titoine63

bonsoir à tous, j'ai déjà cherché sur internet, et j'ai utilisé la fonction "recherche" sur le forum et je n'ai pas trouvé de renseignements qui pourraient m'aider. Je vous explique ma situation: je possède un ordinateur (packard bell) avec un disque dur de 150 Go, et j'aimerais le remplacer par un autre disque dur (avec une capacité plus grande). Je pensais acheter un boitier externe pour disque dur pour faire de mon ancien disque dur, un disque externe. Et je voudrais partitionner mon nouveau disque, pour pouvoir plus facilement le reformater (au cas ou). Et je ne possède pas le cd d'installation de xp. - dans quel ordre procéder: copie de mes données sur un disque dur externe, remplacement du disque dur, installation d'xp sur le nouveau disque, partition, recopie de mes données ? - comment installer xp sur le nouveau disque dur ? - concernant le boitier externe, en faut-il un en particulier? Merci pour votre aide, Antoine personne pour m'aider?

bonsoir, pour ipl_001: regarde l'heure à laquelle mon post et celui de oGu ont été posté. J'avais subi la même infection, et par conséquent, vu qu'il n'y avait pas de "réponse" avant, je me suis permis de vouloir aider, étant donné qu'un autre sujet portait pratiquement le même nom et qu'il était résolu. Je ne suis pas un désinfecteur pro, mais on peut tous apporter sa contribution, n'est-on pas sur un forum? Antoine

salut, merci pour ta réponse! je tacherais de faire attention la prochaine fois! Antoine

salut, j'ai eu le même problème que toi. tu trouveras la solution sur ce sujet http://forum.zebulon.fr/iexplore-100-pop-up-t151748.html pour moi ca a marché donc j'espère que pour toi aussi. bon courage. Antoine

bonsoir à tous, désolé de upper ce sujet, mais j'avais également le même problème. En effet, iexplore.exe me prenait tout le cpu et j'avais des pubs tout les 10 minutes environ. J'ai suivi la méthode de Pear et ça a marché. Je n'ai plus de problèmes. Mais j'aimerais savoir à quoi cela était dû ? et comment pourrais je éviter une autre "infection" ? pour préciser, je suis sous xp sp2, avast, zonealarme, adaware et a-squared free. merci de votre attention, Antoine.

bon bé en fait c'est bon, c'est reglé...j'avais un problème avec winamp je pense, ou alors c'est peut-être à force d'aller dans le controle de volume, il a peut-être pris mon réglage en compte... merci quand même et bonne continuation...

Salut à tous, J'ai un souci concernant le réglage de mon volume sous Windows XP. En fait, ma barre de volume "Sons Wave" dans la fenêtre de contrôle du volume diminue à chaque fois pour se situer presque au muet, ce qui fait qu'à chaque fois que je lance un programme qui utilise du son (Winamp, Windows Media Player, etc.), je dois remonter le volume via justement cette fenêtre de contrôle du volume. A chaque fois que ca change de chanson, le volume de "Sons wave" reviens a zéro....et c'est assez énervant... quelqu'un a une idée?? merci d'avance

