10:06 537 asinst.inf
2004-09-30 08:52 214,312 SysInfo.dll
3 fichier(s) 356,273 octets
Total des fichiers listés :
43 fichier(s) 4,045,737 octets
5 Rép(s) 33,280,950,272 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Enabled:Navigateur Internet"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe:*:Enabled:TerraTec ChannelEditor"
"C:\\Program Files\\Warez\\Warez.exe"="C:\\Program Files\\Warez\\Warez.exe:*:Enabled:Warez3"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"="C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin:*:Disabled:AIDA32 - Worldwide SysInfo Tool"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Fichiers communs\\XpressUpdate\\XPressUpdate.exe"="C:\\Program Files\\Fichiers communs\\XpressUpdate\\XPressUpdate.exe:*:Enabled:XPressUpdate"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-25 09:38:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="300"
"USERProcessHandleQuota"=dword:00002710
"AppInit_DLLs"=""
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
328 - nvsvc32.exe
368 - HPZipm12.exe
480 - retrorun.exe
500 - wdsvc.exe
588 - svchost.exe
816 - csrss.exe
844 - winlogon.exe
888 - services.exe
900 - lsass.exe
1008 - uphclean.exe
1216 - svchost.exe
1256 - svchost.exe
1516 - aawservice.exe
1704 - WDBtnMgr.exe
1708 - explorer.exe
1848 - sched.exe
1944 - schedul2.exe
1952 - SetIcon.exe
1960 - avguard.exe
1980 - AppleMobileDevi
1992 - bgsvcgen.exe
2016 - mDNSResponder.e
2164 - CTSysVol.exe
2208 - TrueImageMonito
2248 - alg.exe
2264 - avgnt.exe
2360 - InCD.exe
2504 - LVComS.exe
2520 - cmd.exe
2544 - LogiTray.exe
2588 - iTunesHelper.ex
2600 - TTTvRc.exe
2724 - TaskBarIcon.exe
2764 - PCHButton.exe
2784 - ctfmon.exe
2828 - GestionnaireInt
2884 - dslmon.exe
2908 - LogitechDesktop
3020 - ComComp.exe
3028 - Horloge 2005.ex
3036 - Rainlendar.exe
3224 - iPodService.exe
3256 - wuauclt.exe
3408 - Toaster.exe
3416 - Inactivity.exe
3432 - PollingModule.e
3492 - ALERTM~1.EXE
3732 - Watch.exe
Total number of processes = 49
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntoskrnl.exe
806EE000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7607000 - MountMgr.sys
F74D7000 - ftdisk.sys
F770F000 - PartMgr.sys
F7617000 - VolSnap.sys
F74BF000 - atapi.sys
F7627000 - disk.sys
F7637000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F749F000 - fltmgr.sys
F748D000 - sr.sys
F7647000 - PxHelp20.sys
F789B000 - PzWDM.sys
F7476000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7449000 - NDIS.sys
F7838000 - timntr.sys
F7717000 - viaagp1.sys
F742E000 - snapman.sys
F7657000 - SISAGPX.sys
F7667000 - sbp2port.sys
F7677000 - ohci1394.sys
F7687000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS
BAF46000 - Mup.sys
F7697000 - agp440.sys
F76C7000 - \SystemRoot\System32\DRIVERS\nic1394.sys
BAFC0000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B980E000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys
B97FA000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
F775F000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B97D6000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F7767000 - \SystemRoot\System32\DRIVERS\usbehci.sys
F776F000 - \SystemRoot\System32\DRIVERS\usbohci.sys
B9682000 - \SystemRoot\system32\drivers\P17.sys
B965E000 - \SystemRoot\system32\drivers\portcls.sys
BAFB0000 - \SystemRoot\system32\drivers\drmk.sys
B963B000 - \SystemRoot\system32\drivers\ks.sys
B960B000 - \SystemRoot\System32\DRIVERS\ctoss2k.sys
B95D4000 - \SystemRoot\System32\DRIVERS\ctsfm2k.sys
BAFA0000 - \SystemRoot\System32\DRIVERS\R8139n51.SYS
B95C3000 - \SystemRoot\System32\DRIVERS\serial.sys
BAE62000 - \SystemRoot\System32\DRIVERS\serenum.sys
F7777000 - \SystemRoot\System32\DRIVERS\fdc.sys
B95AF000 - \SystemRoot\System32\DRIVERS\parport.sys
BAF90000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
BAE5E000 - \SystemRoot\System32\DRIVERS\PS2.sys
F777F000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
F7787000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BAF80000 - \SystemRoot\System32\DRIVERS\imapi.sys
F778F000 - \SystemRoot\system32\drivers\Asapiw2k.sys
BAF70000 - \SystemRoot\System32\Drivers\AFS2K.SYS
BAEEA000 - \SystemRoot\system32\drivers\pfc.sys
BAF60000 - \SystemRoot\System32\DRIVERS\cdrom.sys
BAC78000 - \SystemRoot\System32\DRIVERS\redbook.sys
F7797000 - \SystemRoot\System32\Drivers\incdrm.SYS
F779F000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
BAEE6000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
F7AA0000 - \SystemRoot\System32\DRIVERS\audstub.sys
BAC68000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
B9F6E000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B9598000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
BAC58000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
BAC48000 - \SystemRoot\System32\DRIVERS\raspptp.sys
F77A7000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B9587000 - \SystemRoot\System32\DRIVERS\psched.sys
BAC38000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F77AF000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F77B7000 - \SystemRoot\System32\DRIVERS\raspti.sys
BAC28000 - \SystemRoot\System32\Drivers\Pcouffin.sys
BAC18000 - \SystemRoot\System32\DRIVERS\termdd.sys
F79E5000 - \SystemRoot\System32\DRIVERS\swenum.sys
B9529000 - \SystemRoot\System32\DRIVERS\update.sys
B9F66000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
BAC08000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BABF8000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79EB000 - \SystemRoot\System32\DRIVERS\USBD.SYS
F77C7000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
B7245000 - \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys
F79F7000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A75000 - \SystemRoot\System32\Drivers\Null.SYS
F79F9000 - \SystemRoot\System32\Drivers\Beep.SYS
F7A76000 - \SystemRoot\system32\drivers\avgclean.sys
F77D7000 - \SystemRoot\System32\drivers\vga.sys
F79FB000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79FD000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAEAA000 - \SystemRoot\System32\Drivers\InCDrec.SYS
B720C000 - \SystemRoot\System32\Drivers\InCDfs.SYS
F77DF000 - \SystemRoot\System32\Drivers\Msfs.SYS
F77E7000 - \SystemRoot\System32\Drivers\Npfs.SYS
BAEA6000 - \SystemRoot\System32\DRIVERS\rasacd.sys
B71F9000 - \SystemRoot\System32\DRIVERS\ipsec.sys
B71A0000 - \SystemRoot\System32\DRIVERS\tcpip.sys
B7178000 - \SystemRoot\System32\DRIVERS\netbt.sys
BAE9E000 - \SystemRoot\System32\drivers\ws2ifsl.sys
B7156000 - \SystemRoot\System32\drivers\afd.sys
BA990000 - \SystemRoot\System32\DRIVERS\netbios.sys
F77EF000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
BAE9A000 - \SystemRoot\System32\DRIVERS\srvkp.sys
B712B000 - \SystemRoot\System32\DRIVERS\rdbss.sys
BAB76000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS
B70BB000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
BA950000 - \SystemRoot\System32\Drivers\Fips.SYS
B7095000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BA940000 - \SystemRoot\System32\DRIVERS\wanarp.sys
BA930000 - \SystemRoot\System32\DRIVERS\arp1394.sys
F77F7000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
B700C000 - \SystemRoot\system32\DRIVERS\avipbb.sys
F7A01000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
F780F000 - \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys
F7817000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS
F773F000 - \SystemRoot\system32\DRIVERS\TTCinergyT2BDA.sys
BAE76000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
F7A05000 - \SystemRoot\System32\Drivers\avg7rsw.sys
B6FE8000 - \SystemRoot\System32\Drivers\Fastfat.SYS
BAE6A000 - \SystemRoot\System32\DRIVERS\usbscan.sys
BA585000 - \SystemRoot\System32\DRIVERS\usbprint.sys
BA57D000 - \SystemRoot\system32\DRIVERS\HPZius12.sys
F7576000 - \SystemRoot\system32\DRIVERS\HPZid412.sys
B6F41000 - \SystemRoot\system32\DRIVERS\lvvi500a.sys
F7566000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
BAEBE000 - \SystemRoot\system32\DRIVERS\LVBulk.sys
F7556000 - \SystemRoot\system32\drivers\lvsound2.sys
BAEBA000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys
B6E89000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F79B3000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
F7516000 - \SystemRoot\system32\drivers\sysaudio.sys
BF800000 - \SystemRoot\System32\win32k.sys
B6F9C000 - \SystemRoot\System32\drivers\Dxapi.sys
B7065000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
BA8D3000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
B7045000 - \SystemRoot\system32\DRIVERS\tifsfilt.sys
B69FE000 - \SystemRoot\System32\DRIVERS\gwausb.sys
B6E61000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
B66B1000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F79E1000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B67B6000 - \SystemRoot\System32\drivers\aspi32.sys
B669D000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys
B655D000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
B64E3000 - \SystemRoot\System32\DRIVERS\srv.sys
B6406000 - \SystemRoot\system32\drivers\wdmaud.sys
B6541000 - \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys
B619E000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B516B000 - \SystemRoot\system32\drivers\kmixer.sys
F7AB5000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 154
Liste des programmes installes
1500
1500_Help
1500Trb
4Musics Multiformat Converter v1.4
ABBYY PDF Transformer 1.0
ABBYY PDF Transformer 2.0
AC-3 ACM Decompressor
ACDSee 5.0 Standard
Acronis True Image Home
Ad-Aware
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop Album 2.0 Edition Découverte
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Stock Photos 1.0
AIDA32 v3.93
AiO_Scan
AiOSoftware
AnmanieSMP 2.4 i
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ArcSoft Collage Creator
ArcSoft Multimedia Email
ArcSoft PhotoBase 3
ArcSoft PhotoImpression 5
ArcSoft PhotoStudio 5
ArcSoft VideoImpression 2
Ashampoo CD Recording Suite 2004
Ashampoo Photo Illuminator 2
Assistant de connexion Windows Live
Audacity 1.2.3
AutoWebCam
Avery DesignPro
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Azureus
Barre d'outils MSN
Bonjour
BSPlayer
BufferChm
CameraDrivers
CCleaner (remove only)
CDBurnerXP Pro 3
CDex extraction audio
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Complément Microsoft Word pour Microsoft Works Suite
Connexion Facile à Internet
Connexion Facile à Internet
Conseiller de mise à niveau Windows Vista
ConvertXtoDVD 2.0.15
Copernic Agent Basic
Copernic Desktop Search
Copy
Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows Internet Explorer 7 (KB947864)
Correctif pour Windows XP (KB952287)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Creative DVD Audio Plugin for Audigy Series
Creative EAX Console
Creative MediaSource
Creative System Information
Creative Vienna SoundFont Studio
CreativeProjects
CueTour
CustomerResearchQFolder
Cuttermaran 1.61
Destinations
Device Control
DeviceFunctionQFolder
DeviceManagementQFolder
DiscWizard for Windows
DivXG400
DocProc
DocumentViewer
DocumentViewerQFolder
DScaler 5 Mpeg Decoders
DVD Shrink 3.2
Easy CD-DA Extractor 8.0.2
EasyDVDCopyPro
EasyRecovery Professional
EasyRecovery Professional
eMule
eSupportQFolder
EuroThink Lune 1.10
Fax
FileZilla (remove only)
FlashGet 1.9.6.1073
Foxit Reader
FullDPAppQFolder
G-Force
Galerie de photos Windows Live
Gestionnaire Internet
Google Toolbar for Internet Explorer
Gordian Knot Rip Pack 0.33.1
Hewlett-Packard Multimedia Keyboard/Mouse Solution
Hewlett-Packard Multimedia Keyboard/Mouse Solution
HijackThis 2.0.2
Horloge 2005 1.2.0.0
Hotfix for Windows Media Format 11 SDK (KB929399)
HP Deskjet Preloaded Printer Drivers
HP DeskJet Serie 710C (Supprimer uniquement)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
hpg2436
hpg3970
hpg4600
hpg5530
hpg8200
hpmdtab
HPProductAssistant
HpSdpAppCoreApp
HPSystemDiagnostics
Indeo® software
INSTANT TV Uninstaller
InstantShare
InstantShareDevices
Intel A/V Codecs V2.0
InterActual Player
InterVideo WinDVD 7
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
ItsTV 3.0
iTunes
Jasc Paint Shop Pro 9
Java(TM) 6 Update 6
Java(TM) 6 Update 7
K-Lite Mega Codec Pack 3.9.5
KBD
KC Softwares VideoInspector
LaCie Backup Software v1.5.2215
Lame ACM MP3 Codec
Lecteur Windows Media 11
LimeWire 4.18.2
Logitech Desktop Messenger
Logitech ImageStudio
Macromedia Shockwave Player
MAGIX audio cleanic 2003
MAGIX Media Manager silver
MAGIX music + video maker generation 6 deLuxe
MAGIX Photos sur CD & DVD
MAGIX playR jukebox
MAGIX video deLuxe 2004
Malwarebytes' Anti-Malware
MarketResearch
MaxiCompte
Media Library Management Wizard
Memories Disc Creator 2.0
Micro Application - Print eXtreme 2.0
Micro Application - PrintPratic 3
Micro Application - PrintPratic Edition Photo
Micro Application - Super Polices 2000
Micro Application Cloneur Expert
Microangelo Toolset 6
MicroBest Cracklock 3.8.4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Professional
Microsoft Office XP Professional avec FrontPage
Microsoft Picture It! Photo Premium 9
Microsoft Picture It! Photo Premium 9
Microsoft Reader
Microsoft Reader Text-to-Speech pour le français
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951376)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour pour Windows XP (KB942763)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour pour Windows XP (KB951978)
Mobiclip Video Codec
Modem DSL ECI Telecom
MON UNIVERS CORAPHOTOS
monAlbumPhoto
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MovieXone 4.0
MPEG2 Video Encoder
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Multimedia Card Reader
Multimedia Card Reader
Navigateur Orange
Neodivx
neoDVD
neoDVD 7
Nero Suite
neroxml
NewCopy
NVIDIA Drivers
OmniPage SE
OpenOffice.org Installer 1.0
Paint Shop Pro 7
Panda ActiveScan 2.0
PanoStandAlone
Paramètres de haut-parleur Creative
PC Inspector smart recovery
PDFCreator 0.8.0
PDFmail
Personal License Update Wizard for Windows Media Player
Philips TeleText
Photo et imagerie HP 3.5 - HP Devices
PhotoGallery
Photosmart 140,240,7200,7600,7700,7900 Series
Picasa 2
Pinnacle VideoSpin
Plus! MP3 Audio Converter LE
PowerDVD
PowerQuest PartitionMagic Pro 7.0
PrintMaster® Gold
ProductContext
PS2
PSShortcutsP
Python 2.2 combined Win32 extensions
Python 2.2.1
QFolder
QuickProjects
QuickTime
Radio Fr Solo 1.5
Radio Media Player
Rainlendar (remove only)
RandMap
Read in Microsoft Reader Add-in for Microsoft Word
Readiris
Readme
RecordNow!
Retrospect 6.5
Ri4m v4.1
Ri4m v5.0.1d
Rippack v3 beta 16.1
SAGEM F@st 800-840
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Shareaza version 2.2.1.0
SkinsHP1
SkinsHP2
SmartSound Quicktracks Plugin
SmartSound Quicktracks Plugin
Solid Converter PDF v4
SolutionCenter
Some PDF to Word Converter 1.4
Sonic Update Manager
Sonic_PrimoSDK
Sound Blaster Live! 24-bit
SpywareBlaster 4.1
StationRipper 2.14
Status
Studio 9
Sélecteur d'installation de Microsoft Works 2004
System Requirements Lab
TerraTec Home Cinema
THOMSON mp3PRO Audio Player
ThreatExpert Memory Scanner 1.0
TMPGEnc MPEG Editor 2.0 Essai
TMPGEnc Plus 2.5
TrayApp
TuneUp E-Mail Backup
TuneUp Utilities 2008
Ulead DVD MovieFactory 3 TV
Uninstall MP3XTC
Unload
User Profile Hive Cleanup Service
VideoLAN VLC media player 0.8.2
VobSub v2.23 (Remove Only)
Wanadoo
Warez 3.0
Warez PRO 3.0
WD Diagnostics
WD Media Center Driver
WebFldrs XP
WebReg
Winamp (remove only)
WinAVIVideoConverter
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Writer
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Service Pack 3
WinPatrol
XnView 1.90.2
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files
2008-09-23 14:35 <REP> .
2008-09-23 14:35 <REP> ..
2008-06-11 10:56 <REP> 3nity Audio CD Extractor
2008-06-11 10:57 <REP> 3nity CD DVD Burner
2005-10-10 12:10 <REP> 4Musics Multiformat Converter
2005-07-28 23:31 <REP> ABBYY PDF Transformer 1.0
2008-09-06 17:03 <REP> ABBYY PDF Transformer 2.0
2005-05-22 17:39 <REP> ACD Systems
2007-02-16 11:49 <REP> Acronis
2008-06-06 14:27 <REP> Actimagine Corp
2008-09-06 14:18 <REP> activePDF
2006-08-03 18:08 <REP> Adobe
2008-06-21 08:57 <REP> Ahead
2005-02-25 08:27 <REP> AIDA32 - Enterprise System Information
2008-06-11 10:59 <REP> AIST
2008-06-11 11:01 <REP> AKVIS
2007-01-03 02:01 <REP> AliveMedia
2008-06-11 11:02 <REP> Allok Video to 3GP Converter
2007-03-07 13:35 <REP> Alwil Software
2008-06-11 11:03 <REP> AmazingMIDI
2005-11-23 01:42 <REP> AnmSMP
2007-01-08 17:43 <REP> AnyVideoConvertorPro
2007-02-08 09:24 <REP> AOL
2008-09-18 23:06 <REP> Apple Software Update
2008-06-08 20:29 <REP> ArcSoft
2005-05-23 11:25 <REP> Ashampoo
2005-02-27 10:58 <REP> Audacity
2006-08-22 00:00 <REP> AutoWebCam
2008-06-06 00:27 <REP> Avira
2008-09-24 10:55 <REP> AviSynth 2.5
2008-06-17 22:55 <REP> AVS4YOU
2008-06-11 11:08 <REP> AVSMedia
2006-09-04 09:04 <REP> Azureus
2006-08-07 19:21 <REP> Belarc
2005-09-17 11:12 <REP> BillP Studios
2008-06-11 11:12 <REP> Biromsoft
2005-10-29 08:52 54 bit.bat
2005-10-29 08:52 54 bit2.bat
2005-10-29 08:52 54 bit3.bat
2008-09-18 23:08 <REP> Bonjour
2005-11-12 23:07 <REP> Broderbund
2008-06-11 11:13 <REP> Calculatrice Euro
2008-08-13 21:34 <REP> CCleaner
2005-08-03 04:59 <REP> CDBurnerXP Pro 3
2007-02-18 12:04 <REP> CDex_170b2
2004-01-02 04:17 <REP> Common Files
2004-01-02 02:32 <REP> ComPlus Applications
2006-11-03 14:05 <REP> Conference
2005-08-17 18:33 <REP> Convar
2006-03-26 22:45 <REP> ConvertMovie 2.2
2007-02-17 09:59 <REP> Copernic Agent
2005-02-27 12:32 <REP> Copernic Desktop Search
2008-08-11 16:38 <REP> CORA
2006-10-07 10:55 <REP> Cracklock
2006-04-14 01:04 <REP> Creative
2007-02-02 11:34 <REP> Cuttermaran
2008-06-28 18:50 <REP> CyberLink
2005-02-14 13:47 <REP> Dantz
2005-02-19 00:34 <REP> DATA BECKER
2007-02-02 11:34 <REP> DesignPro
2005-08-17 09:43 <REP> DigitalSoundPlanet
2007-02-02 11:34 <REP> DiscWizard for Windows
2007-02-17 06:26 <REP> DivX
2005-10-29 13:21 <REP> DivX_311alpha
2008-09-23 10:42 <REP> DScaler5
2005-09-20 20:49 <REP> DVD Shrink
2007-02-02 11:34 <REP> Easy CD-DA Extractor 8
2007-02-17 07:27 <REP> Easy Internet signup
2005-09-20 12:56 <REP> EasyDVDCopyPro
2008-09-24 15:59 <REP> eChanblard
2008-08-11 07:31 <REP> ECI Telecom
2007-02-02 20:09 <REP> EkiPatchs
2008-06-29 12:55 <REP> eMule
2008-08-14 04:59 <REP> EoRezo
2007-02-02 11:34 <REP> Euro-Calculette
2006-04-30 15:57 <REP> EuroThink
2005-03-09 14:53 <REP> fabamusic
2007-02-02 11:34 <REP> FairUse Wizard 2
2008-09-18 23:05 <REP> Fichiers communs
2005-02-18 12:27 <REP> FileZilla
2008-09-25 08:18 <REP> FlashGet
2005-02-18 16:21 <REP> FlasKMPEG
2005-09-12 13:06 <REP> Foreignword
2008-09-03 14:28 <REP> Foxit Software
2005-10-08 02:15 <REP> F-Secure Internet Security
2005-02-20 22:36 <REP> Gabest
2005-10-29 13:05 <REP> GDiVX Player
2008-06-18 04:14 <REP> Google
2005-03-03 20:32 <REP> GordianKnot
2007-02-07 23:29 <REP> Grisoft
2006-08-11 12:28 <REP> Hewlett-Packard
2008-06-05 23:25 <REP> Horloge 2005
2006-10-17 09:46 <REP> HP
2007-02-02 11:34 <REP> HP DeskJet 710C Series
2006-05-24 15:47 <REP> HP DVD
2004-01-02 04:53 <REP> HP Pavilion PC Help
2006-10-17 10:18 <REP> HP Photosmart M417 FW Files
2005-10-29 08:51 54 inc1.bat
2005-02-14 19:08 <REP> Intel
2005-09-19 07:49 <REP> InterActual
2008-09-03 22:34 <REP> Internet Explorer
2006-01-24 11:07 <REP> InterVideo
2008-09-18 23:09 <REP> iPod
2008-09-04 03:50 <REP> ItsLabel
2008-09-18 23:09 <REP> iTunes
2005-11-13 00:17 <REP> iTunes(2)
2005-11-13 00:11 <REP> iTunes(3)
2005-05-22 17:55 <REP> Jasc Software Inc
2008-07-17 21:12 <REP> Java
2005-02-18 17:39 <REP> KC Softwares
2008-06-05 18:56 <REP> K-Lite Codec Pack
2008-06-04 11:05 <REP> K-Lite Codec Pack(2)
2006-09-21 13:18 <REP> Kodak
2007-01-20 16:39 <REP> LaCie
2008-06-06 16:57 <REP> Lavasoft
2008-06-18 04:17 <REP> LimeWire
2008-08-11 13:36 <REP> Logitech
2008-09-22 18:50 <REP> Malwarebytes' Anti-Malware
2007-02-02 11:34 <REP> MaxiCompte
2005-02-27 13:04 <REP> Maxthon
2008-06-24 23:57 <REP> Mediostream
2008-08-14 10:17 <REP> Messenger
2006-05-04 09:35 <REP> Micro Application
2008-09-04 03:27 <REP> Microangelo Toolset 6
2008-06-14 17:57 <REP> Microsoft CAPICOM 2.1.0.2
2006-06-30 17:37 <REP> microsoft frontpage
2008-06-08 07:28 <REP> Microsoft Office
2007-02-02 11:34 <REP> Microsoft Picture It! 9
2008-09-03 23:09 <REP> Microsoft Reader
2008-09-03 22:31 <REP> Microsoft Reader(2)
2008-09-03 22:30 <REP> Microsoft Reader(3)
2008-06-18 23:12 <REP> Microsoft SQL Server Compact Edition
2007-02-03 12:19 <REP> Microsoft Windows Vista Upgrade Advisor
2007-02-02 11:34 <REP> Microsoft Works
2006-11-16 15:38 <REP> Microsoft Works Suite 2004
2008-08-11 16:13 <REP> monAlbumPhoto
2006-10-23 23:27 <REP> Morgan
2008-06-14 18:43 <REP> Movie Maker
2007-02-25 22:01 <REP> MP3XTC
2005-05-26 09:13 <REP> MSN
2005-05-19 14:28 <REP> MSN Apps
2004-01-02 02:31 <REP> MSN Gaming Zone
2005-09-19 07:48 <REP> MSXML 4.0
2005-02-14 10:00 <REP> Multimedia Card Reader
2005-05-19 14:27 <REP> Music Mixer 3(2).0
2006-08-13 13:45 <REP> MUSK Codec Pack v5
2008-06-26 17:27 <REP> MyMPxPlayer.org
2005-03-01 02:24 <REP> Neodivx
2008-06-14 18:40 <REP> NetMeeting
2006-08-11 12:20 <REP> nLite
2008-06-08 19:32 <REP> ONES (F)
2005-08-18 06:36 <REP> Ontrack
2007-02-25 10:59 <REP> OO Software
2007-03-06 15:39 <REP> Orange
2008-06-14 18:40 <REP> Outlook Express
2008-06-11 09:01 <REP> Paint Shop Pro 9
2008-06-14 06:28 <REP> Panda Security
2005-10-26 09:16 <REP> Paragon Software
2005-02-18 04:03 <REP> PC-Doctor for Windows
2005-11-12 23:07 <REP> PDF Editeur 2
2006-09-29 09:07 <REP> PDFCreator
2008-06-24 17:26 <REP> Pegasys Inc
2005-02-17 19:42 <REP> Philips Semiconductors
2007-03-08 06:15 <REP> Picasa2
2008-09-17 12:29 <REP> Pinnacle
2005-11-08 16:14 <REP> PowerQuest
2008-09-18 23:07 <REP> QuickTime
2006-10-01 07:11 <REP> QuickTime(2)
2005-12-16 11:57 <REP> Radio Fr Solo
2006-09-25 02:18 <REP> Rainlendar
2005-04-29 08:22 <REP> Ratajik Software
2007-02-25 22:01 <REP> Raxco
2006-09-04 08:44 <REP> Real
2004-01-02 04:24 <REP> RecordNow!
2008-06-06 10:44 <REP> RegCleaner
2008-06-04 11:06 <REP> RegCleaner(2)
2005-11-13 00:13 <REP> Rippackv3
2008-09-24 23:44 <REP> Ripp-it_AM
2005-06-30 16:34 <REP> Roxio(2)
2005-07-31 05:59 <REP> RTE
2008-06-30 10:28 <REP> SAGEM
2006-10-14 03:58 <REP> SaveNow
2005-02-14 18:27 <REP> ScanSoft
2008-06-06 21:55 <REP> Seagate
2006-09-19 16:54 <REP> Securitoo
2004-01-02 05:01 <REP> Services en ligne
2008-06-11 08:58 <REP> Setup Files
2005-12-17 17:13 <REP> Shareaza
2005-10-10 11:04 <REP> Simon Tools
2006-09-29 09:00 <REP> SimonTools
2005-10-29 08:51 41 sleep.bat
2006-08-21 10:39 <REP> SmartSound Software
2008-09-06 16:35 <REP> SolidDocuments
2008-09-06 15:22 <REP> SomePDF
2004-01-02 04:24 <REP> Sonic
2005-03-02 18:55 <REP> SoundSpectrum
2008-09-18 05:51 <REP> SpywareBlaster
2008-06-08 08:29 <REP> SystemRequirementsLab
2008-09-23 14:35 <REP> TerraTec
2007-02-25 22:00 <REP> TerraTec(2)
2005-02-15 17:36 <REP> THOMSON mp3PRO Audio Player
2008-08-14 10:24 <REP> ThreatExpert Memory Scanner
2008-06-27 01:27 <REP> TMPGenc
2006-09-29 09:07 <REP> TuneUp E-Mail Backup
2008-09-04 04:22 <REP> TuneUp Utilities 2008
2007-02-17 07:31 <REP> Ulead Systems
2007-02-02 07:17 <REP> UPHClean
2005-02-14 21:03 <REP> VideoLAN
2006-10-09 07:45 <REP> Virtools Web Player 3.5
2005-11-13 00:12 <REP> Visage
2006-09-04 08:01 <REP> vso
2008-09-25 09:37 <REP> Wanadoo
2007-03-07 15:31 <REP> Warez
2005-02-14 13:47 <REP> WDC
2005-02-20 18:16 <REP> Webteh
2008-06-08 18:14 <REP> Western Digital Technologies
2007-02-18 12:46 <REP> Winamp
2008-06-29 13:21 <REP> WinAVI Video Capture
2008-06-29 13:23 <REP> WinAVIVideoConverter
2008-06-20 10:11 <REP> Windows Live
2007-02-01 12:51 <REP> Windows Live Safety Center
2006-12-04 11:08 <REP> Windows Media Bonus Pack for Windows XP
2005-02-14 18:56 <REP> Windows Media Components
2006-12-02 18:08 <REP> Windows Media Connect 2
2008-06-21 08:19 <REP> Windows Media Player
2008-06-14 18:40 <REP> Windows NT
2007-02-08 23:54 <REP> WinRAR
2004-01-02 02:35 <REP> xerox
2007-02-17 10:38 <REP> XnView
2005-11-30 11:54 <REP> X-OOM
2007-03-07 18:25 <REP> Yahoo!
5 fichier(s) 257 octets
226 Rép(s) 33,280,884,736 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs
2008-09-18 23:05 <REP> .
2008-09-18 23:05 <REP> ..
2005-05-22 17:39 <REP> ACD Systems
2007-02-16 11:49 <REP> Acronis
2005-06-21 10:10 <REP> Adaptec Shared
2006-12-19 15:56 <REP> Adobe
2005-12-06 02:29 <REP> Adobe Systems Shared
2005-05-30 18:31 <REP> Ahead
2008-09-18 23:07 <REP> Apple
2008-06-16 23:33 <REP> AVSMedia
2005-02-15 14:54 <REP> Copernic
1996-12-02 17:44 582,144 dao350.dll
2006-09-08 22:24 <REP> DESIGNER
2004-01-02 03:47 <REP> Hewlett-Packard
2006-08-02 13:34 <REP> HP
2005-05-22 17:55 <REP> InstallShield
2008-06-24 23:58 <REP> InstallShield Shared
2005-09-19 07:49 <REP> InterVideo
2005-05-22 17:57 <REP> Jasc Software Inc
2006-11-12 10:36 <REP> Java
2008-09-03 23:11 <REP> L&H
2006-09-04 12:37 <REP> Logitech
2006-05-05 15:04 <REP> MAGIX Shared
2005-05-22 11:34 <REP> Micro Application Shared
2008-09-03 23:09 <REP> Microsoft Shared
2004-01-02 02:32 <REP> MSSoap
2006-04-26 21:28 <REP> muiq
2006-08-14 20:19 <REP> Nero
2004-01-02 02:28 <REP> ODBC
2008-09-03 23:12 <REP> OverDrive Shared
2008-06-05 18:54 <REP> Real
2005-06-30 16:34 <REP> Roxio Shared(2)
2005-02-14 18:27 <REP> ScanSoft Shared
2006-10-19 06:32 <REP> Services
2005-09-19 12:00 <REP> Softwin
2004-01-02 04:25 <REP> Sonic
2006-01-19 23:43 <REP> Sonic Shared
2004-01-02 02:28 <REP> SpeechEngines
2004-01-02 04:24 <REP> SureThing Shared
2005-03-21 13:24 <REP> SWF Studio
2008-06-14 18:40 <REP> System
2008-09-23 14:35 <REP> TerraTec
2007-02-17 07:31 <REP> Ulead Systems
2008-06-10 13:15 <REP> Wise Installation Wizard
2008-09-06 15:27 <REP> XpressUpdate
2008-09-17 12:29 <REP> Yahoo!
1 fichier(s) 582,144 octets
45 Rép(s) 33,280,888,832 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
2008-06-14 20:37 <REP> .
2008-06-14 20:37 <REP> ..
2005-02-15 09:49 <REP> 1033
2006-09-08 22:15 <REP> 1036
2006-04-25 21:33 967,952 MSONSEXT.DLL
2006-05-02 19:37 40,208 MSOSV.DLL
1999-06-03 22:09 122,937 MSOWS409.DLL
2001-03-07 17:00 127,033 MSOWS40c.DLL
2000-08-06 09:04 401,462 MSVCP60.DLL
2004-01-29 16:08 69,632 PKMAXCTL.DLL
2004-01-29 16:08 868,352 PKMCDO.DLL
2004-01-29 16:08 53,248 PKMCORE.DLL
2004-01-29 16:08 102,400 PKMFORMS.DLL
2004-01-29 16:38 634,880 PKMRES.DLL
2004-01-29 16:08 28,672 PKMSSTLB.DLL
2001-01-22 03:25 40,960 PKMTEMPL.DLL
2004-01-29 16:08 24,576 PKMTRACE.DLL
2004-01-29 16:08 86,016 PKMWS.DLL
2004-01-29 16:08 237,568 PROMDEMO.DLL
1999-03-18 07:37 593,977 RAGENT.DLL
2004-01-29 16:08 184,320 SECMGR.DLL
2004-01-29 16:08 315,392 VAIDDMGR.DLL
2004-01-29 16:08 32,768 VAIMEM.DLL
19 fichier(s) 4,932,353 octets
4 Rép(s) 33,280,884,736 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\common files
2004-01-02 04:17 <REP> .
2004-01-02 04:17 <REP> ..
2005-02-14 10:03 <REP> System
0 fichier(s) 0 octets
3 Rép(s) 33,280,884,736 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\
2008-08-10 13:09 1,083,904 MPEG_Streamclip.exe
2006-05-01 08:20 24,623,869 PNL_Les fondements_demo.exe
2005-04-16 20:50 232,960 Recover4all-Professional.exe
2005-10-31 17:56 700,416 StubInstaller.exe
dans la barre d'adresse de recherche jai google et uStart qui est la recherche par defaut??? alors que precedement c'etais google commment enlever le defaut uStart et lorsque je quitte par la fermeture de windows j'ai ce son "PLOC" qui viens avec la musique de fermeture
voilà à bientot...............?
DiagHelp version v1.4 - http://www.malekal.com
excute le 2008-09-25 à 9:37:48.71
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->2008-09-25 09:37:45
C:\WINDOWS\prefetch\WATCH.EXE-27B8EEDC.pf -->2008-09-25 09:35:29
C:\WINDOWS\prefetch\WUAUCLT.EXE-1360D60A.pf -->2008-09-25 09:35:27
C:\WINDOWS\prefetch\POLLINGMODULE.EXE-2AD5A1B6.pf -->2008-09-25 09:35:26
C:\WINDOWS\prefetch\ALERTM~1.EXE-217C3F7A.pf -->2008-09-25 09:35:26
C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->2008-09-25 09:35:25
C:\WINDOWS\prefetch\TOASTER.EXE-097A4853.pf -->2008-09-25 09:35:25
C:\WINDOWS\prefetch\INACTIVITY.EXE-346F276A.pf -->2008-09-25 09:35:20
C:\WINDOWS\prefetch\IPODSERVICE.EXE-37043579.pf -->2008-09-25 09:35:18
C:\WINDOWS\prefetch\HVIDEOS.EXE-22132D1F.pf -->2008-09-25 09:35:17
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->2008-09-10 00:04:02
C:\WINDOWS\System32\drivers\mbam.sys -->2008-09-10 00:03:56
C:\WINDOWS\System32\drivers\avipbb.sys -->2008-07-18 12:47:00
C:\WINDOWS\System32\drivers\adidsl.cfg -->2008-06-30 10:43:19
C:\WINDOWS\System32\drivers\tcpip.sys -->2008-06-20 13:51:12
C:\WINDOWS\System32\drivers\afd.sys -->2008-06-20 13:40:08
C:\WINDOWS\System32\drivers\tcpip6.sys -->2008-06-20 13:08:27
C:\WINDOWS\System32\wpa.dbl -->2008-09-25 09:35:12
C:\WINDOWS\System32\nvapps.xml -->2008-09-25 09:34:04
C:\WINDOWS\System32\FNTCACHE.DAT -->2008-09-18 19:04:22
C:\WINDOWS\System32\settings.aaw -->2008-09-06 22:29:53
C:\WINDOWS\System32\history.aaw -->2008-09-06 22:29:53
C:\WINDOWS\System32\QuickTimeVR.qtx -->2008-09-06 15:09:18
C:\WINDOWS\System32\QuickTime.qts -->2008-09-06 15:09:18
C:\WINDOWS\System32\Thumbs.db -->2008-09-04 03:31:05
C:\WINDOWS\System32\lvcoinst.log -->2008-09-03 22:36:47
C:\WINDOWS\System32\FOXIT_PDF -->2008-09-03 14:32:24
C:\WINDOWS\System32\dns-sd.exe -->2008-08-29 10:18:58
C:\WINDOWS\System32\dnssd.dll -->2008-08-29 09:53:50
C:\WINDOWS\System32\MRT.exe -->2008-08-26 22:28:12
C:\WINDOWS\System32\TZLog.log -->2008-08-14 10:10:22
C:\WINDOWS\System32\TuneUpDefragService.exe -->2008-08-14 00:49:33
C:\WINDOWS\System32\ssprs.tgz -->2008-08-11 17:03:20
C:\WINDOWS\System32\ssprs.dll -->2008-08-11 17:03:20
C:\WINDOWS\System32\lsprst7.tgz -->2008-08-11 17:03:19
C:\WINDOWS\System32\lsprst7.dll -->2008-08-11 17:03:19
C:\WINDOWS\System32\sysprs7.tgz -->2008-08-11 16:39:22
C:\WINDOWS\System32\clauth2.dll -->2008-08-11 16:39:22
C:\WINDOWS\System32\clauth1.dll -->2008-08-11 16:39:22
C:\WINDOWS\System32\sysprs7.dll -->2008-08-11 16:39:21
C:\WINDOWS\System32\solidlocalui.dll -->2008-08-01 18:32:24
C:\WINDOWS\System32\solidlocalmon.dll -->2008-08-01 18:32:18
C:\WINDOWS\pfirewall.log -->2008-09-25 09:37:43
C:\WINDOWS\WindowsUpdate.log -->2008-09-25 09:35:20
C:\WINDOWS\wiadebug.log -->2008-09-25 09:33:59
C:\WINDOWS\wiaservc.log -->2008-09-25 09:33:54
C:\WINDOWS\bootstat.dat -->2008-09-25 09:33:29
C:\WINDOWS\SchedLgU.Txt -->2008-09-25 09:32:04
C:\WINDOWS\pfirewall.log.old -->2008-09-24 16:41:43
C:\WINDOWS\NeroDigital.ini -->2008-09-23 12:26:59
C:\WINDOWS\mmproxy_40.mdb -->2008-09-19 00:35:14
C:\WINDOWS\QTFont.qfn -->2008-09-18 22:35:14
C:\WINDOWS\QTFont.for -->2008-09-17 15:09:35
C:\WINDOWS\avisplitter.INI -->2008-09-17 13:14:03
C:\WINDOWS\hpoins07.dat -->2008-09-15 20:33:14
C:\WINDOWS\hpoins07.dat.temp -->2008-09-15 20:29:27
C:\WINDOWS\HPFCSS13.INI -->2008-09-10 13:22:14
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1708
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll
0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll
0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll
0x10000000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x00c70000 0xf000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
0x73e60000 0x5c000 5.03.2600.5512 C:\WINDOWS\system32\DSOUND.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\System32\wshext.dll
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 844
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x012f0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system
1998-05-07 17:04 52,736 hpsysdrv.exe
1999-09-10 13:06 4,672 wowpost.exe
2 fichier(s) 57,408 octets
0 Rép(s) 33,280,954,368 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system32
2008-04-14 04:33 6,144 csrss.exe
1 fichier(s) 6,144 octets
0 Rép(s) 33,280,954,368 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\Downloaded Program Files
2008-09-24 21:54 <REP> .
