pikducoin
-
Compteur de contenus
168 -
Inscription
-
Dernière visite
Tout ce qui a été posté par pikducoin
-
infection --> rootkit?
pikducoin a répondu à un(e) sujet de pikducoin dans Analyses et éradication malwares
euhh.. sa a fait un double poste ou quoi? oui sa a l'air d'^tre le meme pourtant j'ai posté qu'un fois... -
infection --> rootkit?
pikducoin a répondu à un(e) sujet de pikducoin dans Analyses et éradication malwares
voila le rapport HJT quand meme: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 17:54:03, on 20/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\program files\softwin\bitdefender9\bdnagent.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE C:\Program Files\Saitek\Software\Profiler.exe C:\Program Files\Saitek\Software\SaiMfd.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\TaskbarEx\TaskbarEx.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Logitech\QuickCam10\COCIManager.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\vincent dacharry\Menu Démarrer\Bureau\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88" O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [saiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [E06FXLRD_14416796] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - Startup: Raccourci vers TaskbarEx.lnk = C:\Program Files\TaskbarEx\TaskbarEx.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 10616 bytes -
bonsoir un membre de ma famille a un problème: son antivirus bitdefender s'est désactivé tout seul... j'ai passé des scan et nettoyé un peu son pc J'ai installé avast --> lui aussi est bloqué J'ai installé antivir --> pareil J'ai fait un scan avect Panda et il m'a trouvé quelques virus, des espion et un rootkit voila le rapport Incident Statut Analyse Spyware:Cookie/Cgi-bin No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@cgi-bin[1].txt Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@com[1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@fe.lea.lycos[1].txt Spyware:Cookie/GoStats No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@gostats[2].txt Spyware:Cookie/Go No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@go[1].txt Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@toplist[1].txt Spyware:Cookie/myaffiliateprogram No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@www.myaffiliateprogram[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@xiti[1].txt Spyware:Cookie/Yadro No Désinfecté C:\Documents and Settings\vincent dacharry\Cookies\vincent dacharry@yadro[1].txt Adware:Adware/Lop No Désinfecté C:\Documents and Settings\vincent dacharry\Local Settings\Temp\msgpl_0f78.tmp\spinstall.exe Adware:Adware/Lop No Désinfecté C:\Documents and Settings\vincent dacharry\Local Settings\Temp\msgpl_5c72.tmp\spinstall.exe Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\vincent dacharry\Menu Démarrer\Bureau\antivirus\SDFix.exe[sDFix\apps\Process.exe] Virus:Trj/Mitglieder.OF Virus:W32/Bagle.NJ.worm Désinfecté C:\WINDOWS\exefld\534626062.exe Virus:Trj/Mitglieder.OF Désinfecté C:\WINDOWS\system32\flec003.exe Virus:Trj/Mitglieder.OF Désinfecté C:\WINDOWS\system32\hldrrr.exe Virus:W32/Bagle.NJ.worm Désinfecté C:\WINDOWS\system32\wintems.exe Virus:Trj/Mitglieder.OF Désinfecté E:\mes documents\Mes fichiers reçus\Nouveau PowerArchiver ZIP File.zip[key.exe] Comment dois-je procéder pour nettoyer son pc J'ai fait un rapport HJT mais il n'a rien trouvé de néfaste Merci à tous par avance
-
navilog: Search Navipromo version 2.0.3 commencé le 20/06/2007 à 16:05:20.39 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\InternetGameBox trouvé ! *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\PIF\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR ====================================== Copyright 2005-2006 F-Secure Corporation. All rights reserved. This is a beta version. It will expire on 1st of April, 2007. Version information: 2.2.1061. [+] Started on 06/20/07 at 16:05:22. [+] Initializing ... [+] Starting scan, press Ctrl-C to abort. [+] Scanning for hidden items .................................................. [+] Scan complete. [+] Summary: 0 hidden item(s) found, 0 scheduled for renaming. [+] Exited on 06/20/07 at 16:08:51 (return code = 0). *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control HKEY_CURRENT_USER\Software\Lanconfig trouvé ! HKEY_USERS\S-1-5-21-1606980848-1383384898-1343024091-1003\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * C:\WINDOWS\system32\myeufal.dat trouvé ! ** C:\WINDOWS\system32\myeufal.dat trouvé ! *** **** C:\WINDOWS\system32\myeufal_navps.dat trouvé ! ***** C:\WINDOWS\system32\myeufal_nav.dat trouvé ! ****** ******* ******** *** Analyse Terminé le 20/06/2007 à 16:09:45.50 ***
-
rapport analyse online : http://www.mediafire.com/?5xhg10bdtls
-
Je posterais la suite après ça va être long j'ai deux disques dur
-