ok le voila, mais il est un peu long quand meme .... et merci a toi charles StartupList report, 17/04/2007, 20:01:27 StartupList version: 1.52.2 Started from : C:\Program Files\HijackThis\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16414) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Wanadoo\GestionnaireInternet.exe C:\Program Files\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Wanadoo\Watch.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe C:\Program Files\HijackThis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\ANTOINE\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run PHIME2002ASync = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC PHIME2002A = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup DAEMON Tools = "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe SunJavaUpdateSched = "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" TkBellExe = "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot WOOWATCH = C:\PROGRA~1\Wanadoo\Watch.exe WOOTASKBARICON = C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe ZoneAlarm Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [Disabled] QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce [setup] Registrando Panda ActiveX = C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\ActiveScan\as.dll Registrando Panda Almacen = C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\ActiveScan\pavpz.dll -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Disabled] MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045} BHO pour Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} (no name) - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -------------------------------------------------- Enumerating Task Scheduler jobs: AE4A37BF913DA903.job Maintenance en 1 clic.job -------------------------------------------------- Enumerating Download Program Files: [interface Chat Voila] CODEBASE = http://chat10.x-echo.com/version6/Applet/vchatsign.cab OSD = C:\WINDOWS\Downloaded Program Files\Interface Chat Voila.osd [interface Chat Wanadoo] CODEBASE = http://chat4.x-echo.com/version8/Applet/wchatsign.cab OSD = C:\WINDOWS\Downloaded Program Files\Interface Chat Wanadoo.osd [Microsoft XML Parser for Java] CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd [shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\macromed\Shockwave 10\Download.dll CODEBASE = http://fpdownload.macromedia.com/pub/shock...director/sw.cab [Checkers Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab [Trend Micro ActiveX Scan Agent 6.6] InProcServer32 = C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll CODEBASE = http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab [MSN Photo Upload Tool] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll CODEBASE = http://spaces.msn.com//PhotoUpload/MsnPUpld.cab [unoCtrl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll CODEBASE = http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab [MUWebControl Class] InProcServer32 = C:\WINDOWS\system32\muweb.dll CODEBASE = http://update.microsoft.com/microsoftupdat...b?1175850351484 [Java Plug-in 1.5.0_11] InProcServer32 = C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...ows-i586-jc.cab [{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}] CODEBASE = http://fpdownload.macromedia.com/get/shock...h/ultrashim.cab [CamImage Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\AxisCamControl.ocx CODEBASE = http://departenvacances.auto.orange.fr/Com...sCamControl.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [MessengerStatsClient Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll CODEBASE = http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab [Java Plug-in 1.5.0] InProcServer32 = C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab [Java Plug-in 1.5.0_11] InProcServer32 = C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab [Java Plug-in 1.5.0_11] InProcServer32 = C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab [Minesweeper Flags Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MineSweeper.dll CODEBASE = http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll Protocol #16: C:\WINDOWS\system32\mswsock.dll Protocol #17: C:\WINDOWS\system32\mswsock.dll Protocol #18: C:\WINDOWS\system32\mswsock.dll Protocol #19: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services abp480n5: system32\DRIVERS\ABP480N5.SYS (system) Pilote ACPI Microsoft: system32\DRIVERS\ACPI.sys (system) General Purpose USB Driver (adildr.sys): System32\Drivers\adildr.sys (autostart) USB ADSL WAN Adapter: system32\DRIVERS\adiusbaw.sys (manual start) Adobe Active File Monitor V4: C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe (autostart) adpu160m: system32\DRIVERS\adpu160m.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Filtre de bus AGP Intel: system32\DRIVERS\agp440.sys (system) Filtre de bus AGP Compaq: system32\DRIVERS\agpCPQ.sys (system) Aha154x: system32\DRIVERS\aha154x.sys (system) aic78u2: system32\DRIVERS\aic78u2.sys (system) aic78xx: system32\DRIVERS\aic78xx.sys (system) Alcatel SpeedTouch USB ADSL PPPoA Networking Driver (NDIS): system32\DRIVERS\alcan5wn.sys (manual start) Alcatel Speed Touch ADSL Modem ATM Transport: system32\DRIVERS\alcaudsl.sys (manual start) Avertissement: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) AliIde: system32\DRIVERS\aliide.sys (system) Filtre de bus AGP ALI: system32\DRIVERS\alim1541.sys (system) Pilote de filtre du bus AMD AGP: system32\DRIVERS\amdagp.sys (system) Pilote de processeur AMD Athlon64: system32\DRIVERS\AmdK8.sys (system) amsint: system32\DRIVERS\amsint.sys (system) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Protocole client ARP 1394: system32\DRIVERS\arp1394.sys (manual start) asc: system32\DRIVERS\asc.sys (system) asc3350p: system32\DRIVERS\asc3350p.sys (system) asc3550: system32\DRIVERS\asc3550.sys (system) Service d'état ASP.NET: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start) avast! iAVS4 Control Service: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" (autostart) Pilote de média asynchrone RAS: system32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: system32\DRIVERS\atapi.sys (system) Protocole client ATM ARP: system32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: system32\DRIVERS\audstub.sys (manual start) avast! Antivirus: "C:\Program Files\Alwil Software\Avast4\ashServ.exe" (autostart) avast! Mail Scanner: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (manual start) avast! Web Scanner: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Boonty Games: "C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" (manual start) Explorateur d'ordinateur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) cbidf: system32\DRIVERS\cbidf2k.sys (system) Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start) cd20xrnt: system32\DRIVERS\cd20xrnt.sys (system) Pilote de CD-ROM: system32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) CmdIde: system32\DRIVERS\cmdide.sys (system) Application système COM+: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Cpqarray: system32\DRIVERS\cpqarray.sys (system) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) dac2w2k: system32\DRIVERS\dac2w2k.sys (system) dac960nt: system32\DRIVERS\dac960nt.sys (system) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de disque: system32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) dpti2o: system32\DRIVERS\dpti2o.sys (system) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) dtscsi: \SystemRoot\System32\Drivers\dtscsi.sys (manual start) USB ADSL2 WAN Adapter: system32\DRIVERS\e4usbaw.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: system32\DRIVERS\fdc.sys (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Pilote du Gestionnaire de volume: system32\DRIVERS\ftdisk.sys (system) France Telecom Routing Table Service: C:\WINDOWS\System32\FTRTSVC.exe (autostart) Filtre AGP version 3.0 générique Microsoft pour plates-formes à base de processeur K8: system32\DRIVERS\gagp30kx.sys (system) gmer: System32\DRIVERS\gmer.sys (manual start) Classificateur de paquets générique: system32\DRIVERS\msgpc.sys (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start) hpn: system32\DRIVERS\hpn.sys (system) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) i2omp: system32\DRIVERS\i2omp.sys (system) Pilote pour clavier i8042 et souris sur port PS/2: system32\DRIVERS\i8042prt.sys (system) General Purpose USB Driver (e4ldr.sys): System32\Drivers\e4ldr.sys (autostart) Pilote de filtre de gravure CD: system32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\system32\imapi.exe (manual start) InCD File System: system32\drivers\InCDFs.sys (disabled) InCDPass: system32\drivers\InCDPass.sys (system) InCD Reader: system32\drivers\InCDRm.sys (system) ini910u: system32\DRIVERS\ini910u.sys (system) IntelIde: system32\DRIVERS\intelide.sys (system) Pilote du pare-feu Windows IPv6: system32\DRIVERS\Ip6Fw.sys (manual start) Pilote de filtre de trafic IP: system32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: system32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: system32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: system32\DRIVERS\ipsec.sys (system) Service énumérateur IR: system32\DRIVERS\irenum.sys (manual start) Pilote de bus Plug-and-Play ISA/EISA: system32\DRIVERS\isapnp.sys (system) Pilote de la classe Clavier: system32\DRIVERS\kbdclass.sys (system) Pilote HID de clavier: system32\DRIVERS\kbdhid.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) mchInjDrv: \??\C:\WINDOWS\TEMP\mc21.tmp (disabled) Affichage des messages: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Partage de Bureau à distance NetMeeting: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Périphérique de filtrage de flux Unimodem: system32\drivers\MODEMCSA.sys (manual start) Pilote de la classe Souris: system32\DRIVERS\mouclass.sys (system) Pilote HID de souris: system32\DRIVERS\mouhid.sys (manual start) mraid35x: system32\DRIVERS\mraid35x.sys (system) Redirecteur client WebDav: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: system32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Mtlmnt5: system32\DRIVERS\Mtlmnt5.sys (manual start) Mtlstrm: system32\DRIVERS\Mtlstrm.sys (manual start) Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start) Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: system32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: system32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: system32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: system32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: system32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\system32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote réseau 1394: system32\DRIVERS\nic1394.sys (manual start) NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\system32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) NtMtlFax: system32\DRIVERS\NtMtlFax.sys (manual start) nv: system32\DRIVERS\nv4_mini.sys (manual start) NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (autostart) Pilote de filtre de trafic IPX: system32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: system32\DRIVERS\nwlnkfwd.sys (manual start) Contrôleur hôte compatible IEE 1394 VIA OHCI: system32\DRIVERS\ohci1394.sys (system) Office Source Engine: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Trust 320 SpaceCam: System32\Drivers\ov519vid.sys (manual start) Pilote de port parallèle: system32\DRIVERS\parport.sys (manual start) PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCAMPR5.SYS (manual start) PCANDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCANDIS5.SYS (manual start) PCI Bus Driver: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) perc2: system32\DRIVERS\perc2.sys (system) perc2hib: system32\DRIVERS\perc2hib.sys (system) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Services IPSEC: %SystemRoot%\system32\lsass.exe (autostart) Miniport réseau étendu (PPTP): system32\DRIVERS\raspptp.sys (manual start) Pilote processeur: system32\DRIVERS\processr.sys (system) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: system32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) ql1080: system32\DRIVERS\ql1080.sys (system) Ql10wnt: system32\DRIVERS\ql10wnt.sys (system) ql12160: system32\DRIVERS\ql12160.sys (system) ql1240: system32\DRIVERS\ql1240.sys (system) ql1280: system32\DRIVERS\ql1280.sys (system) Pilote de connexion automatique d'accès distant: system32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: system32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Pilote de redirecteur de périphérique Terminal Server: system32\DRIVERS\rdpdr.sys (manual start) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) RecAgent: system32\DRIVERS\RecAgent.sys (system) Pilote de filtre de lecture digitale de CD audio: system32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\system32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver: system32\DRIVERS\R8139n51.SYS (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) SC Test Branding Service 1: "C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe" (manual start) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: system32\DRIVERS\serenum.sys (manual start) Pilote de port série: system32\DRIVERS\serial.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start) Smart Link 56K Modem Driver: system32\DRIVERS\slntamr.sys (manual start) SlNtHal: system32\DRIVERS\Slnthal.sys (manual start) SlWdmSup: system32\DRIVERS\SlWdmSup.sys (manual start) Sparrow: system32\DRIVERS\sparrow.sys (system) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) sptd: System32\Drivers\sptd.sys (system) Pilote de filtre de restauration système: system32\DRIVERS\sr.sys (system) srescan: system32\ZoneLabs\srescan.sys (system) Service de restauration système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Audio Driver (WDM) - SigmaTel CODEC: system32\drivers\STAC97.sys (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: system32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{4F20079B-9003-46EB-AFC3-0037ECFBBC7A} (manual start) symc810: system32\DRIVERS\symc810.sys (system) symc8xx: system32\DRIVERS\symc8xx.sys (system) SymWMI Service: "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe" (autostart) sym_hi: system32\DRIVERS\sym_hi.sys (system) sym_u3: system32\DRIVERS\sym_u3.sys (system) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: system32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: system32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) TosIde: system32\DRIVERS\toside.sys (system) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) TuneUp WinStyler Theme Service: "C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe" (autostart) ultra: system32\DRIVERS\ultra.sys (system) Pilote de mise à jour microcode: system32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote USB audio (WDM): system32\drivers\usbaudio.sys (manual start) Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0: system32\DRIVERS\usbehci.sys (manual start) Pilote de concentrateur standard USB Microsoft: system32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: system32\DRIVERS\usbohci.sys (manual start) Classe d'imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start) Pilote de stockage de masse USB: system32\DRIVERS\USBSTOR.SYS (manual start) Pilote miniport de contrôleur hôte universel USB Microsoft: system32\DRIVERS\usbuhci.sys (manual start) Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) Filtre de bus AGP VIA: system32\DRIVERS\viaagp.sys (system) VIA AGP Filter: system32\DRIVERS\viaagp1.sys (system) ViaIde: system32\DRIVERS\viaide.sys (system) vsdatant: System32\vsdatant.sys (system) TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: system32\DRIVERS\wanarp.sys (manual start) WAN Miniport (ATW): system32\DRIVERS\wanatw4.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Service Partage réseau du Lecteur Windows Media: "C:\Program Files\Windows Media Player\WMPNetwk.exe" (manual start) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 42 277 bytes Report generated in 0.188 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only

mmc8.exe , je l'ai supprimé, mais ca devait pas etre ca... svchost s'est un peu calmé depuis 2 jours, peut etre a cause du pare feu,ou des scan... je sais pas trop...il me rpend environ 3 minutes au démarage...apres c'est bon, mais c'est tojours un peu chiant quoi... et depuis mercredi, j'en suis a 506 intrusions bloqué par zone-alarme dont 80 a risque élevé....et pour chaque, le DNS source c'est le FAI et il change a chaque fois... ya auqqi quelque similitudes dans les IP sources, mais rien de concret...j'espere que ca va finir par se calmer ca aussi... sinon philouq, je peux te conseiller de telecharger spyware doctor, la premiere analyse est automatik, et ares , moi j'ai fais un scan complet, et j'ai du supprimer les fichiers infectés manuellement, car doctor te demande la licence pour pouvoir les suprimer... apres tu le desinstalle... il m'avai trouvé un trojan et "carpe diem" , ainsi que des cookies et des clés non valides... je suis toujours preneur pour une solution... et charles ingals, quelles adreses je dois supprimer??