2008-09-24 21:54 <REP> ..
2008-05-21 12:56 124,208 as2stubie.dll
2008-05-22 16:04 395 as2stubie.inf
2006-08-24 09:28 141,424 asinst.dll
2006-08-22 10:06 537 asinst.inf
2004-12-07 17:07 32 bdcore.dll
2006-05-25 01:21 118,784 bdupd.dll
2003-05-07 13:26 192,512 CamCli.dll
2008-06-06 21:55 <REP> CONFLICT.1
2004-01-02 02:33 65 desktop.ini
1997-10-15 02:52 697 DirectAnimation Java Classes.osd
2002-07-25 17:13 24,576 dwusplay.dll
2002-07-25 17:13 196,608 dwusplay.exe
2006-06-25 13:50 1,793 erma.inf
2000-04-10 18:12 1,765 fhg.inf
2003-05-07 13:26 180,224 ijl11.dll
2006-05-25 01:21 53,248 ipsupd.dll
2004-06-16 06:02 323,584 isusweb.dll
2006-10-12 05:07 896 jinstall-1_5_0_09.inf
2008-04-25 05:02 1,060 jinstall-6u6.inf
2005-03-16 12:34 7,407 lang.ini
2006-12-11 17:44 367 LegitCheckControl.inf
2007-07-18 14:49 12,592 libcomm.dll
2004-12-07 17:07 32 libfn.dll
2008-02-13 17:55 130 live.ini
2000-01-20 16:25 1,162 Microsoft XML Parser for Java.osd
2007-07-30 19:24 295 muweb.inf
2007-09-12 08:46 259 NvidiaSmartScan.inf
2007-10-04 07:52 323,584 NvidiaSmartScan.ocx
2007-10-29 16:45 1,244 oscan8.inf
2007-10-25 16:54 471,040 oscan8.ocx
2004-09-22 16:59 110,592 PURen-us.dll
2004-10-15 08:59 110,592 PURfr-xx.dll
2003-10-09 11:32 144 QTPlugin.inf
2005-03-14 14:58 7,073 scanoptions.tsi
2005-02-16 10:04 116,880 setup.exe
2006-11-09 15:36 5,019 swflash.inf
2008-05-28 15:06 267,568 sysreqlab3.dll
2008-05-28 15:06 667 SysReqLab3.osd
2006-07-27 16:33 452,920 wlscBase.dll
2005-11-02 18:01 1,777 xscan.inf
2005-11-02 18:07 435,712 xscan53.ocx
40 fichier(s) 3,689,464 octets
Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1
2008-06-06 21:55 <REP> .
2008-06-06 21:55 <REP> ..
2006-08-24 09:28 141,424 asinst.dll
2006-08-22 10:06 537 asinst.inf
2004-09-30 08:52 214,312 SysInfo.dll
3 fichier(s) 356,273 octets
Total des fichiers listés :
43 fichier(s) 4,045,737 octets
5 Rép(s) 33,280,950,272 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Enabled:Navigateur Internet"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe:*:Enabled:TerraTec ChannelEditor"
"C:\\Program Files\\Warez\\Warez.exe"="C:\\Program Files\\Warez\\Warez.exe:*:Enabled:Warez3"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"="C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin:*:Disabled:AIDA32 - Worldwide SysInfo Tool"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Fichiers communs\\XpressUpdate\\XPressUpdate.exe"="C:\\Program Files\\Fichiers communs\\XpressUpdate\\XPressUpdate.exe:*:Enabled:XPressUpdate"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-25 09:38:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="300"
"USERProcessHandleQuota"=dword:00002710
"AppInit_DLLs"=""
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
328 - nvsvc32.exe
368 - HPZipm12.exe
480 - retrorun.exe
500 - wdsvc.exe
588 - svchost.exe
816 - csrss.exe
844 - winlogon.exe
888 - services.exe
900 - lsass.exe
1008 - uphclean.exe
1216 - svchost.exe
1256 - svchost.exe
1516 - aawservice.exe
1704 - WDBtnMgr.exe
1708 - explorer.exe
1848 - sched.exe
1944 - schedul2.exe
1952 - SetIcon.exe
1960 - avguard.exe
1980 - AppleMobileDevi
1992 - bgsvcgen.exe
2016 - mDNSResponder.e
2164 - CTSysVol.exe
2208 - TrueImageMonito
2248 - alg.exe
2264 - avgnt.exe
2360 - InCD.exe
2504 - LVComS.exe
2520 - cmd.exe
2544 - LogiTray.exe
2588 - iTunesHelper.ex
2600 - TTTvRc.exe
2724 - TaskBarIcon.exe
2764 - PCHButton.exe
2784 - ctfmon.exe
2828 - GestionnaireInt
2884 - dslmon.exe
2908 - LogitechDesktop
3020 - ComComp.exe
3028 - Horloge 2005.ex
3036 - Rainlendar.exe
3224 - iPodService.exe
3256 - wuauclt.exe
3408 - Toaster.exe
3416 - Inactivity.exe
3432 - PollingModule.e
3492 - ALERTM~1.EXE
3732 - Watch.exe
Total number of processes = 49
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntoskrnl.exe
806EE000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7607000 - MountMgr.sys
F74D7000 - ftdisk.sys
F770F000 - PartMgr.sys
F7617000 - VolSnap.sys
F74BF000 - atapi.sys
F7627000 - disk.sys
F7637000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F749F000 - fltmgr.sys
F748D000 - sr.sys
F7647000 - PxHelp20.sys
F789B000 - PzWDM.sys
F7476000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7449000 - NDIS.sys
F7838000 - timntr.sys
F7717000 - viaagp1.sys
F742E000 - snapman.sys
F7657000 - SISAGPX.sys
F7667000 - sbp2port.sys
F7677000 - ohci1394.sys
F7687000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS
BAF46000 - Mup.sys
F7697000 - agp440.sys
F76C7000 - \SystemRoot\System32\DRIVERS\nic1394.sys
BAFC0000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B980E000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys
B97FA000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
F775F000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B97D6000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F7767000 - \SystemRoot\System32\DRIVERS\usbehci.sys
F776F000 - \SystemRoot\System32\DRIVERS\usbohci.sys
B9682000 - \SystemRoot\system32\drivers\P17.sys
B965E000 - \SystemRoot\system32\drivers\portcls.sys
BAFB0000 - \SystemRoot\system32\drivers\drmk.sys
B963B000 - \SystemRoot\system32\drivers\ks.sys
B960B000 - \SystemRoot\System32\DRIVERS\ctoss2k.sys
B95D4000 - \SystemRoot\System32\DRIVERS\ctsfm2k.sys
BAFA0000 - \SystemRoot\System32\DRIVERS\R8139n51.SYS
B95C3000 - \SystemRoot\System32\DRIVERS\serial.sys
BAE62000 - \SystemRoot\System32\DRIVERS\serenum.sys
F7777000 - \SystemRoot\System32\DRIVERS\fdc.sys
B95AF000 - \SystemRoot\System32\DRIVERS\parport.sys
BAF90000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
BAE5E000 - \SystemRoot\System32\DRIVERS\PS2.sys
F777F000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
F7787000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BAF80000 - \SystemRoot\System32\DRIVERS\imapi.sys
F778F000 - \SystemRoot\system32\drivers\Asapiw2k.sys
BAF70000 - \SystemRoot\System32\Drivers\AFS2K.SYS
BAEEA000 - \SystemRoot\system32\drivers\pfc.sys
BAF60000 - \SystemRoot\System32\DRIVERS\cdrom.sys
BAC78000 - \SystemRoot\System32\DRIVERS\redbook.sys
F7797000 - \SystemRoot\System32\Drivers\incdrm.SYS
F779F000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
BAEE6000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
F7AA0000 - \SystemRoot\System32\DRIVERS\audstub.sys
BAC68000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
B9F6E000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B9598000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
BAC58000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
BAC48000 - \SystemRoot\System32\DRIVERS\raspptp.sys
F77A7000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B9587000 - \SystemRoot\System32\DRIVERS\psched.sys
BAC38000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F77AF000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F77B7000 - \SystemRoot\System32\DRIVERS\raspti.sys
BAC28000 - \SystemRoot\System32\Drivers\Pcouffin.sys
BAC18000 - \SystemRoot\System32\DRIVERS\termdd.sys
F79E5000 - \SystemRoot\System32\DRIVERS\swenum.sys
B9529000 - \SystemRoot\System32\DRIVERS\update.sys
B9F66000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
BAC08000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BABF8000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79EB000 - \SystemRoot\System32\DRIVERS\USBD.SYS
F77C7000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
B7245000 - \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys
F79F7000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A75000 - \SystemRoot\System32\Drivers\Null.SYS
F79F9000 - \SystemRoot\System32\Drivers\Beep.SYS
F7A76000 - \SystemRoot\system32\drivers\avgclean.sys
F77D7000 - \SystemRoot\System32\drivers\vga.sys
F79FB000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79FD000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAEAA000 - \SystemRoot\System32\Drivers\InCDrec.SYS
B720C000 - \SystemRoot\System32\Drivers\InCDfs.SYS
F77DF000 - \SystemRoot\System32\Drivers\Msfs.SYS
F77E7000 - \SystemRoot\System32\Drivers\Npfs.SYS
BAEA6000 - \SystemRoot\System32\DRIVERS\rasacd.sys
B71F9000 - \SystemRoot\System32\DRIVERS\ipsec.sys
B71A0000 - \SystemRoot\System32\DRIVERS\tcpip.sys
B7178000 - \SystemRoot\System32\DRIVERS\netbt.sys
BAE9E000 - \SystemRoot\System32\drivers\ws2ifsl.sys
B7156000 - \SystemRoot\System32\drivers\afd.sys
BA990000 - \SystemRoot\System32\DRIVERS\netbios.sys
F77EF000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
BAE9A000 - \SystemRoot\System32\DRIVERS\srvkp.sys
B712B000 - \SystemRoot\System32\DRIVERS\rdbss.sys
BAB76000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS
B70BB000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
BA950000 - \SystemRoot\System32\Drivers\Fips.SYS
B7095000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BA940000 - \SystemRoot\System32\DRIVERS\wanarp.sys
BA930000 - \SystemRoot\System32\DRIVERS\arp1394.sys
F77F7000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
B700C000 - \SystemRoot\system32\DRIVERS\avipbb.sys
F7A01000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
F780F000 - \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys
F7817000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS
F773F000 - \SystemRoot\system32\DRIVERS\TTCinergyT2BDA.sys
BAE76000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
F7A05000 - \SystemRoot\System32\Drivers\avg7rsw.sys
B6FE8000 - \SystemRoot\System32\Drivers\Fastfat.SYS
BAE6A000 - \SystemRoot\System32\DRIVERS\usbscan.sys
BA585000 - \SystemRoot\System32\DRIVERS\usbprint.sys
BA57D000 - \SystemRoot\system32\DRIVERS\HPZius12.sys
F7576000 - \SystemRoot\system32\DRIVERS\HPZid412.sys
B6F41000 - \SystemRoot\system32\DRIVERS\lvvi500a.sys
F7566000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
BAEBE000 - \SystemRoot\system32\DRIVERS\LVBulk.sys
F7556000 - \SystemRoot\system32\drivers\lvsound2.sys
BAEBA000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys
B6E89000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F79B3000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
F7516000 - \SystemRoot\system32\drivers\sysaudio.sys
BF800000 - \SystemRoot\System32\win32k.sys
B6F9C000 - \SystemRoot\System32\drivers\Dxapi.sys
B7065000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
BA8D3000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
B7045000 - \SystemRoot\system32\DRIVERS\tifsfilt.sys
B69FE000 - \SystemRoot\System32\DRIVERS\gwausb.sys
B6E61000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
B66B1000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F79E1000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B67B6000 - \SystemRoot\System32\drivers\aspi32.sys
B669D000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys
B655D000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
B64E3000 - \SystemRoot\System32\DRIVERS\srv.sys
B6406000 - \SystemRoot\system32\drivers\wdmaud.sys
B6541000 - \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys
B619E000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B516B000 - \SystemRoot\system32\drivers\kmixer.sys
F7AB5000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 154
Liste des programmes installes
1500
1500_Help
1500Trb
4Musics Multiformat Converter v1.4
ABBYY PDF Transformer 1.0
ABBYY PDF Transformer 2.0
AC-3 ACM Decompressor
ACDSee 5.0 Standard
Acronis True Image Home
Ad-Aware
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop Album 2.0 Edition Découverte
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Stock Photos 1.0
AIDA32 v3.93
AiO_Scan
AiOSoftware
AnmanieSMP 2.4 i
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ArcSoft Collage Creator
ArcSoft Multimedia Email
ArcSoft PhotoBase 3
ArcSoft PhotoImpression 5
ArcSoft PhotoStudio 5
ArcSoft VideoImpression 2
Ashampoo CD Recording Suite 2004
Ashampoo Photo Illuminator 2
Assistant de connexion Windows Live
Audacity 1.2.3
AutoWebCam
Avery DesignPro
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Azureus
Barre d'outils MSN
Bonjour
BSPlayer
BufferChm
CameraDrivers
CCleaner (remove only)
CDBurnerXP Pro 3
CDex extraction audio
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Complément Microsoft Word pour Microsoft Works Suite
Connexion Facile à Internet
Connexion Facile à Internet
Conseiller de mise à niveau Windows Vista
ConvertXtoDVD 2.0.15
Copernic Agent Basic
Copernic Desktop Search
Copy
Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows Internet Explorer 7 (KB947864)
Correctif pour Windows XP (KB952287)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Creative DVD Audio Plugin for Audigy Series
Creative EAX Console
Creative MediaSource
Creative System Information
Creative Vienna SoundFont Studio
CreativeProjects
CueTour
CustomerResearchQFolder
Cuttermaran 1.61
Destinations
Device Control
DeviceFunctionQFolder
DeviceManagementQFolder
DiscWizard for Windows
DivXG400
DocProc
DocumentViewer
DocumentViewerQFolder
DScaler 5 Mpeg Decoders
DVD Shrink 3.2
Easy CD-DA Extractor 8.0.2
EasyDVDCopyPro
EasyRecovery Professional
EasyRecovery Professional
eMule
eSupportQFolder
EuroThink Lune 1.10
Fax
FileZilla (remove only)
FlashGet 1.9.6.1073
Foxit Reader
FullDPAppQFolder
G-Force
Galerie de photos Windows Live
Gestionnaire Internet
Google Toolbar for Internet Explorer
Gordian Knot Rip Pack 0.33.1
Hewlett-Packard Multimedia Keyboard/Mouse Solution
Hewlett-Packard Multimedia Keyboard/Mouse Solution
HijackThis 2.0.2
Horloge 2005 1.2.0.0
Hotfix for Windows Media Format 11 SDK (KB929399)
HP Deskjet Preloaded Printer Drivers
HP DeskJet Serie 710C (Supprimer uniquement)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
hpg2436
hpg3970
hpg4600
hpg5530
hpg8200
hpmdtab
HPProductAssistant
HpSdpAppCoreApp
HPSystemDiagnostics
Indeo® software
INSTANT TV Uninstaller
InstantShare
InstantShareDevices
Intel A/V Codecs V2.0
InterActual Player
InterVideo WinDVD 7
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
ItsTV 3.0
iTunes
Jasc Paint Shop Pro 9
Java(TM) 6 Update 6
Java(TM) 6 Update 7
K-Lite Mega Codec Pack 3.9.5
KBD
KC Softwares VideoInspector
LaCie Backup Software v1.5.2215
Lame ACM MP3 Codec
Lecteur Windows Media 11
LimeWire 4.18.2
Logitech Desktop Messenger
Logitech ImageStudio
Macromedia Shockwave Player
MAGIX audio cleanic 2003
MAGIX Media Manager silver
MAGIX music + video maker generation 6 deLuxe
MAGIX Photos sur CD & DVD
MAGIX playR jukebox
MAGIX video deLuxe 2004
Malwarebytes' Anti-Malware
MarketResearch
MaxiCompte
Media Library Management Wizard
Memories Disc Creator 2.0
Micro Application - Print eXtreme 2.0
Micro Application - PrintPratic 3
Micro Application - PrintPratic Edition Photo
Micro Application - Super Polices 2000
Micro Application Cloneur Expert
Microangelo Toolset 6
MicroBest Cracklock 3.8.4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Professional
Microsoft Office XP Professional avec FrontPage
Microsoft Picture It! Photo Premium 9
Microsoft Picture It! Photo Premium 9
Microsoft Reader
Microsoft Reader Text-to-Speech pour le français
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951376)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour pour Windows XP (KB942763)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour pour Windows XP (KB951978)
Mobiclip Video Codec
Modem DSL ECI Telecom
MON UNIVERS CORAPHOTOS
monAlbumPhoto
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MovieXone 4.0
MPEG2 Video Encoder
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Multimedia Card Reader
Multimedia Card Reader
Navigateur Orange
Neodivx
neoDVD
neoDVD 7
Nero Suite
neroxml
NewCopy
NVIDIA Drivers
OmniPage SE
OpenOffice.org Installer 1.0
Paint Shop Pro 7
Panda ActiveScan 2.0
PanoStandAlone
Paramètres de haut-parleur Creative
PC Inspector smart recovery
PDFCreator 0.8.0
PDFmail
Personal License Update Wizard for Windows Media Player
Philips TeleText
Photo et imagerie HP 3.5 - HP Devices
PhotoGallery
Photosmart 140,240,7200,7600,7700,7900 Series
Picasa 2
Pinnacle VideoSpin
Plus! MP3 Audio Converter LE
PowerDVD
PowerQuest PartitionMagic Pro 7.0
PrintMaster® Gold
ProductContext
PS2
PSShortcutsP
Python 2.2 combined Win32 extensions
Python 2.2.1
QFolder
QuickProjects
QuickTime
Radio Fr Solo 1.5
Radio Media Player
Rainlendar (remove only)
RandMap
Read in Microsoft Reader Add-in for Microsoft Word
Readiris
Readme
RecordNow!
Retrospect 6.5
Ri4m v4.1
Ri4m v5.0.1d
Rippack v3 beta 16.1
SAGEM F@st 800-840
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Shareaza version 2.2.1.0
SkinsHP1
SkinsHP2
SmartSound Quicktracks Plugin
SmartSound Quicktracks Plugin
Solid Converter PDF v4
SolutionCenter
Some PDF to Word Converter 1.4
Sonic Update Manager
Sonic_PrimoSDK
Sound Blaster Live! 24-bit
SpywareBlaster 4.1
StationRipper 2.14
Status
Studio 9
Sélecteur d'installation de Microsoft Works 2004
System Requirements Lab
TerraTec Home Cinema
THOMSON mp3PRO Audio Player
ThreatExpert Memory Scanner 1.0
TMPGEnc MPEG Editor 2.0 Essai
TMPGEnc Plus 2.5
TrayApp
TuneUp E-Mail Backup
TuneUp Utilities 2008
Ulead DVD MovieFactory 3 TV
Uninstall MP3XTC
Unload
User Profile Hive Cleanup Service
VideoLAN VLC media player 0.8.2
VobSub v2.23 (Remove Only)
Wanadoo
Warez 3.0
Warez PRO 3.0
WD Diagnostics
WD Media Center Driver
WebFldrs XP
WebReg
Winamp (remove only)
WinAVIVideoConverter
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Writer
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Service Pack 3
WinPatrol
XnView 1.90.2
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files
2008-09-23 14:35 <REP> .
2008-09-23 14:35 <REP> ..
2008-06-11 10:56 <REP> 3nity Audio CD Extractor
2008-06-11 10:57 <REP> 3nity CD DVD Burner
2005-10-10 12:10 <REP> 4Musics Multiformat Converter
2005-07-28 23:31 <REP> ABBYY PDF Transformer 1.0
2008-09-06 17:03 <REP> ABBYY PDF Transformer 2.0
2005-05-22 17:39 <REP> ACD Systems
2007-02-16 11:49 <REP> Acronis
2008-06-06 14:27 <REP> Actimagine Corp
2008-09-06 14:18 <REP> activePDF
2006-08-03 18:08 <REP> Adobe
2008-06-21 08:57 <REP> Ahead
2005-02-25 08:27 <REP> AIDA32 - Enterprise System Information
2008-06-11 10:59 <REP> AIST
2008-06-11 11:01 <REP> AKVIS
2007-01-03 02:01 <REP> AliveMedia
2008-06-11 11:02 <REP> Allok Video to 3GP Converter
2007-03-07 13:35 <REP> Alwil Software
2008-06-11 11:03 <REP> AmazingMIDI
2005-11-23 01:42 <REP> AnmSMP
2007-01-08 17:43 <REP> AnyVideoConvertorPro
2007-02-08 09:24 <REP> AOL
2008-09-18 23:06 <REP> Apple Software Update
2008-06-08 20:29 <REP> ArcSoft
2005-05-23 11:25 <REP> Ashampoo
2005-02-27 10:58 <REP> Audacity
2006-08-22 00:00 <REP> AutoWebCam
2008-06-06 00:27 <REP> Avira
2008-09-24 10:55 <REP> AviSynth 2.5
2008-06-17 22:55 <REP> AVS4YOU
2008-06-11 11:08 <REP> AVSMedia
2006-09-04 09:04 <REP> Azureus
2006-08-07 19:21 <REP> Belarc
2005-09-17 11:12 <REP> BillP Studios
2008-06-11 11:12 <REP> Biromsoft
2005-10-29 08:52 54 bit.bat
2005-10-29 08:52 54 bit2.bat
2005-10-29 08:52 54 bit3.bat
2008-09-18 23:08 <REP> Bonjour
2005-11-12 23:07 <REP> Broderbund
2008-06-11 11:13 <REP> Calculatrice Euro
2008-08-13 21:34 <REP> CCleaner
2005-08-03 04:59 <REP> CDBurnerXP Pro 3
2007-02-18 12:04 <REP> CDex_170b2
2004-01-02 04:17 <REP> Common Files
2004-01-02 02:32 <REP> ComPlus Applications
2006-11-03 14:05 <REP> Conference
2005-08-17 18:33 <REP> Convar
2006-03-26 22:45 <REP> ConvertMovie 2.2
2007-02-17 09:59 <REP> Copernic Agent
2005-02-27 12:32 <REP> Copernic Desktop Search
2008-08-11 16:38 <REP> CORA
2006-10-07 10:55 <REP> Cracklock
2006-04-14 01:04 <REP> Creative
2007-02-02 11:34 <REP> Cuttermaran
2008-06-28 18:50 <REP> CyberLink
2005-02-14 13:47 <REP> Dantz
2005-02-19 00:34 <REP> DATA BECKER
2007-02-02 11:34 <REP> DesignPro
2005-08-17 09:43 <REP> DigitalSoundPlanet
2007-02-02 11:34 <REP> DiscWizard for Windows
2007-02-17 06:26 <REP> DivX
2005-10-29 13:21 <REP> DivX_311alpha
2008-09-23 10:42 <REP> DScaler5
2005-09-20 20:49 <REP> DVD Shrink
2007-02-02 11:34 <REP> Easy CD-DA Extractor 8
2007-02-17 07:27 <REP> Easy Internet signup
2005-09-20 12:56 <REP> EasyDVDCopyPro
2008-09-24 15:59 <REP> eChanblard
2008-08-11 07:31 <REP> ECI Telecom
2007-02-02 20:09 <REP> EkiPatchs
2008-06-29 12:55 <REP> eMule
2008-08-14 04:59 <REP> EoRezo
2007-02-02 11:34 <REP> Euro-Calculette
2006-04-30 15:57 <REP> EuroThink
2005-03-09 14:53 <REP> fabamusic
2007-02-02 11:34 <REP> FairUse Wizard 2
2008-09-18 23:05 <REP> Fichiers communs
2005-02-18 12:27 <REP> FileZilla
2008-09-25 08:18 <REP> FlashGet
2005-02-18 16:21 <REP> FlasKMPEG
2005-09-12 13:06 <REP> Foreignword
2008-09-03 14:28 <REP> Foxit Software
2005-10-08 02:15 <REP> F-Secure Internet Security
2005-02-20 22:36 <REP> Gabest
2005-10-29 13:05 <REP> GDiVX Player
2008-06-18 04:14 <REP> Google
2005-03-03 20:32 <REP> GordianKnot
2007-02-07 23:29 <REP> Grisoft
2006-08-11 12:28 <REP> Hewlett-Packard
2008-06-05 23:25 <REP> Horloge 2005
2006-10-17 09:46 <REP> HP
2007-02-02 11:34 <REP> HP DeskJet 710C Series
2006-05-24 15:47 <REP> HP DVD
2004-01-02 04:53 <REP> HP Pavilion PC Help
2006-10-17 10:18 <REP> HP Photosmart M417 FW Files
2005-10-29 08:51 54 inc1.bat
2005-02-14 19:08 <REP> Intel
2005-09-19 07:49 <REP> InterActual
2008-09-03 22:34 <REP> Internet Explorer
2006-01-24 11:07 <REP> InterVideo
2008-09-18 23:09 <REP> iPod
2008-09-04 03:50 <REP> ItsLabel
2008-09-18 23:09 <REP> iTunes
2005-11-13 00:17 <REP> iTunes(2)
2005-11-13 00:11 <REP> iTunes(3)
2005-05-22 17:55 <REP> Jasc Software Inc
2008-07-17 21:12 <REP> Java
2005-02-18 17:39 <REP> KC Softwares
2008-06-05 18:56 <REP> K-Lite Codec Pack
2008-06-04 11:05 <REP> K-Lite Codec Pack(2)
2006-09-21 13:18 <REP> Kodak
2007-01-20 16:39 <REP> LaCie
2008-06-06 16:57 <REP> Lavasoft
2008-06-18 04:17 <REP> LimeWire
2008-08-11 13:36 <REP> Logitech
2008-09-22 18:50 <REP> Malwarebytes' Anti-Malware
2007-02-02 11:34 <REP> MaxiCompte
2005-02-27 13:04 <REP> Maxthon
2008-06-24 23:57 <REP> Mediostream
2008-08-14 10:17 <REP> Messenger
2006-05-04 09:35 <REP> Micro Application
2008-09-04 03:27 <REP> Microangelo Toolset 6
2008-06-14 17:57 <REP> Microsoft CAPICOM 2.1.0.2
2006-06-30 17:37 <REP> microsoft frontpage
2008-06-08 07:28 <REP> Microsoft Office
2007-02-02 11:34 <REP> Microsoft Picture It! 9
2008-09-03 23:09 <REP> Microsoft Reader
2008-09-03 22:31 <REP> Microsoft Reader(2)
2008-09-03 22:30 <REP> Microsoft Reader(3)
2008-06-18 23:12 <REP> Microsoft SQL Server Compact Edition
2007-02-03 12:19 <REP> Microsoft Windows Vista Upgrade Advisor
2007-02-02 11:34 <REP> Microsoft Works
2006-11-16 15:38 <REP> Microsoft Works Suite 2004
2008-08-11 16:13 <REP> monAlbumPhoto
2006-10-23 23:27 <REP> Morgan
2008-06-14 18:43 <REP> Movie Maker
2007-02-25 22:01 <REP> MP3XTC
2005-05-26 09:13 <REP> MSN
2005-05-19 14:28 <REP> MSN Apps
2004-01-02 02:31 <REP> MSN Gaming Zone
2005-09-19 07:48 <REP> MSXML 4.0
2005-02-14 10:00 <REP> Multimedia Card Reader
2005-05-19 14:27 <REP> Music Mixer 3(2).0
2006-08-13 13:45 <REP> MUSK Codec Pack v5
2008-06-26 17:27 <REP> MyMPxPlayer.org
2005-03-01 02:24 <REP> Neodivx
2008-06-14 18:40 <REP> NetMeeting
2006-08-11 12:20 <REP> nLite
2008-06-08 19:32 <REP> ONES (F)
2005-08-18 06:36 <REP> Ontrack
2007-02-25 10:59 <REP> OO Software
2007-03-06 15:39 <REP> Orange
2008-06-14 18:40 <REP> Outlook Express
2008-06-11 09:01 <REP> Paint Shop Pro 9
2008-06-14 06:28 <REP> Panda Security
2005-10-26 09:16 <REP> Paragon Software
2005-02-18 04:03 <REP> PC-Doctor for Windows
2005-11-12 23:07 <REP> PDF Editeur 2
2006-09-29 09:07 <REP> PDFCreator
2008-06-24 17:26 <REP> Pegasys Inc
2005-02-17 19:42 <REP> Philips Semiconductors
2007-03-08 06:15 <REP> Picasa2
2008-09-17 12:29 <REP> Pinnacle
2005-11-08 16:14 <REP> PowerQuest
2008-09-18 23:07 <REP> QuickTime
2006-10-01 07:11 <REP> QuickTime(2)
2005-12-16 11:57 <REP> Radio Fr Solo
2006-09-25 02:18 <REP> Rainlendar
2005-04-29 08:22 <REP> Ratajik Software
2007-02-25 22:01 <REP> Raxco
2006-09-04 08:44 <REP> Real
2004-01-02 04:24 <REP> RecordNow!
2008-06-06 10:44 <REP> RegCleaner
2008-06-04 11:06 <REP> RegCleaner(2)
2005-11-13 00:13 <REP> Rippackv3
2008-09-24 23:44 <REP> Ripp-it_AM
2005-06-30 16:34 <REP> Roxio(2)
2005-07-31 05:59 <REP> RTE
2008-06-30 10:28 <REP> SAGEM
2006-10-14 03:58 <REP> SaveNow
2005-02-14 18:27 <REP> ScanSoft
2008-06-06 21:55 <REP> Seagate
2006-09-19 16:54 <REP> Securitoo
2004-01-02 05:01 <REP> Services en ligne
2008-06-11 08:58 <REP> Setup Files
2005-12-17 17:13 <REP> Shareaza
2005-10-10 11:04 <REP> Simon Tools
2006-09-29 09:00 <REP> SimonTools
2005-10-29 08:51 41 sleep.bat
2006-08-21 10:39 <REP> SmartSound Software
2008-09-06 16:35 <REP> SolidDocuments
2008-09-06 15:22 <REP> SomePDF
2004-01-02 04:24 <REP> Sonic
2005-03-02 18:55 <REP> SoundSpectrum
2008-09-18 05:51 <REP> SpywareBlaster
2008-06-08 08:29 <REP> SystemRequirementsLab
2008-09-23 14:35 <REP> TerraTec
2007-02-25 22:00 <REP> TerraTec(2)
2005-02-15 17:36 <REP> THOMSON mp3PRO Audio Player
2008-08-14 10:24 <REP> ThreatExpert Memory Scanner
2008-06-27 01:27 <REP> TMPGenc
2006-09-29 09:07 <REP> TuneUp E-Mail Backup
2008-09-04 04:22 <REP> TuneUp Utilities 2008
2007-02-17 07:31 <REP> Ulead Systems
2007-02-02 07:17 <REP> UPHClean
2005-02-14 21:03 <REP> VideoLAN
2006-10-09 07:45 <REP> Virtools Web Player 3.5
2005-11-13 00:12 <REP> Visage
2006-09-04 08:01 <REP> vso
2008-09-25 09:37 <REP> Wanadoo
2007-03-07 15:31 <REP> Warez
2005-02-14 13:47 <REP> WDC
2005-02-20 18:16 <REP> Webteh
2008-06-08 18:14 <REP> Western Digital Technologies
2007-02-18 12:46 <REP> Winamp
2008-06-29 13:21 <REP> WinAVI Video Capture
2008-06-29 13:23 <REP> WinAVIVideoConverter
2008-06-20 10:11 <REP> Windows Live
2007-02-01 12:51 <REP> Windows Live Safety Center
2006-12-04 11:08 <REP> Windows Media Bonus Pack for Windows XP
2005-02-14 18:56 <REP> Windows Media Components
2006-12-02 18:08 <REP> Windows Media Connect 2
2008-06-21 08:19 <REP> Windows Media Player
2008-06-14 18:40 <REP> Windows NT
2007-02-08 23:54 <REP> WinRAR
2004-01-02 02:35 <REP> xerox
2007-02-17 10:38 <REP> XnView
2005-11-30 11:54 <REP> X-OOM
2007-03-07 18:25 <REP> Yahoo!
5 fichier(s) 257 octets
226 Rép(s) 33,280,884,736 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs
2008-09-18 23:05 <REP> .
2008-09-18 23:05 <REP> ..
2005-05-22 17:39 <REP> ACD Systems
2007-02-16 11:49 <REP> Acronis
2005-06-21 10:10 <REP> Adaptec Shared
2006-12-19 15:56 <REP> Adobe
2005-12-06 02:29 <REP> Adobe Systems Shared
2005-05-30 18:31 <REP> Ahead
2008-09-18 23:07 <REP> Apple
2008-06-16 23:33 <REP> AVSMedia
2005-02-15 14:54 <REP> Copernic
1996-12-02 17:44 582,144 dao350.dll
2006-09-08 22:24 <REP> DESIGNER
2004-01-02 03:47 <REP> Hewlett-Packard
2006-08-02 13:34 <REP> HP
2005-05-22 17:55 <REP> InstallShield
2008-06-24 23:58 <REP> InstallShield Shared
2005-09-19 07:49 <REP> InterVideo
2005-05-22 17:57 <REP> Jasc Software Inc
2006-11-12 10:36 <REP> Java
2008-09-03 23:11 <REP> L&H
2006-09-04 12:37 <REP> Logitech
2006-05-05 15:04 <REP> MAGIX Shared
2005-05-22 11:34 <REP> Micro Application Shared
2008-09-03 23:09 <REP> Microsoft Shared
2004-01-02 02:32 <REP> MSSoap
2006-04-26 21:28 <REP> muiq
2006-08-14 20:19 <REP> Nero
2004-01-02 02:28 <REP> ODBC
2008-09-03 23:12 <REP> OverDrive Shared
2008-06-05 18:54 <REP> Real
2005-06-30 16:34 <REP> Roxio Shared(2)
2005-02-14 18:27 <REP> ScanSoft Shared
2006-10-19 06:32 <REP> Services
2005-09-19 12:00 <REP> Softwin
2004-01-02 04:25 <REP> Sonic
2006-01-19 23:43 <REP> Sonic Shared
2004-01-02 02:28 <REP> SpeechEngines
2004-01-02 04:24 <REP> SureThing Shared
2005-03-21 13:24 <REP> SWF Studio
2008-06-14 18:40 <REP> System
2008-09-23 14:35 <REP> TerraTec
2007-02-17 07:31 <REP> Ulead Systems
2008-06-10 13:15 <REP> Wise Installation Wizard
2008-09-06 15:27 <REP> XpressUpdate
2008-09-17 12:29 <REP> Yahoo!
1 fichier(s) 582,144 octets
45 Rép(s) 33,280,888,832 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
2008-06-14 20:37 <REP> .
2008-06-14 20:37 <REP> ..
2005-02-15 09:49 <REP> 1033
2006-09-08 22:15 <REP> 1036
2006-04-25 21:33 967,952 MSONSEXT.DLL
2006-05-02 19:37 40,208 MSOSV.DLL
1999-06-03 22:09 122,937 MSOWS409.DLL
2001-03-07 17:00 127,033 MSOWS40c.DLL
2000-08-06 09:04 401,462 MSVCP60.DLL
2004-01-29 16:08 69,632 PKMAXCTL.DLL
2004-01-29 16:08 868,352 PKMCDO.DLL
2004-01-29 16:08 53,248 PKMCORE.DLL
2004-01-29 16:08 102,400 PKMFORMS.DLL
2004-01-29 16:38 634,880 PKMRES.DLL
2004-01-29 16:08 28,672 PKMSSTLB.DLL
2001-01-22 03:25 40,960 PKMTEMPL.DLL
2004-01-29 16:08 24,576 PKMTRACE.DLL
2004-01-29 16:08 86,016 PKMWS.DLL
2004-01-29 16:08 237,568 PROMDEMO.DLL
1999-03-18 07:37 593,977 RAGENT.DLL
2004-01-29 16:08 184,320 SECMGR.DLL
2004-01-29 16:08 315,392 VAIDDMGR.DLL
2004-01-29 16:08 32,768 VAIMEM.DLL
19 fichier(s) 4,932,353 octets
4 Rép(s) 33,280,884,736 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\common files
2004-01-02 04:17 <REP> .
2004-01-02 04:17 <REP> ..
2005-02-14 10:03 <REP> System
0 fichier(s) 0 octets
3 Rép(s) 33,280,884,736 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\
2008-08-10 13:09 1,083,904 MPEG_Streamclip.exe
2006-05-01 08:20 24,623,869 PNL_Les fondements_demo.exe
2005-04-16 20:50 232,960 Recover4all-Professional.exe
2005-10-31 17:56 700,416 StubInstaller.exe
re..
j'ai corrige uStart dans la barre de recherche par supprimé
le son "ploc" reste toujours en fermeture
dans le scan j'ai noté un rootkit/stealth malware detector http://www.gmer.net donc???????
a suivre.............
j'ai corrige uStart dans la barre de recherche par supprimé
le son "ploc" reste toujours en fermeture
dans le scan j'ai noté un rootkit/stealth malware detector http://www.gmer.net donc???????
a suivre.............
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
25 sept. 2008 à 19:06
25 sept. 2008 à 19:06
Bonsoir
très bien ton rapport montre encore des infections
Télécharge combofix.exe (par sUBs) et sauvegarde le sur ton bureau.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Déconnecte toi d'internet et ferme toutes tes applications.
* Désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,
* Double-clic sur combofix.exe, il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
* /!\ Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne /!\
* Attends que Combofix ait terminé, un rapport sera créé.
* réactive ton parefeu, ton antivirus, la garde de ton antispyware
* copie/colle le rapport, le rapport se trouve dans : C:Combofix.txt
* Réactive tes protections en temps réel, Antivirus, Antispywares, avant de te reconnecter à internet.
très bien ton rapport montre encore des infections
Télécharge combofix.exe (par sUBs) et sauvegarde le sur ton bureau.
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Déconnecte toi d'internet et ferme toutes tes applications.
* Désactive tes protections (antivirus, parefeu,antispyware) provisoirement et seulement le temps de l'utilisation de ComboFix,
* Double-clic sur combofix.exe, il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
* /!\ Ne touche à rien tant que le scan n'est pas terminé.Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne /!\
* Attends que Combofix ait terminé, un rapport sera créé.
* réactive ton parefeu, ton antivirus, la garde de ton antispyware
* copie/colle le rapport, le rapport se trouve dans : C:Combofix.txt
* Réactive tes protections en temps réel, Antivirus, Antispywares, avant de te reconnecter à internet.
VOILA BONSOIR!
ComboFix 08-09-25.03 - Propri‚taire 2008-09-25 21:15:38.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1569 [GMT 2:00]
Lancé depuis: C:\Downloads\software\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\lsprst7.dll
C:\WINDOWS\system32\ssprs.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_poof
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-25 au 2008-09-25 ))))))))))))))))))))))))))))))))))))
.
2008-09-25 19:46 . 2008-09-25 19:58 <REP> d-------- C:\Program Files\Total Video Converter
2008-09-25 19:35 . 2008-09-25 19:35 72 --a------ C:\Default.PLS
2008-09-25 19:34 . 2008-09-25 18:34 10,774,435 --a------ C:\1 - la caravane de loire … Beaugency ,orleans,gien,malabar.mpeg.flv
2008-09-25 19:26 . 2008-09-25 19:27 <REP> d-------- C:\deplac‚moi
2008-09-25 18:16 . 2008-09-25 18:16 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-09-25 18:15 . 2008-09-25 18:15 <REP> d-------- C:\Program Files\Real
2008-09-25 09:40 . 2008-09-25 09:40 34,894,694 --a------ C:\upload_moi_NOM-W8KZ05N5F7S.tar.gz
2008-09-25 09:21 . 2008-09-25 09:21 217,801 --a------ C:\foret.jpg
2008-09-25 08:15 . 2008-09-25 08:16 <REP> d-------- C:\diaghep
2008-09-24 23:47 . 2008-09-24 23:47 105 --a------ C:\ripp.bat
2008-09-24 23:45 . 2008-09-24 23:45 127 --a------ C:\reecmuxmkv.bat
2008-09-24 21:54 . 2008-09-25 00:09 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-09-24 11:01 . 2008-09-24 11:03 38,162,432 --a------ C:\film.avi
2008-09-24 09:04 . 2008-09-24 09:04 16,692 --a------ C:\dessin2.jpg
2008-09-24 08:41 . 2008-09-24 09:11 15,163 --a------ C:\dessin.jpg
2008-09-23 21:43 . 2008-09-23 21:43 77,744 --a------ C:\watch-vfl56562.swf
2008-09-23 14:36 . 2008-09-23 14:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TerraTec
2008-09-23 14:35 . 2008-09-23 14:35 <REP> d-------- C:\Program Files\TerraTec
2008-09-23 10:41 . 2008-09-23 10:42 <REP> d-------- C:\Program Files\DScaler5
2008-09-23 10:28 . 2008-09-24 07:17 <REP> d-------- C:\pouchintv
2008-09-23 00:27 . 2008-09-23 00:28 <REP> d-------- C:\WINDOWS\ERUNT
2008-09-23 00:04 . 2008-09-23 00:56 <REP> d-------- C:\SDFix
2008-09-22 12:31 . 2008-09-22 12:31 <REP> d-------- C:\driver cinergiet292008
2008-09-21 22:49 . 2008-09-21 22:59 112,115,270 --a------ C:\claurand.mpg
2008-09-19 06:23 . <REP> C:\Documents and Settings\Propriétaire\Application Data\MPEG Streamclip
2008-09-19 06:20 . 2008-09-19 06:35 <REP> d-------- C:\streamclip
2008-09-19 05:36 . 2008-09-19 05:36 65,549 --a------ C:\tarif.jpg
2008-09-19 05:04 . 2008-09-19 05:04 134,224 --a------ C:\sncf.jpg
2008-09-18 23:23 . 2008-08-10 13:09 1,083,904 --a------ C:\MPEG_Streamclip.exe
2008-09-18 23:09 . 2008-09-18 23:09 <REP> d-------- C:\Program Files\iPod
2008-09-18 23:08 . 2008-09-18 23:09 <REP> d-------- C:\Program Files\iTunes
2008-09-18 23:08 . 2008-09-18 23:08 <REP> d-------- C:\Program Files\Bonjour
2008-09-18 23:08 . 2008-09-18 23:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-18 23:05 . 2008-09-18 23:07 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-09-18 23:05 . 2008-09-18 23:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-09-18 12:23 . 2008-09-18 12:23 223,294 --a------ C:\feux_grand.jpg
2008-09-18 12:22 . 2008-09-18 12:22 33,280 --a------ C:\feu_d_artifice.jpg
2008-09-18 08:50 . 2008-09-18 08:50 156,708 --a------ C:\Tantra_Chinois.pdf
2008-09-18 04:35 . 2008-09-18 04:37 67,893,248 --a------ C:\beaugency 1er partie(1).mpg
2008-09-17 19:49 . 2008-09-17 19:57 189,079,552 --a------ C:\beaugency 2eme partie.mpg
2008-09-17 19:39 . 2008-09-17 19:46 176,744,448 --a------ C:\beaugency 1er partie.mpg
2008-09-17 15:21 . 2008-09-17 15:46 393,773,056 --a------ C:\Mon Feux d'artifice.mpg
2008-09-17 15:09 . 2008-09-18 22:35 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-17 15:09 . 2008-09-17 15:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-17 15:03 . 2008-09-17 15:03 0 --a------ C:\Mon Film.stx
2008-09-17 13:48 . 2008-09-17 13:53 138,283,008 --a------ C:\ARTIFICEbeaugency.mpg
2008-09-17 13:10 . 2008-09-17 13:10 7,979 --a------ C:\fartifice.jpg
2008-09-17 12:38 . 2008-09-19 00:35 100,352 --a------ C:\WINDOWS\mmproxy_40.mdb
2008-09-17 12:32 . 2008-09-17 12:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
2008-09-17 12:29 . 2008-09-17 12:29 <REP> d-------- C:\Program Files\Fichiers communs\Yahoo!
2008-09-17 12:29 . 2008-09-17 12:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VideoSpin
2008-09-13 16:59 . 2008-09-25 16:14 <REP> d-------- C:\sylvietantra
2008-09-12 09:56 . 2008-09-12 09:57 <REP> d-------- C:\ta
2008-09-10 13:32 . 2008-09-10 13:32 118,650 --a------ C:\C__ASSEDIC2007-2008_Unidialog_3381239K_1221045215736[1]sezptembre2008..pdf.pdf
2008-09-10 13:32 . 2008-09-15 20:29 112,666 --------- C:\WINDOWS\hpoins07.dat.temp
2008-09-10 13:32 . 2005-05-24 08:50 21,124 --------- C:\WINDOWS\hpomdl07.dat.temp
2008-09-10 13:17 . 2008-09-10 13:17 176,867 --a------ C:\(C___Documents and Settings__Propri_351taire__Local Settings__Temporary Internet Files__Content.IE5__BH3JXR9F__Unidialog_3381239K_12210452).pdf
2008-09-10 09:50 . 2008-09-10 09:50 236,566 --a------ C:\Num‚riser002eaugency.jpg
2008-09-10 09:45 . 2008-09-10 09:45 323,361 --a------ C:\Num‚risebeaugency2.jpg
2008-09-06 22:29 . 2008-09-06 22:29 2,704 --a------ C:\WINDOWS\system32\settings.aaw
2008-09-06 22:29 . 2008-09-06 22:29 1,488 --a------ C:\WINDOWS\system32\history.aaw
2008-09-06 17:02 . 2008-09-06 17:03 <REP> d-------- C:\Program Files\ABBYY PDF Transformer 2.0
2008-09-06 17:02 . 2008-09-06 17:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ABBYY
2008-09-06 17:02 . 2004-12-07 08:11 258,352 --a------ C:\WINDOWS\system32\unicows.dll
2008-09-06 17:02 . 2006-01-30 10:32 5,632 --a------ C:\WINDOWS\system32\pxc25pm.dll
2008-09-06 17:01 . 2008-09-06 17:02 <REP> d-------- C:\PDF Transformer 2.0 Pro
2008-09-06 16:38 . 2008-09-06 16:42 118 --a------ C:\WINDOWS\ConverterCore.INI
2008-09-06 16:36 . <REP> C:\Documents and Settings\Propriétaire\Application Data\SolidDocuments
2008-09-06 16:35 . 2008-09-06 16:35 <REP> d-------- C:\Program Files\SolidDocuments
2008-09-06 16:35 . 2008-09-06 16:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SolidDocuments
2008-09-06 16:35 . 2008-08-01 18:32 21,240 --a------ C:\WINDOWS\system32\solidlocalmon.dll
2008-09-06 16:35 . 2008-08-01 18:32 13,560 --a------ C:\WINDOWS\system32\solidlocalui.dll
2008-09-06 16:33 . 2008-09-06 16:33 97,014 --a------ C:\art100osho.jpg
2008-09-06 15:22 . 2008-09-06 15:22 <REP> d-------- C:\Program Files\SomePDF
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-09-06 14:47 . 2008-09-06 15:27 <REP> d-------- C:\Program Files\Fichiers communs\XpressUpdate
2008-09-06 14:47 . <REP> C:\Documents and Settings\Propriétaire\Application Data\PixelPlanet
2008-09-06 14:47 . 2008-09-06 14:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PixelPlanet
2008-09-06 14:18 . 2008-09-06 14:18 <REP> d-------- C:\WINDOWS\PrimoPDF4
2008-09-06 14:18 . 2008-09-06 14:18 <REP> d-------- C:\Program Files\activePDF
2008-09-06 14:18 . 2006-12-11 22:12 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2008-09-06 13:37 . 2008-09-06 13:37 0 --a------ C:\WINDOWS\hpqEmlSz.INI
2008-09-06 11:41 . 2008-09-06 11:41 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application DataPDFcreator
2008-09-06 10:01 . 2008-09-06 10:01 199,231 --a------ C:\rajhneesjpuram.jpg
2008-09-06 09:54 . 2008-09-06 09:54 46,427 --a------ C:\anuprem.jpg
2008-09-06 09:50 . 2008-09-06 09:50 121,461 --a------ C:\pradip0.jpg
2008-09-06 09:45 . 2008-09-06 09:45 93,589 --a------ C:\pradip5.jpg
2008-09-06 09:39 . 2008-09-06 09:39 112,203 --a------ C:\pradip02.jpg
2008-09-06 09:39 . 2008-09-06 09:39 36,811 --a------ C:\pradip3.jpg
2008-09-06 09:33 . 2008-09-06 09:33 98,122 --a------ C:\pradip2.jpg
2008-09-06 09:23 . 2008-09-06 09:23 61,012 --a------ C:\pradip.jpg
2008-09-06 09:06 . 2008-09-06 09:16 157,970 --a------ C:\rajneesh.jpg
2008-09-05 11:54 . 2008-09-05 11:54 73 --a------ C:\PIEDS20080901TANTRA BAGWATY.ram
2008-09-05 10:37 . 2008-09-05 10:37 22,884 --a------ C:\sans titreapple expo.mht
2008-09-05 10:04 . 2008-09-05 10:46 <REP> d-------- C:\ubcd
2008-09-05 08:27 . 2008-09-05 08:27 3,167 --a------ C:\maureen.rtf
2008-09-05 06:24 . 2008-09-05 06:24 126,610 --a------ C:\irm1.jpg
2008-09-05 06:17 . 2008-09-05 06:17 135,713 --a------ C:\irmjmjB.jpg
2008-09-04 23:22 . 2008-09-04 23:22 124,489 --a------ C:\IRMJMJ2.jpg
2008-09-04 23:17 . 2008-09-04 23:17 136,721 --a------ C:\IRMJMJ.jpg
2008-09-04 03:38 . 2008-09-04 03:38 25,214 --a------ C:\shell32 012.ico
2008-09-04 03:31 . 2008-09-04 03:31 8,704 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-09-04 03:27 . 2008-09-04 03:27 <REP> d-------- C:\Program Files\Microangelo Toolset 6
2008-09-03 23:12 . 2008-09-03 23:12 <REP> d-------- C:\Program Files\Fichiers communs\OverDrive Shared
2008-09-03 23:09 . 2008-09-03 23:09 <REP> d-------- C:\Program Files\Microsoft Reader
2008-09-03 23:09 . 2003-06-05 17:15 57,436 --a------ C:\WINDOWS\DASShp.dll
2008-09-03 22:55 . 2003-09-23 22:21 10,129,408 --a--c--- C:\WINDOWS\system32\dllcache\hwxkor.dll
2008-09-03 22:55 . 2003-09-23 22:21 10,096,640 --a--c--- C:\WINDOWS\system32\dllcache\hwxcht.dll
2008-09-03 19:12 . 2008-09-03 22:30 <REP> d-------- C:\Program Files\Microsoft Reader(3)
2008-09-03 14:30 . 2008-09-03 14:32 0 --a------ C:\WINDOWS\system32\FOXIT_PDF
2008-09-03 14:30 . 2008-09-03 14:36 0 --a------ C:\stimulezvotre appetit amoureuxaphro.pdf
2008-09-03 10:53 . 2008-09-03 10:53 140,478 --a------ C:\fedida.jpg
2008-09-02 12:07 . 2008-09-03 23:11 <REP> d-------- C:\Program Files\Fichiers communs\L&H
2008-09-02 11:38 . 2008-09-03 22:31 <REP> d-------- C:\Program Files\Microsoft Reader(2)
2008-09-01 21:15 . 2008-09-02 01:14 <REP> d-------- C:\OSHO
2008-08-31 22:13 . 2008-08-31 22:13 59,541 --a------ C:\pic09184argent.jpg
2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\WINDOWS\system32\dns-sd.exe
2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\WINDOWS\system32\dnssd.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-25 19:24 --------- d-----w C:\Program Files\Wanadoo
2008-09-25 19:14 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-25 19:13 --------- d-----w C:\Program Files\FlashGet
2008-09-25 16:16 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-09-25 16:16 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Real
2008-09-25 15:10 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-09-24 21:44 --------- d-----w C:\Program Files\Ripp-it_AM
2008-09-24 13:59 --------- d-----w C:\Program Files\eChanblard
2008-09-24 08:55 --------- d-----w C:\Program Files\AviSynth 2.5
2008-09-23 12:35 --------- d-----w C:\Program Files\Fichiers communs\TerraTec
2008-09-23 12:34 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\TerraTec
2008-09-22 16:50 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-22 03:10 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Vso
2008-09-18 21:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-18 21:07 --------- d-----w C:\Program Files\QuickTime
2008-09-18 21:06 --------- d-----w C:\Program Files\Apple Software Update
2008-09-18 03:51 --------- d-----w C:\Program Files\SpywareBlaster
2008-09-17 10:29 --------- d-----w C:\Program Files\Pinnacle
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-06 12:05 196,248 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2008-09-04 01:50 --------- d-----w C:\Program Files\ItsLabel
2008-09-03 21:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-03 20:31 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Rainlendar
2008-09-03 12:28 --------- d-----w C:\Program Files\Foxit Software
2008-08-14 08:24 --------- d-----w C:\Program Files\ThreatExpert Memory Scanner
2008-08-14 02:59 --------- d-----w C:\Program Files\EoRezo
2008-08-14 02:59 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\EoRezo
2008-08-14 02:51 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\ItsLabel
2008-08-13 22:49 355,584 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-08-13 19:34 --------- d-----w C:\Program Files\CCleaner
2008-08-13 09:28 91,744 -c--a-w C:\WINDOWS\BPMNT.dll
2008-08-13 09:28 1,213,784 -c--a-w C:\WINDOWS\vsapi32.dll
2008-08-12 03:17 71,749 -c--a-w C:\WINDOWS\hcextoutput.dll
2008-08-12 03:17 333,576 -c--a-w C:\WINDOWS\tsc.exe
2008-08-12 03:14 69,689 -c--a-w C:\WINDOWS\UNZIP.DLL
2008-08-12 03:14 507,904 -c--a-w C:\WINDOWS\TMUPDATE.DLL
2008-08-12 03:14 286,720 -c--a-w C:\WINDOWS\PATCH.EXE
2008-08-11 14:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\hps
2008-08-11 14:38 --------- d-----w C:\Program Files\CORA
2008-08-11 14:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\albumphoto
2008-08-11 14:13 --------- d-----w C:\Program Files\monAlbumPhoto
2008-08-11 11:36 --------- d-----w C:\Program Files\Logitech
2008-08-11 11:27 130,208 ------r C:\WINDOWS\bwUnin-8.1.1.87-8876480SL.exe
2008-08-11 05:31 --------- d-----w C:\Program Files\ECI Telecom
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es(2).dll
2008-06-29 09:26 37,888 ----a-w C:\WINDOWS\system32\rar.exe
2008-06-14 16:57 1,048,576 ---ha-w C:\Documents and Settings\Invité\NTUSER.DAT
2006-08-19 23:13 81,920 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\ezpinst.exe
2006-08-19 23:13 47,360 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\pcouffin.sys
2006-08-06 04:09 50,242 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\wklnhst.dat
2005-10-29 06:52 54 -c--a-w C:\Program Files\bit.bat
2005-10-29 06:52 54 ----a-w C:\Program Files\bit3.bat
2005-10-29 06:52 54 ----a-w C:\Program Files\bit2.bat
2005-10-29 06:51 54 ----a-w C:\Program Files\inc1.bat
2005-10-29 06:51 41 ----a-w C:\Program Files\sleep.bat
1996-12-02 15:44 582,144 ----a-w C:\Program Files\Fichiers communs\dao350.dll
2005-03-05 11:58 56 --sh--r C:\WINDOWS\system32\600F43451F.sys
2005-03-03 09:38 56 --sh--r C:\WINDOWS\system32\6253F84B4E.sys
2008-06-14 16:52 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008061420080615\index.dat
.
[code]<pre>
------w 14,597,893 2007-03-06 13:34:08 C:\Documents and Settings\Propriétaire\Mes documents\jmj.navino1\3.3.1_Installation Player Orange .exe
</pre>/code
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"Acme.PCHButton"="C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe" [2004-01-02 155648]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-08-22 1234160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetIcon"="\Program Files\WDC\SetIcon.exe" [2004-01-30 46080]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 406016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"DVDTray"="C:\Program Files\HP DVD\Umbrella\DVDTray.exe" [2004-09-03 53248]
"CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-18 1185264]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-18 1961576]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-03 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-25 1397760]
"RemoteControl"="C:\WINDOWS\system32\rmctrl.exe" [2000-10-16 32768]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
"LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-10-17 87584]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe" [2008-05-14 1101824]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-09-25 185872]
"WD Button Manager"="WDBtnMgr.exe" [2005-02-17 C:\WINDOWS\system32\WDBtnMgr.exe]
"P17Helper"="P17.dll" [2005-05-03 C:\WINDOWS\system32\P17.dll]
"nwiz"="nwiz.exe" [2003-12-05 C:\WINDOWS\system32\nwiz.exe]
"DSLAGENTEXE"="dslagent.exe" [2002-01-22 C:\WINDOWS\system32\dslagent.exe]
C:\Documents and Settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
Horloge 2005.lnk - C:\Program Files\Horloge 2005\Horloge 2005.exe [2007-02-18 437248]
Rainlendar.lnk - C:\Program Files\Rainlendar\Rainlendar.exe [2004-12-05 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"vidc.MOHD"= mohd.dll
"VIDC.SP53"= SP5X_32.DLL
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"VIDC.SP59"= SP5X_32.DLL
"vidc.mjpg"= pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiVir
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq lite
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msconfig
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Update Checker
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Update
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
--a------ 2007-04-26 16:19 2908160 C:\Program Files\ItsLabel\ItsTV.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-09-10 17:40 289576 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
--------- 2003-02-11 20:02 61440 C:\hp\KBD\kbd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-08-11 13:27 91440 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechGalleryRepair]
--a------ 2002-12-10 18:32 155648 C:\Program Files\Logitech\ImageStudio\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechImageStudioTray]
--a------ 2002-12-10 18:31 61440 C:\Program Files\Logitech\ImageStudio\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
--a------ 2002-12-10 17:54 127022 C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVComS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TerraTec Remote Control]
--a------ 2008-05-14 11:32 1101824 C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2006-11-21 19:38 35328 C:\Program Files\Winamp\winampa.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"=
"C:\\Program Files\\eChanblard\\emule.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"=
"C:\\Program Files\\Conference\\Conference.dll"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"=
"C:\\Program Files\\Warez\\Warez.exe"=
"C:\\Program Files\\FlashGet\\FlashGet.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2004-03-10 15172]
R1 lusbaudio;Logitech USB Microphone;C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 34816]
R1 SSHDRV65;SSHDRV65;C:\WINDOWS\system32\drivers\SSHDRV65.sys [2005-02-19 120320]
R2 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool;C:\WINDOWS\Installer\MSI129.tmp [2008-09-06 189688]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2002-06-10 10254]
R3 LVVI500A;LVVI500A Service;C:\WINDOWS\system32\DRIVERS\lvvi500a.sys [2002-06-10 188592]
R3 TTCinergyT2;TerraTec Cinergy T² (BDA);C:\WINDOWS\system32\DRIVERS\TTCinergyT2BDA.sys [2007-07-12 29216]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2007-01-04 69656]
S2 gafwload;ECI Telecom USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2002-01-22 26987]
S2 HPFECP13;HPFECP13;C:\WINDOWS\system32\drivers\HPFECP13.SYS [1998-09-25 52800]
S3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
S3 inibtmgr;WD Bridge Controller Driver;C:\WINDOWS\system32\DRIVERS\inibtmgr.sys [2003-12-09 9728]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-08-14 355584]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad389d6e-2bb0-11db-97c3-806d6172696f}]
\Shell\AutoRun\command - G:\SH-S182D(TS-H652D).exe
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Default_Search_URL = hxxp://srch-fr10.hpwis.com/
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R0 -: HKCU-Main,Start Page = hxxp://www.ustart.org
R0 -: HKCU-Main,Search Bar =
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/keyword/%s
O8 -: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 -: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 -: &Traduire à partir de l'anglais
O8 -: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 -: Backward &Links - C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 -: Cac&hed Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 -: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 -: E&xporter vers Microsoft Excel
O8 -: Pages liées
O8 -: Pages similaires
O8 -: Recherche &Google
O8 -: Si&milar Pages - C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 -: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 -: Version de la page actuelle disponible dans le cache Google
O9 -: { - C:\Program Files\Messenger\msmsgs.exe
O9 -: {C:\Program Files\Messenger\msmsgs.exe - -
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 -: Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O18 -: Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://dev.srtest.com/srl_bin/sysreqlab3.cab
C:\WINDOWS\Downloaded Program Files\SysReqLab3.osd
C:\WINDOWS\Downloaded Program Files\sysreqlab3.dll
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
C:\WINDOWS\Downloaded Program Files\oscan8.inf
C:\WINDOWS\bdoscandellang.ini
C:\WINDOWS\bdoscandel.exe
C:\WINDOWS\Downloaded Program Files\live.ini
C:\WINDOWS\Downloaded Program Files\scanoptions.tsi
C:\WINDOWS\Downloaded Program Files\lang.ini
C:\WINDOWS\Downloaded Program Files\ipsupd.dll
C:\WINDOWS\Downloaded Program Files\bdupd.dll
C:\WINDOWS\Downloaded Program Files\libfn.dll
C:\WINDOWS\Downloaded Program Files\bdcore.dll
C:\WINDOWS\Downloaded Program Files\oscan8.ocx
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-25 21:23:04
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCPDFV4ReadSpool]
"ImagePath"="C:\WINDOWS\Installer\MSI129.tmp"
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\WINDOWS\system32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\Program Files\Dantz\Retrospect\wdsvc.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\Program Files\HP Pavilion PC Help\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Heure de fin: 2008-09-25 21:33:57 - La machine a redémarré [Propri‚taire]
ComboFix-quarantined-files.txt 2008-09-25 19:33:48
ComboFix2.txt 2008-08-14 09:08:21
Avant-CF: 32,832,225,280 octets libres
Après-CF: 32,770,154,496 octets libres
480 --- E O F --- 2008-09-10 10:49:19
ComboFix 08-09-25.03 - Propri‚taire 2008-09-25 21:15:38.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1569 [GMT 2:00]
Lancé depuis: C:\Downloads\software\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\lsprst7.dll
C:\WINDOWS\system32\ssprs.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_poof
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-25 au 2008-09-25 ))))))))))))))))))))))))))))))))))))
.
2008-09-25 19:46 . 2008-09-25 19:58 <REP> d-------- C:\Program Files\Total Video Converter
2008-09-25 19:35 . 2008-09-25 19:35 72 --a------ C:\Default.PLS
2008-09-25 19:34 . 2008-09-25 18:34 10,774,435 --a------ C:\1 - la caravane de loire … Beaugency ,orleans,gien,malabar.mpeg.flv
2008-09-25 19:26 . 2008-09-25 19:27 <REP> d-------- C:\deplac‚moi
2008-09-25 18:16 . 2008-09-25 18:16 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-09-25 18:15 . 2008-09-25 18:15 <REP> d-------- C:\Program Files\Real
2008-09-25 09:40 . 2008-09-25 09:40 34,894,694 --a------ C:\upload_moi_NOM-W8KZ05N5F7S.tar.gz
2008-09-25 09:21 . 2008-09-25 09:21 217,801 --a------ C:\foret.jpg
2008-09-25 08:15 . 2008-09-25 08:16 <REP> d-------- C:\diaghep
2008-09-24 23:47 . 2008-09-24 23:47 105 --a------ C:\ripp.bat
2008-09-24 23:45 . 2008-09-24 23:45 127 --a------ C:\reecmuxmkv.bat
2008-09-24 21:54 . 2008-09-25 00:09 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-09-24 11:01 . 2008-09-24 11:03 38,162,432 --a------ C:\film.avi
2008-09-24 09:04 . 2008-09-24 09:04 16,692 --a------ C:\dessin2.jpg
2008-09-24 08:41 . 2008-09-24 09:11 15,163 --a------ C:\dessin.jpg
2008-09-23 21:43 . 2008-09-23 21:43 77,744 --a------ C:\watch-vfl56562.swf
2008-09-23 14:36 . 2008-09-23 14:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TerraTec
2008-09-23 14:35 . 2008-09-23 14:35 <REP> d-------- C:\Program Files\TerraTec
2008-09-23 10:41 . 2008-09-23 10:42 <REP> d-------- C:\Program Files\DScaler5
2008-09-23 10:28 . 2008-09-24 07:17 <REP> d-------- C:\pouchintv
2008-09-23 00:27 . 2008-09-23 00:28 <REP> d-------- C:\WINDOWS\ERUNT
2008-09-23 00:04 . 2008-09-23 00:56 <REP> d-------- C:\SDFix
2008-09-22 12:31 . 2008-09-22 12:31 <REP> d-------- C:\driver cinergiet292008
2008-09-21 22:49 . 2008-09-21 22:59 112,115,270 --a------ C:\claurand.mpg
2008-09-19 06:23 . <REP> C:\Documents and Settings\Propriétaire\Application Data\MPEG Streamclip
2008-09-19 06:20 . 2008-09-19 06:35 <REP> d-------- C:\streamclip
2008-09-19 05:36 . 2008-09-19 05:36 65,549 --a------ C:\tarif.jpg
2008-09-19 05:04 . 2008-09-19 05:04 134,224 --a------ C:\sncf.jpg
2008-09-18 23:23 . 2008-08-10 13:09 1,083,904 --a------ C:\MPEG_Streamclip.exe
2008-09-18 23:09 . 2008-09-18 23:09 <REP> d-------- C:\Program Files\iPod
2008-09-18 23:08 . 2008-09-18 23:09 <REP> d-------- C:\Program Files\iTunes
2008-09-18 23:08 . 2008-09-18 23:08 <REP> d-------- C:\Program Files\Bonjour
2008-09-18 23:08 . 2008-09-18 23:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-18 23:05 . 2008-09-18 23:07 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-09-18 23:05 . 2008-09-18 23:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-09-18 12:23 . 2008-09-18 12:23 223,294 --a------ C:\feux_grand.jpg
2008-09-18 12:22 . 2008-09-18 12:22 33,280 --a------ C:\feu_d_artifice.jpg
2008-09-18 08:50 . 2008-09-18 08:50 156,708 --a------ C:\Tantra_Chinois.pdf
2008-09-18 04:35 . 2008-09-18 04:37 67,893,248 --a------ C:\beaugency 1er partie(1).mpg
2008-09-17 19:49 . 2008-09-17 19:57 189,079,552 --a------ C:\beaugency 2eme partie.mpg
2008-09-17 19:39 . 2008-09-17 19:46 176,744,448 --a------ C:\beaugency 1er partie.mpg
2008-09-17 15:21 . 2008-09-17 15:46 393,773,056 --a------ C:\Mon Feux d'artifice.mpg
2008-09-17 15:09 . 2008-09-18 22:35 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-17 15:09 . 2008-09-17 15:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-17 15:03 . 2008-09-17 15:03 0 --a------ C:\Mon Film.stx
2008-09-17 13:48 . 2008-09-17 13:53 138,283,008 --a------ C:\ARTIFICEbeaugency.mpg
2008-09-17 13:10 . 2008-09-17 13:10 7,979 --a------ C:\fartifice.jpg
2008-09-17 12:38 . 2008-09-19 00:35 100,352 --a------ C:\WINDOWS\mmproxy_40.mdb
2008-09-17 12:32 . 2008-09-17 12:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
2008-09-17 12:29 . 2008-09-17 12:29 <REP> d-------- C:\Program Files\Fichiers communs\Yahoo!
2008-09-17 12:29 . 2008-09-17 12:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VideoSpin
2008-09-13 16:59 . 2008-09-25 16:14 <REP> d-------- C:\sylvietantra
2008-09-12 09:56 . 2008-09-12 09:57 <REP> d-------- C:\ta
2008-09-10 13:32 . 2008-09-10 13:32 118,650 --a------ C:\C__ASSEDIC2007-2008_Unidialog_3381239K_1221045215736[1]sezptembre2008..pdf.pdf
2008-09-10 13:32 . 2008-09-15 20:29 112,666 --------- C:\WINDOWS\hpoins07.dat.temp
2008-09-10 13:32 . 2005-05-24 08:50 21,124 --------- C:\WINDOWS\hpomdl07.dat.temp
2008-09-10 13:17 . 2008-09-10 13:17 176,867 --a------ C:\(C___Documents and Settings__Propri_351taire__Local Settings__Temporary Internet Files__Content.IE5__BH3JXR9F__Unidialog_3381239K_12210452).pdf
2008-09-10 09:50 . 2008-09-10 09:50 236,566 --a------ C:\Num‚riser002eaugency.jpg
2008-09-10 09:45 . 2008-09-10 09:45 323,361 --a------ C:\Num‚risebeaugency2.jpg
2008-09-06 22:29 . 2008-09-06 22:29 2,704 --a------ C:\WINDOWS\system32\settings.aaw
2008-09-06 22:29 . 2008-09-06 22:29 1,488 --a------ C:\WINDOWS\system32\history.aaw
2008-09-06 17:02 . 2008-09-06 17:03 <REP> d-------- C:\Program Files\ABBYY PDF Transformer 2.0
2008-09-06 17:02 . 2008-09-06 17:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ABBYY
2008-09-06 17:02 . 2004-12-07 08:11 258,352 --a------ C:\WINDOWS\system32\unicows.dll
2008-09-06 17:02 . 2006-01-30 10:32 5,632 --a------ C:\WINDOWS\system32\pxc25pm.dll
2008-09-06 17:01 . 2008-09-06 17:02 <REP> d-------- C:\PDF Transformer 2.0 Pro
2008-09-06 16:38 . 2008-09-06 16:42 118 --a------ C:\WINDOWS\ConverterCore.INI
2008-09-06 16:36 . <REP> C:\Documents and Settings\Propriétaire\Application Data\SolidDocuments
2008-09-06 16:35 . 2008-09-06 16:35 <REP> d-------- C:\Program Files\SolidDocuments
2008-09-06 16:35 . 2008-09-06 16:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SolidDocuments
2008-09-06 16:35 . 2008-08-01 18:32 21,240 --a------ C:\WINDOWS\system32\solidlocalmon.dll
2008-09-06 16:35 . 2008-08-01 18:32 13,560 --a------ C:\WINDOWS\system32\solidlocalui.dll
2008-09-06 16:33 . 2008-09-06 16:33 97,014 --a------ C:\art100osho.jpg
2008-09-06 15:22 . 2008-09-06 15:22 <REP> d-------- C:\Program Files\SomePDF
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-09-06 14:47 . 2008-09-06 15:27 <REP> d-------- C:\Program Files\Fichiers communs\XpressUpdate
2008-09-06 14:47 . <REP> C:\Documents and Settings\Propriétaire\Application Data\PixelPlanet
2008-09-06 14:47 . 2008-09-06 14:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PixelPlanet
2008-09-06 14:18 . 2008-09-06 14:18 <REP> d-------- C:\WINDOWS\PrimoPDF4
2008-09-06 14:18 . 2008-09-06 14:18 <REP> d-------- C:\Program Files\activePDF
2008-09-06 14:18 . 2006-12-11 22:12 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2008-09-06 13:37 . 2008-09-06 13:37 0 --a------ C:\WINDOWS\hpqEmlSz.INI
2008-09-06 11:41 . 2008-09-06 11:41 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application DataPDFcreator
2008-09-06 10:01 . 2008-09-06 10:01 199,231 --a------ C:\rajhneesjpuram.jpg
2008-09-06 09:54 . 2008-09-06 09:54 46,427 --a------ C:\anuprem.jpg
2008-09-06 09:50 . 2008-09-06 09:50 121,461 --a------ C:\pradip0.jpg
2008-09-06 09:45 . 2008-09-06 09:45 93,589 --a------ C:\pradip5.jpg
2008-09-06 09:39 . 2008-09-06 09:39 112,203 --a------ C:\pradip02.jpg
2008-09-06 09:39 . 2008-09-06 09:39 36,811 --a------ C:\pradip3.jpg
2008-09-06 09:33 . 2008-09-06 09:33 98,122 --a------ C:\pradip2.jpg
2008-09-06 09:23 . 2008-09-06 09:23 61,012 --a------ C:\pradip.jpg
2008-09-06 09:06 . 2008-09-06 09:16 157,970 --a------ C:\rajneesh.jpg
2008-09-05 11:54 . 2008-09-05 11:54 73 --a------ C:\PIEDS20080901TANTRA BAGWATY.ram
2008-09-05 10:37 . 2008-09-05 10:37 22,884 --a------ C:\sans titreapple expo.mht
2008-09-05 10:04 . 2008-09-05 10:46 <REP> d-------- C:\ubcd
2008-09-05 08:27 . 2008-09-05 08:27 3,167 --a------ C:\maureen.rtf
2008-09-05 06:24 . 2008-09-05 06:24 126,610 --a------ C:\irm1.jpg
2008-09-05 06:17 . 2008-09-05 06:17 135,713 --a------ C:\irmjmjB.jpg
2008-09-04 23:22 . 2008-09-04 23:22 124,489 --a------ C:\IRMJMJ2.jpg
2008-09-04 23:17 . 2008-09-04 23:17 136,721 --a------ C:\IRMJMJ.jpg
2008-09-04 03:38 . 2008-09-04 03:38 25,214 --a------ C:\shell32 012.ico
2008-09-04 03:31 . 2008-09-04 03:31 8,704 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-09-04 03:27 . 2008-09-04 03:27 <REP> d-------- C:\Program Files\Microangelo Toolset 6
2008-09-03 23:12 . 2008-09-03 23:12 <REP> d-------- C:\Program Files\Fichiers communs\OverDrive Shared
2008-09-03 23:09 . 2008-09-03 23:09 <REP> d-------- C:\Program Files\Microsoft Reader
2008-09-03 23:09 . 2003-06-05 17:15 57,436 --a------ C:\WINDOWS\DASShp.dll
2008-09-03 22:55 . 2003-09-23 22:21 10,129,408 --a--c--- C:\WINDOWS\system32\dllcache\hwxkor.dll
2008-09-03 22:55 . 2003-09-23 22:21 10,096,640 --a--c--- C:\WINDOWS\system32\dllcache\hwxcht.dll
2008-09-03 19:12 . 2008-09-03 22:30 <REP> d-------- C:\Program Files\Microsoft Reader(3)
2008-09-03 14:30 . 2008-09-03 14:32 0 --a------ C:\WINDOWS\system32\FOXIT_PDF
2008-09-03 14:30 . 2008-09-03 14:36 0 --a------ C:\stimulezvotre appetit amoureuxaphro.pdf
2008-09-03 10:53 . 2008-09-03 10:53 140,478 --a------ C:\fedida.jpg
2008-09-02 12:07 . 2008-09-03 23:11 <REP> d-------- C:\Program Files\Fichiers communs\L&H
2008-09-02 11:38 . 2008-09-03 22:31 <REP> d-------- C:\Program Files\Microsoft Reader(2)
2008-09-01 21:15 . 2008-09-02 01:14 <REP> d-------- C:\OSHO
2008-08-31 22:13 . 2008-08-31 22:13 59,541 --a------ C:\pic09184argent.jpg
2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\WINDOWS\system32\dns-sd.exe
2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\WINDOWS\system32\dnssd.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-25 19:24 --------- d-----w C:\Program Files\Wanadoo
2008-09-25 19:14 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-25 19:13 --------- d-----w C:\Program Files\FlashGet
2008-09-25 16:16 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-09-25 16:16 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Real
2008-09-25 15:10 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-09-24 21:44 --------- d-----w C:\Program Files\Ripp-it_AM
2008-09-24 13:59 --------- d-----w C:\Program Files\eChanblard
2008-09-24 08:55 --------- d-----w C:\Program Files\AviSynth 2.5
2008-09-23 12:35 --------- d-----w C:\Program Files\Fichiers communs\TerraTec
2008-09-23 12:34 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\TerraTec
2008-09-22 16:50 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-22 03:10 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Vso
2008-09-18 21:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-18 21:07 --------- d-----w C:\Program Files\QuickTime
2008-09-18 21:06 --------- d-----w C:\Program Files\Apple Software Update
2008-09-18 03:51 --------- d-----w C:\Program Files\SpywareBlaster
2008-09-17 10:29 --------- d-----w C:\Program Files\Pinnacle
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-06 12:05 196,248 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2008-09-04 01:50 --------- d-----w C:\Program Files\ItsLabel
2008-09-03 21:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-03 20:31 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Rainlendar
2008-09-03 12:28 --------- d-----w C:\Program Files\Foxit Software
2008-08-14 08:24 --------- d-----w C:\Program Files\ThreatExpert Memory Scanner
2008-08-14 02:59 --------- d-----w C:\Program Files\EoRezo
2008-08-14 02:59 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\EoRezo
2008-08-14 02:51 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\ItsLabel
2008-08-13 22:49 355,584 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-08-13 19:34 --------- d-----w C:\Program Files\CCleaner
2008-08-13 09:28 91,744 -c--a-w C:\WINDOWS\BPMNT.dll
2008-08-13 09:28 1,213,784 -c--a-w C:\WINDOWS\vsapi32.dll
2008-08-12 03:17 71,749 -c--a-w C:\WINDOWS\hcextoutput.dll
2008-08-12 03:17 333,576 -c--a-w C:\WINDOWS\tsc.exe
2008-08-12 03:14 69,689 -c--a-w C:\WINDOWS\UNZIP.DLL
2008-08-12 03:14 507,904 -c--a-w C:\WINDOWS\TMUPDATE.DLL
2008-08-12 03:14 286,720 -c--a-w C:\WINDOWS\PATCH.EXE
2008-08-11 14:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\hps
2008-08-11 14:38 --------- d-----w C:\Program Files\CORA
2008-08-11 14:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\albumphoto
2008-08-11 14:13 --------- d-----w C:\Program Files\monAlbumPhoto
2008-08-11 11:36 --------- d-----w C:\Program Files\Logitech
2008-08-11 11:27 130,208 ------r C:\WINDOWS\bwUnin-8.1.1.87-8876480SL.exe
2008-08-11 05:31 --------- d-----w C:\Program Files\ECI Telecom
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es(2).dll
2008-06-29 09:26 37,888 ----a-w C:\WINDOWS\system32\rar.exe
2008-06-14 16:57 1,048,576 ---ha-w C:\Documents and Settings\Invité\NTUSER.DAT
2006-08-19 23:13 81,920 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\ezpinst.exe
2006-08-19 23:13 47,360 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\pcouffin.sys
2006-08-06 04:09 50,242 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\wklnhst.dat
2005-10-29 06:52 54 -c--a-w C:\Program Files\bit.bat
2005-10-29 06:52 54 ----a-w C:\Program Files\bit3.bat
2005-10-29 06:52 54 ----a-w C:\Program Files\bit2.bat
2005-10-29 06:51 54 ----a-w C:\Program Files\inc1.bat
2005-10-29 06:51 41 ----a-w C:\Program Files\sleep.bat
1996-12-02 15:44 582,144 ----a-w C:\Program Files\Fichiers communs\dao350.dll
2005-03-05 11:58 56 --sh--r C:\WINDOWS\system32\600F43451F.sys
2005-03-03 09:38 56 --sh--r C:\WINDOWS\system32\6253F84B4E.sys
2008-06-14 16:52 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008061420080615\index.dat
.