OK c'est en cours merci encore rapport: DiagHelp version v1.1.2 - http://www.malekal.com excute le 20/06/2007 à 12:47:12.34 Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\ativvpxx.vp -->02/02/2007 22:48:07 C:\WINDOWS\System32/drivers\ati2mtag.sys -->02/02/2007 22:03:25 C:\WINDOWS\System32/drivers\ati2erec.dll -->02/02/2007 21:35:12 C:\WINDOWS\System32/drivers\ativcaxx.vp -->19/01/2007 22:35:53 C:\WINDOWS\System32/drivers\ativcaxx.cpa -->19/01/2007 22:35:53 C:\WINDOWS\System32/drivers\WudfRd.sys -->28/09/2006 20:00:34 C:\WINDOWS\System32/drivers\WudfPf.sys -->28/09/2006 19:55:50 C:\WINDOWS\System32\perfh00C.dat -->20/06/2007 12:37:46 C:\WINDOWS\System32\perfc00C.dat -->20/06/2007 12:37:46 C:\WINDOWS\System32\PerfStringBackup.INI -->20/06/2007 12:37:45 C:\WINDOWS\System32\perfh009.dat -->20/06/2007 12:37:45 C:\WINDOWS\System32\perfc009.dat -->20/06/2007 12:37:45 C:\WINDOWS\System32\wpa.dbl -->20/06/2007 12:33:34 C:\WINDOWS\System32\KGyGaAvL.sys -->19/06/2007 19:55:06 C:\WINDOWS\System32\wpa.bak -->19/06/2007 19:08:43 C:\WINDOWS\System32\FNTCACHE.DAT -->19/06/2007 18:58:44 C:\WINDOWS\System32\$winnt$.inf -->19/06/2007 18:57:45 C:\WINDOWS\System32\nscompat.tlb -->19/06/2007 18:51:39 C:\WINDOWS\System32\amcompat.tlb -->19/06/2007 18:51:39 C:\WINDOWS\System32\WindowsLogon.manifest -->19/06/2007 18:49:57 C:\WINDOWS\System32\logonui.exe.manifest -->19/06/2007 18:49:57 C:\WINDOWS\System32\wuaucpl.cpl.manifest -->19/06/2007 18:49:47 C:\WINDOWS\System32\sapi.cpl.manifest -->19/06/2007 18:49:47 C:\WINDOWS\System32\nwc.cpl.manifest -->19/06/2007 18:49:47 C:\WINDOWS\System32\ncpa.cpl.manifest -->19/06/2007 18:49:47 C:\WINDOWS\System32\cdplayer.exe.manifest -->19/06/2007 18:49:47 C:\WINDOWS\System32\emptyregdb.dat -->19/06/2007 18:48:02 C:\WINDOWS\System32\SaiC5F0D-31AD3141-A181-4D4F-A8A4-2DE371EBE661.pr0 -->17/06/2007 19:29:35 C:\WINDOWS\System32\CmdLineExt.dll -->14/06/2007 22:10:29 C:\WINDOWS\System32\MRT.exe -->06/06/2007 08:38:41 C:\WINDOWS\System32\MZARC2DRV.OTR -->28/05/2007 21:47:16 C:\WINDOWS\System32\CmdLineExt03.dll -->28/05/2007 09:37:46 C:\WINDOWS\WindowsUpdate.log -->20/06/2007 12:39:18 C:\WINDOWS\wiadebug.log -->20/06/2007 12:33:32 C:\WINDOWS\wiaservc.log -->20/06/2007 12:33:26 C:\WINDOWS.log -->20/06/2007 12:33:26 C:\WINDOWS\bootstat.dat -->20/06/2007 12:33:11 C:\WINDOWS\ntbtlog.txt -->20/06/2007 12:26:33 C:\WINDOWS\SchedLgU.Txt -->20/06/2007 12:24:59 C:\WINDOWS\QTFont.qfn -->19/06/2007 19:55:23 C:\WINDOWS\setupapi.log -->19/06/2007 19:33:35 C:\WINDOWS\wmsetup.log -->19/06/2007 19:08:59 C:\WINDOWS\setuplog.txt -->19/06/2007 19:08:50 C:\WINDOWS\comsetup.log -->19/06/2007 19:06:32 C:\WINDOWS\tsoc.log -->19/06/2007 18:57:45 C:\WINDOWS\tabletoc.log -->19/06/2007 18:57:45 C:\WINDOWS\setupact.log -->19/06/2007 18:57:45 Le volume dans le lecteur C s'appelle Disque Local XP Le numéro de série du volume est 7C86-0C44 Répertoire de C:\WINDOWS\system32 05/08/2004 14:00 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 205 876 862 976 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Disque Local XP Le numéro de série du volume est 7C86-0C44 Répertoire de C:\WINDOWS\Downloaded Program Files 13/04/2007 20:41 <REP> . 13/04/2007 20:41 <REP> .. 18/04/2006 16:04 273 728 AdVerifierADP.dll 02/09/2006 15:48 941 056 asquared.ocx 22/08/2006 20:16 <REP> CONFLICT.1 04/05/2006 13:56 516 CTPID.inf 04/05/2006 13:57 32 768 CTPID.ocx 23/06/2005 15:53 523 CTSUEng.inf 22/06/2005 18:37 225 280 CTSUEng.ocx 19/06/2007 18:49 65 desktop.ini 25/07/2002 17:13 24 576 dwusplay.dll 25/07/2002 17:13 196 608 dwusplay.exe 29/03/2005 14:06 2 011 ESTPTEST.INF 22/11/2006 23:22 372 736 GAME_UNO1.dll 22/11/2006 20:50 316 GAME_UNO1.INF 05/03/2005 16:59 1 706 800 gdiplus.dll 05/03/2005 16:59 283 296 IDrop.ocx 05/03/2005 16:59 114 848 IDropENU.dll 25/07/2002 17:05 172 032 isusweb.dll 29/05/2003 15:00 160 864 messengerstatsclient.dll 22/02/2007 23:41 304 544 MessengerStatsPAClient.dll 26/05/2005 04:19 293 muweb.inf 29/06/2005 17:17 227 opuc.inf 03/06/2002 17:53 144 QTPlugin.inf 09/11/2006 15:36 5 019 swflash.inf 09/09/2006 20:57 <REP> TriJinx.1.0.0.67 11/08/2006 16:03 144 992 TriJinx.1.0.0.67.dll 11/08/2006 16:03 363 TriJinx.1.0.0.67.inf 05/03/2005 16:59 114 688 vizable.ocx 31/01/2005 23:26 117 800 ZIntro.ocx 26 fichier(s) 5 196 093 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 22/08/2006 20:16 <REP> . 22/08/2006 20:16 <REP> .. 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 09/09/2006 20:57 <REP> assets 09/09/2006 20:57 <REP> screens 11/08/2006 16:01 23 852 strings.xml 11/08/2006 16:03 1 062 496 TriJinx.exe 2 fichier(s) 1 086 348 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 09/09/2006 20:57 <REP> audio 09/09/2006 20:57 <REP> backgrounds 09/09/2006 20:57 <REP> beetles 09/09/2006 20:57 <REP> buttons 09/09/2006 20:57 <REP> characters 11/08/2006 16:01 6 787 crackedstopper.png 11/08/2006 16:01 462 cursor.png 11/08/2006 16:01 128 doorlights.txt 09/09/2006 20:57 <REP> fonts 11/08/2006 16:01 7 475 greybomb.png 09/09/2006 20:57 <REP> helptips 09/09/2006 20:57 <REP> levels 09/09/2006 20:57 <REP> models 11/08/2006 16:01 515 p1icon.png 09/09/2006 20:57 <REP> scenes 11/08/2006 16:01 4 643 scorecloud.png 11/08/2006 16:01 76 setup.xml 09/09/2006 20:57 <REP> sfx 09/09/2006 20:57 <REP> splash 09/09/2006 20:57 <REP> statues 11/08/2006 16:01 7 151 stopper.png 11/08/2006 16:01 5 078 timer.png 11/08/2006 16:01 4 808 timerglow.png 11/08/2006 16:01 3 552 timericon.png 11/08/2006 16:01 296 tm.png 09/09/2006 20:57 <REP> trails 09/09/2006 20:57 <REP> triangles 09/09/2006 20:57 <REP> upsell 09/09/2006 20:57 <REP> urns 11/08/2006 16:01 6 955 warning.png 13 fichier(s) 47 926 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 09/09/2006 20:57 <REP> music 09/09/2006 20:57 <REP> sfx 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\music 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 58 345 mainmenumusic.ogg 1 fichier(s) 58 345 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\audio\sfx 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 11 470 areabomb.ogg 11/08/2006 16:01 6 314 beetlezap.ogg 11/08/2006 16:01 18 873 bonusrow.ogg 11/08/2006 16:01 3 679 bonustimer.ogg 11/08/2006 16:01 7 419 bucketfilled.ogg 11/08/2006 16:01 7 588 clearpyramid.ogg 11/08/2006 16:01 4 026 