j'ai supprimer mmc8.exe .... sinon j'ai telecharger spyware doctor, il a fait un premier scan automatique (des le logiciel instalé) et il a trouvé "carpe diem" et des cookies. j'ai tout surpimés. ensuite j'ai fais un scan complet, il a trouvé "trojan.proxy.ranky" mais a la fin, il m'a dit que si je voulais continuer il fallait que j'achete la license... mais il y avait les emplacement des fichier et des clés, j'ai donc cherhcé tout seul dans la base de registre et j'ai supprimé. il marche bien, et il continue a faire les scan, meme si on a pas la license. bon apres faut se demerder tout seul... je voudrais savoir, est ce qe c'est le trojan qui est responsable de ce qui m'arrive? (intrusions, et svchost qui prend mon u.c) ?? merci a vous

je poste un nouveau, parce que ce sera ptet plus clair. dans HDD , parmis les dossier (comme program files, windows etc..) yavé 3 aplications (fichier .exe) . charles ingals, m'avé deja conseiller d'analyser l'une d'entre elle: je vous poste le rapport: Complete scanning result of "mmc8.exe", received in VirusTotal at 04.13.2007, 02:10:16 (CET). Antivirus Version Update Result AhnLab-V3 2007.4.12.0 04.12.2007 no virus found AntiVir 7.3.1.50 04.12.2007 no virus found Authentium 4.93.8 04.12.2007 no virus found Avast 4.7.936.0 04.11.2007 no virus found AVG 7.5.0.447 04.12.2007 no virus found BitDefender 7.2 04.13.2007 no virus found CAT-QuickHeal 9.00 04.12.2007 no virus found ClamAV devel-20070312 04.12.2007 no virus found DrWeb 4.33 04.12.2007 no virus found eSafe 7.0.15.0 04.12.2007 suspicious Trojan/Worm eTrust-Vet 30.7.3564 04.13.2007 no virus found Ewido 4.0 04.12.2007 no virus found FileAdvisor 1 04.13.2007 no virus found Fortinet 2.85.0.0 04.12.2007 no virus found F-Prot 4.3.2.48 04.12.2007 no virus found F-Secure 6.70.13030.0 04.12.2007 no virus found Ikarus T3.1.1.5 04.12.2007 no virus found Kaspersky 4.0.2.24 04.13.2007 no virus found McAfee 5007 04.12.2007 no virus found Microsoft 1.2405 04.12.2007 no virus found NOD32v2 2185 04.13.2007 no virus found Norman 5.80.02 04.12.2007 no virus found Panda 9.0.0.4 04.12.2007 Suspicious file Prevx1 V2 04.13.2007 no virus found Sophos 4.16.0 04.12.2007 no virus found Sunbelt 2.2.907.0 04.07.2007 no virus found Symantec 10 04.13.2007 no virus found TheHacker 6.1.6.088 04.09.2007 no virus found VBA32 3.11.3 04.12.2007 no virus found VirusBuster 4.3.7:9 04.12.2007 no virus found Webwasher-Gateway 6.0.1 04.12.2007 no virus found la je viens de faire pareil pour une autre : Complete scanning result of "grep.exe", received in VirusTotal at 04.13.2007, 14:14:24 (CET). Antivirus Version Update Result AhnLab-V3 2007.4.12.0 04.13.2007 no virus found AntiVir 7.3.1.50 04.13.2007 no virus found Authentium 4.93.8 04.13.2007 no virus found Avast 4.7.936.0 04.11.2007 no virus found AVG 7.5.0.447 04.12.2007 no virus found BitDefender 7.2 04.13.2007 no virus found CAT-QuickHeal 9.00 04.13.2007 no virus found ClamAV devel-20070312 04.13.2007 no virus found DrWeb 4.33 04.13.2007 no virus found eSafe 7.0.15.0 04.12.2007 no virus found eTrust-Vet 30.7.3565 04.13.2007 no virus found Ewido 4.0 04.13.2007 no virus found FileAdvisor 1 04.13.2007 No threat detected Fortinet 2.85.0.0 04.13.2007 no virus found F-Prot 4.3.2.48 04.12.2007 no virus found F-Secure 6.70.13030.0 04.13.2007 no virus found Ikarus T3.1.1.5 04.13.2007 no virus found Kaspersky 4.0.2.24 04.13.2007 no virus found McAfee 5008 04.13.2007 no virus found Microsoft 1.2405 04.13.2007 no virus found NOD32v2 2186 04.13.2007 no virus found Norman 5.80.02 04.12.2007 no virus found Panda 9.0.0.4 04.13.2007 no virus found Prevx1 V2 04.13.2007 no virus found Sophos 4.16.0 04.12.2007 no virus found Sunbelt 2.2.907.0 04.07.2007 no virus found Symantec 10 04.13.2007 no virus found TheHacker 6.1.6.088 04.09.2007 no virus found VBA32 3.11.3 04.13.2007 no virus found VirusBuster 4.3.7:9 04.12.2007 no virus found Webwasher-Gateway 6.0.1 04.13.2007 Virus.Win32.FileInfector.gen!80 (suspicious) j'ai supprimé mmc8.exe deja, et je sais pas quoi faire maintenant de grep.exe merci de votre aide _______________________ [edit angelique --> titoine63 reste dans ton sujet!! j'ai combiné ton dernier message avec ton post deja existant; merci]

j'ai nettoyé la base de registre avec regSeeker (1010 clé supprimées) , j'ai supprimé "mmc8.exe" , et pour l'instant c'est pareil. enifn a chaque demarage, svchost me bouffe mon u.c. et depuis ce matin zone alarme a bloqué 51 intrusions, toutes des "entrantes" risque moyen et élevés. si quelqu'un a une idée sur ce que c'est.....