[code]<pre>
------w 14,597,893 2007-03-06 13:34:08 C:\Documents and Settings\Propriétaire\Mes documents\jmj.navino1\3.3.1_Installation Player Orange .exe
</pre>/code
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"Acme.PCHButton"="C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe" [2004-01-02 155648]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-08-22 1234160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetIcon"="\Program Files\WDC\SetIcon.exe" [2004-01-30 46080]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 406016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"DVDTray"="C:\Program Files\HP DVD\Umbrella\DVDTray.exe" [2004-09-03 53248]
"CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-18 1185264]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-18 1961576]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-03 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-25 1397760]
"RemoteControl"="C:\WINDOWS\system32\rmctrl.exe" [2000-10-16 32768]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 61440]
"LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 155648]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-10-17 87584]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTVRC.exe" [2008-05-14 1101824]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-09-25 185872]
"WD Button Manager"="WDBtnMgr.exe" [2005-02-17 C:\WINDOWS\system32\WDBtnMgr.exe]
"P17Helper"="P17.dll" [2005-05-03 C:\WINDOWS\system32\P17.dll]
"nwiz"="nwiz.exe" [2003-12-05 C:\WINDOWS\system32\nwiz.exe]
"DSLAGENTEXE"="dslagent.exe" [2002-01-22 C:\WINDOWS\system32\dslagent.exe]
C:\Documents and Settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
Horloge 2005.lnk - C:\Program Files\Horloge 2005\Horloge 2005.exe [2007-02-18 437248]
Rainlendar.lnk - C:\Program Files\Rainlendar\Rainlendar.exe [2004-12-05 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"vidc.MOHD"= mohd.dll
"VIDC.SP53"= SP5X_32.DLL
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"VIDC.SP59"= SP5X_32.DLL
"vidc.mjpg"= pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiVir
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq lite
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msconfig
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Update Checker
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Update
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ItsTV]
--a------ 2007-04-26 16:19 2908160 C:\Program Files\ItsLabel\ItsTV.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-09-10 17:40 289576 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
--------- 2003-02-11 20:02 61440 C:\hp\KBD\kbd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-08-11 13:27 91440 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechGalleryRepair]
--a------ 2002-12-10 18:32 155648 C:\Program Files\Logitech\ImageStudio\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechImageStudioTray]
--a------ 2002-12-10 18:31 61440 C:\Program Files\Logitech\ImageStudio\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
--a------ 2002-12-10 17:54 127022 C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVComS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [N/A]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TerraTec Remote Control]
--a------ 2008-05-14 11:32 1101824 C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2006-11-21 19:38 35328 C:\Program Files\Winamp\winampa.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TerraTec Remote Control"="C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"=
"C:\\Program Files\\eChanblard\\emule.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"=
"C:\\Program Files\\Conference\\Conference.dll"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"=
"C:\\Program Files\\Warez\\Warez.exe"=
"C:\\Program Files\\FlashGet\\FlashGet.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2004-03-10 15172]
R1 lusbaudio;Logitech USB Microphone;C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 34816]
R1 SSHDRV65;SSHDRV65;C:\WINDOWS\system32\drivers\SSHDRV65.sys [2005-02-19 120320]
R2 SCPDFV4ReadSpool;SolidConverterPDFv4ReadSpool;C:\WINDOWS\Installer\MSI129.tmp [2008-09-06 189688]
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2002-06-10 10254]
R3 LVVI500A;LVVI500A Service;C:\WINDOWS\system32\DRIVERS\lvvi500a.sys [2002-06-10 188592]
R3 TTCinergyT2;TerraTec Cinergy T² (BDA);C:\WINDOWS\system32\DRIVERS\TTCinergyT2BDA.sys [2007-07-12 29216]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2007-01-04 69656]
S2 gafwload;ECI Telecom USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2002-01-22 26987]
S2 HPFECP13;HPFECP13;C:\WINDOWS\system32\drivers\HPFECP13.SYS [1998-09-25 52800]
S3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
S3 inibtmgr;WD Bridge Controller Driver;C:\WINDOWS\system32\DRIVERS\inibtmgr.sys [2003-12-09 9728]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-08-14 355584]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad389d6e-2bb0-11db-97c3-806d6172696f}]
\Shell\AutoRun\command - G:\SH-S182D(TS-H652D).exe
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Default_Search_URL = hxxp://srch-fr10.hpwis.com/
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R0 -: HKCU-Main,Start Page = hxxp://www.ustart.org
R0 -: HKCU-Main,Search Bar =
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/keyword/%s
O8 -: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 -: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 -: &Traduire à partir de l'anglais
O8 -: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 -: Backward &Links - C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 -: Cac&hed Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 -: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 -: E&xporter vers Microsoft Excel
O8 -: Pages liées
O8 -: Pages similaires
O8 -: Recherche &Google
O8 -: Si&milar Pages - C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 -: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 -: Version de la page actuelle disponible dans le cache Google
O9 -: { - C:\Program Files\Messenger\msmsgs.exe
O9 -: {C:\Program Files\Messenger\msmsgs.exe - -
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 -: Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O18 -: Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://dev.srtest.com/srl_bin/sysreqlab3.cab
C:\WINDOWS\Downloaded Program Files\SysReqLab3.osd
C:\WINDOWS\Downloaded Program Files\sysreqlab3.dll
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
C:\WINDOWS\Downloaded Program Files\oscan8.inf
C:\WINDOWS\bdoscandellang.ini
C:\WINDOWS\bdoscandel.exe
C:\WINDOWS\Downloaded Program Files\live.ini
C:\WINDOWS\Downloaded Program Files\scanoptions.tsi
C:\WINDOWS\Downloaded Program Files\lang.ini
C:\WINDOWS\Downloaded Program Files\ipsupd.dll
C:\WINDOWS\Downloaded Program Files\bdupd.dll
C:\WINDOWS\Downloaded Program Files\libfn.dll
C:\WINDOWS\Downloaded Program Files\bdcore.dll
C:\WINDOWS\Downloaded Program Files\oscan8.ocx
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-25 21:23:04
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCPDFV4ReadSpool]
"ImagePath"="C:\WINDOWS\Installer\MSI129.tmp"
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\WINDOWS\system32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\Program Files\Dantz\Retrospect\wdsvc.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Wanadoo\TaskBarIcon.exe
C:\Program Files\HP Pavilion PC Help\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Heure de fin: 2008-09-25 21:33:57 - La machine a redémarré [Propri‚taire]
ComboFix-quarantined-files.txt 2008-09-25 19:33:48
ComboFix2.txt 2008-08-14 09:08:21
Avant-CF: 32,832,225,280 octets libres
Après-CF: 32,770,154,496 octets libres
480 --- E O F --- 2008-09-10 10:49:19
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
25 sept. 2008 à 21:55
25 sept. 2008 à 21:55
Bonsoir
très bien dit moi comment ce comporte ton PC
très bien dit moi comment ce comporte ton PC
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
25 sept. 2008 à 22:53
25 sept. 2008 à 22:53
regarde ceci
http://www.commentcamarche.net/faq/sujet 3446 windows xp mon pc rame que faire
ensuite
Télécharge ATF Cleaner par Atribune.
http://www.atribune.org/ccount/click.php?id=1
Double-clique ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected
Si tu utilises le navigateur Firefox :
Clique Firefox au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Si tu utilises le navigateur Opera :
Clique Opera au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Clique Exit, du menu principal, afin de fermer le programme.
Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.
pour le son je ne vois pas trop ?
http://www.commentcamarche.net/faq/sujet 3446 windows xp mon pc rame que faire
ensuite
Télécharge ATF Cleaner par Atribune.
http://www.atribune.org/ccount/click.php?id=1
Double-clique ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected
Si tu utilises le navigateur Firefox :
Clique Firefox au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Si tu utilises le navigateur Opera :
Clique Opera au haut et choisis : Select All
Clique le bouton Empty Selected
NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
Clique Exit, du menu principal, afin de fermer le programme.
Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.
pour le son je ne vois pas trop ?
donc quleques secondes dattente en fermeture de windows avec ce "ploc"?,
en iouverture sur l'ecran de bienvenue " windows enn cours de demarrage pendant quelques secondes!!!
et donc c quoi Double-clique ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected
je l'ai fait çà sert a quoi??
en iouverture sur l'ecran de bienvenue " windows enn cours de demarrage pendant quelques secondes!!!
et donc c quoi Double-clique ATF-Cleaner.exe afin de lancer le programme.
Sous l'onglet Main, choisis : Select All
Clique sur le bouton Empty Selected
je l'ai fait çà sert a quoi??
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
27 sept. 2008 à 19:45
27 sept. 2008 à 19:45
Bonsoir
Regarde bien ce qui es coché et tu seras à quoi sert AFT cleaner.
ensuite fait > Démarrer / Exécuter puis taper cmd :
tape la commande SFC /SCANNOW fait attention à l'espace
il te sera peut-être demandé le cd d'instalation si c'est le cas suit les instructions
cette manip te permettra de réparer les fichiers système si il sont endommagés
@+
Regarde bien ce qui es coché et tu seras à quoi sert AFT cleaner.
ensuite fait > Démarrer / Exécuter puis taper cmd :
tape la commande SFC /SCANNOW fait attention à l'espace
il te sera peut-être demandé le cd d'instalation si c'est le cas suit les instructions
cette manip te permettra de réparer les fichiers système si il sont endommagés
@+
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
29 sept. 2008 à 20:31
29 sept. 2008 à 20:31
Bonsoir
et bien ensuite dit moi si tu as encore des soucis
et bien ensuite dit moi si tu as encore des soucis
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
29 sept. 2008 à 22:58
29 sept. 2008 à 22:58
pour tu veux faire une image de ton Disque ?
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
29 sept. 2008 à 23:53
29 sept. 2008 à 23:53
propre on va vérifier
pour tes déconnexions voir ton FAI
refais un rapport DiagHelp stp
pour tes déconnexions voir ton FAI
refais un rapport DiagHelp stp
VOIL0!
DiagHelp version v1.4 - http://www.malekal.com
excute le 30/09/2008 à 0:03:13,03
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->30/09/2008 00:03:09
C:\WINDOWS\prefetch\AVWSC.EXE-21D2C1ED.pf -->30/09/2008 00:02:49
C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->30/09/2008 00:00:55
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->30/09/2008 00:00:42
C:\WINDOWS\prefetch\FLASHGET.EXE-080AD7E9.pf -->30/09/2008
C:\WINDOWS\prefetch\QTTASK.EXE-1876A1A1.pf -->29/09/2008 23:59:36
C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->29/09/2008 23:45:04
C:\WINDOWS\prefetch\RUNDLL32.EXE-56C66659.pf -->29/09/2008 23:38:44
C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->29/09/2008 23:03:05
C:\WINDOWS\prefetch\WUAUCLT.EXE-1360D60A.pf -->29/09/2008 23:02:47
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->10/09/2008 00:04:02
C:\WINDOWS\System32\drivers\mbam.sys -->10/09/2008 00:03:56
C:\WINDOWS\System32\drivers\avipbb.sys -->18/07/2008 12:47:00
C:\WINDOWS\System32\drivers\adidsl.cfg -->30/06/2008 10:43:19
C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12
C:\WINDOWS\System32\drivers\afd.sys -->20/06/2008 13:40:08
C:\WINDOWS\System32\drivers\tcpip6.sys -->20/06/2008 13:08:27
C:\WINDOWS\System32\wpa.dbl -->29/09/2008 18:20:44
C:\WINDOWS\System32\nvapps.xml -->29/09/2008 18:20:42
C:\WINDOWS\System32\default_user_class.dat.LOG -->27/09/2008 20:52:05
C:\WINDOWS\System32\FNTCACHE.DAT -->25/09/2008 21:05:32
C:\WINDOWS\System32\rmoc3260.dll -->25/09/2008 18:16:00
C:\WINDOWS\System32\pndx5032.dll -->25/09/2008 18:15:50
C:\WINDOWS\System32\pndx5016.dll -->25/09/2008 18:15:50
C:\WINDOWS\System32\pncrt.dll -->25/09/2008 18:15:48
C:\WINDOWS\System32\settings.aaw -->06/09/2008 22:29:53
C:\WINDOWS\System32\history.aaw -->06/09/2008 22:29:53
C:\WINDOWS\System32\QuickTimeVR.qtx -->06/09/2008 15:09:18
C:\WINDOWS\System32\QuickTime.qts -->06/09/2008 15:09:18
C:\WINDOWS\System32\Thumbs.db -->04/09/2008 03:31:05
C:\WINDOWS\System32\lvcoinst.log -->03/09/2008 22:36:47
C:\WINDOWS\System32\FOXIT_PDF -->03/09/2008 14:32:24
C:\WINDOWS\System32\dns-sd.exe -->29/08/2008 10:18:58
C:\WINDOWS\System32\dnssd.dll -->29/08/2008 09:53:50
C:\WINDOWS\System32\MRT.exe -->26/08/2008 22:28:12
C:\WINDOWS\System32\TZLog.log -->14/08/2008 10:10:22
C:\WINDOWS\System32\TuneUpDefragService.exe -->14/08/2008 00:49:33
C:\WINDOWS\System32\ssprs.tgz -->11/08/2008 17:03:20
C:\WINDOWS\System32\lsprst7.tgz -->11/08/2008 17:03:19
C:\WINDOWS\System32\sysprs7.tgz -->11/08/2008 16:39:22
C:\WINDOWS\System32\clauth2.dll -->11/08/2008 16:39:22
C:\WINDOWS\System32\clauth1.dll -->11/08/2008 16:39:22
C:\WINDOWS\pfirewall.log -->30/09/2008 00:03:12
C:\WINDOWS\WindowsUpdate.log -->29/09/2008 23:03:24
C:\WINDOWS\setupapi.log -->29/09/2008 18:22:20
C:\WINDOWS\0.log -->29/09/2008 18:20:32
C:\WINDOWS\wiadebug.log -->29/09/2008 18:20:29
C:\WINDOWS\wiaservc.log -->29/09/2008 18:20:26
C:\WINDOWS\bootstat.dat -->29/09/2008 18:20:04
C:\WINDOWS\SchedLgU.Txt -->29/09/2008 18:18:31
C:\WINDOWS\NeroDigital.ini -->29/09/2008 04:41:00
C:\WINDOWS\mmproxy_40.mdb -->29/09/2008 03:48:56
C:\WINDOWS\pfirewall.log.old -->28/09/2008 11:22:03
C:\WINDOWS\wmsetup.log -->26/09/2008 09:26:09
C:\WINDOWS\win.ini -->26/09/2008 01:07:31
C:\WINDOWS\system.ini -->26/09/2008 01:07:31
C:\WINDOWS\avisplitter.INI -->25/09/2008 15:00:50
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1708
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll
0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x10000000 0xe000 C:\Program Files\ArcSoft\PhotoImpression 5\share\pihook.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll
0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll
0x00bd0000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x00bf0000 0xf000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
0x73e60000 0x5c000 5.03.2600.5512 C:\WINDOWS\system32\DSOUND.dll
0x00e10000 0x19000 2.10.0006.0003 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x01b00000 0x56000 7.10.3052.0004 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
0x034e0000 0x73000 10.00.0000.4871 C:\Program Files\Acronis\TrueImageHome\tishell.dll
0x01690000 0x1f000 3.03.0000.0443 C:\Program Files\Acronis\TrueImageHome\timounter.dll
0x02080000 0x2c000 C:\Program Files\WinRAR\rarext.dll
0x02aa0000 0x40000 4.00.0560.0000 C:\Program Files\SolidDocuments\Solid Converter PDF v4\SCPDFV4\ExploreExtPDFv4.dll
0x01bc0000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x020b0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
0x017f0000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~2\SDShelEx-win32.dll
0x00c00000 0xd000 1.08.0004.1007 C:\Program Files\FlashGet\fgmgr.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\System32\wshext.dll
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 844
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x012b0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system
07/05/1998 17:04 52 736 hpsysdrv.exe
10/09/1999 13:06 4 672 wowpost.exe
2 fichier(s) 57 408 octets
0 Rép(s) 41 004 433 408 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system32
14/04/2008 04:33 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 41 004 433 408 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\Downloaded Program Files
24/09/2008 21:54 <REP> .
24/09/2008 21:54 <REP> ..
21/05/2008 12:56 124 208 as2stubie.dll
22/05/2008 16:04 395 as2stubie.inf
24/08/2006 09:28 141 424 asinst.dll
22/08/2006 10:06 537 asinst.inf
07/12/2004 17:07 32 bdcore.dll
25/05/2006 01:21 118 784 bdupd.dll
07/05/2003 13:26 192 512 CamCli.dll
06/06/2008 21:55 <REP> CONFLICT.1
02/01/2004 02:33 65 desktop.ini
15/10/1997 02:52 697 DirectAnimation Java Classes.osd
25/07/2002 17:13 24 576 dwusplay.dll
25/07/2002 17:13 196 608 dwusplay.exe
25/06/2006 13:50 1 793 erma.inf
10/04/2000 18:12 1 765 fhg.inf
07/05/2003 13:26 180 224 ijl11.dll
25/05/2006 01:21 53 248 ipsupd.dll
16/06/2004 06:02 323 584 isusweb.dll
12/10/2006 05:07 896 jinstall-1_5_0_09.inf
25/04/2008 05:02 1 060 jinstall-6u6.inf
16/03/2005 12:34 7 407 lang.ini
11/12/2006 17:44 367 LegitCheckControl.inf
18/07/2007 14:49 12 592 libcomm.dll
07/12/2004 17:07 32 libfn.dll
13/02/2008 17:55 130 live.ini
20/01/2000 16:25 1 162 Microsoft XML Parser for Java.osd
30/07/2007 19:24 295 muweb.inf
12/09/2007 08:46 259 NvidiaSmartScan.inf
04/10/2007 07:52 323 584 NvidiaSmartScan.ocx
29/10/2007 16:45 1 244 oscan8.inf
25/10/2007 16:54 471 040 oscan8.ocx
22/09/2004 16:59 110 592 PURen-us.dll
15/10/2004 08:59 110 592 PURfr-xx.dll
09/10/2003 11:32 144 QTPlugin.inf
14/03/2005 14:58 7 073 scanoptions.tsi
16/02/2005 10:04 116 880 setup.exe
09/11/2006 15:36 5 019 swflash.inf
28/05/2008 15:06 267 568 sysreqlab3.dll
28/05/2008 15:06 667 SysReqLab3.osd
27/07/2006 16:33 452 920 wlscBase.dll
02/11/2005 18:01 1 777 xscan.inf
02/11/2005 18:07 435 712 xscan53.ocx
40 fichier(s) 3 689 464 octets
Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1
06/06/2008 21:55 <REP> .
06/06/2008 21:55 <REP> ..
24/08/2006 09:28 141 424 asinst.dll
22/08/2006 10:06 537 asinst.inf
30/09/2004 08:52 214 312 SysInfo.dll
3 fichier(s) 356 273 octets
Total des fichiers listés :
43 fichier(s) 4 045 737 octets
5 Rép(s) 41 004 433 408 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Enabled:Navigateur Internet"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe:*:Enabled:TerraTec ChannelEditor"
"C:\\Program Files\\Warez\\Warez.exe"="C:\\Program Files\\Warez\\Warez.exe:*:Enabled:Warez3"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"="C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin:*:Disabled:AIDA32 - Worldwide SysInfo Tool"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
"DisableRegistryTools"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-30 00:03:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
280 - Watch.exe
344 - nvsvc32.exe
472 - HPZipm12.exe
548 - retrorun.exe
556 - wdsvc.exe
820 - csrss.exe
844 - winlogon.exe
888 - services.exe
900 - lsass.exe
1000 - svchost.exe
1048 - uphclean.exe
1056 - msnmsgr.exe
1116 - svchost.exe
1148 - iexplore.exe
1188 - svchost.exe
1232 - svchost.exe
1492 - aawservice.exe
1544 - ComComp.exe
1652 - TaskBarIcon.exe
1708 - explorer.exe
1828 - sched.exe
1952 - avguard.exe
1976 - AppleMobileDevi
1988 - bgsvcgen.exe
2032 - mDNSResponder.e
2192 - alg.exe
2292 - WDBtnMgr.exe
2316 - SetIcon.exe
2588 - CTSysVol.exe
2612 - TrueImageMonito
2644 - avgnt.exe
2784 - InCD.exe
2808 - cmd.exe
2932 - LogiTray.exe
3028 - iTunesHelper.ex
3200 - PCHButton.exe
3220 - ctfmon.exe
3252 - NMBgMonitor.exe
3336 - iPodService.exe
3360 - dslmon.exe
3376 - LogitechDesktop
3404 - Horloge 2005.ex
3420 - Rainlendar.exe
3532 - NMIndexingServi
3576 - GestionnaireInt
3632 - usnsvc.exe
3660 - NMIndexStoreSvr
4000 - flashget.exe
4060 - Toaster.exe
4068 - Inactivity.exe
4076 - PollingModule.e
4092 - ALERTM~1.EXE
Total number of processes = 53
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntoskrnl.exe
806EE000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7607000 - MountMgr.sys
F74D7000 - ftdisk.sys
F770F000 - PartMgr.sys
F7617000 - VolSnap.sys
F74BF000 - atapi.sys
F7627000 - disk.sys
F7637000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F749F000 - fltmgr.sys
F748D000 - sr.sys
F7647000 - PxHelp20.sys
F789B000 - PzWDM.sys
F7476000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7449000 - NDIS.sys
F7838000 - timntr.sys
F7717000 - viaagp1.sys
F742E000 - snapman.sys
F7657000 - SISAGPX.sys
F7667000 - sbp2port.sys
F7677000 - ohci1394.sys
F7687000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS
BAF46000 - Mup.sys
F7697000 - agp440.sys
F76D7000 - \SystemRoot\System32\DRIVERS\nic1394.sys
BAFD0000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B9D0E000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys
B9CFA000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
F779F000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B9CD6000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F77A7000 - \SystemRoot\System32\DRIVERS\usbehci.sys
F77AF000 - \SystemRoot\System32\DRIVERS\usbohci.sys
B9B82000 - \SystemRoot\system32\drivers\P17.sys
B9B5E000 - \SystemRoot\system32\drivers\portcls.sys
BAFC0000 - \SystemRoot\system32\drivers\drmk.sys
B9B3B000 - \SystemRoot\system32\drivers\ks.sys
B9B0B000 - \SystemRoot\System32\DRIVERS\ctoss2k.sys
B9AE5000 - \SystemRoot\System32\DRIVERS\ctsfm2k.sys
BAFB0000 - \SystemRoot\System32\DRIVERS\R8139n51.SYS
B9AD4000 - \SystemRoot\System32\DRIVERS\serial.sys
BAE5E000 - \SystemRoot\System32\DRIVERS\serenum.sys
F77B7000 - \SystemRoot\System32\DRIVERS\fdc.sys
B9AC0000 - \SystemRoot\System32\DRIVERS\parport.sys
BAFA0000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
BAEEE000 - \SystemRoot\System32\DRIVERS\PS2.sys
F77BF000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
F77C7000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BAF90000 - \SystemRoot\System32\DRIVERS\imapi.sys
F77CF000 - \SystemRoot\system32\drivers\Asapiw2k.sys
BAF80000 - \SystemRoot\System32\Drivers\AFS2K.SYS
BA521000 - \SystemRoot\system32\drivers\pfc.sys
BAF70000 - \SystemRoot\System32\DRIVERS\cdrom.sys
BAF60000 - \SystemRoot\System32\DRIVERS\redbook.sys
F77D7000 - \SystemRoot\System32\Drivers\incdrm.SYS
F77DF000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
BA51D000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
BA3A5000 - \SystemRoot\System32\DRIVERS\audstub.sys
F76C7000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
BA509000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B9AA9000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
F76E7000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
BAB24000 - \SystemRoot\System32\DRIVERS\raspptp.sys
F77E7000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B9A98000 - \SystemRoot\System32\DRIVERS\psched.sys
BAB14000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F77EF000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F77F7000 - \SystemRoot\System32\DRIVERS\raspti.sys
BAB04000 - \SystemRoot\System32\Drivers\Pcouffin.sys
BAAF4000 - \SystemRoot\System32\DRIVERS\termdd.sys
F79E3000 - \SystemRoot\System32\DRIVERS\swenum.sys
B9A3A000 - \SystemRoot\System32\DRIVERS\update.sys
BA501000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
BAAE4000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BAAD4000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79E9000 - \SystemRoot\System32\DRIVERS\USBD.SYS
F7807000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
B8805000 - \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys
F79F1000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A91000 - \SystemRoot\System32\Drivers\Null.SYS
F79F3000 - \SystemRoot\System32\Drivers\Beep.SYS
F7A93000 - \SystemRoot\system32\drivers\avgclean.sys
F781F000 - \SystemRoot\System32\drivers\vga.sys
F79F5000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79F7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAEA2000 - \SystemRoot\System32\Drivers\InCDrec.SYS
B87CC000 - \SystemRoot\System32\Drivers\InCDfs.SYS
F773F000 - \SystemRoot\System32\Drivers\Msfs.SYS
F7747000 - \SystemRoot\System32\Drivers\Npfs.SYS
BAE9E000 - \SystemRoot\System32\DRIVERS\rasacd.sys
B87B9000 - \SystemRoot\System32\DRIVERS\ipsec.sys
B8760000 - \SystemRoot\System32\DRIVERS\tcpip.sys
B8738000 - \SystemRoot\System32\DRIVERS\netbt.sys
BAE96000 - \SystemRoot\System32\drivers\ws2ifsl.sys
B8716000 - \SystemRoot\System32\drivers\afd.sys
BAAB4000 - \SystemRoot\System32\DRIVERS\netbios.sys
BA5DC000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
BAE92000 - \SystemRoot\System32\DRIVERS\srvkp.sys
B86EB000 - \SystemRoot\System32\DRIVERS\rdbss.sys
F7A92000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS
B867B000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
BA731000 - \SystemRoot\System32\Drivers\Fips.SYS
B8655000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BA721000 - \SystemRoot\System32\DRIVERS\wanarp.sys
BA711000 - \SystemRoot\System32\DRIVERS\arp1394.sys
BA5D4000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
BA5C4000 - \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys
BA5BC000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS
B85CC000 - \SystemRoot\system32\DRIVERS\avipbb.sys
F79FB000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
F79FD000 - \SystemRoot\System32\Drivers\avg7rsw.sys
B9A21000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
B838F000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B9A11000 - \SystemRoot\System32\DRIVERS\usbscan.sys
F7777000 - \SystemRoot\System32\DRIVERS\usbprint.sys
F777F000 - \SystemRoot\system32\DRIVERS\HPZius12.sys
F7566000 - \SystemRoot\system32\DRIVERS\HPZid412.sys
B82E8000 - \SystemRoot\system32\DRIVERS\lvvi500a.sys
F7556000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
BAE6E000 - \SystemRoot\system32\DRIVERS\LVBulk.sys
F7546000 - \SystemRoot\system32\drivers\lvsound2.sys
BAE6A000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys
B82A8000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F7997000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
F7536000 - \SystemRoot\system32\drivers\sysaudio.sys
BF800000 - \SystemRoot\System32\win32k.sys
B8357000 - \SystemRoot\System32\drivers\Dxapi.sys
B8625000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F7A68000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
B861D000 - \SystemRoot\system32\DRIVERS\tifsfilt.sys
B7E63000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
B7AF8000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F79B9000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B7BF5000 - \SystemRoot\System32\drivers\aspi32.sys
B79CB000 - \SystemRoot\system32\drivers\wdmaud.sys
B798F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
B7AC8000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys
B7915000 - \SystemRoot\System32\DRIVERS\srv.sys
B797F000 - \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys
B72F4000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B60FC000 - \SystemRoot\system32\drivers\kmixer.sys
B2CC4000 - \SystemRoot\System32\DRIVERS\gwausb.sys
F778F000 - \SystemRoot\system32\DRIVERS\TTCinergyT2BDA.sys
BA5EB000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 154
Liste des programmes installes
1500
1500_Help
1500Trb
4Musics Multiformat Converter v1.4
ABBYY PDF Transformer 1.0
ABBYY PDF Transformer 2.0
AC-3 ACM Decompressor
ACDSee 5.0 Standard
Acronis True Image Home
Ad-Aware
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop Album 2.0 Edition Découverte
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Stock Photos 1.0
AIDA32 v3.93
AiO_Scan
AiOSoftware
AnmanieSMP 2.4 i
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ArcSoft Collage Creator
ArcSoft Multimedia Email
ArcSoft PhotoBase 3
ArcSoft PhotoImpression 5
ArcSoft PhotoStudio 5
ArcSoft VideoImpression 2
Ashampoo CD Recording Suite 2004
Ashampoo Photo Illuminator 2
Assistant de connexion Windows Live
Audacity 1.2.3
AutoWebCam
Avery DesignPro
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Azureus
Barre d'outils MSN
Bonjour
BSPlayer
BufferChm
CameraDrivers
CCleaner (remove only)
CDBurnerXP Pro 3
CDex extraction audio
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Complément Microsoft Word pour Microsoft Works Suite
Connexion Facile à Internet
Connexion Facile à Internet
Conseiller de mise à niveau Windows Vista
ConvertXtoDVD 2.0.15
Copernic Agent Basic
Copernic Desktop Search
Copy
Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows Internet Explorer 7 (KB947864)
Correctif pour Windows XP (KB952287)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Creative DVD Audio Plugin for Audigy Series
Creative EAX Console
Creative MediaSource
Creative System Information
Creative Vienna SoundFont Studio
CreativeProjects
CueTour
CustomerResearchQFolder
Cuttermaran 1.61
Debut
Destinations
Device Control
DeviceFunctionQFolder
DeviceManagementQFolder
DiscWizard for Windows
DivXG400
DocProc
DocumentViewer
DocumentViewerQFolder
DScaler 5 Mpeg Decoders
DVD Shrink 3.2
Easy CD-DA Extractor 8.0.2
EasyDVDCopyPro
EasyRecovery Professional
EasyRecovery Professional
eMule
eSupportQFolder
EuroThink Lune 1.10
Express Burn
Fax
FileZilla (remove only)
FlashGet 1.9.6.1073
Foxit Reader
FullDPAppQFolder
G-Force
Galerie de photos Windows Live
Gestionnaire Internet
Google Toolbar for Internet Explorer
Gordian Knot Rip Pack 0.33.1
Hewlett-Packard Multimedia Keyboard/Mouse Solution
Hewlett-Packard Multimedia Keyboard/Mouse Solution
HijackThis 2.0.2
Horloge 2005 1.2.0.0
Hotfix for Windows Media Format 11 SDK (KB929399)
HP Deskjet Preloaded Printer Drivers
HP DeskJet Serie 710C (Supprimer uniquement)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
hpg2436
hpg3970
hpg4600
hpg5530
hpg8200
hpmdtab
HPProductAssistant
HpSdpAppCoreApp
HPSystemDiagnostics
Indeo® software
INSTANT TV Uninstaller
InstantShare
InstantShareDevices
Intel A/V Codecs V2.0
InterActual Player
InterVideo WinDVD 7
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
ItsTV 3.0
iTunes
Jasc Paint Shop Pro 9
Java(TM) 6 Update 6
Java(TM) 6 Update 7
K-Lite Mega Codec Pack 3.9.5
KBD
KC Softwares VideoInspector
LaCie Backup Software v1.5.2215
Lame ACM MP3 Codec
Lecteur Windows Media 11
LimeWire 4.18.2
Logitech Desktop Messenger
Logitech ImageStudio
Macromedia Shockwave Player
MAGIX audio cleanic 2003
MAGIX Media Manager silver
MAGIX music + video maker generation 6 deLuxe
MAGIX Photos sur CD & DVD
MAGIX playR jukebox
MAGIX video deLuxe 2004
Malwarebytes' Anti-Malware
MarketResearch
MaxiCompte
Media Library Management Wizard
Memories Disc Creator 2.0
Micro Application - Print eXtreme 2.0
Micro Application - PrintPratic 3
Micro Application - PrintPratic Edition Photo
Micro Application - Super Polices 2000
Micro Application Cloneur Expert
Microangelo Toolset 6
MicroBest Cracklock 3.8.4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Professional
Microsoft Office XP Professional avec FrontPage
Microsoft Picture It! Photo Premium 9
Microsoft Picture It! Photo Premium 9
Microsoft Reader
Microsoft Reader Text-to-Speech pour le français
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951376)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour pour Windows XP (KB942763)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour pour Windows XP (KB951978)
Mobiclip Video Codec
Modem DSL ECI Telecom
MON UNIVERS CORAPHOTOS
monAlbumPhoto
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MovieXone 4.0
MPEG2 Video Encoder
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Multimedia Card Reader
Multimedia Card Reader
Navigateur Orange
Neodivx
neoDVD
neoDVD 7
Nero BackItUp 2 Essentials
Nero Suite
neroxml
NewCopy
NVIDIA Drivers
OmniPage SE
OpenOffice.org Installer 1.0
Paint Shop Pro 7
Panda ActiveScan 2.0
PanoStandAlone
Paramètres de haut-parleur Creative
PC Inspector smart recovery
PDFCreator 0.8.0
PDFmail
Personal License Update Wizard for Windows Media Player
Philips TeleText
Photo et imagerie HP 3.5 - HP Devices
PhotoGallery
Photosmart 140,240,7200,7600,7700,7900 Series
PhotoStage
Picasa 2
Pinnacle VideoSpin
Pixillion
Plus! MP3 Audio Converter LE
PowerDVD
PowerQuest PartitionMagic Pro 7.0
PrintMaster® Gold
Prism Video Converter
ProductContext
PS2
PSShortcutsP
Python 2.2 combined Win32 extensions
Python 2.2.1
QFolder
QuickProjects
QuickTime
Radio Fr Solo 1.5
Radio Media Player
Rainlendar (remove only)
RandMap
Read in Microsoft Reader Add-in for Microsoft Word
Readiris
Readme
RealPlayer
RecordNow!
Retrospect 6.5
Ri4m v4.1
Ri4m v5.0.1d
Rippack v3 beta 16.1
SAGEM F@st 800-840
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Shareaza version 2.2.1.0
SkinsHP1
SkinsHP2
SmartSound Quicktracks Plugin
SmartSound Quicktracks Plugin
Solid Converter PDF v4
SolutionCenter
Some PDF to Word Converter 1.4
Sonic Update Manager
Sonic_PrimoSDK
Sound Blaster Live! 24-bit
SpywareBlaster 4.1
StationRipper 2.14
Status
Studio 9
Sélecteur d'installation de Microsoft Works 2004
Switch Sound File Converter
System Requirements Lab
TerraTec Home Cinema
THOMSON mp3PRO Audio Player
ThreatExpert Memory Scanner 1.0
TMPGEnc MPEG Editor 2.0 Essai
TMPGEnc Plus 2.5
Total Video Converter 3.12 080330
TrayApp
TuneUp E-Mail Backup
TuneUp Utilities 2008
Ulead DVD MovieFactory 3 TV
Uninstall MP3XTC
Unload
User Profile Hive Cleanup Service
VideoLAN VLC media player 0.8.2
VobSub v2.23 (Remove Only)
Wanadoo
Warez 3.0
Warez PRO 3.0
WD Diagnostics
WD Media Center Driver
WebFldrs XP
WebReg
Winamp (remove only)
WinAVIVideoConverter
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Writer
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Service Pack 3
WinPatrol
XnView 1.90.2
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files
29/09/2008 18:16 <REP> .