cleartriangle1a.ogg 11/08/2006 16:01 4 504 cleartriangle1b.ogg 11/08/2006 16:01 6 018 cleartriangle1c.ogg 11/08/2006 16:01 5 975 cleartriangle2a.ogg 11/08/2006 16:01 6 505 cleartriangle2b.ogg 11/08/2006 16:01 6 650 cleartriangle2c.ogg 11/08/2006 16:01 5 790 colorchain.ogg 11/08/2006 16:01 3 832 dialogbox.ogg 11/08/2006 16:01 10 260 drumbeat.ogg 11/08/2006 16:01 6 948 fillrow.ogg 11/08/2006 16:01 9 802 gateopen.ogg 11/08/2006 16:01 3 332 helptip.ogg 11/08/2006 16:01 5 079 powerup.ogg 11/08/2006 16:01 3 884 rotateboardleft.ogg 11/08/2006 16:01 9 959 timerup.ogg 11/08/2006 16:01 4 914 warning.ogg 11/08/2006 16:01 6 398 warning2.ogg 23 fichier(s) 159 219 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\backgrounds 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 1 306 artifacts-bb.png 11/08/2006 16:01 1 314 bar.jpg 11/08/2006 16:01 38 908 chamber0.jpg 11/08/2006 16:01 29 882 chamber1.jpg 11/08/2006 16:01 11 630 circledoor.jpg 11/08/2006 16:01 21 197 full_screen_dialog.jpg 11/08/2006 16:01 1 854 global-hs-bb_large.png 11/08/2006 16:01 1 137 global-hs-bb_small.png 11/08/2006 16:01 1 092 help-bb_large.png 11/08/2006 16:01 889 help-bb_small.png 11/08/2006 16:01 9 727 hexfield.jpg 11/08/2006 16:01 2 511 hidden-artifact_icon.png 11/08/2006 16:01 17 358 large_dialog.jpg 11/08/2006 16:01 2 485 local-hs-bb.png 11/08/2006 16:01 45 580 mainmenu.jpg 11/08/2006 16:01 9 737 small_dialog.jpg 11/08/2006 16:01 208 textfield.png 11/08/2006 16:01 10 796 trifield.jpg 18 fichier(s) 207 611 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\beetles 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 1 122 beetlehover1.png 11/08/2006 16:01 1 195 beetlehover2.png 11/08/2006 16:01 1 878 beetlehover3.png 11/08/2006 16:01 1 872 beetlehover4.png 11/08/2006 16:01 471 beetleshock1.png 11/08/2006 16:01 646 beetleshock2.png 11/08/2006 16:01 759 beetleshock3.png 11/08/2006 16:01 477 beetleshock4.png 11/08/2006 16:01 812 beetletatoo.png 11/08/2006 16:01 942 dirt.png 11/08/2006 16:01 4 015 scarabpost.png 11/08/2006 16:01 3 315 scarabpostovr.png 11/08/2006 16:01 1 538 tritop.png 13 fichier(s) 19 042 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\buttons 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 2 050 arrowdown_down.png 11/08/2006 16:01 2 105 arrowdown_over.png 11/08/2006 16:01 2 093 arrowdown_up.png 11/08/2006 16:01 4 220 arrowleft_down.png 11/08/2006 16:01 4 335 arrowleft_over.png 11/08/2006 16:01 4 305 arrowleft_up.png 11/08/2006 16:01 4 210 arrowright_down.png 11/08/2006 16:01 4 342 arrowright_over.png 11/08/2006 16:01 4 309 arrowright_up.png 11/08/2006 16:01 2 022 arrowup_down.png 11/08/2006 16:01 2 082 arrowup_over.png 11/08/2006 16:01 2 064 arrowup_up.png 11/08/2006 16:01 2 009 bluearrowleft_down.png 11/08/2006 16:01 2 052 bluearrowleft_over.png 11/08/2006 16:01 2 025 bluearrowleft_up.png 11/08/2006 16:01 2 014 bluearrowright_down.png 11/08/2006 16:01 2 045 bluearrowright_over.png 11/08/2006 16:01 2 029 bluearrowright_up.png 11/08/2006 16:01 1 660 checkdown.png 11/08/2006 16:01 471 checkup.png 11/08/2006 16:01 5 876 long_button_down.png 11/08/2006 16:01 6 090 long_button_over.png 11/08/2006 16:01 6 209 long_button_up.png 11/08/2006 16:01 3 637 orange-button_down.png 11/08/2006 16:01 3 601 orange-button_over.png 11/08/2006 16:01 3 769 orange-button_up.png 11/08/2006 16:01 2 674 rotleft_down.png 11/08/2006 16:01 2 526 rotleft_over.png 11/08/2006 16:01 2 718 rotleft_up.png 11/08/2006 16:01 2 667 rotright_down.png 11/08/2006 16:01 2 462 rotright_over.png 11/08/2006 16:01 2 721 rotright_up.png 11/08/2006 16:01 4 144 simplebutton_down.png 11/08/2006 16:01 4 142 simplebutton_over.png 11/08/2006 16:01 4 198 simplebutton_up.png 11/08/2006 16:01 1 560 sliderknob.png 11/08/2006 16:01 1 486 sliderknobover.png 11/08/2006 16:01 2 648 sliderrail.png 38 fichier(s) 115 570 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 09/09/2006 20:57 <REP> anwar 09/09/2006 20:57 <REP> bast 09/09/2006 20:57 <REP> kristine 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\anwar 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 09/09/2006 20:57 <REP> look 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\anwar\look 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 2 732 pl0001.png 1 fichier(s) 2 732 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\bast 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 09/09/2006 20:57 <REP> look 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\bast\look 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 1 597 bl0001.png 1 fichier(s) 1 597 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\kristine 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 09/09/2006 20:57 <REP> look 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\characters\kristine\look 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 2 391 kl0001.png 1 fichier(s) 2 391 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\fonts 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 22 610 jackarmstrong.mvec 11/08/2006 16:01 21 161 lithos.mvec 2 fichier(s) 43 771 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\helptips 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 1 527 arrowkeys.png 11/08/2006 16:01 7 723 helptip.jpg 2 fichier(s) 9 250 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\levels 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 3 356 levels.dat 1 fichier(s) 3 356 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\models 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 5 744 disk.mesh 11/08/2006 16:01 62 