voila: GMER 1.0.12.12086 - http://www.gmer.net Rootkit scan 2007-04-13 02:58:43 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject SSDT sptd.sys ZwEnumerateKey SSDT sptd.sys ZwEnumerateValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile SSDT sptd.sys ZwOpenKey SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread SSDT sptd.sys ZwQueryKey SSDT sptd.sys ZwQueryValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess ---- Kernel code sections - GMER 1.0.12 ---- .text TUKERNEL.EXE!_abnormal_termination + 104 804E2760 12 Bytes [ F0, F1, 70, F5, 80, 54, 71, ... ] ? C:\WINDOWS\system32\drivers\sptd.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ? C:\WINDOWS\System32\Drivers\SPTD8285.SYS Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ? srescan.sys Le fichier spécifié est introuvable. ? C:\WINDOWS\System32\Drivers\dtscsi.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ? C:\WINDOWS\TEMP\mc21.tmp Le fichier spécifié est introuvable. .text ntdll.dll!NtClose 7C91D586 5 Bytes JMP 720342BA .text ntdll.dll!NtCreateProcess 7C91D754 5 Bytes JMP 72034445 .text ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes JMP 72034329 .text ntdll.dll!NtCreateSection 7C91D793 5 Bytes JMP 720342D8 .text TUKERNEL.EXE!_abnormal_termination + 104 804E2760 12 Bytes [ F0, F1, 70, F5, 80, 54, 71, ... ] ---- User code sections - GMER 1.0.12 ---- .text C:\WINDOWS\explorer.exe[268] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\explorer.exe[268] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\explorer.exe[268] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[324] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[324] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[324] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[424] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[424] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[424] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\alg.exe[484] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\alg.exe[484] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\alg.exe[484] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\csrss.exe[540] KERNEL32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\csrss.exe[540] KERNEL32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\winlogon.exe[564] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\winlogon.exe[564] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\services.exe[612] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\services.exe[612] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\lsass.exe[624] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\lsass.exe[624] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[764] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[764] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[824] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[824] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe[836] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe[836] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[916] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[916] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\svchost.exe[916] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[1040] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[1040] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\svchost.exe[1040] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1072] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F08001E .text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1072] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1072] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F05001E .text C:\WINDOWS\system32\spoolsv.exe[1252] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\spoolsv.exe[1252] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\spoolsv.exe[1252] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe[1356] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe[1356] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe[1356] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1408] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1408] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1408] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1424] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1424] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1424] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\FTRTSVC.exe[1476] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\FTRTSVC.exe[1476] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\FTRTSVC.exe[1476] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\nvsvc32.exe[1540] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\nvsvc32.exe[1540] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\nvsvc32.exe[1540] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\slserv.exe[1608] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\slserv.exe[1608] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\slserv.exe[1608] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[1640] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[1640] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\svchost.exe[1640] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\MSN Messenger\usnsvc.exe[1720] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\MSN Messenger\usnsvc.exe[1720] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\MSN Messenger\usnsvc.exe[1720] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\DAEMON Tools\daemon.exe[2124] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\DAEMON Tools\daemon.exe[2124] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\DAEMON Tools\daemon.exe[2124] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2140] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2140] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2140] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe[2148] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe[2148] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe[2148] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2192] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F08001E .text C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2192] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2192] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F05001E .text C:\WINDOWS\system32\ctfmon.exe[2200] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\ctfmon.exe[2200] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\ctfmon.exe[2200] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Windows Media Player\wmpnscfg.exe[2208] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Windows Media Player\wmpnscfg.exe[2208] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Windows Media Player\wmpnscfg.exe[2208] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Messenger\msmsgs.exe[2216] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Messenger\msmsgs.exe[2216] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Messenger\msmsgs.exe[2216] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\PROGRA~1\Wanadoo\TaskBarIcon.exe[2296] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\PROGRA~1\Wanadoo\TaskBarIcon.exe[2296] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\PROGRA~1\Wanadoo\TaskBarIcon.exe[2296] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\svchost.exe[2388] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\svchost.exe[2388] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\svchost.exe[2388] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2492] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2492] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Windows Media Player\wmpnetwk.exe[2492] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\wuauclt.exe[3244] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\wuauclt.exe[3244] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\wuauclt.exe[3244] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\WINDOWS\system32\WISPTIS.EXE[7996] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\WINDOWS\system32\WISPTIS.EXE[7996] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\WISPTIS.EXE[7996] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 27001B60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 27001AD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 27001A50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 27001C10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 27001CC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 27001830 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!SetUnhandledExceptionFilter 7C84479D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ADVAPI32.dll!CryptDeriveKey 77DBA685 7 Bytes JMP 27001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ADVAPI32.dll!CryptDecrypt 77DBA7B1 2 Bytes JMP 27001050 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ADVAPI32.dll!CryptDecrypt + 3 77DBA7B4 4 Bytes [ 24, AF, CC, CC ] .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 270037A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 270032B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!SetWindowRgn 7E39FFB2 7 Bytes JMP 27004AF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!CreateDialogParamW 7E3A7D4F 5 Bytes JMP 27004B90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!SetWindowPlacement 7E3AD84C 5 Bytes JMP 27004A10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 27004CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!TrackPopupMenuEx 7E3ECD28 5 Bytes JMP 27003F70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!send 719F428A 5 Bytes JMP 27008B80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!WSARecv 719F4318 5 Bytes JMP 27008970 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!recv 719F615A 5 Bytes JMP 270087E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!WSASend 719F6233 5 Bytes JMP 27008D00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!closesocket 719F9639 5 Bytes JMP 27008F10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] SHELL32.dll!Shell_NotifyIconW 7CA31B6A 5 Bytes JMP 27002B00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ole32.dll!CoInitializeEx 774BEF6B 5 Bytes JMP 27001D20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ole32.dll!CoRegisterClassObject 774D8720 5 Bytes JMP 27001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WININET.dll!InternetCloseHandle 771BE85D 5 Bytes JMP 27007A40 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WININET.dll!HttpOpenRequestA 771C160A 5 Bytes JMP 27007760 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WININET.dll!InternetReadFile 771C5BAA 5 Bytes JMP 270078C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WININET.dll!HttpSendRequestA 771C7519 5 Bytes JMP 27007990 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Documents and Settings\ANTOINE\Bureau\gmer.exe[9480] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A .text C:\Documents and Settings\ANTOINE\Bureau\gmer.exe[9480] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Documents and Settings\ANTOINE\Bureau\gmer.exe[9480] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A ---- Devices - GMER 1.0.12 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 87397940 Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 87397940 Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F57208A0] vsdatant.sys Device \Driver\USBSTOR \Device00009d IRP_MJ_CREATE 871A0718 Device \Driver\USBSTOR \Device00009d IRP_MJ_CLOSE 871A0718 Device \Driver\USBSTOR \Device00009d IRP_MJ_READ 871A0718 Device \Driver\USBSTOR \Device00009d IRP_MJ_WRITE 871A0718 Device \Driver\USBSTOR \Device00009d IRP_MJ_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device00009d IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device00009d IRP_MJ_POWER 871A0718 Device \Driver\USBSTOR \Device00009d IRP_MJ_SYSTEM_CONTROL 871A0718 Device \Driver\USBSTOR \Device00009d IRP_MJ_PNP 871A0718 Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F57208A0] vsdatant.sys Device \Driver\USBSTOR \Device0000a1 IRP_MJ_CREATE 871A0718 Device \Driver\USBSTOR \Device0000a1 IRP_MJ_CLOSE 871A0718 Device \Driver\USBSTOR \Device0000a1 IRP_MJ_READ 871A0718 Device \Driver\USBSTOR \Device0000a1 IRP_MJ_WRITE 871A0718 Device \Driver\USBSTOR \Device0000a1 IRP_MJ_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a1 IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a1 IRP_MJ_POWER 871A0718 Device \Driver\USBSTOR \Device0000a1 IRP_MJ_SYSTEM_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a1 IRP_MJ_PNP 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_CREATE 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_CLOSE 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_READ 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_WRITE 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_POWER 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_SYSTEM_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a2 IRP_MJ_PNP 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_CREATE 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_CLOSE 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_READ 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_WRITE 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_POWER 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_SYSTEM_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a3 IRP_MJ_PNP 871A0718 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 8739D9C0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 8713B5F0 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_CREATE 871A0718 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_CLOSE 871A0718 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_READ 871A0718 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_WRITE 871A0718 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_POWER 871A0718 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_SYSTEM_CONTROL 871A0718 Device \Driver\USBSTOR \Device0000a4 IRP_MJ_PNP 871A0718 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_NAMED_PIPE 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLOSE 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_WRITE 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_INFORMATION 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_INFORMATION 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_EA 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_EA 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FLUSH_BUFFERS 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_VOLUME_INFORMATION 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_VOLUME_INFORMATION 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DIRECTORY_CONTROL 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FILE_SYSTEM_CONTROL 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CONTROL 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SHUTDOWN 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_LOCK_CONTROL 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLEANUP 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_MAILSLOT 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_SECURITY 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_SECURITY 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_POWER 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SYSTEM_CONTROL 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CHANGE 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_QUOTA 86FD90E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_QUOTA 86FD90E8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 8713B5F0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 8713B5F0 Device \Driver000042 \Device000076 IRP_MJ_POWER [F7707A26] sptd.sys Device \Driver000042 \Device000076 IRP_MJ_SYSTEM_CONTROL [F771BBD8] sptd.sys Device \Driver000042 \Device000076 IRP_MJ_PNP [F771454E] sptd.sys Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 86F5D430 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 86F5D430 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 86F5D430 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 86F5D430 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 86F5D430 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 86F5D430 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 86F5D430 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 86F5D430 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 86F5D430 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 86F5D430 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 86F5D430 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 86F5D430 Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F57208A0] vsdatant.sys Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_PNP 87397B78 Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F57208A0] vsdatant.sys Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_PNP 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_PNP 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_PNP 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_PNP 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_PNP 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_PNP 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_PNP 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_CREATE 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_CLOSE 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_READ 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_WRITE 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_FLUSH_BUFFERS 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_SHUTDOWN 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_POWER 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_SYSTEM_CONTROL 87397B78 Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_PNP 87397B78 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 86E68CD0 Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [F57208A0] vsdatant.sys Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 86E68CD0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 86E68CD0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE_NAMED_PIPE 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLOSE 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_WRITE 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_INFORMATION 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_INFORMATION 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FLUSH_BUFFERS 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_VOLUME_INFORMATION 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_DIRECTORY_CONTROL 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FILE_SYSTEM_CONTROL 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLEANUP 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_SECURITY 86F2AEB0 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_SECURITY 86F2AEB0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 8739D9C0 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 8739D9C0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLOSE 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_WRITE 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_INFORMATION 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_INFORMATION 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_VOLUME_INFORMATION 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_DIRECTORY_CONTROL 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_FILE_SYSTEM_CONTROL 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLEANUP 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE_MAILSLOT 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_SECURITY 8703B2D0 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_SECURITY 8703B2D0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CLOSE 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_POWER 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_PNP 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CLOSE 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DEVICE_CONTROL 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_POWER 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SYSTEM_CONTROL 87025CF0 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_PNP 87025CF0 Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_READ 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 862A4EB0 Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 862A4EB0 Device \FileSystem\Fastfat \Fat FastIoCheckIfPossible EB0B41F9 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 87151BB0 Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 87151BB0 ---- Files - GMER 1.0.12 ---- ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxx\DFSR\Staging\CS{F9B4F942-1124-FF55-BE59-7274983ADFF2}1\12-{F9B4F942-1124-FF55-BE59-7274983ADFF2}-v1-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxx\DFSR\Staging\CS{AA454480-8490-2B4C-CFF6-E47605999B00}1\13-{AA454480-8490-2B4C-CFF6-E47605999B00}-v1-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxx\DFSR\Staging\CS{AA454480-8490-2B4C-CFF6-E47605999B00}\14\12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v14-{EC84D4C7-A419-4B08-954F-14D2CABF6A3A}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxx\DFSR\Staging\CS{AA454480-8490-2B4C-CFF6-E47605999B00}\14\12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v14-{EC84D4C7-A419-4B08-954F-14D2CABF6A3A}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxxxx\DFSR\Staging\CS{AA454480-8490-2B4C-CFF6-E47605999B00}\14\12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v14-{EC84D4C7-A419-4B08-954F-14D2CABF6A3A}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxxx\DFSR\Staging\CS{ED91166C-C1B1-1C4B-6422-435269E614E7}1\10-{ED91166C-C1B1-1C4B-6422-435269E614E7}-v1-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxxxx\DFSR\Staging\CS{ED91166C-C1B1-1C4B-6422-435269E614E7}\21\11-{AF96A77B-98D0-486F-A08C-F45EA1225A24}-v21-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxx\DFSR\Staging\CS{ED91166C-C1B1-1C4B-6422-435269E614E7}\21\11-{AF96A77B-98D0-486F-A08C-F45EA1225A24}-v21-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}1\17-{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}-v1-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}\12\18-{1F9BB6BF-7DD9-4F23-90C4-A0283977F0A6}-v12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}\12\18-{1F9BB6BF-7DD9-4F23-90C4-A0283977F0A6}-v12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}\13\19-{1F9BB6BF-7DD9-4F23-90C4-A0283977F0A6}-v13-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\xxxxxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}\13\19-{1F9BB6BF-7DD9-4F23-90C4-A0283977F0A6}-v13-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ---- EOF - GMER 1.0.12 ---- merci a encore charles !!!