29/09/2008 18:16 <REP> ..
11/06/2008 10:56 <REP> 3nity Audio CD Extractor
11/06/2008 10:57 <REP> 3nity CD DVD Burner
10/10/2005 12:10 <REP> 4Musics Multiformat Converter
28/07/2005 23:31 <REP> ABBYY PDF Transformer 1.0
06/09/2008 17:03 <REP> ABBYY PDF Transformer 2.0
22/05/2005 17:39 <REP> ACD Systems
16/02/2007 11:49 <REP> Acronis
06/06/2008 14:27 <REP> Actimagine Corp
06/09/2008 14:18 <REP> activePDF
03/08/2006 18:08 <REP> Adobe
27/09/2008 12:45 <REP> Ahead
25/02/2005 08:27 <REP> AIDA32 - Enterprise System Information
11/06/2008 10:59 <REP> AIST
11/06/2008 11:01 <REP> AKVIS
03/01/2007 02:01 <REP> AliveMedia
11/06/2008 11:02 <REP> Allok Video to 3GP Converter
07/03/2007 13:35 <REP> Alwil Software
11/06/2008 11:03 <REP> AmazingMIDI
23/11/2005 01:42 <REP> AnmSMP
08/01/2007 17:43 <REP> AnyVideoConvertorPro
08/02/2007 09:24 <REP> AOL
18/09/2008 23:06 <REP> Apple Software Update
08/06/2008 20:29 <REP> ArcSoft
23/05/2005 11:25 <REP> Ashampoo
27/02/2005 10:58 <REP> Audacity
22/08/2006 00:00 <REP> AutoWebCam
06/06/2008 00:27 <REP> Avira
24/09/2008 10:55 <REP> AviSynth 2.5
17/06/2008 22:55 <REP> AVS4YOU
11/06/2008 11:08 <REP> AVSMedia
04/09/2006 09:04 <REP> Azureus
07/08/2006 19:21 <REP> Belarc
17/09/2005 11:12 <REP> BillP Studios
11/06/2008 11:12 <REP> Biromsoft
29/10/2005 08:52 54 bit.bat
29/10/2005 08:52 54 bit2.bat
29/10/2005 08:52 54 bit3.bat
18/09/2008 23:08 <REP> Bonjour
12/11/2005 23:07 <REP> Broderbund
11/06/2008 11:13 <REP> Calculatrice Euro
13/08/2008 21:34 <REP> CCleaner
03/08/2005 04:59 <REP> CDBurnerXP Pro 3
18/02/2007 12:04 <REP> CDex_170b2
02/01/2004 04:17 <REP> Common Files
02/01/2004 02:32 <REP> ComPlus Applications
03/11/2006 14:05 <REP> Conference
17/08/2005 18:33 <REP> Convar
26/03/2006 22:45 <REP> ConvertMovie 2.2
17/02/2007 09:59 <REP> Copernic Agent
27/02/2005 12:32 <REP> Copernic Desktop Search
11/08/2008 16:38 <REP> CORA
07/10/2006 10:55 <REP> Cracklock
14/04/2006 01:04 <REP> Creative
02/02/2007 11:34 <REP> Cuttermaran
28/06/2008 18:50 <REP> CyberLink
14/02/2005 13:47 <REP> Dantz
19/02/2005 00:34 <REP> DATA BECKER
02/02/2007 11:34 <REP> DesignPro
17/08/2005 09:43 <REP> DigitalSoundPlanet
02/02/2007 11:34 <REP> DiscWizard for Windows
17/02/2007 06:26 <REP> DivX
29/10/2005 13:21 <REP> DivX_311alpha
23/09/2008 10:42 <REP> DScaler5
20/09/2005 20:49 <REP> DVD Shrink
02/02/2007 11:34 <REP> Easy CD-DA Extractor 8
17/02/2007 07:27 <REP> Easy Internet signup
20/09/2005 12:56 <REP> EasyDVDCopyPro
26/09/2008 09:19 <REP> EasyPHP 2.0b1
24/09/2008 15:59 <REP> eChanblard
11/08/2008 07:31 <REP> ECI Telecom
02/02/2007 20:09 <REP> EkiPatchs
29/06/2008 12:55 <REP> eMule
14/08/2008 04:59 <REP> EoRezo
02/02/2007 11:34 <REP> Euro-Calculette
30/04/2006 15:57 <REP> EuroThink
09/03/2005 14:53 <REP> fabamusic
02/02/2007 11:34 <REP> FairUse Wizard 2
25/09/2008 21:18 <REP> Fichiers communs
18/02/2005 12:27 <REP> FileZilla
29/09/2008 15:15 <REP> FlashGet
18/02/2005 16:21 <REP> FlasKMPEG
12/09/2005 13:06 <REP> Foreignword
03/09/2008 14:28 <REP> Foxit Software
08/10/2005 02:15 <REP> F-Secure Internet Security
20/02/2005 22:36 <REP> Gabest
29/10/2005 13:05 <REP> GDiVX Player
18/06/2008 04:14 <REP> Google
03/03/2005 20:32 <REP> GordianKnot
07/02/2007 23:29 <REP> Grisoft
11/08/2006 12:28 <REP> Hewlett-Packard
05/06/2008 23:25 <REP> Horloge 2005
17/10/2006 09:46 <REP> HP
02/02/2007 11:34 <REP> HP DeskJet 710C Series
24/05/2006 15:47 <REP> HP DVD
02/01/2004 04:53 <REP> HP Pavilion PC Help
17/10/2006 10:18 <REP> HP Photosmart M417 FW Files
29/10/2005 08:51 54 inc1.bat
14/02/2005 19:08 <REP> Intel
19/09/2005 07:49 <REP> InterActual
03/09/2008 22:34 <REP> Internet Explorer
24/01/2006 11:07 <REP> InterVideo
18/09/2008 23:09 <REP> iPod
04/09/2008 03:50 <REP> ItsLabel
18/09/2008 23:09 <REP> iTunes
13/11/2005 00:17 <REP> iTunes(2)
13/11/2005 00:11 <REP> iTunes(3)
22/05/2005 17:55 <REP> Jasc Software Inc
17/07/2008 21:12 <REP> Java
18/02/2005 17:39 <REP> KC Softwares
05/06/2008 18:56 <REP> K-Lite Codec Pack
04/06/2008 11:05 <REP> K-Lite Codec Pack(2)
21/09/2006 13:18 <REP> Kodak
20/01/2007 16:39 <REP> LaCie
06/06/2008 16:57 <REP> Lavasoft
18/06/2008 04:17 <REP> LimeWire
11/08/2008 13:36 <REP> Logitech
22/09/2008 18:50 <REP> Malwarebytes' Anti-Malware
02/02/2007 11:34 <REP> MaxiCompte
27/02/2005 13:04 <REP> Maxthon
24/06/2008 23:57 <REP> Mediostream
14/08/2008 10:17 <REP> Messenger
04/05/2006 09:35 <REP> Micro Application
04/09/2008 03:27 <REP> Microangelo Toolset 6
14/06/2008 17:57 <REP> Microsoft CAPICOM 2.1.0.2
30/06/2006 17:37 <REP> microsoft frontpage
08/06/2008 07:28 <REP> Microsoft Office
02/02/2007 11:34 <REP> Microsoft Picture It! 9
03/09/2008 23:09 <REP> Microsoft Reader
03/09/2008 22:31 <REP> Microsoft Reader(2)
03/09/2008 22:30 <REP> Microsoft Reader(3)
18/06/2008 23:12 <REP> Microsoft SQL Server Compact Edition
03/02/2007 12:19 <REP> Microsoft Windows Vista Upgrade Advisor
02/02/2007 11:34 <REP> Microsoft Works
16/11/2006 15:38 <REP> Microsoft Works Suite 2004
11/08/2008 16:13 <REP> monAlbumPhoto
23/10/2006 23:27 <REP> Morgan
14/06/2008 18:43 <REP> Movie Maker
25/02/2007 22:01 <REP> MP3XTC
26/05/2005 09:13 <REP> MSN
19/05/2005 14:28 <REP> MSN Apps
02/01/2004 02:31 <REP> MSN Gaming Zone
19/09/2005 07:48 <REP> MSXML 4.0
14/02/2005 10:00 <REP> Multimedia Card Reader
19/05/2005 14:27 <REP> Music Mixer 3(2).0
13/08/2006 13:45 <REP> MUSK Codec Pack v5
26/06/2008 17:27 <REP> MyMPxPlayer.org
27/09/2008 23:27 <REP> NCH Software
26/09/2008 03:39 <REP> NCH Swift Sound
01/03/2005 02:24 <REP> Neodivx
27/09/2008 12:46 <REP> Nero
14/06/2008 18:40 <REP> NetMeeting
11/08/2006 12:20 <REP> nLite
08/06/2008 19:32 <REP> ONES (F)
18/08/2005 06:36 <REP> Ontrack
25/02/2007 10:59 <REP> OO Software
06/03/2007 15:39 <REP> Orange
14/06/2008 18:40 <REP> Outlook Express
11/06/2008 09:01 <REP> Paint Shop Pro 9
14/06/2008 06:28 <REP> Panda Security
26/10/2005 09:16 <REP> Paragon Software
18/02/2005 04:03 <REP> PC-Doctor for Windows
12/11/2005 23:07 <REP> PDF Editeur 2
29/09/2006 09:07 <REP> PDFCreator
24/06/2008 17:26 <REP> Pegasys Inc
17/02/2005 19:42 <REP> Philips Semiconductors
08/03/2007 06:15 <REP> Picasa2
17/09/2008 12:29 <REP> Pinnacle
08/11/2005 16:14 <REP> PowerQuest
18/09/2008 23:07 <REP> QuickTime
01/10/2006 07:11 <REP> QuickTime(2)
16/12/2005 11:57 <REP> Radio Fr Solo
25/09/2006 02:18 <REP> Rainlendar
29/04/2005 08:22 <REP> Ratajik Software
25/02/2007 22:01 <REP> Raxco
25/09/2008 18:15 <REP> Real
02/01/2004 04:24 <REP> RecordNow!
06/06/2008 10:44 <REP> RegCleaner
04/06/2008 11:06 <REP> RegCleaner(2)
13/11/2005 00:13 <REP> Rippackv3
24/09/2008 23:44 <REP> Ripp-it_AM
30/06/2005 16:34 <REP> Roxio(2)
31/07/2005 05:59 <REP> RTE
30/06/2008 10:28 <REP> SAGEM
14/10/2006 03:58 <REP> SaveNow
14/02/2005 18:27 <REP> ScanSoft
06/06/2008 21:55 <REP> Seagate
19/09/2006 16:54 <REP> Securitoo
02/01/2004 05:01 <REP> Services en ligne
11/06/2008 08:58 <REP> Setup Files
17/12/2005 17:13 <REP> Shareaza
10/10/2005 11:04 <REP> Simon Tools
29/09/2006 09:00 <REP> SimonTools
29/10/2005 08:51 41 sleep.bat
21/08/2006 10:39 <REP> SmartSound Software
06/09/2008 16:35 <REP> SolidDocuments
06/09/2008 15:22 <REP> SomePDF
02/01/2004 04:24 <REP> Sonic
02/03/2005 18:55 <REP> SoundSpectrum
27/09/2008 11:40 <REP> SpywareBlaster
08/06/2008 08:29 <REP> SystemRequirementsLab
23/09/2008 14:35 <REP> TerraTec
25/02/2007 22:00 <REP> TerraTec(2)
15/02/2005 17:36 <REP> THOMSON mp3PRO Audio Player
14/08/2008 10:24 <REP> ThreatExpert Memory Scanner
27/06/2008 01:27 <REP> TMPGenc
25/09/2008 19:58 <REP> Total Video Converter
29/09/2006 09:07 <REP> TuneUp E-Mail Backup
25/09/2008 17:10 <REP> TuneUp Utilities 2008
17/02/2007 07:31 <REP> Ulead Systems
02/02/2007 07:17 <REP> UPHClean
14/02/2005 21:03 <REP> VideoLAN
09/10/2006 07:45 <REP> Virtools Web Player 3.5
13/11/2005 00:12 <REP> Visage
04/09/2006 08:01 <REP> vso
29/09/2008 23:45 <REP> Wanadoo
07/03/2007 15:31 <REP> Warez
14/02/2005 13:47 <REP> WDC
20/02/2005 18:16 <REP> Webteh
08/06/2008 18:14 <REP> Western Digital Technologies
18/02/2007 12:46 <REP> Winamp
29/06/2008 13:21 <REP> WinAVI Video Capture
29/06/2008 13:23 <REP> WinAVIVideoConverter
20/06/2008 10:11 <REP> Windows Live
01/02/2007 12:51 <REP> Windows Live Safety Center
04/12/2006 11:08 <REP> Windows Media Bonus Pack for Windows XP
14/02/2005 18:56 <REP> Windows Media Components
02/12/2006 18:08 <REP> Windows Media Connect 2
21/06/2008 08:19 <REP> Windows Media Player
14/06/2008 18:40 <REP> Windows NT
08/02/2007 23:54 <REP> WinRAR
02/01/2004 02:35 <REP> xerox
17/02/2007 10:38 <REP> XnView
30/11/2005 11:54 <REP> X-OOM
07/03/2007 18:25 <REP> Yahoo!
5 fichier(s) 257 octets
231 Rép(s) 41 003 872 256 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs
25/09/2008 21:18 <REP> .
25/09/2008 21:18 <REP> ..
22/05/2005 17:39 <REP> ACD Systems
16/02/2007 11:49 <REP> Acronis
21/06/2005 10:10 <REP> Adaptec Shared
19/12/2006 15:56 <REP> Adobe
06/12/2005 02:29 <REP> Adobe Systems Shared
27/09/2008 12:46 <REP> Ahead
18/09/2008 23:07 <REP> Apple
16/06/2008 23:33 <REP> AVSMedia
15/02/2005 14:54 <REP> Copernic
02/12/1996 17:44 582 144 dao350.dll
08/09/2006 22:24 <REP> DESIGNER
02/01/2004 03:47 <REP> Hewlett-Packard
02/08/2006 13:34 <REP> HP
22/05/2005 17:55 <REP> InstallShield
24/06/2008 23:58 <REP> InstallShield Shared
19/09/2005 07:49 <REP> InterVideo
22/05/2005 17:57 <REP> Jasc Software Inc
12/11/2006 10:36 <REP> Java
03/09/2008 23:11 <REP> L&H
04/09/2006 12:37 <REP> Logitech
05/05/2006 15:04 <REP> MAGIX Shared
22/05/2005 11:34 <REP> Micro Application Shared
03/09/2008 23:09 <REP> Microsoft Shared
02/01/2004 02:32 <REP> MSSoap
26/04/2006 21:28 <REP> muiq
14/08/2006 20:19 <REP> Nero
02/01/2004 02:28 <REP> ODBC
03/09/2008 23:12 <REP> OverDrive Shared
25/09/2008 18:16 <REP> Real
30/06/2005 16:34 <REP> Roxio Shared(2)
14/02/2005 18:27 <REP> ScanSoft Shared
19/10/2006 06:32 <REP> Services
19/09/2005 12:00 <REP> Softwin
02/01/2004 04:25 <REP> Sonic
19/01/2006 23:43 <REP> Sonic Shared
02/01/2004 02:28 <REP> SpeechEngines
02/01/2004 04:24 <REP> SureThing Shared
21/03/2005 13:24 <REP> SWF Studio
14/06/2008 18:40 <REP> System
23/09/2008 14:35 <REP> TerraTec
17/02/2007 07:31 <REP> Ulead Systems
10/06/2008 13:15 <REP> Wise Installation Wizard
25/09/2008 18:16 <REP> xing shared
06/09/2008 15:27 <REP> XpressUpdate
17/09/2008 12:29 <REP> Yahoo!
1 fichier(s) 582 144 octets
46 Rép(s) 41 003 872 256 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
14/06/2008 20:37 <REP> .
14/06/2008 20:37 <REP> ..
15/02/2005 09:49 <REP> 1033
08/09/2006 22:15 <REP> 1036
25/04/2006 21:33 967 952 MSONSEXT.DLL
02/05/2006 19:37 40 208 MSOSV.DLL
03/06/1999 22:09 122 937 MSOWS409.DLL
07/03/2001 17:00 127 033 MSOWS40c.DLL
06/08/2000 09:04 401 462 MSVCP60.DLL
29/01/2004 16:08 69 632 PKMAXCTL.DLL
29/01/2004 16:08 868 352 PKMCDO.DLL
29/01/2004 16:08 53 248 PKMCORE.DLL
29/01/2004 16:08 102 400 PKMFORMS.DLL
29/01/2004 16:38 634 880 PKMRES.DLL
29/01/2004 16:08 28 672 PKMSSTLB.DLL
22/01/2001 03:25 40 960 PKMTEMPL.DLL
29/01/2004 16:08 24 576 PKMTRACE.DLL
29/01/2004 16:08 86 016 PKMWS.DLL
29/01/2004 16:08 237 568 PROMDEMO.DLL
18/03/1999 07:37 593 977 RAGENT
DiagHelp version v1.4 - http://www.malekal.com
excute le 30/09/2008 à 0:03:13,03
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->30/09/2008 00:03:09
C:\WINDOWS\prefetch\AVWSC.EXE-21D2C1ED.pf -->30/09/2008 00:02:49
C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->30/09/2008 00:00:55
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->30/09/2008 00:00:42
C:\WINDOWS\prefetch\FLASHGET.EXE-080AD7E9.pf -->30/09/2008
C:\WINDOWS\prefetch\QTTASK.EXE-1876A1A1.pf -->29/09/2008 23:59:36
C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->29/09/2008 23:45:04
C:\WINDOWS\prefetch\RUNDLL32.EXE-56C66659.pf -->29/09/2008 23:38:44
C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->29/09/2008 23:03:05
C:\WINDOWS\prefetch\WUAUCLT.EXE-1360D60A.pf -->29/09/2008 23:02:47
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->10/09/2008 00:04:02
C:\WINDOWS\System32\drivers\mbam.sys -->10/09/2008 00:03:56
C:\WINDOWS\System32\drivers\avipbb.sys -->18/07/2008 12:47:00
C:\WINDOWS\System32\drivers\adidsl.cfg -->30/06/2008 10:43:19
C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12
C:\WINDOWS\System32\drivers\afd.sys -->20/06/2008 13:40:08
C:\WINDOWS\System32\drivers\tcpip6.sys -->20/06/2008 13:08:27
C:\WINDOWS\System32\wpa.dbl -->29/09/2008 18:20:44
C:\WINDOWS\System32\nvapps.xml -->29/09/2008 18:20:42
C:\WINDOWS\System32\default_user_class.dat.LOG -->27/09/2008 20:52:05
C:\WINDOWS\System32\FNTCACHE.DAT -->25/09/2008 21:05:32
C:\WINDOWS\System32\rmoc3260.dll -->25/09/2008 18:16:00
C:\WINDOWS\System32\pndx5032.dll -->25/09/2008 18:15:50
C:\WINDOWS\System32\pndx5016.dll -->25/09/2008 18:15:50
C:\WINDOWS\System32\pncrt.dll -->25/09/2008 18:15:48
C:\WINDOWS\System32\settings.aaw -->06/09/2008 22:29:53
C:\WINDOWS\System32\history.aaw -->06/09/2008 22:29:53
C:\WINDOWS\System32\QuickTimeVR.qtx -->06/09/2008 15:09:18
C:\WINDOWS\System32\QuickTime.qts -->06/09/2008 15:09:18
C:\WINDOWS\System32\Thumbs.db -->04/09/2008 03:31:05
C:\WINDOWS\System32\lvcoinst.log -->03/09/2008 22:36:47
C:\WINDOWS\System32\FOXIT_PDF -->03/09/2008 14:32:24
C:\WINDOWS\System32\dns-sd.exe -->29/08/2008 10:18:58
C:\WINDOWS\System32\dnssd.dll -->29/08/2008 09:53:50
C:\WINDOWS\System32\MRT.exe -->26/08/2008 22:28:12
C:\WINDOWS\System32\TZLog.log -->14/08/2008 10:10:22
C:\WINDOWS\System32\TuneUpDefragService.exe -->14/08/2008 00:49:33
C:\WINDOWS\System32\ssprs.tgz -->11/08/2008 17:03:20
C:\WINDOWS\System32\lsprst7.tgz -->11/08/2008 17:03:19
C:\WINDOWS\System32\sysprs7.tgz -->11/08/2008 16:39:22
C:\WINDOWS\System32\clauth2.dll -->11/08/2008 16:39:22
C:\WINDOWS\System32\clauth1.dll -->11/08/2008 16:39:22
C:\WINDOWS\pfirewall.log -->30/09/2008 00:03:12
C:\WINDOWS\WindowsUpdate.log -->29/09/2008 23:03:24
C:\WINDOWS\setupapi.log -->29/09/2008 18:22:20
C:\WINDOWS\0.log -->29/09/2008 18:20:32
C:\WINDOWS\wiadebug.log -->29/09/2008 18:20:29
C:\WINDOWS\wiaservc.log -->29/09/2008 18:20:26
C:\WINDOWS\bootstat.dat -->29/09/2008 18:20:04
C:\WINDOWS\SchedLgU.Txt -->29/09/2008 18:18:31
C:\WINDOWS\NeroDigital.ini -->29/09/2008 04:41:00
C:\WINDOWS\mmproxy_40.mdb -->29/09/2008 03:48:56
C:\WINDOWS\pfirewall.log.old -->28/09/2008 11:22:03
C:\WINDOWS\wmsetup.log -->26/09/2008 09:26:09
C:\WINDOWS\win.ini -->26/09/2008 01:07:31
C:\WINDOWS\system.ini -->26/09/2008 01:07:31
C:\WINDOWS\avisplitter.INI -->25/09/2008 15:00:50
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1708
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll
0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x10000000 0xe000 C:\Program Files\ArcSoft\PhotoImpression 5\share\pihook.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll
0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll
0x00bd0000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x00bf0000 0xf000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
0x73e60000 0x5c000 5.03.2600.5512 C:\WINDOWS\system32\DSOUND.dll
0x00e10000 0x19000 2.10.0006.0003 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x01b00000 0x56000 7.10.3052.0004 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
0x034e0000 0x73000 10.00.0000.4871 C:\Program Files\Acronis\TrueImageHome\tishell.dll
0x01690000 0x1f000 3.03.0000.0443 C:\Program Files\Acronis\TrueImageHome\timounter.dll
0x02080000 0x2c000 C:\Program Files\WinRAR\rarext.dll
0x02aa0000 0x40000 4.00.0560.0000 C:\Program Files\SolidDocuments\Solid Converter PDF v4\SCPDFV4\ExploreExtPDFv4.dll
0x01bc0000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x020b0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
0x017f0000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~2\SDShelEx-win32.dll
0x00c00000 0xd000 1.08.0004.1007 C:\Program Files\FlashGet\fgmgr.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\System32\wshext.dll
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 844
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x012b0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system
07/05/1998 17:04 52 736 hpsysdrv.exe
10/09/1999 13:06 4 672 wowpost.exe
2 fichier(s) 57 408 octets
0 Rép(s) 41 004 433 408 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system32
14/04/2008 04:33 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 41 004 433 408 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\Downloaded Program Files
24/09/2008 21:54 <REP> .
24/09/2008 21:54 <REP> ..
21/05/2008 12:56 124 208 as2stubie.dll
22/05/2008 16:04 395 as2stubie.inf
24/08/2006 09:28 141 424 asinst.dll
22/08/2006 10:06 537 asinst.inf
07/12/2004 17:07 32 bdcore.dll
25/05/2006 01:21 118 784 bdupd.dll
07/05/2003 13:26 192 512 CamCli.dll
06/06/2008 21:55 <REP> CONFLICT.1
02/01/2004 02:33 65 desktop.ini
15/10/1997 02:52 697 DirectAnimation Java Classes.osd
25/07/2002 17:13 24 576 dwusplay.dll
25/07/2002 17:13 196 608 dwusplay.exe
25/06/2006 13:50 1 793 erma.inf
10/04/2000 18:12 1 765 fhg.inf
07/05/2003 13:26 180 224 ijl11.dll
25/05/2006 01:21 53 248 ipsupd.dll
16/06/2004 06:02 323 584 isusweb.dll
12/10/2006 05:07 896 jinstall-1_5_0_09.inf
25/04/2008 05:02 1 060 jinstall-6u6.inf
16/03/2005 12:34 7 407 lang.ini
11/12/2006 17:44 367 LegitCheckControl.inf
18/07/2007 14:49 12 592 libcomm.dll
07/12/2004 17:07 32 libfn.dll
13/02/2008 17:55 130 live.ini
20/01/2000 16:25 1 162 Microsoft XML Parser for Java.osd
30/07/2007 19:24 295 muweb.inf
12/09/2007 08:46 259 NvidiaSmartScan.inf
04/10/2007 07:52 323 584 NvidiaSmartScan.ocx
29/10/2007 16:45 1 244 oscan8.inf
25/10/2007 16:54 471 040 oscan8.ocx
22/09/2004 16:59 110 592 PURen-us.dll
15/10/2004 08:59 110 592 PURfr-xx.dll
09/10/2003 11:32 144 QTPlugin.inf
14/03/2005 14:58 7 073 scanoptions.tsi
16/02/2005 10:04 116 880 setup.exe
09/11/2006 15:36 5 019 swflash.inf
28/05/2008 15:06 267 568 sysreqlab3.dll
28/05/2008 15:06 667 SysReqLab3.osd
27/07/2006 16:33 452 920 wlscBase.dll
02/11/2005 18:01 1 777 xscan.inf
02/11/2005 18:07 435 712 xscan53.ocx
40 fichier(s) 3 689 464 octets
Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1
06/06/2008 21:55 <REP> .
06/06/2008 21:55 <REP> ..
24/08/2006 09:28 141 424 asinst.dll
22/08/2006 10:06 537 asinst.inf
30/09/2004 08:52 214 312 SysInfo.dll
3 fichier(s) 356 273 octets
Total des fichiers listés :
43 fichier(s) 4 045 737 octets
5 Rép(s) 41 004 433 408 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Enabled:Navigateur Internet"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe:*:Enabled:TerraTec ChannelEditor"
"C:\\Program Files\\Warez\\Warez.exe"="C:\\Program Files\\Warez\\Warez.exe:*:Enabled:Warez3"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"="C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin:*:Disabled:AIDA32 - Worldwide SysInfo Tool"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
"DisableRegistryTools"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-30 00:03:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
280 - Watch.exe
344 - nvsvc32.exe
472 - HPZipm12.exe
548 - retrorun.exe
556 - wdsvc.exe
820 - csrss.exe
844 - winlogon.exe
888 - services.exe
900 - lsass.exe
1000 - svchost.exe
1048 - uphclean.exe
1056 - msnmsgr.exe
1116 - svchost.exe
1148 - iexplore.exe
1188 - svchost.exe
1232 - svchost.exe
1492 - aawservice.exe
1544 - ComComp.exe
1652 - TaskBarIcon.exe
1708 - explorer.exe
1828 - sched.exe
1952 - avguard.exe
1976 - AppleMobileDevi
1988 - bgsvcgen.exe
2032 - mDNSResponder.e
2192 - alg.exe
2292 - WDBtnMgr.exe
2316 - SetIcon.exe
2588 - CTSysVol.exe
2612 - TrueImageMonito
2644 - avgnt.exe
2784 - InCD.exe
2808 - cmd.exe
2932 - LogiTray.exe
3028 - iTunesHelper.ex
3200 - PCHButton.exe
3220 - ctfmon.exe
3252 - NMBgMonitor.exe
3336 - iPodService.exe
3360 - dslmon.exe
3376 - LogitechDesktop
3404 - Horloge 2005.ex
3420 - Rainlendar.exe
3532 - NMIndexingServi
3576 - GestionnaireInt
3632 - usnsvc.exe
3660 - NMIndexStoreSvr
4000 - flashget.exe
4060 - Toaster.exe
4068 - Inactivity.exe
4076 - PollingModule.e
4092 - ALERTM~1.EXE
Total number of processes = 53
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntoskrnl.exe
806EE000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7607000 - MountMgr.sys
F74D7000 - ftdisk.sys
F770F000 - PartMgr.sys
F7617000 - VolSnap.sys
F74BF000 - atapi.sys
F7627000 - disk.sys
F7637000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F749F000 - fltmgr.sys
F748D000 - sr.sys
F7647000 - PxHelp20.sys
F789B000 - PzWDM.sys
F7476000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7449000 - NDIS.sys
F7838000 - timntr.sys
F7717000 - viaagp1.sys
F742E000 - snapman.sys
F7657000 - SISAGPX.sys
F7667000 - sbp2port.sys
F7677000 - ohci1394.sys
F7687000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS
BAF46000 - Mup.sys
F7697000 - agp440.sys
F76D7000 - \SystemRoot\System32\DRIVERS\nic1394.sys
BAFD0000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B9D0E000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys
B9CFA000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
F779F000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B9CD6000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F77A7000 - \SystemRoot\System32\DRIVERS\usbehci.sys
F77AF000 - \SystemRoot\System32\DRIVERS\usbohci.sys
B9B82000 - \SystemRoot\system32\drivers\P17.sys
B9B5E000 - \SystemRoot\system32\drivers\portcls.sys
BAFC0000 - \SystemRoot\system32\drivers\drmk.sys
B9B3B000 - \SystemRoot\system32\drivers\ks.sys
B9B0B000 - \SystemRoot\System32\DRIVERS\ctoss2k.sys
B9AE5000 - \SystemRoot\System32\DRIVERS\ctsfm2k.sys
BAFB0000 - \SystemRoot\System32\DRIVERS\R8139n51.SYS
B9AD4000 - \SystemRoot\System32\DRIVERS\serial.sys
BAE5E000 - \SystemRoot\System32\DRIVERS\serenum.sys
F77B7000 - \SystemRoot\System32\DRIVERS\fdc.sys
B9AC0000 - \SystemRoot\System32\DRIVERS\parport.sys
BAFA0000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
BAEEE000 - \SystemRoot\System32\DRIVERS\PS2.sys
F77BF000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
F77C7000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BAF90000 - \SystemRoot\System32\DRIVERS\imapi.sys
F77CF000 - \SystemRoot\system32\drivers\Asapiw2k.sys
BAF80000 - \SystemRoot\System32\Drivers\AFS2K.SYS
BA521000 - \SystemRoot\system32\drivers\pfc.sys
BAF70000 - \SystemRoot\System32\DRIVERS\cdrom.sys
BAF60000 - \SystemRoot\System32\DRIVERS\redbook.sys
F77D7000 - \SystemRoot\System32\Drivers\incdrm.SYS
F77DF000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
BA51D000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
BA3A5000 - \SystemRoot\System32\DRIVERS\audstub.sys
F76C7000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
BA509000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B9AA9000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
F76E7000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
BAB24000 - \SystemRoot\System32\DRIVERS\raspptp.sys
F77E7000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B9A98000 - \SystemRoot\System32\DRIVERS\psched.sys
BAB14000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F77EF000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F77F7000 - \SystemRoot\System32\DRIVERS\raspti.sys
BAB04000 - \SystemRoot\System32\Drivers\Pcouffin.sys
BAAF4000 - \SystemRoot\System32\DRIVERS\termdd.sys
F79E3000 - \SystemRoot\System32\DRIVERS\swenum.sys
B9A3A000 - \SystemRoot\System32\DRIVERS\update.sys
BA501000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
BAAE4000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BAAD4000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79E9000 - \SystemRoot\System32\DRIVERS\USBD.SYS
F7807000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
B8805000 - \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys
F79F1000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A91000 - \SystemRoot\System32\Drivers\Null.SYS
F79F3000 - \SystemRoot\System32\Drivers\Beep.SYS
F7A93000 - \SystemRoot\system32\drivers\avgclean.sys
F781F000 - \SystemRoot\System32\drivers\vga.sys
F79F5000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79F7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAEA2000 - \SystemRoot\System32\Drivers\InCDrec.SYS
B87CC000 - \SystemRoot\System32\Drivers\InCDfs.SYS
F773F000 - \SystemRoot\System32\Drivers\Msfs.SYS
F7747000 - \SystemRoot\System32\Drivers\Npfs.SYS
BAE9E000 - \SystemRoot\System32\DRIVERS\rasacd.sys
B87B9000 - \SystemRoot\System32\DRIVERS\ipsec.sys
B8760000 - \SystemRoot\System32\DRIVERS\tcpip.sys
B8738000 - \SystemRoot\System32\DRIVERS\netbt.sys
BAE96000 - \SystemRoot\System32\drivers\ws2ifsl.sys
B8716000 - \SystemRoot\System32\drivers\afd.sys
BAAB4000 - \SystemRoot\System32\DRIVERS\netbios.sys
BA5DC000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
BAE92000 - \SystemRoot\System32\DRIVERS\srvkp.sys
B86EB000 - \SystemRoot\System32\DRIVERS\rdbss.sys
F7A92000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS
B867B000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
BA731000 - \SystemRoot\System32\Drivers\Fips.SYS
B8655000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BA721000 - \SystemRoot\System32\DRIVERS\wanarp.sys
BA711000 - \SystemRoot\System32\DRIVERS\arp1394.sys
BA5D4000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
BA5C4000 - \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys
BA5BC000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS
B85CC000 - \SystemRoot\system32\DRIVERS\avipbb.sys
F79FB000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
F79FD000 - \SystemRoot\System32\Drivers\avg7rsw.sys
B9A21000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
B838F000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B9A11000 - \SystemRoot\System32\DRIVERS\usbscan.sys
F7777000 - \SystemRoot\System32\DRIVERS\usbprint.sys
F777F000 - \SystemRoot\system32\DRIVERS\HPZius12.sys
F7566000 - \SystemRoot\system32\DRIVERS\HPZid412.sys
B82E8000 - \SystemRoot\system32\DRIVERS\lvvi500a.sys
F7556000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
BAE6E000 - \SystemRoot\system32\DRIVERS\LVBulk.sys
F7546000 - \SystemRoot\system32\drivers\lvsound2.sys
BAE6A000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys
B82A8000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F7997000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
F7536000 - \SystemRoot\system32\drivers\sysaudio.sys
BF800000 - \SystemRoot\System32\win32k.sys
B8357000 - \SystemRoot\System32\drivers\Dxapi.sys
B8625000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F7A68000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
B861D000 - \SystemRoot\system32\DRIVERS\tifsfilt.sys
B7E63000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
B7AF8000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F79B9000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B7BF5000 - \SystemRoot\System32\drivers\aspi32.sys
B79CB000 - \SystemRoot\system32\drivers\wdmaud.sys
B798F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
B7AC8000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys
B7915000 - \SystemRoot\System32\DRIVERS\srv.sys
B797F000 - \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys
B72F4000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B60FC000 - \SystemRoot\system32\drivers\kmixer.sys
B2CC4000 - \SystemRoot\System32\DRIVERS\gwausb.sys
F778F000 - \SystemRoot\system32\DRIVERS\TTCinergyT2BDA.sys
BA5EB000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 154
Liste des programmes installes
1500
1500_Help
1500Trb
4Musics Multiformat Converter v1.4
ABBYY PDF Transformer 1.0
ABBYY PDF Transformer 2.0
AC-3 ACM Decompressor
ACDSee 5.0 Standard
Acronis True Image Home
Ad-Aware
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop Album 2.0 Edition Découverte
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Stock Photos 1.0
AIDA32 v3.93
AiO_Scan
AiOSoftware
AnmanieSMP 2.4 i
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ArcSoft Collage Creator
ArcSoft Multimedia Email
ArcSoft PhotoBase 3
ArcSoft PhotoImpression 5
ArcSoft PhotoStudio 5
ArcSoft VideoImpression 2
Ashampoo CD Recording Suite 2004
Ashampoo Photo Illuminator 2
Assistant de connexion Windows Live
Audacity 1.2.3
AutoWebCam
Avery DesignPro
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Azureus
Barre d'outils MSN
Bonjour
BSPlayer
BufferChm
CameraDrivers
CCleaner (remove only)
CDBurnerXP Pro 3
CDex extraction audio
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Complément Microsoft Word pour Microsoft Works Suite
Connexion Facile à Internet
Connexion Facile à Internet
Conseiller de mise à niveau Windows Vista
ConvertXtoDVD 2.0.15
Copernic Agent Basic
Copernic Desktop Search
Copy
Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows Internet Explorer 7 (KB947864)
Correctif pour Windows XP (KB952287)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Creative DVD Audio Plugin for Audigy Series
Creative EAX Console
Creative MediaSource
Creative System Information
Creative Vienna SoundFont Studio
CreativeProjects
CueTour
CustomerResearchQFolder
Cuttermaran 1.61
Debut
Destinations
Device Control
DeviceFunctionQFolder
DeviceManagementQFolder
DiscWizard for Windows
DivXG400
DocProc
DocumentViewer
DocumentViewerQFolder
DScaler 5 Mpeg Decoders
DVD Shrink 3.2
Easy CD-DA Extractor 8.0.2
EasyDVDCopyPro
EasyRecovery Professional
EasyRecovery Professional
eMule
eSupportQFolder
EuroThink Lune 1.10
Express Burn
Fax
FileZilla (remove only)
FlashGet 1.9.6.1073
Foxit Reader
FullDPAppQFolder
G-Force
Galerie de photos Windows Live
Gestionnaire Internet
Google Toolbar for Internet Explorer
Gordian Knot Rip Pack 0.33.1
Hewlett-Packard Multimedia Keyboard/Mouse Solution
Hewlett-Packard Multimedia Keyboard/Mouse Solution
HijackThis 2.0.2
Horloge 2005 1.2.0.0
Hotfix for Windows Media Format 11 SDK (KB929399)
HP Deskjet Preloaded Printer Drivers
HP DeskJet Serie 710C (Supprimer uniquement)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
hpg2436
hpg3970
hpg4600
hpg5530
hpg8200
hpmdtab
HPProductAssistant
HpSdpAppCoreApp
HPSystemDiagnostics
Indeo® software
INSTANT TV Uninstaller
InstantShare
InstantShareDevices
Intel A/V Codecs V2.0
InterActual Player
InterVideo WinDVD 7
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
ItsTV 3.0
iTunes
Jasc Paint Shop Pro 9
Java(TM) 6 Update 6
Java(TM) 6 Update 7
K-Lite Mega Codec Pack 3.9.5
KBD
KC Softwares VideoInspector
LaCie Backup Software v1.5.2215
Lame ACM MP3 Codec
Lecteur Windows Media 11
LimeWire 4.18.2
Logitech Desktop Messenger
Logitech ImageStudio
Macromedia Shockwave Player
MAGIX audio cleanic 2003
MAGIX Media Manager silver
MAGIX music + video maker generation 6 deLuxe
MAGIX Photos sur CD & DVD
MAGIX playR jukebox
MAGIX video deLuxe 2004
Malwarebytes' Anti-Malware
MarketResearch
MaxiCompte
Media Library Management Wizard
Memories Disc Creator 2.0
Micro Application - Print eXtreme 2.0
Micro Application - PrintPratic 3
Micro Application - PrintPratic Edition Photo
Micro Application - Super Polices 2000
Micro Application Cloneur Expert
Microangelo Toolset 6
MicroBest Cracklock 3.8.4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Professional
Microsoft Office XP Professional avec FrontPage
Microsoft Picture It! Photo Premium 9
Microsoft Picture It! Photo Premium 9
Microsoft Reader
Microsoft Reader Text-to-Speech pour le français
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951376)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour pour Windows XP (KB942763)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour pour Windows XP (KB951978)
Mobiclip Video Codec
Modem DSL ECI Telecom
MON UNIVERS CORAPHOTOS
monAlbumPhoto
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MovieXone 4.0
MPEG2 Video Encoder
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Multimedia Card Reader
Multimedia Card Reader
Navigateur Orange
Neodivx
neoDVD
neoDVD 7
Nero BackItUp 2 Essentials
Nero Suite
neroxml
NewCopy
NVIDIA Drivers
OmniPage SE
OpenOffice.org Installer 1.0
Paint Shop Pro 7
Panda ActiveScan 2.0
PanoStandAlone
Paramètres de haut-parleur Creative
PC Inspector smart recovery
PDFCreator 0.8.0
PDFmail
Personal License Update Wizard for Windows Media Player
Philips TeleText
Photo et imagerie HP 3.5 - HP Devices
PhotoGallery
Photosmart 140,240,7200,7600,7700,7900 Series
PhotoStage
Picasa 2
Pinnacle VideoSpin
Pixillion
Plus! MP3 Audio Converter LE
PowerDVD
PowerQuest PartitionMagic Pro 7.0
PrintMaster® Gold
Prism Video Converter
ProductContext
PS2
PSShortcutsP
Python 2.2 combined Win32 extensions
Python 2.2.1
QFolder
QuickProjects
QuickTime
Radio Fr Solo 1.5
Radio Media Player
Rainlendar (remove only)
RandMap
Read in Microsoft Reader Add-in for Microsoft Word
Readiris
Readme
RealPlayer
RecordNow!