equilateraltriangle.mesh 11/08/2006 16:01 62 flattri.mesh 11/08/2006 16:01 212 pyramid.mesh 11/08/2006 16:01 84 quad.mesh 11/08/2006 16:01 112 rotatingpyramid.mesh 11/08/2006 16:01 216 scarabpanel.mesh 7 fichier(s) 6 492 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\scenes 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 161 page1-0.xml 11/08/2006 16:01 361 page1-1.xml 11/08/2006 16:01 49 660 panel1-0-1.png 11/08/2006 16:01 41 803 panel1-1-1.png 4 fichier(s) 91 985 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\sfx 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 1 428 areashockwave.png 11/08/2006 16:01 4 775 bolt_1.png 11/08/2006 16:01 4 820 bolt_2.png 11/08/2006 16:01 4 853 bolt_3.png 11/08/2006 16:01 4 659 bolt_4.png 11/08/2006 16:01 2 941 bolt_starter.png 11/08/2006 16:01 2 618 bolt_tail.png 11/08/2006 16:01 6 843 flash.png 11/08/2006 16:01 326 rubble.png 11/08/2006 16:01 4 277 smoke.png 11/08/2006 16:01 4 336 smoke2.png 11/08/2006 16:01 4 389 smoke3.png 12 fichier(s) 46 265 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\splash 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 7 620 aol_logo.png 11/08/2006 16:01 58 873 playfirst_logo.jpg 2 fichier(s) 66 493 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\statues 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 09/09/2006 20:57 <REP> statue0 09/09/2006 20:57 <REP> statue1 0 fichier(s) 0 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\statues\statue0 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 4 210 snake_dirty.png 1 fichier(s) 4 210 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\statues\statue1 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 3 583 arm01_dirty.png 11/08/2006 16:01 5 723 mask01_1.png 11/08/2006 16:01 12 278 statue01_dirty.jpg 3 fichier(s) 21 584 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\trails 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 1 074 mouseblue1.png 11/08/2006 16:01 858 mouseblue2.png 11/08/2006 16:01 334 mouseblue3.png 11/08/2006 16:01 1 102 mousegreen1.png 11/08/2006 16:01 817 mousegreen2.png 11/08/2006 16:01 670 mousegreen3.png 11/08/2006 16:01 1 191 mousered1.png 11/08/2006 16:01 931 mousered2.png 11/08/2006 16:01 575 mousered3.png 11/08/2006 16:01 1 197 mouseyellow1.png 11/08/2006 16:01 818 mouseyellow2.png 11/08/2006 16:01 334 mouseyellow3.png 12 fichier(s) 9 901 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 2 411 areabomb.png 11/08/2006 16:01 2 736 areabombrollover.png 11/08/2006 16:01 2 882 blue.png 11/08/2006 16:01 2 666 bluerollover.png 11/08/2006 16:01 1 126 boardfill.png 11/08/2006 16:01 2 995 brick.png 11/08/2006 16:01 2 902 brick1.png 11/08/2006 16:01 2 427 brick2.png 11/08/2006 16:01 926 brick3.png 11/08/2006 16:01 522 bricktip.png 09/09/2006 20:57 <REP> clearanim 11/08/2006 16:01 1 108 eye1.png 11/08/2006 16:01 1 116 eye2.png 11/08/2006 16:01 1 059 eye3.png 11/08/2006 16:01 1 103 eye4.png 11/08/2006 16:01 2 782 green.png 11/08/2006 16:01 2 822 greenrollover.png 11/08/2006 16:01 2 305 plain_tri-blue.png 11/08/2006 16:01 2 002 plain_tri-bluerollover.png 11/08/2006 16:01 2 410 plain_tri-green.png 11/08/2006 16:01 2 137 plain_tri-greenrollover.png 11/08/2006 16:01 2 455 plain_tri-red.png 11/08/2006 16:01 2 095 plain_tri-redrollover.png 11/08/2006 16:01 2 540 plain_tri-yellow.png 11/08/2006 16:01 2 245 plain_tri-yellowrollover.png 11/08/2006 16:01 2 670 red.png 11/08/2006 16:01 1 944 redrollover.png 11/08/2006 16:01 2 910 wild.png 11/08/2006 16:01 2 874 wildrollover.png 11/08/2006 16:01 2 898 yellow.png 11/08/2006 16:01 2 893 yellowrollover.png 30 fichier(s) 65 961 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\triangles\clearanim 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 1 702 cleared1.png 11/08/2006 16:01 2 248 cleared2.png 11/08/2006 16:01 2 275 cleared3.png 11/08/2006 16:01 2 030 cleared4.png 11/08/2006 16:01 1 556 cleared5.png 11/08/2006 16:01 930 cleared6.png 6 fichier(s) 10 741 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\upsell 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 18 029 image0.jpg 11/08/2006 16:01 17 202 image1.jpg 11/08/2006 16:01 18 876 image2.jpg 11/08/2006 16:01 18 505 image3.jpg 4 fichier(s) 72 612 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\assets\urns 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 5 769 bluebucket.png 11/08/2006 16:01 1 283 buckettriangle.png 11/08/2006 16:01 658 chainlink.png 11/08/2006 16:01 860 chaintip.png 11/08/2006 16:01 5 012 genericbucket.png 11/08/2006 16:01 6 062 greenbucket.png 11/08/2006 16:01 5 706 redbucket.png 11/08/2006 16:01 763 smallblue.png 11/08/2006 16:01 647 smallgreen.png 11/08/2006 16:01 684 smallred.png 11/08/2006 16:01 597 smallyellow.png 11/08/2006 16:01 4 746 urnglow.png 11/08/2006 16:01 2 690 urnplatform.png 11/08/2006 16:01 6 155 yellowbucket.png 14 fichier(s) 41 632 octets Répertoire de C:\WINDOWS\Downloaded Program Files\TriJinx.1.0.0.67\screens 09/09/2006 20:57 <REP> . 09/09/2006 20:57 <REP> .. 