Complete scanning result of "mmc8.exe", received in VirusTotal at 04.13.2007, 02:10:16 (CET). Antivirus Version Update Result AhnLab-V3 2007.4.12.0 04.12.2007 no virus found AntiVir 7.3.1.50 04.12.2007 no virus found Authentium 4.93.8 04.12.2007 no virus found Avast 4.7.936.0 04.11.2007 no virus found AVG 7.5.0.447 04.12.2007 no virus found BitDefender 7.2 04.13.2007 no virus found CAT-QuickHeal 9.00 04.12.2007 no virus found ClamAV devel-20070312 04.12.2007 no virus found DrWeb 4.33 04.12.2007 no virus found eSafe 7.0.15.0 04.12.2007 suspicious Trojan/Worm eTrust-Vet 30.7.3564 04.13.2007 no virus found Ewido 4.0 04.12.2007 no virus found FileAdvisor 1 04.13.2007 no virus found Fortinet 2.85.0.0 04.12.2007 no virus found F-Prot 4.3.2.48 04.12.2007 no virus found F-Secure 6.70.13030.0 04.12.2007 no virus found Ikarus T3.1.1.5 04.12.2007 no virus found Kaspersky 4.0.2.24 04.13.2007 no virus found McAfee 5007 04.12.2007 no virus found Microsoft 1.2405 04.12.2007 no virus found NOD32v2 2185 04.13.2007 no virus found Norman 5.80.02 04.12.2007 no virus found Panda 9.0.0.4 04.12.2007 Suspicious file Prevx1 V2 04.13.2007 no virus found Sophos 4.16.0 04.12.2007 no virus found Sunbelt 2.2.907.0 04.07.2007 no virus found Symantec 10 04.13.2007 no virus found TheHacker 6.1.6.088 04.09.2007 no virus found VBA32 3.11.3 04.12.2007 no virus found VirusBuster 4.3.7:9 04.12.2007 no virus found Webwasher-Gateway 6.0.1 04.12.2007 no virus found voila je passe a la suite