Retrospect 6.5
Ri4m v4.1
Ri4m v5.0.1d
Rippack v3 beta 16.1
SAGEM F@st 800-840
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Shareaza version 2.2.1.0
SkinsHP1
SkinsHP2
SmartSound Quicktracks Plugin
SmartSound Quicktracks Plugin
Solid Converter PDF v4
SolutionCenter
Some PDF to Word Converter 1.4
Sonic Update Manager
Sonic_PrimoSDK
Sound Blaster Live! 24-bit
SpywareBlaster 4.1
StationRipper 2.14
Status
Studio 9
Sélecteur d'installation de Microsoft Works 2004
Switch Sound File Converter
System Requirements Lab
TerraTec Home Cinema
THOMSON mp3PRO Audio Player
ThreatExpert Memory Scanner 1.0
TMPGEnc MPEG Editor 2.0 Essai
TMPGEnc Plus 2.5
Total Video Converter 3.12 080330
TrayApp
TuneUp E-Mail Backup
TuneUp Utilities 2008
Ulead DVD MovieFactory 3 TV
Uninstall MP3XTC
Unload
User Profile Hive Cleanup Service
VideoLAN VLC media player 0.8.2
VobSub v2.23 (Remove Only)
Wanadoo
Warez 3.0
Warez PRO 3.0
WD Diagnostics
WD Media Center Driver
WebFldrs XP
WebReg
Winamp (remove only)
WinAVIVideoConverter
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Writer
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Service Pack 3
WinPatrol
XnView 1.90.2
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files
29/09/2008 18:16 <REP> .
29/09/2008 18:16 <REP> ..
11/06/2008 10:56 <REP> 3nity Audio CD Extractor
11/06/2008 10:57 <REP> 3nity CD DVD Burner
10/10/2005 12:10 <REP> 4Musics Multiformat Converter
28/07/2005 23:31 <REP> ABBYY PDF Transformer 1.0
06/09/2008 17:03 <REP> ABBYY PDF Transformer 2.0
22/05/2005 17:39 <REP> ACD Systems
16/02/2007 11:49 <REP> Acronis
06/06/2008 14:27 <REP> Actimagine Corp
06/09/2008 14:18 <REP> activePDF
03/08/2006 18:08 <REP> Adobe
27/09/2008 12:45 <REP> Ahead
25/02/2005 08:27 <REP> AIDA32 - Enterprise System Information
11/06/2008 10:59 <REP> AIST
11/06/2008 11:01 <REP> AKVIS
03/01/2007 02:01 <REP> AliveMedia
11/06/2008 11:02 <REP> Allok Video to 3GP Converter
07/03/2007 13:35 <REP> Alwil Software
11/06/2008 11:03 <REP> AmazingMIDI
23/11/2005 01:42 <REP> AnmSMP
08/01/2007 17:43 <REP> AnyVideoConvertorPro
08/02/2007 09:24 <REP> AOL
18/09/2008 23:06 <REP> Apple Software Update
08/06/2008 20:29 <REP> ArcSoft
23/05/2005 11:25 <REP> Ashampoo
27/02/2005 10:58 <REP> Audacity
22/08/2006 00:00 <REP> AutoWebCam
06/06/2008 00:27 <REP> Avira
24/09/2008 10:55 <REP> AviSynth 2.5
17/06/2008 22:55 <REP> AVS4YOU
11/06/2008 11:08 <REP> AVSMedia
04/09/2006 09:04 <REP> Azureus
07/08/2006 19:21 <REP> Belarc
17/09/2005 11:12 <REP> BillP Studios
11/06/2008 11:12 <REP> Biromsoft
29/10/2005 08:52 54 bit.bat
29/10/2005 08:52 54 bit2.bat
29/10/2005 08:52 54 bit3.bat
18/09/2008 23:08 <REP> Bonjour
12/11/2005 23:07 <REP> Broderbund
11/06/2008 11:13 <REP> Calculatrice Euro
13/08/2008 21:34 <REP> CCleaner
03/08/2005 04:59 <REP> CDBurnerXP Pro 3
18/02/2007 12:04 <REP> CDex_170b2
02/01/2004 04:17 <REP> Common Files
02/01/2004 02:32 <REP> ComPlus Applications
03/11/2006 14:05 <REP> Conference
17/08/2005 18:33 <REP> Convar
26/03/2006 22:45 <REP> ConvertMovie 2.2
17/02/2007 09:59 <REP> Copernic Agent
27/02/2005 12:32 <REP> Copernic Desktop Search
11/08/2008 16:38 <REP> CORA
07/10/2006 10:55 <REP> Cracklock
14/04/2006 01:04 <REP> Creative
02/02/2007 11:34 <REP> Cuttermaran
28/06/2008 18:50 <REP> CyberLink
14/02/2005 13:47 <REP> Dantz
19/02/2005 00:34 <REP> DATA BECKER
02/02/2007 11:34 <REP> DesignPro
17/08/2005 09:43 <REP> DigitalSoundPlanet
02/02/2007 11:34 <REP> DiscWizard for Windows
17/02/2007 06:26 <REP> DivX
29/10/2005 13:21 <REP> DivX_311alpha
23/09/2008 10:42 <REP> DScaler5
20/09/2005 20:49 <REP> DVD Shrink
02/02/2007 11:34 <REP> Easy CD-DA Extractor 8
17/02/2007 07:27 <REP> Easy Internet signup
20/09/2005 12:56 <REP> EasyDVDCopyPro
26/09/2008 09:19 <REP> EasyPHP 2.0b1
24/09/2008 15:59 <REP> eChanblard
11/08/2008 07:31 <REP> ECI Telecom
02/02/2007 20:09 <REP> EkiPatchs
29/06/2008 12:55 <REP> eMule
14/08/2008 04:59 <REP> EoRezo
02/02/2007 11:34 <REP> Euro-Calculette
30/04/2006 15:57 <REP> EuroThink
09/03/2005 14:53 <REP> fabamusic
02/02/2007 11:34 <REP> FairUse Wizard 2
25/09/2008 21:18 <REP> Fichiers communs
18/02/2005 12:27 <REP> FileZilla
29/09/2008 15:15 <REP> FlashGet
18/02/2005 16:21 <REP> FlasKMPEG
12/09/2005 13:06 <REP> Foreignword
03/09/2008 14:28 <REP> Foxit Software
08/10/2005 02:15 <REP> F-Secure Internet Security
20/02/2005 22:36 <REP> Gabest
29/10/2005 13:05 <REP> GDiVX Player
18/06/2008 04:14 <REP> Google
03/03/2005 20:32 <REP> GordianKnot
07/02/2007 23:29 <REP> Grisoft
11/08/2006 12:28 <REP> Hewlett-Packard
05/06/2008 23:25 <REP> Horloge 2005
17/10/2006 09:46 <REP> HP
02/02/2007 11:34 <REP> HP DeskJet 710C Series
24/05/2006 15:47 <REP> HP DVD
02/01/2004 04:53 <REP> HP Pavilion PC Help
17/10/2006 10:18 <REP> HP Photosmart M417 FW Files
29/10/2005 08:51 54 inc1.bat
14/02/2005 19:08 <REP> Intel
19/09/2005 07:49 <REP> InterActual
03/09/2008 22:34 <REP> Internet Explorer
24/01/2006 11:07 <REP> InterVideo
18/09/2008 23:09 <REP> iPod
04/09/2008 03:50 <REP> ItsLabel
18/09/2008 23:09 <REP> iTunes
13/11/2005 00:17 <REP> iTunes(2)
13/11/2005 00:11 <REP> iTunes(3)
22/05/2005 17:55 <REP> Jasc Software Inc
17/07/2008 21:12 <REP> Java
18/02/2005 17:39 <REP> KC Softwares
05/06/2008 18:56 <REP> K-Lite Codec Pack
04/06/2008 11:05 <REP> K-Lite Codec Pack(2)
21/09/2006 13:18 <REP> Kodak
20/01/2007 16:39 <REP> LaCie
06/06/2008 16:57 <REP> Lavasoft
18/06/2008 04:17 <REP> LimeWire
11/08/2008 13:36 <REP> Logitech
22/09/2008 18:50 <REP> Malwarebytes' Anti-Malware
02/02/2007 11:34 <REP> MaxiCompte
27/02/2005 13:04 <REP> Maxthon
24/06/2008 23:57 <REP> Mediostream
14/08/2008 10:17 <REP> Messenger
04/05/2006 09:35 <REP> Micro Application
04/09/2008 03:27 <REP> Microangelo Toolset 6
14/06/2008 17:57 <REP> Microsoft CAPICOM 2.1.0.2
30/06/2006 17:37 <REP> microsoft frontpage
08/06/2008 07:28 <REP> Microsoft Office
02/02/2007 11:34 <REP> Microsoft Picture It! 9
03/09/2008 23:09 <REP> Microsoft Reader
03/09/2008 22:31 <REP> Microsoft Reader(2)
03/09/2008 22:30 <REP> Microsoft Reader(3)
18/06/2008 23:12 <REP> Microsoft SQL Server Compact Edition
03/02/2007 12:19 <REP> Microsoft Windows Vista Upgrade Advisor
02/02/2007 11:34 <REP> Microsoft Works
16/11/2006 15:38 <REP> Microsoft Works Suite 2004
11/08/2008 16:13 <REP> monAlbumPhoto
23/10/2006 23:27 <REP> Morgan
14/06/2008 18:43 <REP> Movie Maker
25/02/2007 22:01 <REP> MP3XTC
26/05/2005 09:13 <REP> MSN
19/05/2005 14:28 <REP> MSN Apps
02/01/2004 02:31 <REP> MSN Gaming Zone
19/09/2005 07:48 <REP> MSXML 4.0
14/02/2005 10:00 <REP> Multimedia Card Reader
19/05/2005 14:27 <REP> Music Mixer 3(2).0
13/08/2006 13:45 <REP> MUSK Codec Pack v5
26/06/2008 17:27 <REP> MyMPxPlayer.org
27/09/2008 23:27 <REP> NCH Software
26/09/2008 03:39 <REP> NCH Swift Sound
01/03/2005 02:24 <REP> Neodivx
27/09/2008 12:46 <REP> Nero
14/06/2008 18:40 <REP> NetMeeting
11/08/2006 12:20 <REP> nLite
08/06/2008 19:32 <REP> ONES (F)
18/08/2005 06:36 <REP> Ontrack
25/02/2007 10:59 <REP> OO Software
06/03/2007 15:39 <REP> Orange
14/06/2008 18:40 <REP> Outlook Express
11/06/2008 09:01 <REP> Paint Shop Pro 9
14/06/2008 06:28 <REP> Panda Security
26/10/2005 09:16 <REP> Paragon Software
18/02/2005 04:03 <REP> PC-Doctor for Windows
12/11/2005 23:07 <REP> PDF Editeur 2
29/09/2006 09:07 <REP> PDFCreator
24/06/2008 17:26 <REP> Pegasys Inc
17/02/2005 19:42 <REP> Philips Semiconductors
08/03/2007 06:15 <REP> Picasa2
17/09/2008 12:29 <REP> Pinnacle
08/11/2005 16:14 <REP> PowerQuest
18/09/2008 23:07 <REP> QuickTime
01/10/2006 07:11 <REP> QuickTime(2)
16/12/2005 11:57 <REP> Radio Fr Solo
25/09/2006 02:18 <REP> Rainlendar
29/04/2005 08:22 <REP> Ratajik Software
25/02/2007 22:01 <REP> Raxco
25/09/2008 18:15 <REP> Real
02/01/2004 04:24 <REP> RecordNow!
06/06/2008 10:44 <REP> RegCleaner
04/06/2008 11:06 <REP> RegCleaner(2)
13/11/2005 00:13 <REP> Rippackv3
24/09/2008 23:44 <REP> Ripp-it_AM
30/06/2005 16:34 <REP> Roxio(2)
31/07/2005 05:59 <REP> RTE
30/06/2008 10:28 <REP> SAGEM
14/10/2006 03:58 <REP> SaveNow
14/02/2005 18:27 <REP> ScanSoft
06/06/2008 21:55 <REP> Seagate
19/09/2006 16:54 <REP> Securitoo
02/01/2004 05:01 <REP> Services en ligne
11/06/2008 08:58 <REP> Setup Files
17/12/2005 17:13 <REP> Shareaza
10/10/2005 11:04 <REP> Simon Tools
29/09/2006 09:00 <REP> SimonTools
29/10/2005 08:51 41 sleep.bat
21/08/2006 10:39 <REP> SmartSound Software
06/09/2008 16:35 <REP> SolidDocuments
06/09/2008 15:22 <REP> SomePDF
02/01/2004 04:24 <REP> Sonic
02/03/2005 18:55 <REP> SoundSpectrum
27/09/2008 11:40 <REP> SpywareBlaster
08/06/2008 08:29 <REP> SystemRequirementsLab
23/09/2008 14:35 <REP> TerraTec
25/02/2007 22:00 <REP> TerraTec(2)
15/02/2005 17:36 <REP> THOMSON mp3PRO Audio Player
14/08/2008 10:24 <REP> ThreatExpert Memory Scanner
27/06/2008 01:27 <REP> TMPGenc
25/09/2008 19:58 <REP> Total Video Converter
29/09/2006 09:07 <REP> TuneUp E-Mail Backup
25/09/2008 17:10 <REP> TuneUp Utilities 2008
17/02/2007 07:31 <REP> Ulead Systems
02/02/2007 07:17 <REP> UPHClean
14/02/2005 21:03 <REP> VideoLAN
09/10/2006 07:45 <REP> Virtools Web Player 3.5
13/11/2005 00:12 <REP> Visage
04/09/2006 08:01 <REP> vso
29/09/2008 23:45 <REP> Wanadoo
07/03/2007 15:31 <REP> Warez
14/02/2005 13:47 <REP> WDC
20/02/2005 18:16 <REP> Webteh
08/06/2008 18:14 <REP> Western Digital Technologies
18/02/2007 12:46 <REP> Winamp
29/06/2008 13:21 <REP> WinAVI Video Capture
29/06/2008 13:23 <REP> WinAVIVideoConverter
20/06/2008 10:11 <REP> Windows Live
01/02/2007 12:51 <REP> Windows Live Safety Center
04/12/2006 11:08 <REP> Windows Media Bonus Pack for Windows XP
14/02/2005 18:56 <REP> Windows Media Components
02/12/2006 18:08 <REP> Windows Media Connect 2
21/06/2008 08:19 <REP> Windows Media Player
14/06/2008 18:40 <REP> Windows NT
08/02/2007 23:54 <REP> WinRAR
02/01/2004 02:35 <REP> xerox
17/02/2007 10:38 <REP> XnView
30/11/2005 11:54 <REP> X-OOM
07/03/2007 18:25 <REP> Yahoo!
5 fichier(s) 257 octets
231 Rép(s) 41 003 872 256 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs
25/09/2008 21:18 <REP> .
25/09/2008 21:18 <REP> ..
22/05/2005 17:39 <REP> ACD Systems
16/02/2007 11:49 <REP> Acronis
21/06/2005 10:10 <REP> Adaptec Shared
19/12/2006 15:56 <REP> Adobe
06/12/2005 02:29 <REP> Adobe Systems Shared
27/09/2008 12:46 <REP> Ahead
18/09/2008 23:07 <REP> Apple
16/06/2008 23:33 <REP> AVSMedia
15/02/2005 14:54 <REP> Copernic
02/12/1996 17:44 582 144 dao350.dll
08/09/2006 22:24 <REP> DESIGNER
02/01/2004 03:47 <REP> Hewlett-Packard
02/08/2006 13:34 <REP> HP
22/05/2005 17:55 <REP> InstallShield
24/06/2008 23:58 <REP> InstallShield Shared
19/09/2005 07:49 <REP> InterVideo
22/05/2005 17:57 <REP> Jasc Software Inc
12/11/2006 10:36 <REP> Java
03/09/2008 23:11 <REP> L&H
04/09/2006 12:37 <REP> Logitech
05/05/2006 15:04 <REP> MAGIX Shared
22/05/2005 11:34 <REP> Micro Application Shared
03/09/2008 23:09 <REP> Microsoft Shared
02/01/2004 02:32 <REP> MSSoap
26/04/2006 21:28 <REP> muiq
14/08/2006 20:19 <REP> Nero
02/01/2004 02:28 <REP> ODBC
03/09/2008 23:12 <REP> OverDrive Shared
25/09/2008 18:16 <REP> Real
30/06/2005 16:34 <REP> Roxio Shared(2)
14/02/2005 18:27 <REP> ScanSoft Shared
19/10/2006 06:32 <REP> Services
19/09/2005 12:00 <REP> Softwin
02/01/2004 04:25 <REP> Sonic
19/01/2006 23:43 <REP> Sonic Shared
02/01/2004 02:28 <REP> SpeechEngines
02/01/2004 04:24 <REP> SureThing Shared
21/03/2005 13:24 <REP> SWF Studio
14/06/2008 18:40 <REP> System
23/09/2008 14:35 <REP> TerraTec
17/02/2007 07:31 <REP> Ulead Systems
10/06/2008 13:15 <REP> Wise Installation Wizard
25/09/2008 18:16 <REP> xing shared
06/09/2008 15:27 <REP> XpressUpdate
17/09/2008 12:29 <REP> Yahoo!
1 fichier(s) 582 144 octets
46 Rép(s) 41 003 872 256 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
14/06/2008 20:37 <REP> .
14/06/2008 20:37 <REP> ..
15/02/2005 09:49 <REP> 1033
08/09/2006 22:15 <REP> 1036
25/04/2006 21:33 967 952 MSONSEXT.DLL
02/05/2006 19:37 40 208 MSOSV.DLL
03/06/1999 22:09 122 937 MSOWS409.DLL
07/03/2001 17:00 127 033 MSOWS40c.DLL
06/08/2000 09:04 401 462 MSVCP60.DLL
29/01/2004 16:08 69 632 PKMAXCTL.DLL
29/01/2004 16:08 868 352 PKMCDO.DLL
29/01/2004 16:08 53 248 PKMCORE.DLL
29/01/2004 16:08 102 400 PKMFORMS.DLL
29/01/2004 16:38 634 880 PKMRES.DLL
29/01/2004 16:08 28 672 PKMSSTLB.DLL
22/01/2001 03:25 40 960 PKMTEMPL.DLL
29/01/2004 16:08 24 576 PKMTRACE.DLL
29/01/2004 16:08 86 016 PKMWS.DLL
29/01/2004 16:08 237 568 PROMDEMO.DLL
18/03/1999 07:37 593 977 RAGENT
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
30 sept. 2008 à 00:09
30 sept. 2008 à 00:09
DiagHelp version v1.4 - http://www.malekal.com
excute le 30/09/2008 à 0:03:13,03
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->30/09/2008 00:03:09
C:\WINDOWS\prefetch\AVWSC.EXE-21D2C1ED.pf -->30/09/2008 00:02:49
C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->30/09/2008 00:00:55
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->30/09/2008 00:00:42
C:\WINDOWS\prefetch\FLASHGET.EXE-080AD7E9.pf -->30/09/2008
C:\WINDOWS\prefetch\QTTASK.EXE-1876A1A1.pf -->29/09/2008 23:59:36
C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->29/09/2008 23:45:04
C:\WINDOWS\prefetch\RUNDLL32.EXE-56C66659.pf -->29/09/2008 23:38:44
C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->29/09/2008 23:03:05
C:\WINDOWS\prefetch\WUAUCLT.EXE-1360D60A.pf -->29/09/2008 23:02:47
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->10/09/2008 00:04:02
C:\WINDOWS\System32\drivers\mbam.sys -->10/09/2008 00:03:56
C:\WINDOWS\System32\drivers\avipbb.sys -->18/07/2008 12:47:00
C:\WINDOWS\System32\drivers\adidsl.cfg -->30/06/2008 10:43:19
C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12
C:\WINDOWS\System32\drivers\afd.sys -->20/06/2008 13:40:08
C:\WINDOWS\System32\drivers\tcpip6.sys -->20/06/2008 13:08:27
C:\WINDOWS\System32\wpa.dbl -->29/09/2008 18:20:44
C:\WINDOWS\System32\nvapps.xml -->29/09/2008 18:20:42
C:\WINDOWS\System32\default_user_class.dat.LOG -->27/09/2008 20:52:05
C:\WINDOWS\System32\FNTCACHE.DAT -->25/09/2008 21:05:32
C:\WINDOWS\System32\rmoc3260.dll -->25/09/2008 18:16:00
C:\WINDOWS\System32\pndx5032.dll -->25/09/2008 18:15:50
C:\WINDOWS\System32\pndx5016.dll -->25/09/2008 18:15:50
C:\WINDOWS\System32\pncrt.dll -->25/09/2008 18:15:48
C:\WINDOWS\System32\settings.aaw -->06/09/2008 22:29:53
C:\WINDOWS\System32\history.aaw -->06/09/2008 22:29:53
C:\WINDOWS\System32\QuickTimeVR.qtx -->06/09/2008 15:09:18
C:\WINDOWS\System32\QuickTime.qts -->06/09/2008 15:09:18
C:\WINDOWS\System32\Thumbs.db -->04/09/2008 03:31:05
C:\WINDOWS\System32\lvcoinst.log -->03/09/2008 22:36:47
C:\WINDOWS\System32\FOXIT_PDF -->03/09/2008 14:32:24
C:\WINDOWS\System32\dns-sd.exe -->29/08/2008 10:18:58
C:\WINDOWS\System32\dnssd.dll -->29/08/2008 09:53:50
C:\WINDOWS\System32\MRT.exe -->26/08/2008 22:28:12
C:\WINDOWS\System32\TZLog.log -->14/08/2008 10:10:22
C:\WINDOWS\System32\TuneUpDefragService.exe -->14/08/2008 00:49:33
C:\WINDOWS\System32\ssprs.tgz -->11/08/2008 17:03:20
C:\WINDOWS\System32\lsprst7.tgz -->11/08/2008 17:03:19
C:\WINDOWS\System32\sysprs7.tgz -->11/08/2008 16:39:22
C:\WINDOWS\System32\clauth2.dll -->11/08/2008 16:39:22
C:\WINDOWS\System32\clauth1.dll -->11/08/2008 16:39:22
C:\WINDOWS\pfirewall.log -->30/09/2008 00:03:12
C:\WINDOWS\WindowsUpdate.log -->29/09/2008 23:03:24
C:\WINDOWS\setupapi.log -->29/09/2008 18:22:20
C:\WINDOWS\0.log -->29/09/2008 18:20:32
C:\WINDOWS\wiadebug.log -->29/09/2008 18:20:29
C:\WINDOWS\wiaservc.log -->29/09/2008 18:20:26
C:\WINDOWS\bootstat.dat -->29/09/2008 18:20:04
C:\WINDOWS\SchedLgU.Txt -->29/09/2008 18:18:31
C:\WINDOWS\NeroDigital.ini -->29/09/2008 04:41:00
C:\WINDOWS\mmproxy_40.mdb -->29/09/2008 03:48:56
C:\WINDOWS\pfirewall.log.old -->28/09/2008 11:22:03
C:\WINDOWS\wmsetup.log -->26/09/2008 09:26:09
C:\WINDOWS\win.ini -->26/09/2008 01:07:31
C:\WINDOWS\system.ini -->26/09/2008 01:07:31
C:\WINDOWS\avisplitter.INI -->25/09/2008 15:00:50
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1708
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll
0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x10000000 0xe000 C:\Program Files\ArcSoft\PhotoImpression 5\share\pihook.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll
0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll
0x00bd0000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x00bf0000 0xf000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
0x73e60000 0x5c000 5.03.2600.5512 C:\WINDOWS\system32\DSOUND.dll
0x00e10000 0x19000 2.10.0006.0003 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x01b00000 0x56000 7.10.3052.0004 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
0x034e0000 0x73000 10.00.0000.4871 C:\Program Files\Acronis\TrueImageHome\tishell.dll
0x01690000 0x1f000 3.03.0000.0443 C:\Program Files\Acronis\TrueImageHome\timounter.dll
0x02080000 0x2c000 C:\Program Files\WinRAR\rarext.dll
0x02aa0000 0x40000 4.00.0560.0000 C:\Program Files\SolidDocuments\Solid Converter PDF v4\SCPDFV4\ExploreExtPDFv4.dll
0x01bc0000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x020b0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
0x017f0000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~2\SDShelEx-win32.dll
0x00c00000 0xd000 1.08.0004.1007 C:\Program Files\FlashGet\fgmgr.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\System32\wshext.dll
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 844
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x012b0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system
07/05/1998 17:04 52 736 hpsysdrv.exe
10/09/1999 13:06 4 672 wowpost.exe
2 fichier(s) 57 408 octets
0 Rép(s) 41 004 433 408 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system32
14/04/2008 04:33 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 41 004 433 408 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\Downloaded Program Files
24/09/2008 21:54 <REP> .
24/09/2008 21:54 <REP> ..
21/05/2008 12:56 124 208 as2stubie.dll
22/05/2008 16:04 395 as2stubie.inf
24/08/2006 09:28 141 424 asinst.dll
22/08/2006 10:06 537 asinst.inf
07/12/2004 17:07 32 bdcore.dll
25/05/2006 01:21 118 784 bdupd.dll
07/05/2003 13:26 192 512 CamCli.dll
06/06/2008 21:55 <REP> CONFLICT.1
02/01/2004 02:33 65 desktop.ini
15/10/1997 02:52 697 DirectAnimation Java Classes.osd
25/07/2002 17:13 24 576 dwusplay.dll
25/07/2002 17:13 196 608 dwusplay.exe
25/06/2006 13:50 1 793 erma.inf
10/04/2000 18:12 1 765 fhg.inf
07/05/2003 13:26 180 224 ijl11.dll
25/05/2006 01:21 53 248 ipsupd.dll
16/06/2004 06:02 323 584 isusweb.dll
12/10/2006 05:07 896 jinstall-1_5_0_09.inf
25/04/2008 05:02 1 060 jinstall-6u6.inf
16/03/2005 12:34 7 407 lang.ini
11/12/2006 17:44 367 LegitCheckControl.inf
18/07/2007 14:49 12 592 libcomm.dll
07/12/2004 17:07 32 libfn.dll
13/02/2008 17:55 130 live.ini
20/01/2000 16:25 1 162 Microsoft XML Parser for Java.osd
30/07/2007 19:24 295 muweb.inf
12/09/2007 08:46 259 NvidiaSmartScan.inf
04/10/2007 07:52 323 584 NvidiaSmartScan.ocx
29/10/2007 16:45 1 244 oscan8.inf
25/10/2007 16:54 471 040 oscan8.ocx
22/09/2004 16:59 110 592 PURen-us.dll
15/10/2004 08:59 110 592 PURfr-xx.dll
09/10/2003 11:32 144 QTPlugin.inf
14/03/2005 14:58 7 073 scanoptions.tsi
16/02/2005 10:04 116 880 setup.exe
09/11/2006 15:36 5 019 swflash.inf
28/05/2008 15:06 267 568 sysreqlab3.dll
28/05/2008 15:06 667 SysReqLab3.osd
27/07/2006 16:33 452 920 wlscBase.dll
02/11/2005 18:01 1 777 xscan.inf
02/11/2005 18:07 435 712 xscan53.ocx
40 fichier(s) 3 689 464 octets
Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1
06/06/2008 21:55 <REP> .
06/06/2008 21:55 <REP> ..
24/08/2006 09:28 141 424 asinst.dll
22/08/2006 10:06 537 asinst.inf
30/09/2004 08:52 214 312 SysInfo.dll
3 fichier(s) 356 273 octets
Total des fichiers listés :
43 fichier(s) 4 045 737 octets
5 Rép(s) 41 004 433 408 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Enabled:Navigateur Internet"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe:*:Enabled:TerraTec ChannelEditor"
"C:\\Program Files\\Warez\\Warez.exe"="C:\\Program Files\\Warez\\Warez.exe:*:Enabled:Warez3"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"="C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin:*:Disabled:AIDA32 - Worldwide SysInfo Tool"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
"DisableRegistryTools"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-30 00:03:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
280 - Watch.exe
344 - nvsvc32.exe
472 - HPZipm12.exe
548 - retrorun.exe
556 - wdsvc.exe
820 - csrss.exe
844 - winlogon.exe
888 - services.exe
900 - lsass.exe
1000 - svchost.exe
1048 - uphclean.exe
1056 - msnmsgr.exe
1116 - svchost.exe
1148 - iexplore.exe
1188 - svchost.exe
1232 - svchost.exe
1492 - aawservice.exe
1544 - ComComp.exe
1652 - TaskBarIcon.exe
1708 - explorer.exe
1828 - sched.exe
1952 - avguard.exe
1976 - AppleMobileDevi
1988 - bgsvcgen.exe
2032 - mDNSResponder.e
2192 - alg.exe
2292 - WDBtnMgr.exe
2316 - SetIcon.exe
2588 - CTSysVol.exe
2612 - TrueImageMonito
2644 - avgnt.exe
2784 - InCD.exe
2808 - cmd.exe
2932 - LogiTray.exe
3028 - iTunesHelper.ex
3200 - PCHButton.exe
3220 - ctfmon.exe
3252 - NMBgMonitor.exe
3336 - iPodService.exe
3360 - dslmon.exe
3376 - LogitechDesktop
3404 - Horloge 2005.ex
3420 - Rainlendar.exe
3532 - NMIndexingServi
3576 - GestionnaireInt
3632 - usnsvc.exe
3660 - NMIndexStoreSvr
4000 - flashget.exe
4060 - Toaster.exe
4068 - Inactivity.exe
4076 - PollingModule.e
4092 - ALERTM~1.EXE
Total number of processes = 53
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntoskrnl.exe
806EE000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7607000 - MountMgr.sys
F74D7000 - ftdisk.sys
F770F000 - PartMgr.sys
F7617000 - VolSnap.sys
F74BF000 - atapi.sys
F7627000 - disk.sys
F7637000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F749F000 - fltmgr.sys
F748D000 - sr.sys
F7647000 - PxHelp20.sys
F789B000 - PzWDM.sys
F7476000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7449000 - NDIS.sys
F7838000 - timntr.sys
F7717000 - viaagp1.sys
F742E000 - snapman.sys
F7657000 - SISAGPX.sys
F7667000 - sbp2port.sys
F7677000 - ohci1394.sys
F7687000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS
BAF46000 - Mup.sys
F7697000 - agp440.sys
F76D7000 - \SystemRoot\System32\DRIVERS\nic1394.sys
BAFD0000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B9D0E000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys
B9CFA000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
F779F000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B9CD6000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F77A7000 - \SystemRoot\System32\DRIVERS\usbehci.sys
F77AF000 - \SystemRoot\System32\DRIVERS\usbohci.sys
B9B82000 - \SystemRoot\system32\drivers\P17.sys
B9B5E000 - \SystemRoot\system32\drivers\portcls.sys
BAFC0000 - \SystemRoot\system32\drivers\drmk.sys
B9B3B000 - \SystemRoot\system32\drivers\ks.sys
B9B0B000 - \SystemRoot\System32\DRIVERS\ctoss2k.sys
B9AE5000 - \SystemRoot\System32\DRIVERS\ctsfm2k.sys
BAFB0000 - \SystemRoot\System32\DRIVERS\R8139n51.SYS
B9AD4000 - \SystemRoot\System32\DRIVERS\serial.sys
BAE5E000 - \SystemRoot\System32\DRIVERS\serenum.sys
F77B7000 - \SystemRoot\System32\DRIVERS\fdc.sys
B9AC0000 - \SystemRoot\System32\DRIVERS\parport.sys
BAFA0000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
BAEEE000 - \SystemRoot\System32\DRIVERS\PS2.sys
F77BF000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
F77C7000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BAF90000 - \SystemRoot\System32\DRIVERS\imapi.sys
F77CF000 - \SystemRoot\system32\drivers\Asapiw2k.sys
BAF80000 - \SystemRoot\System32\Drivers\AFS2K.SYS
BA521000 - \SystemRoot\system32\drivers\pfc.sys
BAF70000 - \SystemRoot\System32\DRIVERS\cdrom.sys
BAF60000 - \SystemRoot\System32\DRIVERS\redbook.sys
F77D7000 - \SystemRoot\System32\Drivers\incdrm.SYS
F77DF000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
BA51D000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
BA3A5000 - \SystemRoot\System32\DRIVERS\audstub.sys
F76C7000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
BA509000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B9AA9000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
F76E7000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
BAB24000 - \SystemRoot\System32\DRIVERS\raspptp.sys
F77E7000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B9A98000 - \SystemRoot\System32\DRIVERS\psched.sys
BAB14000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F77EF000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F77F7000 - \SystemRoot\System32\DRIVERS\raspti.sys
BAB04000 - \SystemRoot\System32\Drivers\Pcouffin.sys
BAAF4000 - \SystemRoot\System32\DRIVERS\termdd.sys
F79E3000 - \SystemRoot\System32\DRIVERS\swenum.sys
B9A3A000 - \SystemRoot\System32\DRIVERS\update.sys
BA501000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
BAAE4000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BAAD4000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79E9000 - \SystemRoot\System32\DRIVERS\USBD.SYS
F7807000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
B8805000 - \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys
F79F1000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A91000 - \SystemRoot\System32\Drivers\Null.SYS
F79F3000 - \SystemRoot\System32\Drivers\Beep.SYS
F7A93000 - \SystemRoot\system32\drivers\avgclean.sys
F781F000 - \SystemRoot\System32\drivers\vga.sys
F79F5000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79F7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAEA2000 - \SystemRoot\System32\Drivers\InCDrec.SYS
B87CC000 - \SystemRoot\System32\Drivers\InCDfs.SYS
F773F000 - \SystemRoot\System32\Drivers\Msfs.SYS
F7747000 - \SystemRoot\System32\Drivers\Npfs.SYS
BAE9E000 - \SystemRoot\System32\DRIVERS\rasacd.sys
B87B9000 - \SystemRoot\System32\DRIVERS\ipsec.sys
B8760000 - \SystemRoot\System32\DRIVERS\tcpip.sys
B8738000 - \SystemRoot\System32\DRIVERS\netbt.sys
BAE96000 - \SystemRoot\System32\drivers\ws2ifsl.sys
B8716000 - \SystemRoot\System32\drivers\afd.sys
BAAB4000 - \SystemRoot\System32\DRIVERS\netbios.sys
BA5DC000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
BAE92000 - \SystemRoot\System32\DRIVERS\srvkp.sys
B86EB000 - \SystemRoot\System32\DRIVERS\rdbss.sys
F7A92000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS
B867B000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
BA731000 - \SystemRoot\System32\Drivers\Fips.SYS
B8655000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BA721000 - \SystemRoot\System32\DRIVERS\wanarp.sys
BA711000 - \SystemRoot\System32\DRIVERS\arp1394.sys
BA5D4000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
BA5C4000 - \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys
BA5BC000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS
B85CC000 - \SystemRoot\system32\DRIVERS\avipbb.sys
F79FB000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
F79FD000 - \SystemRoot\System32\Drivers\avg7rsw.sys
B9A21000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
B838F000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B9A11000 - \SystemRoot\System32\DRIVERS\usbscan.sys
F7777000 - \SystemRoot\System32\DRIVERS\usbprint.sys
F777F000 - \SystemRoot\system32\DRIVERS\HPZius12.sys
F7566000 - \SystemRoot\system32\DRIVERS\HPZid412.sys
B82E8000 - \SystemRoot\system32\DRIVERS\lvvi500a.sys
F7556000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
BAE6E000 - \SystemRoot\system32\DRIVERS\LVBulk.sys
F7546000 - \SystemRoot\system32\drivers\lvsound2.sys
BAE6A000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys
B82A8000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F7997000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
F7536000 - \SystemRoot\system32\drivers\sysaudio.sys
BF800000 - \SystemRoot\System32\win32k.sys
B8357000 - \SystemRoot\System32\drivers\Dxapi.sys
B8625000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F7A68000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
B861D000 - \SystemRoot\system32\DRIVERS\tifsfilt.sys
B7E63000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
B7AF8000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F79B9000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B7BF5000 - \SystemRoot\System32\drivers\aspi32.sys
B79CB000 - \SystemRoot\system32\drivers\wdmaud.sys
B798F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
B7AC8000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys
B7915000 - \SystemRoot\System32\DRIVERS\srv.sys
B797F000 - \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys
B72F4000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B60FC000 - \SystemRoot\system32\drivers\kmixer.sys
B2CC4000 - \SystemRoot\System32\DRIVERS\gwausb.sys
F778F000 - \SystemRoot\system32\DRIVERS\TTCinergyT2BDA.sys
BA5EB000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 154
Liste des programmes installes
1500
1500_Help
1500Trb
4Musics Multiformat Converter v1.4
ABBYY PDF Transformer 1.0
ABBYY PDF Transformer 2.0
AC-3 ACM Decompressor
ACDSee 5.0 Standard
Acronis True Image Home
Ad-Aware
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop Album 2.0 Edition Découverte
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Stock Photos 1.0
AIDA32 v3.93
AiO_Scan
AiOSoftware
AnmanieSMP 2.4 i
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ArcSoft Collage Creator
ArcSoft Multimedia Email
ArcSoft PhotoBase 3
ArcSoft PhotoImpression 5
ArcSoft PhotoStudio 5
ArcSoft VideoImpression 2
Ashampoo CD Recording Suite 2004
Ashampoo Photo Illuminator 2
Assistant de connexion Windows Live
Audacity 1.2.3
AutoWebCam
Avery DesignPro
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Azureus
Barre d'outils MSN
Bonjour
BSPlayer
BufferChm
CameraDrivers
CCleaner (remove only)
CDBurnerXP Pro 3
CDex extraction audio
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Complément Microsoft Word pour Microsoft Works Suite
Connexion Facile à Internet
Connexion Facile à Internet
Conseiller de mise à niveau Windows Vista
ConvertXtoDVD 2.0.15
Copernic Agent Basic
Copernic Desktop Search
Copy
Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows Internet Explorer 7 (KB947864)
Correctif pour Windows XP (KB952287)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Creative DVD Audio Plugin for Audigy Series
Creative EAX Console
Creative MediaSource
Creative System Information
Creative Vienna SoundFont Studio
CreativeProjects
CueTour
CustomerResearchQFolder
Cuttermaran 1.61
Debut
Destinations
Device Control
DeviceFunctionQFolder
DeviceManagementQFolder
DiscWizard for Windows
DivXG400
DocProc
DocumentViewer
DocumentViewerQFolder
DScaler 5 Mpeg Decoders
DVD Shrink 3.2
Easy CD-DA Extractor 8.0.2
EasyDVDCopyPro
EasyRecovery Professional
EasyRecovery Professional
eMule
eSupportQFolder
EuroThink Lune 1.10
Express Burn
Fax
FileZilla (remove only)
FlashGet 1.9.6.1073
Foxit Reader
FullDPAppQFolder
G-Force
Galerie de photos Windows Live
Gestionnaire Internet
Google Toolbar for Internet Explorer
Gordian Knot Rip Pack 0.33.1
Hewlett-Packard Multimedia Keyboard/Mouse Solution
Hewlett-Packard Multimedia Keyboard/Mouse Solution
HijackThis 2.0.2
Horloge 2005 1.2.0.0
Hotfix for Windows Media Format 11 SDK (KB929399)
HP Deskjet Preloaded Printer Drivers
HP DeskJet Serie 710C (Supprimer uniquement)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
hpg2436
hpg3970
hpg4600
hpg5530
hpg8200
hpmdtab
HPProductAssistant
HpSdpAppCoreApp
HPSystemDiagnostics
Indeo® software
INSTANT TV Uninstaller
InstantShare
InstantShareDevices
Intel A/V Codecs V2.0
InterActual Player
InterVideo WinDVD 7
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
ItsTV 3.0
iTunes
Jasc Paint Shop Pro 9
Java(TM) 6 Update 6
Java(TM) 6 Update 7
K-Lite Mega Codec Pack 3.9.5
KBD
KC Softwares VideoInspector
LaCie Backup Software v1.5.2215
Lame ACM MP3 Codec
Lecteur Windows Media 11
LimeWire 4.18.2
Logitech Desktop Messenger
Logitech ImageStudio
Macromedia Shockwave Player
MAGIX audio cleanic 2003
MAGIX Media Manager silver
MAGIX music + video maker generation 6 deLuxe
MAGIX Photos sur CD & DVD
MAGIX playR jukebox
MAGIX video deLuxe 2004
Malwarebytes' Anti-Malware
MarketResearch
MaxiCompte
Media Library Management Wizard
Memories Disc Creator 2.0
Micro Application - Print eXtreme 2.0
Micro Application - PrintPratic 3
Micro Application - PrintPratic Edition Photo
Micro Application - Super Polices 2000
Micro Application Cloneur Expert
Microangelo Toolset 6
MicroBest Cracklock 3.8.4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Professional
Microsoft Office XP Professional avec FrontPage
Microsoft Picture It! Photo Premium 9
Microsoft Picture It! Photo Premium 9
Microsoft Reader
Microsoft Reader Text-to-Speech pour le français
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951376)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour pour Windows XP (KB942763)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour pour Windows XP (KB951978)
Mobiclip Video Codec
Modem DSL ECI Telecom
MON UNIVERS CORAPHOTOS
monAlbumPhoto
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MovieXone 4.0
MPEG2 Video Encoder
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Multimedia Card Reader
Multimedia Card Reader
Navigateur Orange
Neodivx
neoDVD
neoDVD 7
Nero BackItUp 2 Essentials
Nero Suite
neroxml
NewCopy
NVIDIA Drivers
OmniPage SE
OpenOffice.org Installer 1.0
Paint Shop Pro 7
Panda ActiveScan 2.0
PanoStandAlone
Paramètres de haut-parleur Creative
PC Inspector smart recovery
PDFCreator 0.8.0
PDFmail
Personal License Update Wizard for Windows Media Player
Philips TeleText
Photo et imagerie HP 3.5 - HP Devices
PhotoGallery
Photosmart 140,240,7200,7600,7700,7900 Series
PhotoStage
Picasa 2
Pinnacle VideoSpin
Pixillion
Plus! MP3 Audio Converter LE
PowerDVD
PowerQuest PartitionMagic Pro 7.0
PrintMaster® Gold
Prism Video Converter
ProductContext
PS2
PSShortcutsP
Python 2.2 combined Win32 extensions
Python 2.2.1
QFolder
QuickProjects
QuickTime
Radio Fr Solo 1.5
Radio Media Player
Rainlendar (remove only)
RandMap
Read in Microsoft Reader Add-in for Microsoft Word
Readiris
Readme
RealPlayer
RecordNow!