11/08/2006 16:01 618 error.lua 11/08/2006 16:01 5 355 game.lua 11/08/2006 16:01 4 679 gameover.lua 11/08/2006 16:01 14 716 hiscore.lua 11/08/2006 16:01 658 hiscoreinfo.lua 11/08/2006 16:01 4 413 hiscoresubmit.lua 11/08/2006 16:01 6 099 instructions.lua 11/08/2006 16:01 19 664 leveldesign.lua 11/08/2006 16:01 6 944 levelover.lua 11/08/2006 16:01 3 454 mainarcade.lua 11/08/2006 16:01 1 020 mainconfirm.lua 11/08/2006 16:01 2 577 maincontinue.lua 11/08/2006 16:01 2 603 maingames.lua 11/08/2006 16:01 2 572 mainpuzzle.lua 11/08/2006 16:01 758 maphelptip.lua 11/08/2006 16:01 2 496 options.lua 11/08/2006 16:01 4 424 pause.lua 11/08/2006 16:01 1 323 quitconfirm.lua 11/08/2006 16:01 4 129 start.lua 11/08/2006 16:01 3 543 storyplayer.lua 11/08/2006 16:01 3 146 style.lua 11/08/2006 16:01 3 474 upsell.lua 22 fichier(s) 98 665 octets Total des fichiers listés : 259 fichier(s) 7 489 792 octets 98 Rép(s) 205 876 834 304 octets libres Recherche de rootkit! (Merci S!Ri) infection possible Magic.Control : un scan F-Secure BlackLight est recommandé Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"="C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI" "C:\\Program Files\\Autodesk\\backburner\\monitor.exe"="C:\\Program Files\\Autodesk\\backburner\\monitor.exe:*:Enabled:backburner 2.3 monitor" "C:\\Program Files\\Autodesk\\backburner\\manager.exe"="C:\\Program Files\\Autodesk\\backburner\\manager.exe:*:Enabled:backburner 2.3 manager" "C:\\Program Files\\Autodesk\\backburner\\server.exe"="C:\\Program Files\\Autodesk\\backburner\\server.exe:*:Enabled:backburner 2.3 server" "C:\\Program Files\\PPLive\\PPLive.exe"="C:\\Program Files\\PPLive\\PPLive.exe:*:Enabled:PPLive" "C:\\Documents and Settings\\PIF\\Bureau\\SopCast\\SopCast.exe"="C:\\Documents and Settings\\PIF\\Bureau\\SopCast\\SopCast.exe:*:Enabled:SoP Client" "C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SoP Client" "C:\\Documents and Settings\\PIF\\Bureau\\SopCast_062\\SopCast\\SopCast.exe"="C:\\Documents and Settings\\PIF\\Bureau\\SopCast_062\\SopCast\\SopCast.exe:*:Enabled:SoP Client" "C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPStream" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe:*:Enabled:TrueVector Service" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\TvAnts\\Tvants.exe"="C:\\Program Files\\TvAnts\\Tvants.exe:*:Enabled:TVAnts" "C:\\Program Files\\GuildFTPd\\GuildFTPd.exe"="C:\\Program Files\\GuildFTPd\\GuildFTPd.exe:*:Enabled:GuildFTPd FTP Server Deamon" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Mozilla Firefox" "C:\\Soldat\\Soldat.exe"="C:\\Soldat\\Soldat.exe:*:Enabled:Soldat" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\girder\\girder.exe"="C:\\Program Files\\girder\\girder.exe:*:Enabled:Trust Girder" "C:\\Program Files\\Promixis\\Girder\\girder.exe"="C:\\Program Files\\Promixis\\Girder\\girder.exe:*:Enabled:Trust Girder" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)" "C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)" "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate" "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe:*:Enabled:Server dedicato SWAT 4 - The Stetchkov Syndicate" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\girder\\girder.exe"="C:\\Program Files\\girder\\girder.exe:*:Enabled:Trust Girder" "C:\\Program Files\\Promixis\\Girder\\girder.exe"="C:\\Program Files\\Promixis\\Girder\\girder.exe:*:Enabled:Trust Girder" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" "{e5b1e382-817e-4b74-8a96-ec78751e6acf}"="incatenate" "{8dc1f789-e073-4363-b40d-07376bc5ecc5}"="articulation" Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-20 12:47:29 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 264 - winvnc.exe 552 - csrss.exe 584 - winlogon.exe 628 - services.exe 640 - lsass.exe 792 - svchost.exe 852 - svchost.exe 920 - svchost.exe 944 - StyleXPService. 996 - svchost.exe 1100 - livecall.exe 1156 - svchost.exe 1228 - spoolsv.exe 1424 - explorer.exe 1544 - alg.exe 1652 - sched.exe 1664 - avguard.exe 1692 - firefox.exe 1720 - guard.exe 1812 - mdm.exe 2628 - usnsvc.exe 2716 - Profiler.exe 2744 - atiptaxx.exe 2756 - WFWIZ.exe 2808 - avgnt.exe 2908 - TaskSwitch.exe 2948 - InCD.exe 3056 - EDICT.EXE 3076 - StyleXP.exe 3128 - msnmsgr.exe 3164 - ctfmon.exe 3236 - iPodService.exe 3512 - cmd.exe 3572 - sqlmangr.exe 3732 - Approach.exe 3804 - TaskbarEx.exe 3836 - Rainmeter.exe 3852 - soffice.bin 3912 - OBJECT~1.EXE Total number of processes = 40 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\KERNEL1.EXE 806EF000 - \WINDOWS\system32\hal.dll F7D6F000 - \WINDOWS\system32\KDCOM.DLL F7C7F000 - \WINDOWS\system32\BOOTVID.dll F781F000 - ACPI.sys F7D71000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS F780E000 - pci.sys F786F000 - isapnp.sys F773E000 - sptd.sys F7726000 - \WINDOWS\System32\Drivers\SPTD6669.SYS F7D73000 - viaide.sys F7AEF000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS F787F000 - MountMgr.sys F7707000 - ftdisk.sys F7D75000 - dmload.sys F76E1000 - dmio.sys F7AF7000 - PartMgr.sys F788F000 - VolSnap.sys F76C9000 - atapi.sys F789F000 - hpt3xx.sys F76B1000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS F7AFF000 - cercsr6.sys F78AF000 - disk.sys F78BF000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS F7692000 - fltMgr.sys F7680000 - sr.sys F7C83000 - hptpro.sys F7B07000 - PxHelp20.sys F7669000 - KSecDD.sys F75DC000 - Ntfs.sys F75AF000 - NDIS.sys F78CF000 - viaagp.sys F7594000 - Mup.sys F79BF000 - \SystemRoot\system32\DRIVERS\amdk7.sys F62AE000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys F629A000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F6289000 - \SystemRoot\system32\DRIVERS\HSF_BSC2.sys F79CF000 - \SystemRoot\system32\DRIVERS\HSF_SOAR.SYS F79DF000 - \SystemRoot\system32\DRIVERS\HSF_SAMP.sys F6204000 - \SystemRoot\system32\DRIVERS\HSF_MSFT.sys F61B3000 - \SystemRoot\system32\DRIVERS\HSF_AMOS.SYS F7C17000 - \SystemRoot\System32\Drivers\Modem.SYS F618B000 - \SystemRoot\system32\drivers\cx88vid.sys F79EF000 - \SystemRoot\system32\drivers\STREAM.SYS F6168000 - \SystemRoot\system32\drivers\ks.sys F7C1F000 - \SystemRoot\system32\DRIVERS\RTL8139.SYS F60A4000 - \SystemRoot\system32\drivers\cmuda3.sys F6080000 - \SystemRoot\system32\drivers\portcls.sys F79FF000 - \SystemRoot\system32\drivers\drmk.sys F7C27000 - \SystemRoot\system32\drivers\pfc.sys F7A0F000 - \SystemRoot\system32\DRIVERS\cdrom.sys F7A1F000 - \SystemRoot\system32\DRIVERS\redbook.sys F7C2F000 - \SystemRoot\System32\DRIVERS\InCDPass.sys F7C37000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys F7A2F000 - \SystemRoot\system32\DRIVERS\imapi.sys F7C3F000 - \SystemRoot\system32\DRIVERS\usbuhci.sys F605D000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS F7C47000 - \??