j'ai fait une analyse en ligne avec trend micro, et avec kaspersky, et rien. je vien de faire ce que tu m'as dit et voila le rapport(et merci ) : C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 19:26:08 C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 19:25:24 C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 01:56:13 C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 01:56:00 C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 01:51:58 C:\WINDOWS\System32/drivers\wpdusb.sys -->18/10/2006 21:00:00 C:\WINDOWS\System32/drivers\WudfRd.sys -->28/09/2006 20:00:34 C:\WINDOWS\System32\wpa.dbl -->12/04/2007 20:21:13 C:\WINDOWS\System32\nvapps.xml -->12/04/2007 20:21:08 C:\WINDOWS\System32\vsconfig.xml -->12/04/2007 20:21:05 C:\WINDOWS\System32\zllictbl.dat -->12/04/2007 20:19:05 C:\WINDOWS\System32\Uninstall.ico -->11/04/2007 14:00:17 C:\WINDOWS\System32\Help.ico -->11/04/2007 14:00:17 C:\WINDOWS\System32\pavas.ico -->11/04/2007 14:00:16 C:\WINDOWS\System32\FNTCACHE.DAT -->05/04/2007 07:19:24 C:\WINDOWS\System32\MRT.exe -->03/04/2007 22:48:52 C:\WINDOWS\System32\perfh00C.dat -->25/03/2007 10:55:32 C:\WINDOWS\System32\perfh009.dat -->25/03/2007 10:55:32 C:\WINDOWS\System32\perfc00C.dat -->25/03/2007 10:55:32 C:\WINDOWS\System32\perfc009.dat -->25/03/2007 10:55:31 C:\WINDOWS\System32\PerfStringBackup.INI -->25/03/2007 10:55:30 C:\WINDOWS\System32\winsrv.dll -->17/03/2007 15:44:47 C:\WINDOWS\System32\SETE.tmp -->15/03/2007 18:16:48 C:\WINDOWS\System32\xpsp3res.dll -->09/03/2007 13:51:20 C:\WINDOWS\System32\vsutil_loc040c.dll -->09/03/2007 00:03:04 C:\WINDOWS\System32\imslsp_install_loc040c.dll -->09/03/2007 00:02:58 C:\WINDOWS\System32\imsinstall_loc040c.dll -->09/03/2007 00:02:58 C:\WINDOWS\System32\vsdatant.sys -->09/03/2007 00:02:10 C:\WINDOWS\System32\zpeng24.dll -->09/03/2007 00:01:42 C:\WINDOWS\System32\zlcommdb.dll -->09/03/2007 00:01:32 C:\WINDOWS\System32\zlcomm.dll -->09/03/2007 00:01:30 C:\WINDOWS\System32\vsxml.dll -->09/03/2007 00:01:30 C:\WINDOWS\setupapi.log -->12/04/2007 22:16:16 C:\WINDOWS.log -->12/04/2007 20:21:04 C:\WINDOWS\wiadebug.log -->12/04/2007 20:21:02 C:\WINDOWS\WindowsUpdate.log -->12/04/2007 20:21:01 C:\WINDOWS\wiaservc.log -->12/04/2007 20:20:58 C:\WINDOWS\bootstat.dat -->12/04/2007 20:20:48 C:\WINDOWS\SchedLgU.Txt -->12/04/2007 20:19:43 C:\WINDOWS\spupdsvc.log -->12/04/2007 12:57:39 C:\WINDOWS\ie7_main.log -->12/04/2007 12:53:45 C:\WINDOWS\tsoc.log -->12/04/2007 12:51:05 C:\WINDOWS\ocmsn.log -->12/04/2007 12:51:05 C:\WINDOWS\ocgen.log -->12/04/2007 12:51:05 C:\WINDOWS\ntdtcsetup.log -->12/04/2007 12:51:05 C:\WINDOWS\msgsocm.log -->12/04/2007 12:51:05 C:\WINDOWS\imsins.log -->12/04/2007 12:51:05 C:\WINDOWS\amcap.exe |29/01/2005 17:19:31 C:\WINDOWS\CleanDev.exe |29/01/2005 17:19:31 C:\WINDOWS\enddisk32.exe |31/07/2006 18:52:10 C:\WINDOWS\IsUn040c.exe |16/08/2004 19:25:14 C:\WINDOWS\IsUninst.exe |30/12/2004 16:12:05 C:\WINDOWS\ov519cap.exe |29/01/2005 17:19:31 C:\WINDOWS\PATCH.EXE |13/08/2006 14:05:00 C:\WINDOWS\runtsckl.exe |02/11/2005 19:07:12 C:\WINDOWS\slrundll.exe |01/01/1980 01:00:00 C:\WINDOWS\tsc.exe |13/08/2006 15:15:44 C:\WINDOWS\twunk_16.exe |16/08/2004 18:41:16 C:\WINDOWS\twunk_32.exe |16/08/2004 18:41:16 C:\WINDOWS\unin040c.exe |16/04/2005 12:43:47 C:\WINDOWS\uninst.exe |27/12/2005 16:29:54 C:\WINDOWS\UNNeroBackItUp.exe |12/09/2005 16:13:46 C:\WINDOWS\UNNeroMediaHome.exe |12/09/2005 16:13:46 C:\WINDOWS\UNNeroShowTime.exe |12/09/2005 16:13:46 C:\WINDOWS\UNNeroVision.exe |12/09/2005 16:13:46 C:\WINDOWS\UNRecode.exe |12/09/2005 16:13:46 C:\WINDOWS\unvise32qt.exe |30/12/2004 16:19:15 C:\WINDOWS\zllsputility.exe |12/04/2007 20:17:11 C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20 C:\WINDOWS\BPMNT.dll |13/08/2006 15:15:43 C:\WINDOWS\hcextoutput.dll |13/08/2006 15:15:44 C:\WINDOWS\impborl.dll |26/05/2005 15:52:05 C:\WINDOWS\jRegistryKey.dll |30/12/2004 16:20:09 C:\WINDOWS\loadhttp.dll |15/10/2002 15:29:40 C:\WINDOWS\ov519dib.dll |29/01/2005 17:19:31 C:\WINDOWS\patchw32.dll |14/12/2001 14:34:46 C:\WINDOWS\TMUPDATE.DLL |13/08/2006 14:05:01 C:\WINDOWS\twain.dll |16/08/2004 18:41:16 C:\WINDOWS\twain_32.dll |16/08/2004 18:41:16 C:\WINDOWS\UNZIP.DLL |13/08/2006 14:05:01 C:\WINDOWS\vsapi32.dll |13/08/2006 15:15:43 C:\WINDOWS\WRServices.dll |18/11/2005 02:23:21 C:\WINDOWS\zllsputility_loc040c.dll |12/04/2007 20:17:17 C:\WINDOWS\system32\append.exe |16/08/2004 18:39:57 C:\WINDOWS\system32\aswBoot.exe |15/08/2006 12:39:02 C:\WINDOWS\system32\debug.exe |16/08/2004 18:40:04 C:\WINDOWS\system32\dosx.exe |16/08/2004 18:40:08 C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34 C:\WINDOWS\system32\edlin.exe |16/08/2004 18:40:20 C:\WINDOWS\system32\exe2bin.exe |16/08/2004 18:40:21 C:\WINDOWS\system32\fastopen.exe |16/08/2004 18:40:21 C:\WINDOWS\system32\FTRTSVC.exe |31/07/2006 18:51:18 C:\WINDOWS\system32\IPDETECT.EXE |31/07/2006 18:52:14 C:\WINDOWS\system32\java.exe |10/02/2007 02:36:47 C:\WINDOWS\system32\javaw.exe |10/02/2007 02:36:47 C:\WINDOWS\system32\javaws.exe |10/02/2007 02:36:47 C:\WINDOWS\system32\keystone.exe |30/12/2004 16:13:28 C:\WINDOWS\system32\mem.exe |16/08/2004 18:40:35 C:\WINDOWS\system32\mscdexnt.exe |16/08/2004 18:40:39 C:\WINDOWS\system32\mstdax32.exe |15/08/2006 12:04:04 C:\WINDOWS\system32\NeroCheck.exe |09/07/2001 11:50:42 C:\WINDOWS\system32\nlsfunc.exe |16/08/2004 18:40:48 C:\WINDOWS\system32\nvappbar.exe |30/12/2004 16:13:28 C:\WINDOWS\system32\nvdspsch.exe |30/12/2004 16:13:28 C:\WINDOWS\system32\nvsvc32.exe |01/01/1980 01:00:00 C:\WINDOWS\system32\nvudisp.exe |30/12/2004 16:13:28 C:\WINDOWS\system32\nwiz.exe |30/12/2004 16:13:29 C:\WINDOWS\system32\pxcpya64.exe |20/11/2005 10:50:25 C:\WINDOWS\system32\pxcpyi64.exe |20/11/2005 10:50:25 C:\WINDOWS\system32\pxhpinst.exe |20/11/2005 10:50:24 C:\WINDOWS\system32\pxinsa64.exe |20/11/2005 10:50:24 C:\WINDOWS\system32\pxinsi64.exe |20/11/2005 10:50:25 C:\WINDOWS\system32\redir.exe |16/08/2004 18:41:00 C:\WINDOWS\system32\setver.exe |16/08/2004 18:41:03 C:\WINDOWS\system32\share.exe |16/08/2004 18:41:03 C:\WINDOWS\system32\slrundll.exe |30/12/2004 16:07:12 C:\WINDOWS\system32\slserv.exe |30/12/2004 16:07:12 C:\WINDOWS\system32\unaddrv.exe |31/07/2006 18:52:08 C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48 C:\WINDOWS\system32\ADADIX16.DLL |31/07/2006 18:52:08 C:\WINDOWS\system32\ADADIX2K.DLL |31/07/2006 18:52:08 C:\WINDOWS\system32\adadix32.dll |31/07/2006 18:52:14 C:\WINDOWS\system32\amstream.dll |16/08/2004 18:39:57 C:\WINDOWS\system32\atmfd.dll |16/08/2004 18:39:57 C:\WINDOWS\system32\atmlib.dll |16/08/2004 18:39:57 C:\WINDOWS\system32\CmdLineExt.dll |18/10/2006 17:08:40 C:\WINDOWS\system32\coclassfast.dll |31/07/2006 18:52:10 C:\WINDOWS\system32\compatUI.dll |16/08/2004 18:40:03 C:\WINDOWS\system32\dgrpsetu.dll |16/08/2004 18:55:15 C:\WINDOWS\system32\dgsetup.dll |16/08/2004 18:55:15 C:\WINDOWS\system32\EBPCHP.DLL |30/01/2005 14:18:00 C:\WINDOWS\system32\EBPMON24.DLL |30/01/2005 14:18:00 C:\WINDOWS\system32\ECBTEG.DLL |30/01/2005 14:18:00 C:\WINDOWS\system32\encdec.dll |16/08/2004 18:40:21 C:\WINDOWS\system32\Epcmlib.dll |30/01/2005 14:19:38 C:\WINDOWS\system32\EqnClass.Dll |16/08/2004 18:55:15 C:\WINDOWS\system32\E_DCINST.DLL |30/01/2005 14:18:00 C:\WINDOWS\system32\ffJmpWeb.dll |25/06/2006 11:17:53 C:\WINDOWS\system32\gigagetbho_v10.dll |04/01/2007 23:46:07 C:\WINDOWS\system32\hticons.dll |16/08/2004 19:03:32 C:\WINDOWS\system32\hypertrm.dll |16/08/2004 19:03:05 C:\WINDOWS\system32\iccvid.dll |16/08/2004 18:40:27 C:\WINDOWS\system32\IfHelper.dll |31/07/2006 18:51:20 C:\WINDOWS\system32\imagX7.dll |26/07/2004 17:16:10 C:\WINDOWS\system32\imagXpr7.dll |26/07/2004 17:16:10 C:\WINDOWS\system32\imagXR7.dll |26/07/2004 17:16:10 C:\WINDOWS\system32\imagXRA7.dll |26/07/2004 17:16:10 C:\WINDOWS\system32\impborl.dll |26/05/2005 15:46:28 C:\WINDOWS\system32\imsinstall_loc040c.dll |12/04/2007 20:17:17 C:\WINDOWS\system32\imslsp_install_loc040c.dll |12/04/2007 20:17:17 C:\WINDOWS\system32\Inetwh32.dll |30/12/2004 16:18:46 C:\WINDOWS\system32\ir32_32.dll |07/11/1995 14:46:00 C:\WINDOWS\system32\ir41_qc.dll |22/03/1998 15:34:14 C:\WINDOWS\system32\ir41_qcx.dll |22/03/1998 15:34:14 C:\WINDOWS\system32\ir50_32.dll |17/05/1999 15:12:56 C:\WINDOWS\system32\ir50_lcs.dll |06/11/1997 14:53:30 C:\WINDOWS\system32\ir50_qc.dll |07/10/1998 17:46:18 C:\WINDOWS\system32\ir50_qcx.dll |07/10/1998 17:50:22 C:\WINDOWS\system32\isrdbg32.dll |16/08/2004 19:06:15 C:\WINDOWS\system32\jgaw400.dll |16/08/2004 18:40:31 C:\WINDOWS\system32\jgdw400.dll |16/08/2004 18:40:31 C:\WINDOWS\system32\jgmd400.dll |16/08/2004 18:40:31 C:\WINDOWS\system32\jgpl400.dll |16/08/2004 18:40:31 C:\WINDOWS\system32\jgsd400.dll |16/08/2004 18:40:31 C:\WINDOWS\system32\jgsh400.dll |16/08/2004 18:40:31 C:\WINDOWS\system32\LEXCFI.DLL |21/01/2007 13:20:12 C:\WINDOWS\system32\LEXDRVX.DLL |21/01/2007 13:20:12 C:\WINDOWS\system32\lexlog.dll |21/01/2007 13:20:19 C:\WINDOWS\system32\lfbmp11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lfbmp13n.dll |27/06/2005 18:51:48 C:\WINDOWS\system32\LFCMP11n.DLL |07/06/2002 04:02:00 C:\WINDOWS\system32\lfcmp13n.dll |27/06/2005 18:51:48 C:\WINDOWS\system32\lfeps11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lffax11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lfgif11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lfgif13n.dll |27/06/2005 18:51:49 C:\WINDOWS\system32\lfpcd11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lfpcx11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\Lfpng11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lfpsd11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lftga11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lftif11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\lfwmf11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\libeay32.dll |28/04/2005 06:22:34 C:\WINDOWS\system32\libeay32_0.9.6l.dll |12/04/2007 20:16:58 C:\WINDOWS\system32\LMAAP2BJ.DLL |21/01/2007 13:20:10 C:\WINDOWS\system32\LTDIS11n.dll |07/06/2002 04:02:00 C:\WINDOWS\system32\ltdis13n.dll |27/06/2005 18:51:48 C:\WINDOWS\system32\ltefx13n.dll |27/06/2005 18:51:48 C:\WINDOWS\system32\ltfil11n.DLL |07/06/2002 04:02:00 C:\WINDOWS\system32\ltfil13n.dll |27/06/2005 18:51:48 C:\WINDOWS\system32\ltimg11n.dll |07/06/2002 04:02:02 C:\WINDOWS\system32\ltimg13n.dll |27/06/2005 18:51:48 C:\WINDOWS\system32\ltkrn11n.dll |07/06/2002 04:02:02 C:\WINDOWS\system32\ltkrn13n.dll |27/06/2005 18:51:48 C:\WINDOWS\system32\Ltwvc11n.dll |07/06/2002 04:02:02 C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06 C:\WINDOWS\system32\MMSwitch.dll |15/11/2002 14:11:26 C:\WINDOWS\system32\msdmo.dll |16/08/2004 18:40:40 C:\WINDOWS\system32\msencode.dll |16/08/2004 18:40:40 C:\WINDOWS\system32\NeroCo.dll |16/02/2005 15:18:04 C:\WINDOWS\system32\nv4_disp.dll |30/12/2004 16:06:53 C:\WINDOWS\system32\nvcod.dll |01/01/1980 01:00:00 C:\WINDOWS\system32\nvcodins.dll |01/01/1980 01:00:00 C:\WINDOWS\system32\nvcpl.dll |01/01/1980 01:00:00 C:\WINDOWS\system32\nview.