Retrospect 6.5
Ri4m v4.1
Ri4m v5.0.1d
Rippack v3 beta 16.1
SAGEM F@st 800-840
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Shareaza version 2.2.1.0
SkinsHP1
SkinsHP2
SmartSound Quicktracks Plugin
SmartSound Quicktracks Plugin
Solid Converter PDF v4
SolutionCenter
Some PDF to Word Converter 1.4
Sonic Update Manager
Sonic_PrimoSDK
Sound Blaster Live! 24-bit
SpywareBlaster 4.1
StationRipper 2.14
Status
Studio 9
Sélecteur d'installation de Microsoft Works 2004
Switch Sound File Converter
System Requirements Lab
TerraTec Home Cinema
THOMSON mp3PRO Audio Player
ThreatExpert Memory Scanner 1.0
TMPGEnc MPEG Editor 2.0 Essai
TMPGEnc Plus 2.5
Total Video Converter 3.12 080330
TrayApp
TuneUp E-Mail Backup
TuneUp Utilities 2008
Ulead DVD MovieFactory 3 TV
Uninstall MP3XTC
Unload
User Profile Hive Cleanup Service
VideoLAN VLC media player 0.8.2
VobSub v2.23 (Remove Only)
Wanadoo
Warez 3.0
Warez PRO 3.0
WD Diagnostics
WD Media Center Driver
WebFldrs XP
WebReg
Winamp (remove only)
WinAVIVideoConverter
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Writer
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Service Pack 3
WinPatrol
XnView 1.90.2
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files
29/09/2008 18:16 <REP> .
29/09/2008 18:16 <REP> ..
11/06/2008 10:56 <REP> 3nity Audio CD Extractor
11/06/2008 10:57 <REP> 3nity CD DVD Burner
10/10/2005 12:10 <REP> 4Musics Multiformat Converter
28/07/2005 23:31 <REP> ABBYY PDF Transformer 1.0
06/09/2008 17:03 <REP> ABBYY PDF Transformer 2.0
22/05/2005 17:39 <REP> ACD Systems
16/02/2007 11:49 <REP> Acronis
06/06/2008 14:27 <REP> Actimagine Corp
06/09/2008 14:18 <REP> activePDF
03/08/2006 18:08 <REP> Adobe
27/09/2008 12:45 <REP> Ahead
25/02/2005 08:27 <REP> AIDA32 - Enterprise System Information
11/06/2008 10:59 <REP> AIST
11/06/2008 11:01 <REP> AKVIS
03/01/2007 02:01 <REP> AliveMedia
11/06/2008 11:02 <REP> Allok Video to 3GP Converter
07/03/2007 13:35 <REP> Alwil Software
11/06/2008 11:03 <REP> AmazingMIDI
23/11/2005 01:42 <REP> AnmSMP
08/01/2007 17:43 <REP> AnyVideoConvertorPro
08/02/2007 09:24 <REP> AOL
18/09/2008 23:06 <REP> Apple Software Update
08/06/2008 20:29 <REP> ArcSoft
23/05/2005 11:25 <REP> Ashampoo
27/02/2005 10:58 <REP> Audacity
22/08/2006 00:00 <REP> AutoWebCam
06/06/2008 00:27 <REP> Avira
24/09/2008 10:55 <REP> AviSynth 2.5
17/06/2008 22:55 <REP> AVS4YOU
11/06/2008 11:08 <REP> AVSMedia
04/09/2006 09:04 <REP> Azureus
07/08/2006 19:21 <REP> Belarc
17/09/2005 11:12 <REP> BillP Studios
11/06/2008 11:12 <REP> Biromsoft
29/10/2005 08:52 54 bit.bat
29/10/2005 08:52 54 bit2.bat
29/10/2005 08:52 54 bit3.bat
18/09/2008 23:08 <REP> Bonjour
12/11/2005 23:07 <REP> Broderbund
11/06/2008 11:13 <REP> Calculatrice Euro
13/08/2008 21:34 <REP> CCleaner
03/08/2005 04:59 <REP> CDBurnerXP Pro 3
18/02/2007 12:04 <REP> CDex_170b2
02/01/2004 04:17 <REP> Common Files
02/01/2004 02:32 <REP> ComPlus Applications
03/11/2006 14:05 <REP> Conference
17/08/2005 18:33 <REP> Convar
26/03/2006 22:45 <REP> ConvertMovie 2.2
17/02/2007 09:59 <REP> Copernic Agent
27/02/2005 12:32 <REP> Copernic Desktop Search
11/08/2008 16:38 <REP> CORA
07/10/2006 10:55 <REP> Cracklock
14/04/2006 01:04 <REP> Creative
02/02/2007 11:34 <REP> Cuttermaran
28/06/2008 18:50 <REP> CyberLink
14/02/2005 13:47 <REP> Dantz
19/02/2005 00:34 <REP> DATA BECKER
02/02/2007 11:34 <REP> DesignPro
17/08/2005 09:43 <REP> DigitalSoundPlanet
02/02/2007 11:34 <REP> DiscWizard for Windows
17/02/2007 06:26 <REP> DivX
29/10/2005 13:21 <REP> DivX_311alpha
23/09/2008 10:42 <REP> DScaler5
20/09/2005 20:49 <REP> DVD Shrink
02/02/2007 11:34 <REP> Easy CD-DA Extractor 8
17/02/2007 07:27 <REP> Easy Internet signup
20/09/2005 12:56 <REP> EasyDVDCopyPro
26/09/2008 09:19 <REP> EasyPHP 2.0b1
24/09/2008 15:59 <REP> eChanblard
11/08/2008 07:31 <REP> ECI Telecom
02/02/2007 20:09 <REP> EkiPatchs
29/06/2008 12:55 <REP> eMule
14/08/2008 04:59 <REP> EoRezo
02/02/2007 11:34 <REP> Euro-Calculette
30/04/2006 15:57 <REP> EuroThink
09/03/2005 14:53 <REP> fabamusic
02/02/2007 11:34 <REP> FairUse Wizard 2
25/09/2008 21:18 <REP> Fichiers communs
18/02/2005 12:27 <REP> FileZilla
29/09/2008 15:15 <REP> FlashGet
18/02/2005 16:21 <REP> FlasKMPEG
12/09/2005 13:06 <REP> Foreignword
03/09/2008 14:28 <REP> Foxit Software
08/10/2005 02:15 <REP> F-Secure Internet Security
20/02/2005 22:36 <REP> Gabest
29/10/2005 13:05 <REP> GDiVX Player
18/06/2008 04:14 <REP> Google
03/03/2005 20:32 <REP> GordianKnot
07/02/2007 23:29 <REP> Grisoft
11/08/2006 12:28 <REP> Hewlett-Packard
05/06/2008 23:25 <REP> Horloge 2005
17/10/2006 09:46 <REP> HP
02/02/2007 11:34 <REP> HP DeskJet 710C Series
24/05/2006 15:47 <REP> HP DVD
02/01/2004 04:53 <REP> HP Pavilion PC Help
17/10/2006 10:18 <REP> HP Photosmart M417 FW Files
29/10/2005 08:51 54 inc1.bat
14/02/2005 19:08 <REP> Intel
19/09/2005 07:49 <REP> InterActual
03/09/2008 22:34 <REP> Internet Explorer
24/01/2006 11:07 <REP> InterVideo
18/09/2008 23:09 <REP> iPod
04/09/2008 03:50 <REP> ItsLabel
18/09/2008 23:09 <REP> iTunes
13/11/2005 00:17 <REP> iTunes(2)
13/11/2005 00:11 <REP> iTunes(3)
22/05/2005 17:55 <REP> Jasc Software Inc
17/07/2008 21:12 <REP> Java
18/02/2005 17:39 <REP> KC Softwares
05/06/2008 18:56 <REP> K-Lite Codec Pack
04/06/2008 11:05 <REP> K-Lite Codec Pack(2)
21/09/2006 13:18 <REP> Kodak
20/01/2007 16:39 <REP> LaCie
06/06/2008 16:57 <REP> Lavasoft
18/06/2008 04:17 <REP> LimeWire
11/08/2008 13:36 <REP> Logitech
22/09/2008 18:50 <REP> Malwarebytes' Anti-Malware
02/02/2007 11:34 <REP> MaxiCompte
27/02/2005 13:04 <REP> Maxthon
24/06/2008 23:57 <REP> Mediostream
14/08/2008 10:17 <REP> Messenger
04/05/2006 09:35 <REP> Micro Application
04/09/2008 03:27 <REP> Microangelo Toolset 6
14/06/2008 17:57 <REP> Microsoft CAPICOM 2.1.0.2
30/06/2006 17:37 <REP> microsoft frontpage
08/06/2008 07:28 <REP> Microsoft Office
02/02/2007 11:34 <REP> Microsoft Picture It! 9
03/09/2008 23:09 <REP> Microsoft Reader
03/09/2008 22:31 <REP> Microsoft Reader(2)
03/09/2008 22:30 <REP> Microsoft Reader(3)
18/06/2008 23:12 <REP> Microsoft SQL Server Compact Edition
03/02/2007 12:19 <REP> Microsoft Windows Vista Upgrade Advisor
02/02/2007 11:34 <REP> Microsoft Works
16/11/2006 15:38 <REP> Microsoft Works Suite 2004
11/08/2008 16:13 <REP> monAlbumPhoto
23/10/2006 23:27 <REP> Morgan
14/06/2008 18:43 <REP> Movie Maker
25/02/2007 22:01 <REP> MP3XTC
26/05/2005 09:13 <REP> MSN
19/05/2005 14:28 <REP> MSN Apps
02/01/2004 02:31 <REP> MSN Gaming Zone
19/09/2005 07:48 <REP> MSXML 4.0
14/02/2005 10:00 <REP> Multimedia Card Reader
19/05/2005 14:27 <REP> Music Mixer 3(2).0
13/08/2006 13:45 <REP> MUSK Codec Pack v5
26/06/2008 17:27 <REP> MyMPxPlayer.org
27/09/2008 23:27 <REP> NCH Software
26/09/2008 03:39 <REP> NCH Swift Sound
01/03/2005 02:24 <REP> Neodivx
27/09/2008 12:46 <REP> Nero
14/06/2008 18:40 <REP> NetMeeting
11/08/2006 12:20 <REP> nLite
08/06/2008 19:32 <REP> ONES (F)
18/08/2005 06:36 <REP> Ontrack
25/02/2007 10:59 <REP> OO Software
06/03/2007 15:39 <REP> Orange
14/06/2008 18:40 <REP> Outlook Express
11/06/2008 09:01 <REP> Paint Shop Pro 9
14/06/2008 06:28 <REP> Panda Security
26/10/2005 09:16 <REP> Paragon Software
18/02/2005 04:03 <REP> PC-Doctor for Windows
12/11/2005 23:07 <REP> PDF Editeur 2
29/09/2006 09:07 <REP> PDFCreator
24/06/2008 17:26 <REP> Pegasys Inc
17/02/2005 19:42 <REP> Philips Semiconductors
08/03/2007 06:15 <REP> Picasa2
17/09/2008 12:29 <REP> Pinnacle
08/11/2005 16:14 <REP> PowerQuest
18/09/2008 23:07 <REP> QuickTime
01/10/2006 07:11 <REP> QuickTime(2)
16/12/2005 11:57 <REP> Radio Fr Solo
25/09/2006 02:18 <REP> Rainlendar
29/04/2005 08:22 <REP> Ratajik Software
25/02/2007 22:01 <REP> Raxco
25/09/2008 18:15 <REP> Real
02/01/2004 04:24 <REP> RecordNow!
06/06/2008 10:44 <REP> RegCleaner
04/06/2008 11:06 <REP> RegCleaner(2)
13/11/2005 00:13 <REP> Rippackv3
24/09/2008 23:44 <REP> Ripp-it_AM
30/06/2005 16:34 <REP> Roxio(2)
31/07/2005 05:59 <REP> RTE
30/06/2008 10:28 <REP> SAGEM
14/10/2006 03:58 <REP> SaveNow
14/02/2005 18:27 <REP> ScanSoft
06/06/2008 21:55 <REP> Seagate
19/09/2006 16:54 <REP> Securitoo
02/01/2004 05:01 <REP> Services en ligne
11/06/2008 08:58 <REP> Setup Files
17/12/2005 17:13 <REP> Shareaza
10/10/2005 11:04 <REP> Simon Tools
29/09/2006 09:00 <REP> SimonTools
29/10/2005 08:51 41 sleep.bat
21/08/2006 10:39 <REP> SmartSound Software
06/09/2008 16:35 <REP> SolidDocuments
06/09/2008 15:22 <REP> SomePDF
02/01/2004 04:24 <REP> Sonic
02/03/2005 18:55 <REP> SoundSpectrum
27/09/2008 11:40 <REP> SpywareBlaster
08/06/2008 08:29 <REP> SystemRequirementsLab
23/09/2008 14:35 <REP> TerraTec
25/02/2007 22:00 <REP> TerraTec(2)
15/02/2005 17:36 <REP> THOMSON mp3PRO Audio Player
14/08/2008 10:24 <REP> ThreatExpert Memory Scanner
27/06/2008 01:27 <REP> TMPGenc
25/09/2008 19:58 <REP> Total Video Converter
29/09/2006 09:07 <REP> TuneUp E-Mail Backup
25/09/2008 17:10 <REP> TuneUp Utilities 2008
17/02/2007 07:31 <REP> Ulead Systems
02/02/2007 07:17 <REP> UPHClean
14/02/2005 21:03 <REP> VideoLAN
09/10/2006 07:45 <REP> Virtools Web Player 3.5
13/11/2005 00:12 <REP> Visage
04/09/2006 08:01 <REP> vso
29/09/2008 23:45 <REP> Wanadoo
07/03/2007 15:31 <REP> Warez
14/02/2005 13:47 <REP> WDC
20/02/2005 18:16 <REP> Webteh
08/06/2008 18:14 <REP> Western Digital Technologies
18/02/2007 12:46 <REP> Winamp
29/06/2008 13:21 <REP> WinAVI Video Capture
29/06/2008 13:23 <REP> WinAVIVideoConverter
20/06/2008 10:11 <REP> Windows Live
01/02/2007 12:51 <REP> Windows Live Safety Center
04/12/2006 11:08 <REP> Windows Media Bonus Pack for Windows XP
14/02/2005 18:56 <REP> Windows Media Components
02/12/2006 18:08 <REP> Windows Media Connect 2
21/06/2008 08:19 <REP> Windows Media Player
14/06/2008 18:40 <REP> Windows NT
08/02/2007 23:54 <REP> WinRAR
02/01/2004 02:35 <REP> xerox
17/02/2007 10:38 <REP> XnView
30/11/2005 11:54 <REP> X-OOM
07/03/2007 18:25 <REP> Yahoo!
5 fichier(s) 257 octets
231 Rép(s) 41 003 872 256 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs
25/09/2008 21:18 <REP> .
25/09/2008 21:18 <REP> ..
22/05/2005 17:39 <REP> ACD Systems
16/02/2007 11:49 <REP> Acronis
21/06/2005 10:10 <REP> Adaptec Shared
19/12/2006 15:56 <REP> Adobe
06/12/2005 02:29 <REP> Adobe Systems Shared
27/09/2008 12:46 <REP> Ahead
18/09/2008 23:07 <REP> Apple
16/06/2008 23:33 <REP> AVSMedia
15/02/2005 14:54 <REP> Copernic
02/12/1996 17:44 582 144 dao350.dll
08/09/2006 22:24 <REP> DESIGNER
02/01/2004 03:47 <REP> Hewlett-Packard
02/08/2006 13:34 <REP> HP
22/05/2005 17:55 <REP> InstallShield
24/06/2008 23:58 <REP> InstallShield Shared
19/09/2005 07:49 <REP> InterVideo
22/05/2005 17:57 <REP> Jasc Software Inc
12/11/2006 10:36 <REP> Java
03/09/2008 23:11 <REP> L&H
04/09/2006 12:37 <REP> Logitech
05/05/2006 15:04 <REP> MAGIX Shared
22/05/2005 11:34 <REP> Micro Application Shared
03/09/2008 23:09 <REP> Microsoft Shared
02/01/2004 02:32 <REP> MSSoap
26/04/2006 21:28 <REP> muiq
14/08/2006 20:19 <REP> Nero
02/01/2004 02:28 <REP> ODBC
03/09/2008 23:12 <REP> OverDrive Shared
25/09/2008 18:16 <REP> Real
30/06/2005 16:34 <REP> Roxio Shared(2)
14/02/2005 18:27 <REP> ScanSoft Shared
19/10/2006 06:32 <REP> Services
19/09/2005 12:00 <REP> Softwin
02/01/2004 04:25 <REP> Sonic
19/01/2006 23:43 <REP> Sonic Shared
02/01/2004 02:28 <REP> SpeechEngines
02/01/2004 04:24 <REP> SureThing Shared
21/03/2005 13:24 <REP> SWF Studio
14/06/2008 18:40 <REP> System
23/09/2008 14:35 <REP> TerraTec
17/02/2007 07:31 <REP> Ulead Systems
10/06/2008 13:15 <REP> Wise Installation Wizard
25/09/2008 18:16 <REP> xing shared
06/09/2008 15:27 <REP> XpressUpdate
17/09/2008 12:29 <REP> Yahoo!
1 fichier(s) 582 144 octets
46 Rép(s) 41 003 872 256 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
14/06/2008 20:37 <REP> .
14/06/2008 20:37 <REP> ..
15/02/2005 09:49 <REP> 1033
08/09/2006 22:15 <REP> 1036
25/04/2006 21:33 967 952 MSONSEXT.DLL
02/05/2006 19:37 40 208 MSOSV.DLL
03/06/1999 22:09 122 937 MSOWS409.DLL
07/03/2001 17:00 127 033 MSOWS40c.DLL
06/08/2000 09:04 401 462 MSVCP60.DLL
29/01/2004 16:08 69 632 PKMAXCTL.DLL
29/01/2004 16:08 868 352 PKMCDO.DLL
29/01/2004 16:08 53 248 PKMCORE.DLL
29/01/2004 16:08 102 400 PKMFORMS.DLL
29/01/2004 16:38 634 880 PKMRES.DLL
29/01/2004 16:08 28 672 PKMSSTLB.DLL
22/01/2001 03:25 40 960 PKMTEMPL.DLL
29/01/2004 16:08 24 576 PKMTRACE.DLL
29/01/2004 16:08 86 016 PKMWS.DLL
29/01/2004 16:08 237 568 PROMDEMO.DLL
18/03/1999 07:37 593 977 RAGENT.DLL
29/01/2004
excute le 30/09/2008 à 0:03:13,03
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->30/09/2008 00:03:09
C:\WINDOWS\prefetch\AVWSC.EXE-21D2C1ED.pf -->30/09/2008 00:02:49
C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->30/09/2008 00:00:55
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->30/09/2008 00:00:42
C:\WINDOWS\prefetch\FLASHGET.EXE-080AD7E9.pf -->30/09/2008
C:\WINDOWS\prefetch\QTTASK.EXE-1876A1A1.pf -->29/09/2008 23:59:36
C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->29/09/2008 23:45:04
C:\WINDOWS\prefetch\RUNDLL32.EXE-56C66659.pf -->29/09/2008 23:38:44
C:\WINDOWS\prefetch\WMIPRVSE.EXE-0D449B4F.pf -->29/09/2008 23:03:05
C:\WINDOWS\prefetch\WUAUCLT.EXE-1360D60A.pf -->29/09/2008 23:02:47
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->10/09/2008 00:04:02
C:\WINDOWS\System32\drivers\mbam.sys -->10/09/2008 00:03:56
C:\WINDOWS\System32\drivers\avipbb.sys -->18/07/2008 12:47:00
C:\WINDOWS\System32\drivers\adidsl.cfg -->30/06/2008 10:43:19
C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12
C:\WINDOWS\System32\drivers\afd.sys -->20/06/2008 13:40:08
C:\WINDOWS\System32\drivers\tcpip6.sys -->20/06/2008 13:08:27
C:\WINDOWS\System32\wpa.dbl -->29/09/2008 18:20:44
C:\WINDOWS\System32\nvapps.xml -->29/09/2008 18:20:42
C:\WINDOWS\System32\default_user_class.dat.LOG -->27/09/2008 20:52:05
C:\WINDOWS\System32\FNTCACHE.DAT -->25/09/2008 21:05:32
C:\WINDOWS\System32\rmoc3260.dll -->25/09/2008 18:16:00
C:\WINDOWS\System32\pndx5032.dll -->25/09/2008 18:15:50
C:\WINDOWS\System32\pndx5016.dll -->25/09/2008 18:15:50
C:\WINDOWS\System32\pncrt.dll -->25/09/2008 18:15:48
C:\WINDOWS\System32\settings.aaw -->06/09/2008 22:29:53
C:\WINDOWS\System32\history.aaw -->06/09/2008 22:29:53
C:\WINDOWS\System32\QuickTimeVR.qtx -->06/09/2008 15:09:18
C:\WINDOWS\System32\QuickTime.qts -->06/09/2008 15:09:18
C:\WINDOWS\System32\Thumbs.db -->04/09/2008 03:31:05
C:\WINDOWS\System32\lvcoinst.log -->03/09/2008 22:36:47
C:\WINDOWS\System32\FOXIT_PDF -->03/09/2008 14:32:24
C:\WINDOWS\System32\dns-sd.exe -->29/08/2008 10:18:58
C:\WINDOWS\System32\dnssd.dll -->29/08/2008 09:53:50
C:\WINDOWS\System32\MRT.exe -->26/08/2008 22:28:12
C:\WINDOWS\System32\TZLog.log -->14/08/2008 10:10:22
C:\WINDOWS\System32\TuneUpDefragService.exe -->14/08/2008 00:49:33
C:\WINDOWS\System32\ssprs.tgz -->11/08/2008 17:03:20
C:\WINDOWS\System32\lsprst7.tgz -->11/08/2008 17:03:19
C:\WINDOWS\System32\sysprs7.tgz -->11/08/2008 16:39:22
C:\WINDOWS\System32\clauth2.dll -->11/08/2008 16:39:22
C:\WINDOWS\System32\clauth1.dll -->11/08/2008 16:39:22
C:\WINDOWS\pfirewall.log -->30/09/2008 00:03:12
C:\WINDOWS\WindowsUpdate.log -->29/09/2008 23:03:24
C:\WINDOWS\setupapi.log -->29/09/2008 18:22:20
C:\WINDOWS\0.log -->29/09/2008 18:20:32
C:\WINDOWS\wiadebug.log -->29/09/2008 18:20:29
C:\WINDOWS\wiaservc.log -->29/09/2008 18:20:26
C:\WINDOWS\bootstat.dat -->29/09/2008 18:20:04
C:\WINDOWS\SchedLgU.Txt -->29/09/2008 18:18:31
C:\WINDOWS\NeroDigital.ini -->29/09/2008 04:41:00
C:\WINDOWS\mmproxy_40.mdb -->29/09/2008 03:48:56
C:\WINDOWS\pfirewall.log.old -->28/09/2008 11:22:03
C:\WINDOWS\wmsetup.log -->26/09/2008 09:26:09
C:\WINDOWS\win.ini -->26/09/2008 01:07:31
C:\WINDOWS\system.ini -->26/09/2008 01:07:31
C:\WINDOWS\avisplitter.INI -->25/09/2008 15:00:50
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1708
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll
0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x10000000 0xe000 C:\Program Files\ArcSoft\PhotoImpression 5\share\pihook.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll
0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll
0x00bd0000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x00bf0000 0xf000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
0x73e60000 0x5c000 5.03.2600.5512 C:\WINDOWS\system32\DSOUND.dll
0x00e10000 0x19000 2.10.0006.0003 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x01b00000 0x56000 7.10.3052.0004 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
0x034e0000 0x73000 10.00.0000.4871 C:\Program Files\Acronis\TrueImageHome\tishell.dll
0x01690000 0x1f000 3.03.0000.0443 C:\Program Files\Acronis\TrueImageHome\timounter.dll
0x02080000 0x2c000 C:\Program Files\WinRAR\rarext.dll
0x02aa0000 0x40000 4.00.0560.0000 C:\Program Files\SolidDocuments\Solid Converter PDF v4\SCPDFV4\ExploreExtPDFv4.dll
0x01bc0000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x020b0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
0x017f0000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~2\SDShelEx-win32.dll
0x00c00000 0xd000 1.08.0004.1007 C:\Program Files\FlashGet\fgmgr.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\System32\wshext.dll
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 844
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x012b0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system
07/05/1998 17:04 52 736 hpsysdrv.exe
10/09/1999 13:06 4 672 wowpost.exe
2 fichier(s) 57 408 octets
0 Rép(s) 41 004 433 408 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\system32
14/04/2008 04:33 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 41 004 433 408 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\WINDOWS\Downloaded Program Files
24/09/2008 21:54 <REP> .
24/09/2008 21:54 <REP> ..
21/05/2008 12:56 124 208 as2stubie.dll
22/05/2008 16:04 395 as2stubie.inf
24/08/2006 09:28 141 424 asinst.dll
22/08/2006 10:06 537 asinst.inf
07/12/2004 17:07 32 bdcore.dll
25/05/2006 01:21 118 784 bdupd.dll
07/05/2003 13:26 192 512 CamCli.dll
06/06/2008 21:55 <REP> CONFLICT.1
02/01/2004 02:33 65 desktop.ini
15/10/1997 02:52 697 DirectAnimation Java Classes.osd
25/07/2002 17:13 24 576 dwusplay.dll
25/07/2002 17:13 196 608 dwusplay.exe
25/06/2006 13:50 1 793 erma.inf
10/04/2000 18:12 1 765 fhg.inf
07/05/2003 13:26 180 224 ijl11.dll
25/05/2006 01:21 53 248 ipsupd.dll
16/06/2004 06:02 323 584 isusweb.dll
12/10/2006 05:07 896 jinstall-1_5_0_09.inf
25/04/2008 05:02 1 060 jinstall-6u6.inf
16/03/2005 12:34 7 407 lang.ini
11/12/2006 17:44 367 LegitCheckControl.inf
18/07/2007 14:49 12 592 libcomm.dll
07/12/2004 17:07 32 libfn.dll
13/02/2008 17:55 130 live.ini
20/01/2000 16:25 1 162 Microsoft XML Parser for Java.osd
30/07/2007 19:24 295 muweb.inf
12/09/2007 08:46 259 NvidiaSmartScan.inf
04/10/2007 07:52 323 584 NvidiaSmartScan.ocx
29/10/2007 16:45 1 244 oscan8.inf
25/10/2007 16:54 471 040 oscan8.ocx
22/09/2004 16:59 110 592 PURen-us.dll
15/10/2004 08:59 110 592 PURfr-xx.dll
09/10/2003 11:32 144 QTPlugin.inf
14/03/2005 14:58 7 073 scanoptions.tsi
16/02/2005 10:04 116 880 setup.exe
09/11/2006 15:36 5 019 swflash.inf
28/05/2008 15:06 267 568 sysreqlab3.dll
28/05/2008 15:06 667 SysReqLab3.osd
27/07/2006 16:33 452 920 wlscBase.dll
02/11/2005 18:01 1 777 xscan.inf
02/11/2005 18:07 435 712 xscan53.ocx
40 fichier(s) 3 689 464 octets
Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1
06/06/2008 21:55 <REP> .
06/06/2008 21:55 <REP> ..