\C:\Program Files\HHD Software\USB Monitor\hhdusbh.sys F7C4F000 - \SystemRoot\system32\DRIVERS\fdc.sys F604C000 - \SystemRoot\system32\DRIVERS\serial.sys F7540000 - \SystemRoot\system32\DRIVERS\serenum.sys F6038000 - \SystemRoot\system32\DRIVERS\parport.sys F7A3F000 - \SystemRoot\system32\DRIVERS\i8042prt.sys F7C57000 - \SystemRoot\system32\DRIVERS\mouclass.sys F7C5F000 - \SystemRoot\system32\DRIVERS\kbdclass.sys F7D9F000 - \SystemRoot\system32\DRIVERS\vncdrv.sys F7F65000 - \SystemRoot\system32\DRIVERS\audstub.sys F7A4F000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys F753C000 - \SystemRoot\system32\DRIVERS\ndistapi.sys F6021000 - \SystemRoot\system32\DRIVERS\ndiswan.sys F7A5F000 - \SystemRoot\system32\DRIVERS\raspppoe.sys F7A6F000 - \SystemRoot\system32\DRIVERS\raspptp.sys F7C67000 - \SystemRoot\system32\DRIVERS\TDI.SYS F6010000 - \SystemRoot\system32\DRIVERS\psched.sys F7A7F000 - \SystemRoot\system32\DRIVERS\msgpc.sys F7C6F000 - \SystemRoot\system32\DRIVERS\ptilink.sys F7C77000 - \SystemRoot\system32\DRIVERS\raspti.sys F5F84000 - \SystemRoot\system32\DRIVERS\rdpdr.sys F7A8F000 - \SystemRoot\system32\DRIVERS\termdd.sys F7A9F000 - \SystemRoot\system32\drivers\SaiBus.sys F7DA1000 - \SystemRoot\system32\DRIVERS\swenum.sys F5F50000 - \SystemRoot\system32\DRIVERS\update.sys F7D33000 - \SystemRoot\system32\DRIVERS\mssmbios.sys F7ACF000 - \SystemRoot\System32\Drivers\NDProxy.SYS F64E2000 - \SystemRoot\system32\DRIVERS\SaiMini.sys F7ADF000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F7B2F000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F64DE000 - \SystemRoot\system32\DRIVERS\kbdhid.sys F64DA000 - \SystemRoot\system32\DRIVERS\mouhid.sys F64D6000 - \SystemRoot\system32\drivers\cxavxbar.sys F7B37000 - \SystemRoot\system32\drivers\CX88TUNE.sys AAFB2000 - \SystemRoot\system32\DRIVERS\usbhub.sys F7DB9000 - \SystemRoot\system32\DRIVERS\USBD.SYS A8BCA000 - \SystemRoot\system32\DRIVERS\flpydisk.sys F7D7F000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7EA3000 - \SystemRoot\System32\Drivers\Null.SYS F7D81000 - \SystemRoot\System32\Drivers\Beep.SYS A898D000 - \SystemRoot\System32\drivers\vga.sys F7D83000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7D85000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F7D87000 - \SystemRoot\System32\Drivers\InCDrec.SYS A7DBD000 - \SystemRoot\System32\Drivers\InCDfs.SYS A8985000 - \SystemRoot\System32\Drivers\Msfs.SYS A897D000 - \SystemRoot\System32\Drivers\Npfs.SYS A7FE7000 - \SystemRoot\system32\DRIVERS\rasacd.sys A7D5A000 - \SystemRoot\system32\DRIVERS\ipsec.sys A7D02000 - \SystemRoot\system32\DRIVERS\tcpip.sys A7CDA000 - \SystemRoot\system32\DRIVERS\netbt.sys A7F05000 - \SystemRoot\System32\drivers\ws2ifsl.sys A7CB8000 - \SystemRoot\System32\drivers\afd.sys A8AD1000 - \SystemRoot\system32\DRIVERS\netbios.sys A7F01000 - \??\C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe A7C64000 - \SystemRoot\system32\DRIVERS\rdbss.sys F7EF3000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS A7BF5000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys A8611000 - \SystemRoot\System32\Drivers\Fips.SYS A7B0C000 - \SystemRoot\system32\DRIVERS\ipnat.sys A85F1000 - \SystemRoot\system32\DRIVERS\wanarp.sys F7F14000 - \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys F7D89000 - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys A7D8D000 - \SystemRoot\system32\DRIVERS\SaiU5F0D.sys A7B49000 - \SystemRoot\system32\DRIVERS\hidusb.sys A76F0000 - \SystemRoot\system32\DRIVERS\SaiH5F0D.sys A7B75000 - \SystemRoot\System32\Drivers\Cdfs.SYS BF800000 - \SystemRoot\System32\win32k.sys A7188000 - \SystemRoot\System32\watchdog.sys A7A5E000 - \SystemRoot\System32\drivers\Dxapi.sys BF9C1000 - \SystemRoot\System32\drivers\dxg.sys A7913000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D3000 - \SystemRoot\System32\ati2dvag.dll BFA17000 - \SystemRoot\System32\ati2cqag.dll BFA6C000 - \SystemRoot\System32\atikvmag.dll BFAB8000 - \SystemRoot\System32\ati3duag.dll BFD6B000 - \SystemRoot\System32\ativvaxx.dll A4C15000 - \SystemRoot\system32\drivers\wdmaud.sys F6C2A000 - \SystemRoot\system32\drivers\sysaudio.sys A4AFB000 - \SystemRoot\system32\DRIVERS\mrxdav.sys A7E2E000 - \SystemRoot\System32\Drivers\ParVdm.SYS A4A8C000 - \SystemRoot\system32\DRIVERS\HSF_FALL.sys A4A6F000 - \SystemRoot\system32\DRIVERS\HSF_FSKS.sys A49E7000 - \SystemRoot\system32\DRIVERS\HSF_K56K.sys A4C2A000 - \SystemRoot\system32\DRIVERS\mdmxsdk.sys A496C000 - \SystemRoot\system32\DRIVERS\srv.sys A489B000 - \SystemRoot\system32\DRIVERS\HSF_FAXX.sys F6BEA000 - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys A4BA8000 - \SystemRoot\system32\DRIVERS\HSF_TONE.sys A47AB000 - \SystemRoot\system32\DRIVERS\HSF_V124.sys F7DA5000 - \SystemRoot\System32\Drivers\vnccom.SYS BFEA6000 - \SystemRoot\System32\vnchelp.dll A7B2D000 - \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS F7DBD000 - \SystemRoot\system32\drivers\MSPQM.sys A75D6000 - \??