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvmctray.dll |01/01/1980 01:00:00 C:\WINDOWS\system32\nvnt4cpl.dll |01/01/1980 01:00:00 C:\WINDOWS\system32\nvoglnt.dll |01/01/1980 01:00:00 C:\WINDOWS\system32\nvrsar.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrscs.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsda.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsde.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsel.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrseng.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrses.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsesm.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsfi.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsfr.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrshe.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrshu.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsit.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsja.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsko.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsnl.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvrsno.dll |30/12/2004 16:13:30 C:\WINDOWS\system32\nvrspl.dll |30/12/2004 16:13:30 C:\WINDOWS\system32\nvrspt.dll |30/12/2004 16:13:30 C:\WINDOWS\system32\nvrsptb.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvrsru.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvrssk.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvrssl.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvrssv.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvrstr.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvrszhc.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvrszht.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvshell.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwddi.dll |01/01/1980 01:00:00 C:\WINDOWS\system32\nvwdmcpl.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwimg.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsar.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrscs.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsda.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsde.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsel.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrseng.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrses.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsesm.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsfi.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsfr.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrshe.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrshu.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsit.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsja.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsko.dll |30/12/2004 16:13:29 C:\WINDOWS\system32\nvwrsnl.dll |30/12/2004 16:13:30 C:\WINDOWS\system32\nvwrsno.dll |30/12/2004 16:13:30 C:\WINDOWS\system32\nvwrspl.dll |30/12/2004 16:13:30 C:\WINDOWS\system32\nvwrspt.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvwrsptb.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvwrsru.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvwrssk.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvwrssl.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvwrssv.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvwrstr.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvwrszhc.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\nvwrszht.dll |30/12/2004 16:13:31 C:\WINDOWS\system32\ogg.dll |14/12/2002 23:46:02 C:\WINDOWS\system32\oggDS.dll |14/12/2002 23:46:02 C:\WINDOWS\system32\ov519ext.dll |29/01/2005 22:40:49 C:\WINDOWS\system32\ov519usd.dll |29/01/2005 22:40:49 C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16 C:\WINDOWS\system32\PCDLIB32.DLL |07/06/2002 04:02:02 C:\WINDOWS\system32\pncrt.dll |30/12/2004 16:19:00 C:\WINDOWS\system32\pndx5016.dll |30/12/2004 16:19:00 C:\WINDOWS\system32\pndx5032.dll |30/12/2004 16:19:00 C:\WINDOWS\system32\pvmjpg21.dll |12/12/2002 16:33:20 C:\WINDOWS\system32\Px.dll |24/05/2004 16:28:48 C:\WINDOWS\system32\pxafs.dll |12/02/2007 12:22:51 C:\WINDOWS\system32\pxdrv.dll |10/06/2004 02:01:00 C:\WINDOWS\system32\PxMas.dll |24/05/2004 16:26:40 C:\WINDOWS\system32\pxsfs.dll |20/11/2005 10:50:24 C:\WINDOWS\system32\PxWave.dll |24/05/2004 16:26:06 C:\WINDOWS\system32\PXWMA.dll |25/03/2004 11:30:40 C:\WINDOWS\system32\qedwipes.dll |16/08/2004 18:40:58 C:\WINDOWS\system32\qt-dx331.dll |28/04/2005 06:22:38 C:\WINDOWS\system32\rmoc3260.dll |30/12/2004 16:19:01 C:\WINDOWS\system32\roboex32.dll |30/12/2004 16:18:46 C:\WINDOWS\system32\S32EVNT1.DLL |30/12/2004 16:21:52 C:\WINDOWS\system32\sbe.dll |16/08/2004 18:41:02 C:\WINDOWS\system32\slbcsp.dll |16/08/2004 18:41:05 C:\WINDOWS\system32\slbiop.dll |16/08/2004 18:41:05 C:\WINDOWS\system32\slbrccsp.dll |16/08/2004 18:41:05 C:\WINDOWS\system32\slcoinst.dll |30/12/2004 16:07:12 C:\WINDOWS\system32\slextspk.dll |30/12/2004 16:07:12 C:\WINDOWS\system32\SLGen.dll |30/12/2004 16:07:12 C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18 C:\WINDOWS\system32\spxcoins.dll |16/08/2004 18:55:15 C:\WINDOWS\system32\ssleay32.dll |28/04/2005 06:22:34 C:\WINDOWS\system32\stci.dll |20/11/2005 20:48:02 C:\WINDOWS\system32\tsd32.dll |16/08/2004 18:41:16 C:\WINDOWS\system32\TwnLib4.dll |09/07/2004 09:43:56 C:\WINDOWS\system32\umloader.dll |07/01/2004 02:01:00 C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20 C:\WINDOWS\system32\vidx16.dll |29/01/2005 17:15:37 C:\WINDOWS\system32\vorbis.dll |14/12/2002 23:46:02 C:\WINDOWS\system32\vorbisenc.dll |14/12/2002 22:46:04 C:\WINDOWS\system32\vp6vfw.dll |30/08/2004 14:25:24 C:\WINDOWS\system32\vsdata.dll |12/04/2007 20:16:19 C:\WINDOWS\system32\VSFilter.dll |13/08/2004 00:11:14 C:\WINDOWS\system32\vsinit.dll |12/04/2007 20:16:19 C:\WINDOWS\system32\vsmonapi.dll |12/04/2007 20:16:49 C:\WINDOWS\system32\vspubapi.dll |12/04/2007 20:16:49 C:\WINDOWS\system32\vsregexp.dll |12/04/2007 20:16:58 C:\WINDOWS\system32\vsutil.dll |12/04/2007 20:16:19 C:\WINDOWS\system32\vsutil_loc040c.dll |12/04/2007 20:17:17 C:\WINDOWS\system32\vswmi.dll |12/04/2007 20:16:50 C:\WINDOWS\system32\vsxml.dll |12/04/2007 20:16:49 C:\WINDOWS\system32\VXBLOCK.dll |20/05/2004 02:00:00 C:\WINDOWS\system32\W32n50.dll |31/07/2006 18:51:26 C:\WINDOWS\system32\win87em.dll |16/08/2004 18:41:22 C:\WINDOWS\system32\WooDial2000.dll |29/01/2005 13:39:52 C:\WINDOWS\system32\xvidcore.dll |20/12/2004 12:03:26 C:\WINDOWS\system32\xvidvfw.dll |20/12/2004 12:08:28 C:\WINDOWS\system32\zlcomm.dll |12/04/2007 20:16:56 C:\WINDOWS\system32\zlcommdb.dll |12/04/2007 20:16:56 C:\WINDOWS\system32\zpeng24.dll |12/04/2007 20:16:49 Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 9C1D-20C1 Répertoire de C:\WINDOWS\system32 05/08/2004 15:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 83 016 400 896 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 9C1D-20C1 Répertoire de C:\WINDOWS\Downloaded Program Files 12/04/2007 22:16 <REP> . 12/04/2007 22:16 <REP> .. 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 15/11/2001 17:42 325 AxisCamControl.inf 15/11/2001 17:40 221 184 AxisCamControl.ocx 08/11/2001 10:59 192 512 CamCli.dll 16/08/2004 19:08 65 desktop.ini 25/06/2006 13:50 1 793 erma.inf 22/11/2006 23:22 372 736 GAME_UNO1.dll 22/11/2006 20:50 316 GAME_UNO1.INF 14/10/2006 01:16 723 hcImpl.inf 25/10/2006 13:18 385 536 Housecall_ActiveX.dll 18/08/1999 08:54 180 224 ijl11.dll 24/10/2005 18:19 1 665 Interface Chat Voila.osd 02/08/2006 11:24 1 659 Interface Chat Wanadoo.osd 15/09/2004 10:20 740 jinstall-1_5_0.inf 30/01/2007 17:28 902 jinstall-1_5_0_11.inf 08/08/2006 11:45 576 kavwebscan.inf 22/02/2007 23:41 304 544 MessengerStatsPAClient.dll 20/01/2000 16:25 1 162 Microsoft XML Parser for Java.osd 28/02/2007 14:21 130 472 MineSweeper.dll 28/02/2007 14:21 131 472 msgrchkr.dll 08/10/2004 16:01 372 736 MsnPUpld.dll 08/10/2004 16:13 587 MSNPupld.inf 25/11/2005 13:35 63 056 MusicManagerUnInstaller.exe 26/05/2005 04:19 293 muweb.inf 19/06/2002 14:11 117 088 PURen-us.dll 31/05/2002 09:20 117 328 PURfr-fr.