24/08/2006 09:28 141 424 asinst.dll
22/08/2006 10:06 537 asinst.inf
30/09/2004 08:52 214 312 SysInfo.dll
3 fichier(s) 356 273 octets
Total des fichiers listés :
43 fichier(s) 4 045 737 octets
5 Rép(s) 41 004 433 408 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe"="C:\\Program Files\\Wanadoo\\WOOBrowser\\WOOBrowser.exe:*:Enabled:Navigateur Internet"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe:*:Enabled:WinDVD"
"C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\tvtvSetup\\tvtv_Wizard.exe:*:Enabled:TerraTec tvtv Setup"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe:*:Enabled:TerraTec Auto Update"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\ChannelEditor\\CinergyDvrChannelEditor.exe:*:Enabled:TerraTec ChannelEditor"
"C:\\Program Files\\Warez\\Warez.exe"="C:\\Program Files\\Warez\\Warez.exe:*:Enabled:Warez3"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin"="C:\\Program Files\\AIDA32 - Enterprise System Information\\aida32.bin:*:Disabled:AIDA32 - Worldwide SysInfo Tool"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"="C:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"="C:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe:*:Enabled:TerraTec Home Cinema (Setup)"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
"DisableRegistryTools"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-30 00:03:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
280 - Watch.exe
344 - nvsvc32.exe
472 - HPZipm12.exe
548 - retrorun.exe
556 - wdsvc.exe
820 - csrss.exe
844 - winlogon.exe
888 - services.exe
900 - lsass.exe
1000 - svchost.exe
1048 - uphclean.exe
1056 - msnmsgr.exe
1116 - svchost.exe
1148 - iexplore.exe
1188 - svchost.exe
1232 - svchost.exe
1492 - aawservice.exe
1544 - ComComp.exe
1652 - TaskBarIcon.exe
1708 - explorer.exe
1828 - sched.exe
1952 - avguard.exe
1976 - AppleMobileDevi
1988 - bgsvcgen.exe
2032 - mDNSResponder.e
2192 - alg.exe
2292 - WDBtnMgr.exe
2316 - SetIcon.exe
2588 - CTSysVol.exe
2612 - TrueImageMonito
2644 - avgnt.exe
2784 - InCD.exe
2808 - cmd.exe
2932 - LogiTray.exe
3028 - iTunesHelper.ex
3200 - PCHButton.exe
3220 - ctfmon.exe
3252 - NMBgMonitor.exe
3336 - iPodService.exe
3360 - dslmon.exe
3376 - LogitechDesktop
3404 - Horloge 2005.ex
3420 - Rainlendar.exe
3532 - NMIndexingServi
3576 - GestionnaireInt
3632 - usnsvc.exe
3660 - NMIndexStoreSvr
4000 - flashget.exe
4060 - Toaster.exe
4068 - Inactivity.exe
4076 - PollingModule.e
4092 - ALERTM~1.EXE
Total number of processes = 53
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntoskrnl.exe
806EE000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7607000 - MountMgr.sys
F74D7000 - ftdisk.sys
F770F000 - PartMgr.sys
F7617000 - VolSnap.sys
F74BF000 - atapi.sys
F7627000 - disk.sys
F7637000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F749F000 - fltmgr.sys
F748D000 - sr.sys
F7647000 - PxHelp20.sys
F789B000 - PzWDM.sys
F7476000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7449000 - NDIS.sys
F7838000 - timntr.sys
F7717000 - viaagp1.sys
F742E000 - snapman.sys
F7657000 - SISAGPX.sys
F7667000 - sbp2port.sys
F7677000 - ohci1394.sys
F7687000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS
BAF46000 - Mup.sys
F7697000 - agp440.sys
F76D7000 - \SystemRoot\System32\DRIVERS\nic1394.sys
BAFD0000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B9D0E000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys
B9CFA000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
F779F000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B9CD6000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F77A7000 - \SystemRoot\System32\DRIVERS\usbehci.sys
F77AF000 - \SystemRoot\System32\DRIVERS\usbohci.sys
B9B82000 - \SystemRoot\system32\drivers\P17.sys
B9B5E000 - \SystemRoot\system32\drivers\portcls.sys
BAFC0000 - \SystemRoot\system32\drivers\drmk.sys
B9B3B000 - \SystemRoot\system32\drivers\ks.sys
B9B0B000 - \SystemRoot\System32\DRIVERS\ctoss2k.sys
B9AE5000 - \SystemRoot\System32\DRIVERS\ctsfm2k.sys
BAFB0000 - \SystemRoot\System32\DRIVERS\R8139n51.SYS
B9AD4000 - \SystemRoot\System32\DRIVERS\serial.sys
BAE5E000 - \SystemRoot\System32\DRIVERS\serenum.sys
F77B7000 - \SystemRoot\System32\DRIVERS\fdc.sys
B9AC0000 - \SystemRoot\System32\DRIVERS\parport.sys
BAFA0000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
BAEEE000 - \SystemRoot\System32\DRIVERS\PS2.sys
F77BF000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
F77C7000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BAF90000 - \SystemRoot\System32\DRIVERS\imapi.sys
F77CF000 - \SystemRoot\system32\drivers\Asapiw2k.sys
BAF80000 - \SystemRoot\System32\Drivers\AFS2K.SYS
BA521000 - \SystemRoot\system32\drivers\pfc.sys
BAF70000 - \SystemRoot\System32\DRIVERS\cdrom.sys
BAF60000 - \SystemRoot\System32\DRIVERS\redbook.sys
F77D7000 - \SystemRoot\System32\Drivers\incdrm.SYS
F77DF000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
BA51D000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
BA3A5000 - \SystemRoot\System32\DRIVERS\audstub.sys
F76C7000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
BA509000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B9AA9000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
F76E7000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
BAB24000 - \SystemRoot\System32\DRIVERS\raspptp.sys
F77E7000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B9A98000 - \SystemRoot\System32\DRIVERS\psched.sys
BAB14000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F77EF000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F77F7000 - \SystemRoot\System32\DRIVERS\raspti.sys
BAB04000 - \SystemRoot\System32\Drivers\Pcouffin.sys
BAAF4000 - \SystemRoot\System32\DRIVERS\termdd.sys
F79E3000 - \SystemRoot\System32\DRIVERS\swenum.sys
B9A3A000 - \SystemRoot\System32\DRIVERS\update.sys
BA501000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
BAAE4000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BAAD4000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79E9000 - \SystemRoot\System32\DRIVERS\USBD.SYS
F7807000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
B8805000 - \??\C:\WINDOWS\system32\drivers\SSHDRV65.sys
F79F1000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A91000 - \SystemRoot\System32\Drivers\Null.SYS
F79F3000 - \SystemRoot\System32\Drivers\Beep.SYS
F7A93000 - \SystemRoot\system32\drivers\avgclean.sys
F781F000 - \SystemRoot\System32\drivers\vga.sys
F79F5000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79F7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAEA2000 - \SystemRoot\System32\Drivers\InCDrec.SYS
B87CC000 - \SystemRoot\System32\Drivers\InCDfs.SYS
F773F000 - \SystemRoot\System32\Drivers\Msfs.SYS
F7747000 - \SystemRoot\System32\Drivers\Npfs.SYS
BAE9E000 - \SystemRoot\System32\DRIVERS\rasacd.sys
B87B9000 - \SystemRoot\System32\DRIVERS\ipsec.sys
B8760000 - \SystemRoot\System32\DRIVERS\tcpip.sys
B8738000 - \SystemRoot\System32\DRIVERS\netbt.sys
BAE96000 - \SystemRoot\System32\drivers\ws2ifsl.sys
B8716000 - \SystemRoot\System32\drivers\afd.sys
BAAB4000 - \SystemRoot\System32\DRIVERS\netbios.sys
BA5DC000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
BAE92000 - \SystemRoot\System32\DRIVERS\srvkp.sys
B86EB000 - \SystemRoot\System32\DRIVERS\rdbss.sys
F7A92000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS
B867B000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
BA731000 - \SystemRoot\System32\Drivers\Fips.SYS
B8655000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BA721000 - \SystemRoot\System32\DRIVERS\wanarp.sys
BA711000 - \SystemRoot\System32\DRIVERS\arp1394.sys
BA5D4000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
BA5C4000 - \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys
BA5BC000 - \SystemRoot\System32\DRIVERS\USBSTOR.SYS
B85CC000 - \SystemRoot\system32\DRIVERS\avipbb.sys
F79FB000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
F79FD000 - \SystemRoot\System32\Drivers\avg7rsw.sys
B9A21000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
B838F000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B9A11000 - \SystemRoot\System32\DRIVERS\usbscan.sys
F7777000 - \SystemRoot\System32\DRIVERS\usbprint.sys
F777F000 - \SystemRoot\system32\DRIVERS\HPZius12.sys
F7566000 - \SystemRoot\system32\DRIVERS\HPZid412.sys
B82E8000 - \SystemRoot\system32\DRIVERS\lvvi500a.sys
F7556000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
BAE6E000 - \SystemRoot\system32\DRIVERS\LVBulk.sys
F7546000 - \SystemRoot\system32\drivers\lvsound2.sys
BAE6A000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys
B82A8000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F7997000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
F7536000 - \SystemRoot\system32\drivers\sysaudio.sys
BF800000 - \SystemRoot\System32\win32k.sys
B8357000 - \SystemRoot\System32\drivers\Dxapi.sys
B8625000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F7A68000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\nv4_disp.dll
B861D000 - \SystemRoot\system32\DRIVERS\tifsfilt.sys
B7E63000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
B7AF8000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F79B9000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B7BF5000 - \SystemRoot\System32\drivers\aspi32.sys
B79CB000 - \SystemRoot\system32\drivers\wdmaud.sys
B798F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
B7AC8000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys
B7915000 - \SystemRoot\System32\DRIVERS\srv.sys
B797F000 - \??\C:\WINDOWS\system32\Drivers\uphcleanhlp.sys
B72F4000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B60FC000 - \SystemRoot\system32\drivers\kmixer.sys
B2CC4000 - \SystemRoot\System32\DRIVERS\gwausb.sys
F778F000 - \SystemRoot\system32\DRIVERS\TTCinergyT2BDA.sys
BA5EB000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 154
Liste des programmes installes
1500
1500_Help
1500Trb
4Musics Multiformat Converter v1.4
ABBYY PDF Transformer 1.0
ABBYY PDF Transformer 2.0
AC-3 ACM Decompressor
ACDSee 5.0 Standard
Acronis True Image Home
Ad-Aware
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Help Center 1.0
Adobe Photoshop Album 2.0 Edition Découverte
Adobe Photoshop CS2
Adobe Photoshop CS2
Adobe Stock Photos 1.0
AIDA32 v3.93
AiO_Scan
AiOSoftware
AnmanieSMP 2.4 i
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ArcSoft Collage Creator
ArcSoft Multimedia Email
ArcSoft PhotoBase 3
ArcSoft PhotoImpression 5
ArcSoft PhotoStudio 5
ArcSoft VideoImpression 2
Ashampoo CD Recording Suite 2004
Ashampoo Photo Illuminator 2
Assistant de connexion Windows Live
Audacity 1.2.3
AutoWebCam
Avery DesignPro
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
Azureus
Barre d'outils MSN
Bonjour
BSPlayer
BufferChm
CameraDrivers
CCleaner (remove only)
CDBurnerXP Pro 3
CDex extraction audio
Codeur Windows Media Série 9
Codeur Windows Media Série 9
Complément Microsoft Word pour Microsoft Works Suite
Connexion Facile à Internet
Connexion Facile à Internet
Conseiller de mise à niveau Windows Vista
ConvertXtoDVD 2.0.15
Copernic Agent Basic
Copernic Desktop Search
Copy
Correctif Lecteur Windows Media 9 [Voir KB885492 pour plus d'informations]
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows Internet Explorer 7 (KB947864)
Correctif pour Windows XP (KB952287)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Creative DVD Audio Plugin for Audigy Series
Creative EAX Console
Creative MediaSource
Creative System Information
Creative Vienna SoundFont Studio
CreativeProjects
CueTour
CustomerResearchQFolder
Cuttermaran 1.61
Debut
Destinations
Device Control
DeviceFunctionQFolder
DeviceManagementQFolder
DiscWizard for Windows
DivXG400
DocProc
DocumentViewer
DocumentViewerQFolder
DScaler 5 Mpeg Decoders
DVD Shrink 3.2
Easy CD-DA Extractor 8.0.2
EasyDVDCopyPro
EasyRecovery Professional
EasyRecovery Professional
eMule
eSupportQFolder
EuroThink Lune 1.10
Express Burn
Fax
FileZilla (remove only)
FlashGet 1.9.6.1073
Foxit Reader
FullDPAppQFolder
G-Force
Galerie de photos Windows Live
Gestionnaire Internet
Google Toolbar for Internet Explorer
Gordian Knot Rip Pack 0.33.1
Hewlett-Packard Multimedia Keyboard/Mouse Solution
Hewlett-Packard Multimedia Keyboard/Mouse Solution
HijackThis 2.0.2
Horloge 2005 1.2.0.0
Hotfix for Windows Media Format 11 SDK (KB929399)
HP Deskjet Preloaded Printer Drivers
HP DeskJet Serie 710C (Supprimer uniquement)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
hpg2436
hpg3970
hpg4600
hpg5530
hpg8200
hpmdtab
HPProductAssistant
HpSdpAppCoreApp
HPSystemDiagnostics
Indeo® software
INSTANT TV Uninstaller
InstantShare
InstantShareDevices
Intel A/V Codecs V2.0
InterActual Player
InterVideo WinDVD 7
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
ItsTV 3.0
iTunes
Jasc Paint Shop Pro 9
Java(TM) 6 Update 6
Java(TM) 6 Update 7
K-Lite Mega Codec Pack 3.9.5
KBD
KC Softwares VideoInspector
LaCie Backup Software v1.5.2215
Lame ACM MP3 Codec
Lecteur Windows Media 11
LimeWire 4.18.2
Logitech Desktop Messenger
Logitech ImageStudio
Macromedia Shockwave Player
MAGIX audio cleanic 2003
MAGIX Media Manager silver
MAGIX music + video maker generation 6 deLuxe
MAGIX Photos sur CD & DVD
MAGIX playR jukebox
MAGIX video deLuxe 2004
Malwarebytes' Anti-Malware
MarketResearch
MaxiCompte
Media Library Management Wizard
Memories Disc Creator 2.0
Micro Application - Print eXtreme 2.0
Micro Application - PrintPratic 3
Micro Application - PrintPratic Edition Photo
Micro Application - Super Polices 2000
Micro Application Cloneur Expert
Microangelo Toolset 6
MicroBest Cracklock 3.8.4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Professional
Microsoft Office XP Professional avec FrontPage
Microsoft Picture It! Photo Premium 9
Microsoft Picture It! Photo Premium 9
Microsoft Reader
Microsoft Reader Text-to-Speech pour le français
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951376)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour pour Windows XP (KB942763)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour pour Windows XP (KB951978)
Mobiclip Video Codec
Modem DSL ECI Telecom
MON UNIVERS CORAPHOTOS
monAlbumPhoto
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MovieXone 4.0
MPEG2 Video Encoder
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Multimedia Card Reader
Multimedia Card Reader
Navigateur Orange
Neodivx
neoDVD
neoDVD 7
Nero BackItUp 2 Essentials
Nero Suite
neroxml
NewCopy
NVIDIA Drivers
OmniPage SE
OpenOffice.org Installer 1.0
Paint Shop Pro 7
Panda ActiveScan 2.0
PanoStandAlone
Paramètres de haut-parleur Creative
PC Inspector smart recovery
PDFCreator 0.8.0
PDFmail
Personal License Update Wizard for Windows Media Player
Philips TeleText
Photo et imagerie HP 3.5 - HP Devices
PhotoGallery
Photosmart 140,240,7200,7600,7700,7900 Series
PhotoStage
Picasa 2
Pinnacle VideoSpin
Pixillion
Plus! MP3 Audio Converter LE
PowerDVD
PowerQuest PartitionMagic Pro 7.0
PrintMaster® Gold
Prism Video Converter
ProductContext
PS2
PSShortcutsP
Python 2.2 combined Win32 extensions
Python 2.2.1
QFolder
QuickProjects
QuickTime
Radio Fr Solo 1.5
Radio Media Player
Rainlendar (remove only)
RandMap
Read in Microsoft Reader Add-in for Microsoft Word
Readiris
Readme
RealPlayer
RecordNow!
Retrospect 6.5
Ri4m v4.1
Ri4m v5.0.1d
Rippack v3 beta 16.1
SAGEM F@st 800-840
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Shareaza version 2.2.1.0
SkinsHP1
SkinsHP2
SmartSound Quicktracks Plugin
SmartSound Quicktracks Plugin
Solid Converter PDF v4
SolutionCenter
Some PDF to Word Converter 1.4
Sonic Update Manager
Sonic_PrimoSDK
Sound Blaster Live! 24-bit
SpywareBlaster 4.1
StationRipper 2.14
Status
Studio 9
Sélecteur d'installation de Microsoft Works 2004
Switch Sound File Converter
System Requirements Lab
TerraTec Home Cinema
THOMSON mp3PRO Audio Player
ThreatExpert Memory Scanner 1.0
TMPGEnc MPEG Editor 2.0 Essai
TMPGEnc Plus 2.5
Total Video Converter 3.12 080330
TrayApp
TuneUp E-Mail Backup
TuneUp Utilities 2008
Ulead DVD MovieFactory 3 TV
Uninstall MP3XTC
Unload
User Profile Hive Cleanup Service
VideoLAN VLC media player 0.8.2
VobSub v2.23 (Remove Only)
Wanadoo
Warez 3.0
Warez PRO 3.0
WD Diagnostics
WD Media Center Driver
WebFldrs XP
WebReg
Winamp (remove only)
WinAVIVideoConverter
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Writer
Windows Media Bonus Pack for Windows XP
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Service Pack 3
WinPatrol
XnView 1.90.2
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files
29/09/2008 18:16 <REP> .
29/09/2008 18:16 <REP> ..
11/06/2008 10:56 <REP> 3nity Audio CD Extractor
11/06/2008 10:57 <REP> 3nity CD DVD Burner
10/10/2005 12:10 <REP> 4Musics Multiformat Converter
28/07/2005 23:31 <REP> ABBYY PDF Transformer 1.0
06/09/2008 17:03 <REP> ABBYY PDF Transformer 2.0
22/05/2005 17:39 <REP> ACD Systems
16/02/2007 11:49 <REP> Acronis
06/06/2008 14:27 <REP> Actimagine Corp
06/09/2008 14:18 <REP> activePDF
03/08/2006 18:08 <REP> Adobe
27/09/2008 12:45 <REP> Ahead
25/02/2005 08:27 <REP> AIDA32 - Enterprise System Information
11/06/2008 10:59 <REP> AIST
11/06/2008 11:01 <REP> AKVIS
03/01/2007 02:01 <REP> AliveMedia
11/06/2008 11:02 <REP> Allok Video to 3GP Converter
07/03/2007 13:35 <REP> Alwil Software
11/06/2008 11:03 <REP> AmazingMIDI
23/11/2005 01:42 <REP> AnmSMP
08/01/2007 17:43 <REP> AnyVideoConvertorPro
08/02/2007 09:24 <REP> AOL
18/09/2008 23:06 <REP> Apple Software Update
08/06/2008 20:29 <REP> ArcSoft
23/05/2005 11:25 <REP> Ashampoo
27/02/2005 10:58 <REP> Audacity
22/08/2006 00:00 <REP> AutoWebCam
06/06/2008 00:27 <REP> Avira
24/09/2008 10:55 <REP> AviSynth 2.5
17/06/2008 22:55 <REP> AVS4YOU
11/06/2008 11:08 <REP> AVSMedia
04/09/2006 09:04 <REP> Azureus
07/08/2006 19:21 <REP> Belarc
17/09/2005 11:12 <REP> BillP Studios
11/06/2008 11:12 <REP> Biromsoft
29/10/2005 08:52 54 bit.bat
29/10/2005 08:52 54 bit2.bat
29/10/2005 08:52 54 bit3.bat
18/09/2008 23:08 <REP> Bonjour
12/11/2005 23:07 <REP> Broderbund
11/06/2008 11:13 <REP> Calculatrice Euro
13/08/2008 21:34 <REP> CCleaner
03/08/2005 04:59 <REP> CDBurnerXP Pro 3
18/02/2007 12:04 <REP> CDex_170b2
02/01/2004 04:17 <REP> Common Files
02/01/2004 02:32 <REP> ComPlus Applications
03/11/2006 14:05 <REP> Conference
17/08/2005 18:33 <REP> Convar
26/03/2006 22:45 <REP> ConvertMovie 2.2
17/02/2007 09:59 <REP> Copernic Agent
27/02/2005 12:32 <REP> Copernic Desktop Search
11/08/2008 16:38 <REP> CORA
07/10/2006 10:55 <REP> Cracklock
14/04/2006 01:04 <REP> Creative
02/02/2007 11:34 <REP> Cuttermaran
28/06/2008 18:50 <REP> CyberLink
14/02/2005 13:47 <REP> Dantz
19/02/2005 00:34 <REP> DATA BECKER
02/02/2007 11:34 <REP> DesignPro
17/08/2005 09:43 <REP> DigitalSoundPlanet
02/02/2007 11:34 <REP> DiscWizard for Windows
17/02/2007 06:26 <REP> DivX
29/10/2005 13:21 <REP> DivX_311alpha
23/09/2008 10:42 <REP> DScaler5
20/09/2005 20:49 <REP> DVD Shrink
02/02/2007 11:34 <REP> Easy CD-DA Extractor 8
17/02/2007 07:27 <REP> Easy Internet signup
20/09/2005 12:56 <REP> EasyDVDCopyPro
26/09/2008 09:19 <REP> EasyPHP 2.0b1
24/09/2008 15:59 <REP> eChanblard
11/08/2008 07:31 <REP> ECI Telecom
02/02/2007 20:09 <REP> EkiPatchs
29/06/2008 12:55 <REP> eMule
14/08/2008 04:59 <REP> EoRezo
02/02/2007 11:34 <REP> Euro-Calculette
30/04/2006 15:57 <REP> EuroThink
09/03/2005 14:53 <REP> fabamusic
02/02/2007 11:34 <REP> FairUse Wizard 2
25/09/2008 21:18 <REP> Fichiers communs
18/02/2005 12:27 <REP> FileZilla
29/09/2008 15:15 <REP> FlashGet
18/02/2005 16:21 <REP> FlasKMPEG
12/09/2005 13:06 <REP> Foreignword
03/09/2008 14:28 <REP> Foxit Software
08/10/2005 02:15 <REP> F-Secure Internet Security
20/02/2005 22:36 <REP> Gabest
29/10/2005 13:05 <REP> GDiVX Player
18/06/2008 04:14 <REP> Google
03/03/2005 20:32 <REP> GordianKnot
07/02/2007 23:29 <REP> Grisoft
11/08/2006 12:28 <REP> Hewlett-Packard
05/06/2008 23:25 <REP> Horloge 2005
17/10/2006 09:46 <REP> HP
02/02/2007 11:34 <REP> HP DeskJet 710C Series
24/05/2006 15:47 <REP> HP DVD
02/01/2004 04:53 <REP> HP Pavilion PC Help
17/10/2006 10:18 <REP> HP Photosmart M417 FW Files
29/10/2005 08:51 54 inc1.bat
14/02/2005 19:08 <REP> Intel
19/09/2005 07:49 <REP> InterActual
03/09/2008 22:34 <REP> Internet Explorer
24/01/2006 11:07 <REP> InterVideo
18/09/2008 23:09 <REP> iPod
04/09/2008 03:50 <REP> ItsLabel
18/09/2008 23:09 <REP> iTunes
13/11/2005 00:17 <REP> iTunes(2)
13/11/2005 00:11 <REP> iTunes(3)
22/05/2005 17:55 <REP> Jasc Software Inc
17/07/2008 21:12 <REP> Java
18/02/2005 17:39 <REP> KC Softwares
05/06/2008 18:56 <REP> K-Lite Codec Pack
04/06/2008 11:05 <REP> K-Lite Codec Pack(2)
21/09/2006 13:18 <REP> Kodak
20/01/2007 16:39 <REP> LaCie
06/06/2008 16:57 <REP> Lavasoft
18/06/2008 04:17 <REP> LimeWire
11/08/2008 13:36 <REP> Logitech
22/09/2008 18:50 <REP> Malwarebytes' Anti-Malware
02/02/2007 11:34 <REP> MaxiCompte
27/02/2005 13:04 <REP> Maxthon
24/06/2008 23:57 <REP> Mediostream
14/08/2008 10:17 <REP> Messenger
04/05/2006 09:35 <REP> Micro Application
04/09/2008 03:27 <REP> Microangelo Toolset 6
14/06/2008 17:57 <REP> Microsoft CAPICOM 2.1.0.2
30/06/2006 17:37 <REP> microsoft frontpage
08/06/2008 07:28 <REP> Microsoft Office
02/02/2007 11:34 <REP> Microsoft Picture It! 9
03/09/2008 23:09 <REP> Microsoft Reader
03/09/2008 22:31 <REP> Microsoft Reader(2)
03/09/2008 22:30 <REP> Microsoft Reader(3)
18/06/2008 23:12 <REP> Microsoft SQL Server Compact Edition
03/02/2007 12:19 <REP> Microsoft Windows Vista Upgrade Advisor
02/02/2007 11:34 <REP> Microsoft Works
16/11/2006 15:38 <REP> Microsoft Works Suite 2004
11/08/2008 16:13 <REP> monAlbumPhoto
23/10/2006 23:27 <REP> Morgan
14/06/2008 18:43 <REP> Movie Maker
25/02/2007 22:01 <REP> MP3XTC
26/05/2005 09:13 <REP> MSN
19/05/2005 14:28 <REP> MSN Apps
02/01/2004 02:31 <REP> MSN Gaming Zone
19/09/2005 07:48 <REP> MSXML 4.0
14/02/2005 10:00 <REP> Multimedia Card Reader
19/05/2005 14:27 <REP> Music Mixer 3(2).0
13/08/2006 13:45 <REP> MUSK Codec Pack v5
26/06/2008 17:27 <REP> MyMPxPlayer.org
27/09/2008 23:27 <REP> NCH Software
26/09/2008 03:39 <REP> NCH Swift Sound
01/03/2005 02:24 <REP> Neodivx
27/09/2008 12:46 <REP> Nero
14/06/2008 18:40 <REP> NetMeeting
11/08/2006 12:20 <REP> nLite
08/06/2008 19:32 <REP> ONES (F)
18/08/2005 06:36 <REP> Ontrack
25/02/2007 10:59 <REP> OO Software
06/03/2007 15:39 <REP> Orange
14/06/2008 18:40 <REP> Outlook Express
11/06/2008 09:01 <REP> Paint Shop Pro 9
14/06/2008 06:28 <REP> Panda Security
26/10/2005 09:16 <REP> Paragon Software
18/02/2005 04:03 <REP> PC-Doctor for Windows
12/11/2005 23:07 <REP> PDF Editeur 2
29/09/2006 09:07 <REP> PDFCreator
24/06/2008 17:26 <REP> Pegasys Inc
17/02/2005 19:42 <REP> Philips Semiconductors
08/03/2007 06:15 <REP> Picasa2
17/09/2008 12:29 <REP> Pinnacle
08/11/2005 16:14 <REP> PowerQuest
18/09/2008 23:07 <REP> QuickTime
01/10/2006 07:11 <REP> QuickTime(2)
16/12/2005 11:57 <REP> Radio Fr Solo
25/09/2006 02:18 <REP> Rainlendar
29/04/2005 08:22 <REP> Ratajik Software
25/02/2007 22:01 <REP> Raxco
25/09/2008 18:15 <REP> Real
02/01/2004 04:24 <REP> RecordNow!
06/06/2008 10:44 <REP> RegCleaner
04/06/2008 11:06 <REP> RegCleaner(2)
13/11/2005 00:13 <REP> Rippackv3
24/09/2008 23:44 <REP> Ripp-it_AM
30/06/2005 16:34 <REP> Roxio(2)
31/07/2005 05:59 <REP> RTE
30/06/2008 10:28 <REP> SAGEM
14/10/2006 03:58 <REP> SaveNow
14/02/2005 18:27 <REP> ScanSoft
06/06/2008 21:55 <REP> Seagate
19/09/2006 16:54 <REP> Securitoo
02/01/2004 05:01 <REP> Services en ligne
11/06/2008 08:58 <REP> Setup Files
17/12/2005 17:13 <REP> Shareaza
10/10/2005 11:04 <REP> Simon Tools
29/09/2006 09:00 <REP> SimonTools
29/10/2005 08:51 41 sleep.bat
21/08/2006 10:39 <REP> SmartSound Software
06/09/2008 16:35 <REP> SolidDocuments
06/09/2008 15:22 <REP> SomePDF
02/01/2004 04:24 <REP> Sonic
02/03/2005 18:55 <REP> SoundSpectrum
27/09/2008 11:40 <REP> SpywareBlaster
08/06/2008 08:29 <REP> SystemRequirementsLab
23/09/2008 14:35 <REP> TerraTec
25/02/2007 22:00 <REP> TerraTec(2)
15/02/2005 17:36 <REP> THOMSON mp3PRO Audio Player
14/08/2008 10:24 <REP> ThreatExpert Memory Scanner
27/06/2008 01:27 <REP> TMPGenc
25/09/2008 19:58 <REP> Total Video Converter
29/09/2006 09:07 <REP> TuneUp E-Mail Backup
25/09/2008 17:10 <REP> TuneUp Utilities 2008
17/02/2007 07:31 <REP> Ulead Systems
02/02/2007 07:17 <REP> UPHClean
14/02/2005 21:03 <REP> VideoLAN
09/10/2006 07:45 <REP> Virtools Web Player 3.5
13/11/2005 00:12 <REP> Visage
04/09/2006 08:01 <REP> vso
29/09/2008 23:45 <REP> Wanadoo
07/03/2007 15:31 <REP> Warez
14/02/2005 13:47 <REP> WDC
20/02/2005 18:16 <REP> Webteh
08/06/2008 18:14 <REP> Western Digital Technologies
18/02/2007 12:46 <REP> Winamp
29/06/2008 13:21 <REP> WinAVI Video Capture
29/06/2008 13:23 <REP> WinAVIVideoConverter
20/06/2008 10:11 <REP> Windows Live
01/02/2007 12:51 <REP> Windows Live Safety Center
04/12/2006 11:08 <REP> Windows Media Bonus Pack for Windows XP
14/02/2005 18:56 <REP> Windows Media Components
02/12/2006 18:08 <REP> Windows Media Connect 2
21/06/2008 08:19 <REP> Windows Media Player
14/06/2008 18:40 <REP> Windows NT
08/02/2007 23:54 <REP> WinRAR
02/01/2004 02:35 <REP> xerox
17/02/2007 10:38 <REP> XnView
30/11/2005 11:54 <REP> X-OOM
07/03/2007 18:25 <REP> Yahoo!
5 fichier(s) 257 octets
231 Rép(s) 41 003 872 256 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs
25/09/2008 21:18 <REP> .
25/09/2008 21:18 <REP> ..
22/05/2005 17:39 <REP> ACD Systems
16/02/2007 11:49 <REP> Acronis
21/06/2005 10:10 <REP> Adaptec Shared
19/12/2006 15:56 <REP> Adobe
06/12/2005 02:29 <REP> Adobe Systems Shared
27/09/2008 12:46 <REP> Ahead
18/09/2008 23:07 <REP> Apple
16/06/2008 23:33 <REP> AVSMedia
15/02/2005 14:54 <REP> Copernic
02/12/1996 17:44 582 144 dao350.dll
08/09/2006 22:24 <REP> DESIGNER
02/01/2004 03:47 <REP> Hewlett-Packard
02/08/2006 13:34 <REP> HP
22/05/2005 17:55 <REP> InstallShield
24/06/2008 23:58 <REP> InstallShield Shared
19/09/2005 07:49 <REP> InterVideo
22/05/2005 17:57 <REP> Jasc Software Inc
12/11/2006 10:36 <REP> Java
03/09/2008 23:11 <REP> L&H
04/09/2006 12:37 <REP> Logitech
05/05/2006 15:04 <REP> MAGIX Shared
22/05/2005 11:34 <REP> Micro Application Shared
03/09/2008 23:09 <REP> Microsoft Shared
02/01/2004 02:32 <REP> MSSoap
26/04/2006 21:28 <REP> muiq
14/08/2006 20:19 <REP> Nero
02/01/2004 02:28 <REP> ODBC
03/09/2008 23:12 <REP> OverDrive Shared
25/09/2008 18:16 <REP> Real
30/06/2005 16:34 <REP> Roxio Shared(2)
14/02/2005 18:27 <REP> ScanSoft Shared
19/10/2006 06:32 <REP> Services
19/09/2005 12:00 <REP> Softwin
02/01/2004 04:25 <REP> Sonic
19/01/2006 23:43 <REP> Sonic Shared
02/01/2004 02:28 <REP> SpeechEngines
02/01/2004 04:24 <REP> SureThing Shared
21/03/2005 13:24 <REP> SWF Studio
14/06/2008 18:40 <REP> System
23/09/2008 14:35 <REP> TerraTec
17/02/2007 07:31 <REP> Ulead Systems
10/06/2008 13:15 <REP> Wise Installation Wizard
25/09/2008 18:16 <REP> xing shared
06/09/2008 15:27 <REP> XpressUpdate
17/09/2008 12:29 <REP> Yahoo!
1 fichier(s) 582 144 octets
46 Rép(s) 41 003 872 256 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 1CC1-914E
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
14/06/2008 20:37 <REP> .
14/06/2008 20:37 <REP> ..
15/02/2005 09:49 <REP> 1033
08/09/2006 22:15 <REP> 1036
25/04/2006 21:33 967 952 MSONSEXT.DLL
02/05/2006 19:37 40 208 MSOSV.DLL
03/06/1999 22:09 122 937 MSOWS409.DLL
07/03/2001 17:00 127 033 MSOWS40c.DLL
06/08/2000 09:04 401 462 MSVCP60.DLL
29/01/2004 16:08 69 632 PKMAXCTL.DLL
29/01/2004 16:08 868 352 PKMCDO.DLL
29/01/2004 16:08 53 248 PKMCORE.DLL
29/01/2004 16:08 102 400 PKMFORMS.DLL
29/01/2004 16:38 634 880 PKMRES.DLL
29/01/2004 16:08 28 672 PKMSSTLB.DLL
22/01/2001 03:25 40 960 PKMTEMPL.DLL
29/01/2004 16:08 24 576 PKMTRACE.DLL
29/01/2004 16:08 86 016 PKMWS.DLL
29/01/2004 16:08 237 568 PROMDEMO.DLL
18/03/1999 07:37 593 977 RAGENT.DLL
29/01/2004
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
30 sept. 2008 à 00:33
30 sept. 2008 à 00:33
bon pour la suite trop de P2P sur ton PC
C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza
commence déjà par supprimer tout ça !
C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza
commence déjà par supprimer tout ça !
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
30 sept. 2008 à 00:55
30 sept. 2008 à 00:55
Télécharge OTMoveIt (de OldTimer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
clic double sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.
C:\\Program Files\\eMule
C:\\Program Files\\LimeWire
C:\\Program Files\\eChanblard
C:\\Program Files\\Shareaza
EmptyTemp
clique sur MoveIt! pour lancer la suppression.
le résultat apparaîtra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demandé de faire redémarrer le PC pour achever la suppression.
ensuite regarde ceci installe et suit le tuto
http://www.swl1f.net/viewtopic.php?f=14&t=69
@+
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
clic double sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.
C:\\Program Files\\eMule
C:\\Program Files\\LimeWire
C:\\Program Files\\eChanblard
C:\\Program Files\\Shareaza
EmptyTemp
clique sur MoveIt! pour lancer la suppression.
le résultat apparaîtra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demandé de faire redémarrer le PC pour achever la suppression.
ensuite regarde ceci installe et suit le tuto
http://www.swl1f.net/viewtopic.php?f=14&t=69
@+
déjà çà
< C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" >
File/Folder C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" not found.
< "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" >
File/Folder C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire not found.
< "C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule" >
File/Folder C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule not found.
< "C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza >
File/Folder C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaz not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09302008_005804
< C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" >
File/Folder C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" not found.
< "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" >
File/Folder C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire not found.
< "C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule" >
File/Folder C:\\Program Files\\eChanblard\\emule.exe"="C:\\Program Files\\eChanblard\\emule.exe:*:Enabled:eMule not found.
< "C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza >
File/Folder C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaz not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09302008_005804
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
30 sept. 2008 à 01:24
30 sept. 2008 à 01:24
oui excuse erreur de ma part
recommence stp
Télécharge OTMoveIt (de OldTimer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
clic double sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.
clique sur MoveIt! pour lancer la suppression.
le résultat apparaîtra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demandé de faire redémarrer le PC pour achever la suppression.
+ CCleaner de nouveau
recommence stp
Télécharge OTMoveIt (de OldTimer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
clic double sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.
C:\Program Files\eMule C:\Program Files\LimeWire C:\Program Files\eChanblard C:\Program Files\Shareaza EmptyTemp
clique sur MoveIt! pour lancer la suppression.
le résultat apparaîtra dans le cadre Results.
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demandé de faire redémarrer le PC pour achever la suppression.
+ CCleaner de nouveau
C:\Program Files\eMule\webserver\popup moved successfully.
C:\Program Files\eMule\webserver\Groups moved successfully.
C:\Program Files\eMule\webserver\Favorites\Wanadoo moved successfully.
C:\Program Files\eMule\webserver\Favorites\Services moved successfully.
C:\Program Files\eMule\webserver\Favorites\Liens moved successfully.
C:\Program Files\eMule\webserver\Favorites\fi moved successfully.
C:\Program Files\eMule\webserver\Favorites\assedic moved successfully.
C:\Program Files\eMule\webserver\Favorites\amma moved successfully.
C:\Program Files\eMule\webserver\Favorites moved successfully.
C:\Program Files\eMule\webserver moved successfully.
C:\Program Files\eMule\Temp moved successfully.
C:\Program Files\eMule\skins moved successfully.
C:\Program Files\eMule\logs moved successfully.
C:\Program Files\eMule\lang moved successfully.
C:\Program Files\eMule\config moved successfully.
C:\Program Files\eMule moved successfully.
C:\Program Files\LimeWire\root\magnet10 moved successfully.
C:\Program Files\LimeWire\root moved successfully.
C:\Program Files\LimeWire\lib moved successfully.
C:\Program Files\LimeWire\.NetworkShare moved successfully.
C:\Program Files\LimeWire moved successfully.
C:\Program Files\eChanblard\webserver moved successfully.
C:\Program Files\eChanblard\Temp moved successfully.
C:\Program Files\eChanblard\skins moved successfully.
C:\Program Files\eChanblard\logs moved successfully.
C:\Program Files\eChanblard\lang moved successfully.
C:\Program Files\eChanblard\Incoming\- Quick Time 7 Pro Serial moved successfully.
C:\Program Files\eChanblard\Incoming moved successfully.
C:\Program Files\eChanblard\config moved successfully.
C:\Program Files\eChanblard\bin moved successfully.
C:\Program Files\eChanblard moved successfully.
C:\Program Files\Shareaza\Uninstall moved successfully.
C:\Program Files\Shareaza\Skins\Skin+ moved successfully.
C:\Program Files\Shareaza\Skins\ShareazaOS moved successfully.
C:\Program Files\Shareaza\Skins\Shareaza2 moved successfully.
C:\Program Files\Shareaza\Skins\Languages moved successfully.
C:\Program Files\Shareaza\Skins\Corona moved successfully.
C:\Program Files\Shareaza\Skins\BlueStreak moved successfully.
C:\Program Files\Shareaza\Skins moved successfully.
C:\Program Files\Shareaza\Schemas moved successfully.
C:\Program Files\Shareaza\Remote moved successfully.
C:\Program Files\Shareaza\Plugins moved successfully.
C:\Program Files\Shareaza\Data moved successfully.
C:\Program Files\Shareaza moved successfully.
< EmptyTemp >
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF572E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF57C0.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF624E.tmp scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09302008_012830
C:\Program Files\eMule\webserver\Groups moved successfully.
C:\Program Files\eMule\webserver\Favorites\Wanadoo moved successfully.
C:\Program Files\eMule\webserver\Favorites\Services moved successfully.
C:\Program Files\eMule\webserver\Favorites\Liens moved successfully.
C:\Program Files\eMule\webserver\Favorites\fi moved successfully.
C:\Program Files\eMule\webserver\Favorites\assedic moved successfully.
C:\Program Files\eMule\webserver\Favorites\amma moved successfully.
C:\Program Files\eMule\webserver\Favorites moved successfully.
C:\Program Files\eMule\webserver moved successfully.
C:\Program Files\eMule\Temp moved successfully.
C:\Program Files\eMule\skins moved successfully.
C:\Program Files\eMule\logs moved successfully.
C:\Program Files\eMule\lang moved successfully.
C:\Program Files\eMule\config moved successfully.
C:\Program Files\eMule moved successfully.
C:\Program Files\LimeWire\root\magnet10 moved successfully.
C:\Program Files\LimeWire\root moved successfully.
C:\Program Files\LimeWire\lib moved successfully.
C:\Program Files\LimeWire\.NetworkShare moved successfully.
C:\Program Files\LimeWire moved successfully.
C:\Program Files\eChanblard\webserver moved successfully.
C:\Program Files\eChanblard\Temp moved successfully.
C:\Program Files\eChanblard\skins moved successfully.
C:\Program Files\eChanblard\logs moved successfully.
C:\Program Files\eChanblard\lang moved successfully.
C:\Program Files\eChanblard\Incoming\- Quick Time 7 Pro Serial moved successfully.
C:\Program Files\eChanblard\Incoming moved successfully.
C:\Program Files\eChanblard\config moved successfully.
C:\Program Files\eChanblard\bin moved successfully.
C:\Program Files\eChanblard moved successfully.
C:\Program Files\Shareaza\Uninstall moved successfully.
C:\Program Files\Shareaza\Skins\Skin+ moved successfully.
C:\Program Files\Shareaza\Skins\ShareazaOS moved successfully.
C:\Program Files\Shareaza\Skins\Shareaza2 moved successfully.
C:\Program Files\Shareaza\Skins\Languages moved successfully.
C:\Program Files\Shareaza\Skins\Corona moved successfully.
C:\Program Files\Shareaza\Skins\BlueStreak moved successfully.
C:\Program Files\Shareaza\Skins moved successfully.
C:\Program Files\Shareaza\Schemas moved successfully.
C:\Program Files\Shareaza\Remote moved successfully.
C:\Program Files\Shareaza\Plugins moved successfully.
C:\Program Files\Shareaza\Data moved successfully.
C:\Program Files\Shareaza moved successfully.
< EmptyTemp >
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF572E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF57C0.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DF624E.tmp scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09302008_012830
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
30 sept. 2008 à 19:38
30 sept. 2008 à 19:38
Bonsoir
va faire un tour dans ajout et suppression de programme et supprime si tu les vois
@+
va faire un tour dans ajout et suppression de programme et supprime si tu les vois
@+
22 sept. 2008 à 23:31
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:31, on 2008-09-22
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\Installer\MSI129.tmp
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\WDC\SetIcon.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\rmctrl.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Horloge 2005\Horloge 2005.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eo.st
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] ciadvs.exe
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Horloge 2005.lnk = C:\Program Files\Horloge 2005\Horloge 2005.exe
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B243E047-3616-4AC6-B10C-2B27CEC9A913}: NameServer = 80.10.246.1 81.253.149.2
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) - Solid Documents, LLC - C:\WINDOWS\Installer\MSI129.tmp
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
23 sept. 2008 à 14:25