\D:\#ARCHI~1\Systeme\TMP\mc23.tmp BFFA0000 - \SystemRoot\System32\ATMFD.DLL A403E000 - \SystemRoot\System32\Drivers\HTTP.sys F7E74000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 155 Liste des programmes installes 7-Zip 4.42 Ad-Aware SE Personal Adobe Acrobat 5.0 Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 9 ActiveX Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Photoshop CS2 Adobe Reader 7.0.5 Language Support Adobe Reader 7.0.8 Adobe Shockwave Player Adobe Stock Photos 1.0 Advanced ZIP Password Recovery (remove only) AGEIA PhysX v2.3.3 AMCap Apple Software Update Archiveur WinRAR ATI - Software Uninstall Utility ATI Control Panel ATI Display Driver Automate unDRM v2.0 Avira AntiVir PersonalEdition Classic AWicons Lite Backburner Badongo Belkin Wireless USB Utility Belkin Wireless USB Utility BindMe-1.0.1 BitTorrent 4.20.9 Blender (remove only) BoontyBox 2.1 C-Media WDM Audio Driver Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common CCC Help English Collection Microsoft Encarta 2006 DVD Corel Paint Shop Pro Photo XI Corel Snapfire Counter-Strike Source Creative System Information Creative WebCam Driver (1.02.08.0807) Creative Zen Nano Plus Cssb'script 2.1 CSSBScript 3.0 (béta) dBpowerAMP Music Converter dBpowerAMP Ogg Vorbis Codec Desk-Com 1.0 DkZ Studio DkZ Studio Download Accelerator Plus (DAP) Editeur Handling GTA-SA v2.0 Emjysoft Programme TV 1.0 eMule EPSON Attach To Email EPSON Copy Utility 3 EPSON Easy Photo Print EPSON File Manager EPSON Image Clip Palette EPSON Logiciel imprimante EPSON Scan EPSON Scan Assistant ESPRX520 Guide d'utilisation Eurobarre ewido anti-spyware 4.0 FAST FOOD verze 1.0 Flash Catcher Flash Saving Plugin FlashGet(Jetcar) 1.81 Fraps Game Cam v1.4 Ghost Recon Advanced Warfighter GiPo@MoveOnBoot 1.9.5 Girder 3.3 Google Earth Google Earth Pro Google Toolbar for Internet Explorer GSpot Codec Information Appliance GTA San Andreas GénéaTique 2004 HHD Software USB Monitor 2.37 HijackThis 1.99.1 InCD Installer InterVideo WinDVD iTunes J2SE Runtime Environment 5.0 Update 11 J2SE Runtime Environment 5.0 Update 7 J2SE Runtime Environment 5.0 Update 9 Java 2 Runtime Environment, SE v1.4.0_03 Java Web Start Java SE Runtime Environment 6 Update 1 K-Lite Codec Pack 2.72 Full K!TV KO Approach L&H TTS3000 Français Lecteur Windows Media 10 livebox LiveReg (Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) maads v.19.6 Macromedia Dreamweaver 8 Macromedia Extension Manager MaxBlast 4 MEGA MAP PACK SERVERGAMERS CS SOURCE Messenger Plus! Live MeuhMeuhTV (désinstallation uniquement) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB886903) Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Internet Explorer Administration Kit 5 Microsoft Office XP Professional with FrontPage Microsoft SQL Server Desktop Engine MMTV Install dll MOREFPS.nomorelag.net PACK CSSOURCE BETA 2.2 Mozilla Firefox (2.0.0.2) Mozilla Firefox (2.0.0.4) MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) Nero 6 Ultra Edition Net Transport 1.94.282 Norton SystemWorks 2003 Norton Utilities 2003 pour Windows ObjectDock OE-Mail Recovery 1.7 On2 VP3 Video for Windows Codec OpenOffice.org 2.0 Pack Vista Inspirat 1.1 Panel du stunter PartitionMagic PhotoFiltre PIF DESIGNER PowerArchiver 2006 v9.51 French PowerArchiver 2006 v9.63 French PowerArchiver 2006 v9.64 French PowerArchiver 2007 French PowerQuest PartitionMagic 8.0 Powertoys For Windows XP PPLive 1.2.39A PPStream PPStream Pro Evolution Soccer 6 Pro Evolution Soccer 6 Promixis Girder 4.0.3b QuickTime Rainmeter (remove only) RealPlayer S.T.A.L.K.E.R. - Shadow of Chernobyl Saitek SST Programming Software Security Update pour Microsoft .NET Framework 2.0 (KB917283) Security Update pour Microsoft .NET Framework 2.0 (KB922770) Skins SopCast 0.9.8 SpeedSim Spybot - Search & Destroy 1.4 Star Alarme Steam StyleBuilder (remove only) StyleXP (remove only) SuperCopier2 SWAT 4 SWAT 4 SWAT 4 - The Stetchkov Syndicate Synacast Plug-in 1.1.0.7 System Requirements Lab Themexp.org File TrackMania United DVD Patch 2006-12-15 Transym TOCR TRUST 714DX 7.1 SOUND EXPERT TVAnts 1.0 TvAnts 1.0.0.57 Fr Tweak-XP Pro UltraVNC v1.0.2 Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer Clean Up Windows Live Messenger Windows Media Format 11 runtime Windows Media Format Runtime Windows Media Player 11 WinFast Entertainment Center WinFast PVR WinUHA 2.0 RC1 (2005.02.27) xp-AntiSpy 3.96-2 YahooHack! Le volume dans le lecteur C s'appelle Disque Local XP Le numéro de série du volume est 7C86-0C44 Répertoire de C:\Program Files 22/08/2006 19:39 <REP> 3DA 27/01/2007 20:46 <REP> 7-Zip 15/02/2007 19:08 <REP> Adobe 22/08/2006 19:39 <REP> AGEIA Technologies 18/10/2006 17:22 <REP> Ahead 22/08/2006 19:39 <REP> Aida32 22/08/2006 19:39 <REP> Alwil Software 22/08/2006 19:39 <REP> AntiVir PersonalEdition Classic 29/01/2007 22:53 <REP> Apple Software Update 21/03/2007 19:32 <REP> ATI Technologies 22/10/2006 15:01 <REP> Automate unDRM 22/08/2006 19:40 <REP> AWicons Lite 27/12/2006 21:35 <REP> Badongo 09/06/2007 21:06 <REP> Belkin 16/09/2006 19:43 <REP> BitTorrent 16/09/2006 21:32 <REP> Blender Foundation 22/08/2006 19:40 <REP> Chameleon Clock 01/04/2007 13:16 <REP> Clan K2M 17/03/2007 09:02 <REP> CleanUp 22/08/2006 19:40 <REP> Common Files 22/08/2006 19:40 <REP> ComPlus Applications 30/10/2006 08:16 <REP> Corel 08/10/2006 11:50 <REP> Creative 22/08/2006 19:40 <REP> DAEMON Tools 22/08/2006 19:40 <REP> DAP 22/08/2006 19:42 <REP> Dark Basic 18/06/2007 17:39 <REP> dethkarz 24/01/2007 21:50 <REP> Dial-Messenger 10/03/2007 21:06 <REP> DkZ Studio 