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 09/11/2006 15:36 5 019 swflash.inf 29 fichier(s) 2 857 266 octets Total des fichiers listés : 29 fichier(s) 2 857 266 octets 2 Rép(s) 83 016 396 800 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Liste des programmes installes Ad-Aware SE Personal Adobe Flash Player 9 ActiveX Adobe Help Center 2.0 Adobe Photoshop Elements 4.0 Adobe Photoshop Elements 4.0 Adobe Reader 6.0 - Français Archiveur WinRAR Audacity 1.2.4 avast! Antivirus Correctif pour Windows XP (KB914440) Correctif Windows XP - KB834707 Correctif Windows XP - KB867282 Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890047 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB890923 Correctif Windows XP - KB891781 Correctif Windows XP - KB893066 Correctif Windows XP - KB893086 Désinstallation du logiciel Lexmark EA SPORTS online 2007 EPSON Logiciel imprimante EPSON PhotoQuicker3.5 EPSON PRINT Image Framer Tool2.1 EPSON Web-To-Page ESC66 Guide de référence ESC66 Guide des logiciels FEARCombat FIFA 07 GameSpy Arcade Gestionnaire Internet Google Earth HijackThis 1.99.1 Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Format SDK (KB902344) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB926239) J2SE Runtime Environment 5.0 J2SE Runtime Environment 5.0 Update 11 Just Cause Demo 1.00.0000 Kaspersky Online Scanner Lecteur Windows Media 11 Les Indispensables Éducation pour Microsoft Office Little Fighter 2 v1.9 LNF Manager 2002 Messenger Plus! 3 Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Encarta 2007 - Études Microsoft Encarta Maths Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money Microsoft Motocross Madness 2 Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 Microsoft Office Standard Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Works 7.0 Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) Mise à jour de sécurité pour Windows XP (KB883939) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB896688) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899588) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB903235) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911280) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923694) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925454) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928090) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929969) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour Encarta_Les Indispensables Éducation Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB896727) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB904942) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB929338) Mise à jour pour Windows XP (KB931836) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA MSXML 4.0 SP2 (KB927978) MSXML 6.0 Parser (KB927977) Navigateur Orange Need for Speed™ Most Wanted Nero 7 Demo PhotoFiltre Poolster 1.1 SAGEM F@st 800-840 SLD Codec Pack Sonic MyDVD Sonic RecordNow! Trust 320 SpaceCam TuneUp Utilities 2006 Wanadoo Wanadoo Messager WebFldrs XP Winamp (remove only) Windows Installer 3.1 (KB893803) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Live Messenger Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 ZoneAlarm Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 9C1D-20C1 Répertoire de C:\Program Files 12/04/2007 20:16 <REP> . 12/04/2007 20:16 <REP> .. 20/11/2005 10:54 <REP> Adobe 15/08/2006 12:39 <REP> Alwil Software 30/12/2004 16:11 <REP> AMD 02/03/2006 18:23 <REP> Audacity 04/01/2006 17:06 <REP> BoontyGames 16/08/2004 19:05 <REP> ComPlus Applications 04/01/2007 19:01 <REP> cube_2004_05_22 30/12/2004 16:23 <REP> CyberLink 09/06/2006 14:55 <REP> DAEMON Tools 29/01/2005 17:12 <REP> directx 12/06/2006 08:32 <REP> EA GAMES 26/11/2006 21:22 <REP> EA SPORTS 18/10/2006 16:48 <REP> Eidos 21/01/2007 13:16 <REP> EPSON 12/02/2007 03:20 <REP> ewido anti-spyware 4.0 11/02/2007 18:11 <REP> Fichiers communs 17/02/2007 20:25 <REP> GameSpy Arcade 04/01/2007 23:46 <REP> Giganology 22/02/2006 23:09 <REP> Google 11/04/2007 15:10 <REP> HijackThis 12/04/2007 12:57 <REP> Internet Explorer 27/12/2005 16:30 <REP> J.H.C. SoftWare 10/02/2007 02:36 <REP> Java 13/08/2006 13:20 <REP> Lavasoft 12/04/2007 12:09 <REP> Learning Essentials 21/01/2007 13:20 <REP> Lexmark 21/01/2007 13:20 <REP> Lexmark_HostCD 21/01/2006 12:28 <REP> LittleFighter2 14/01/2006 20:08 <REP> Messenger 27/06/2005 21:55 <REP> Messenger Plus! 3 13/03/2007 17:33 <REP> Messenger Plus! Live 26/12/2006 12:54 <REP> MessengerPlus! 3 24/01/2007 22:03 <REP> Microsoft Etudes 16/08/2004 19:11 <REP> microsoft frontpage 26/04/2006 18:08 <REP> Microsoft Games 22/12/2005 16:21 <REP> Microsoft Money 2005 20/02/2005 12:58 <REP> microsoft office 14/01/2006 20:08 <REP> Microsoft Works 30/12/2004 16:28 <REP> Microsoft.NET 16/08/2004 19:06 <REP> Movie Maker 01/06/2005 21:07 <REP> MSN 16/08/2004 19:03 <REP> MSN Gaming Zone 22/03/2007 18:45 <REP> MSN Messenger 19/11/2006 12:57 <REP> MSXML 4.0 20/11/2005 12:14 <REP> Nero 26/09/2006 18:00 <REP> NetMeeting 16/12/2006 05:21 <REP> Outlook Express 19/03/2006 15:57 <REP> PhotoFiltre 11/05/2006 18:52 <REP> Pro Pinball 30/12/2004 16:19 <REP> QuickTime 30/12/2004 16:19 <REP> Real 21/11/2005 10:01 <REP> RegCleaner 31/07/2006 18:52 <REP> SAGEM 21/02/2007 23:19 <REP> Securitoo 16/08/2004 19:07 <REP> Services en ligne 03/02/2007 22:38 <REP> Shareaza 06/01/2007 00:38 <REP> Sierra 11/02/2007 17:53 <REP> SLD Codec Pack 20/11/2005 22:22 <REP> Softwin 30/12/2004 16:29 <REP> Sonic 12/02/2007 03:18 <REP> Sudoku Ace 20/11/2005 22:06 <REP> TGTSoft 29/01/2005 22:40 <REP> Trust 320 SpaceCam 18/11/2005 22:30 <REP> TuneUp Utilities 2006 20/12/2006 15:11 <REP> VideoLAN 30/12/2004 16:19 <REP> Viewpoint 16/05/2006 17:27 <REP> Virgin Interactive Entertainment 12/04/2007 23:26 <REP> Wanadoo 21/01/2007 12:35 <REP> Wanadoo Messager 12/02/2007 12:40 <REP> Winamp 21/01/2007 12:35 <REP> Windows Media Connect 2 08/12/2006 22:45 <REP> Windows Media Player 16/08/2004 19:03 <REP> Windows NT 18/11/2005 20:55 <REP> WinRAR 16/08/2004 19:11 <REP> xerox 15/01/2006 17:05 <REP> xp-smart 12/04/2007 20:16 <REP> Zone Labs 0 fichier(s) 0 octets 79 Rép(s) 83 015 307 264 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 9C1D-20C1 Répertoire de C:\Program Files\fichiers communs 11/02/2007 18:11 <REP> . 11/02/2007 18:11 <REP> .. 20/11/2005 10:54 <REP> Adobe 20/11/2005 12:17 <REP> Ahead 18/11/2005 02:06 <REP> AOL 04/01/2006 17:00 <REP> BOONTY Shared 30/12/2004 16:28 <REP> DESIGNER 18/11/2005 23:50 <REP> InstallShield 13/08/2006 14:07 <REP> Java 12/04/2007 12:39 <REP> Microsoft Shared 16/08/2004 19:06 <REP> MSSoap 11/02/2007 18:11 <REP> NSV 30/12/2004 16:19 <REP> Nullsoft 16/08/2004 18:57 <REP> ODBC 30/12/2004 16:24 <REP> Real 13/07/2005 13:13 <REP> SC Test Branding 1 Shared 16/08/2004 19:06 <REP> Services 15/08/2006 11:11 <REP> Softwin 30/12/2004 16:29 <REP> Sonic Shared 16/08/2004 18:56 <REP> SpeechEngines 30/12/2004 16:25 <REP> SureThing Shared 20/11/2005 13:17 <REP> Symantec Shared 16/12/2006 05:21 <REP> System 30/12/2004 16:24 <REP> xing shared 0 fichier(s) 0 octets 24 Rép(s) 83 015 307 264 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 9C1D-20C1 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 30/12/2004 16:28 <REP> . 30/12/2004 16:28 <REP> .. 30/12/2004 16:28 <REP> 1033 30/12/2004 16:28 <REP> 1036 11/07/2003 11:15 1 292 872 MSONSEXT.DLL 15/07/2003 07:52 35 896 MSOSV.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 11/07/2003 03:25 80 448 PKMWS.DLL 5 fichier(s) 1 659 186 octets 4 Rép(s) 83 015 307 264 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est 9C1D-20C1 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 08/08/2006 20:10 7 680 mmc8.exe 3 fichier(s) 179 200 octets 0 Rép(s) 83 015 307 264 octets libres c:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe c:\Documents and Settings\ANTOINE\.housecall6.6\getMac.exe c:\Documents and Settings\ANTOINE\.housecall6.6\patch.exe c:\Documents and Settings\ANTOINE\.housecall6.6\tsc.exe c:\Documents and Settings\ANTOINE\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\diff.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\grep.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\streams.exe c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\[email protected]\Sharing Folders\[email protected]\MsgPlus-363.exe c:\Documents and Settings\ANTOINE\Local Settings\Temp\AutoRun.exe c:\Documents and Settings\ANTOINE\Local Settings\Temporary Internet Files\Content.IE5\GXEB01YF\PoolmUp[2]\PoolSetup\PoolSetup.exe c:\Documents and Settings\ANTOINE\Local Settings\Temporary Internet Files\Content.IE5\V81OSMP5\search[1].exe&meta= c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\shareaza_2.2.3.0.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\antivir_workstation_win7u_en_h.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\audacity-win-1.2.4b.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\guide.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\justcausedemo.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lf2_v19.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\photofiltre.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\Shareaza_2.1.4.0.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\steaminstall.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\sudokuace.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\windows2000-kb823980-x86-fra.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\windowsxp-kb823980-x86-fra.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\xmoto-0.1.16-win32-setup.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\zonealarm_zone_alarm_version_gratuite_7.0.337.000_francais_10494.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\guide_v19\guide.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\bsplayer216.945_clip.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\divx521me98.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\divxinstaller.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\french_translated.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\gdivx1.9.9.5.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\media-player-classic_media_player_classic_6.4.9.0b_9x_me_.exe_francais_11019.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\mp71.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\mpsetup.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\sld.codec.pack.2.2.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\vlc-0.8.6-win32.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\winamp291.exe c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\winamp532_full.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\ANTOINE\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll et maintenant??