22/08/2006 19:40 <REP> D-Tools 24/12/2006 09:36 <REP> eChanblard 15/06/2007 21:41 <REP> Editeur Handling GTA-SA 23/01/2007 19:54 <REP> ElcomSoft 18/06/2007 17:05 <REP> eMule 29/09/2006 18:33 <REP> epson 11/11/2006 14:35 <REP> Eurobarre 03/02/2007 20:44 <REP> ewido anti-spyware 4.0 19/04/2007 11:46 <REP> Fichiers communs 31/03/2007 12:03 <REP> FlashGet 18/06/2007 08:40 <REP> Game Cam v1.4 24/12/2006 09:33 <REP> Game Graphic Studio 17/09/2006 11:14 <REP> GameShadow 04/04/2007 18:00 <REP> GénéaTique2004 22/08/2006 19:47 <REP> GiPo@Utilities 05/05/2007 14:25 <REP> Google 22/08/2006 19:47 <REP> GSpot 30/11/2006 21:29 <REP> GuildFTPd 22/08/2006 19:47 <REP> HHD Software 20/06/2007 12:37 <REP> Hijackthis 09/10/2006 21:11 <REP> IEAK 22/08/2006 19:47 <REP> Illustrate 19/06/2007 18:49 <REP> Internet Explorer 22/08/2006 19:48 <REP> InternetGameBox 22/08/2006 19:48 <REP> InterVideo 16/04/2007 22:26 <REP> iPod 16/04/2007 22:26 <REP> iTunes 15/04/2007 09:31 <REP> Java 22/08/2006 19:48 <REP> Java Web Start 25/11/2006 15:14 <REP> Justdo Software 09/04/2007 11:03 <REP> K!TV 22/08/2006 19:48 <REP> K-Lite Codec Pack 28/08/2006 18:53 <REP> KO Approach 14/06/2007 23:14 <REP> KONAMI 22/08/2006 19:50 <REP> Lavasoft 22/08/2006 19:50 <REP> Lfiles 22/08/2006 19:50 <REP> Luminositi 22/08/2006 19:52 <REP> Macromedia 14/02/2007 17:18 <REP> Magical Glass 22/08/2006 19:52 <REP> Maplom 22/08/2006 19:52 <REP> Maxtor 19/06/2007 18:47 <REP> Messenger 22/05/2007 18:17 <REP> Messenger Plus! Live 22/08/2006 19:53 <REP> MeuhMeuhTV 22/08/2006 19:53 <REP> Microsoft ActiveSync 25/08/2006 09:08 <REP> Microsoft Encarta 11/10/2006 14:57 <REP> microsoft frontpage 22/02/2007 21:48 <REP> Microsoft Office 09/10/2006 21:39 <REP> Microsoft SQL Server 22/02/2007 21:49 <REP> Microsoft Visual Studio 22/08/2006 19:55 <REP> Movie Maker 31/05/2007 19:53 <REP> Mozilla Firefox 27/01/2007 20:02 <REP> mozilla.org 19/03/2007 20:47 <REP> MSECACHE 22/08/2006 19:55 <REP> MSN 22/08/2006 19:55 <REP> MSN Gaming Zone 22/05/2007 18:17 <REP> MSN Messenger 16/03/2007 21:51 <REP> MSNServersX 14/10/2006 18:52 <REP> MSXML 4.0 22/08/2006 19:55 <REP> MUSK Codec Pack v4 16/06/2007 19:32 <REP> My IP Address 29/08/2006 19:53 <REP> NetMeeting 22/08/2006 19:55 <REP> Noël Danjou 22/08/2006 19:55 <REP> Norton SystemWorks 30/03/2007 20:08 <REP> OE-Mail Recovery 22/08/2006 19:55 <REP> Ogame 22/08/2006 19:55 <REP> On2 Technologies 22/08/2006 19:55 <REP> Online Services 18/10/2006 18:04 <REP> OpenOffice.org 2.0 09/10/2006 21:10 <REP> ORKTools 19/06/2007 18:49 <REP> Outlook Express 17/06/2007 12:49 <REP> Panel-stunt 30/09/2006 08:37 <REP> PhotoFiltre 17/06/2007 19:47 <REP> PowerArchiver 20/09/2006 15:32 <REP> PowerQuest 10/03/2007 21:45 <REP> PPLive 29/04/2007 13:20 <REP> PPStream 04/03/2007 09:17 <REP> Promixis 29/01/2007 20:47 <REP> Proyecto1 28/05/2007 22:03 <REP> QuickTime 22/08/2006 19:55 <REP> Rainmeter 22/08/2006 19:55 <REP> Real 22/04/2007 19:21 <REP> RealVNC 15/06/2007 22:05 <REP> Rockstar Games 11/12/2006 19:16 <REP> SAGEM 22/08/2006 19:55 <REP> Saitek 22/08/2006 19:55 <REP> Securitoo 19/06/2007 18:49 <REP> Services en ligne 22/08/2006 19:55 <REP> Setup 24/12/2006 09:38 <REP> Shareaza 14/05/2007 18:43 <REP> Sierra 07/10/2006 15:46 <REP> Skype 22/08/2006 19:56 <REP> SpeedOptimizer 08/06/2007 20:23 <REP> SpeedSim 20/06/2007 08:44 <REP> Spybot - Search & Destroy 07/01/2007 14:16 <REP> Star Alarme 22/08/2006 19:56 <REP> Stardock 10/09/2006 11:03 <REP> StartClock 20/06/2007 12:34 <REP> Steam 22/08/2006 19:56 <REP> SuperCopier 22/08/2006 19:56 <REP> SuperCopier2 22/08/2006 19:56 <REP> Symantec 12/05/2007 19:51 <REP> SystemRequirementsLab 22/08/2006 19:56 <REP> TaskbarEx 22/08/2006 19:56 <REP> TGTSoft 22/08/2006 19:56 <REP> themexp 16/05/2007 13:56 <REP> THQ 20/03/2007 15:34 <REP> thriXXX 26/05/2007 17:37 <REP> TrackMania United 28/05/2007 21:46 <REP> Transym 22/08/2006 19:56 <REP> Trend Micro 22/08/2006 19:57 <REP> TRUST 714DX 7.1 SOUND EXPERT 22/08/2006 19:57 <REP> TvAnts 22/08/2006 19:57 <REP> Tweak-XP Pro 25/04/2007 19:59 <REP> UltraVNC 25/11/2006 21:18 <REP> UnH Solutions 03/03/2007 10:29 <REP> Valve Hammer Editor 11/12/2006 19:19 <REP> Wanadoo 24/12/2006 09:52 <REP> Warcraft III 19/03/2007 20:47 <REP> Windows Installer Clean Up 25/11/2006 22:48 <REP> Windows Media Connect 2 19/06/2007 18:52 <REP> Windows Media Player 22/08/2006 20:03 <REP> Windows NT 22/08/2006 20:03 <REP> WinFast 28/12/2006 19:27 <REP> WinRAR 24/12/2006 12:09 <REP> WinUHA 22/08/2006 20:03 <REP> xerox 22/08/2006 20:03 <REP> Xi 22/08/2006 20:03 <REP> xp-AntiSpy 03/02/2007 20:50 <REP> Zone Labs 0 fichier(s) 0 octets 159 Rép(s) 205 876 510 720 octets libres Le volume dans le lecteur C s'appelle Disque Local XP Le numéro de série du volume est 7C86-0C44 Répertoire de C:\Program Files\fichiers communs 19/04/2007 11:46 <REP> . 19/04/2007 11:46 <REP> .. 14/02/2007 14:36 <REP> Adobe 14/02/2007 14:35 <REP> Adobe Systems Shared 18/10/2006 17:15 <REP> Ahead 30/10/2006 08:15 <REP> Corel 22/08/2006 19:46 <REP> Designer 22/08/2006 19:46 <REP> DirectX 22/08/2006 19:46 <REP> Gibinsoft Shared 22/08/2006 19:46 <REP> HHD Software 15/04/2007 15:16 <REP> InstallShield 22/08/2006 19:46 <REP> Java 25/11/2006 15:16 <REP> Justdo 22/02/2007 21:47 <REP> L&H 22/08/2006 19:47 <REP> Macromedia 22/02/2007 21:49 <REP> Microsoft Shared 22/08/2006 19:47 <REP> MSSoap 22/08/2006 19:47 <REP> ODBC 22/08/2006 19:47 <REP> Real 22/08/2006 19:47 <REP> Services 22/08/2006 19:47 <REP> SpeechEngines 22/08/2006 19:47 <REP> Stardock 22/08/2006 19:47 <REP> Symantec Shared 22/08/2006 19:47 <REP> Synacast 19/06/2007 18:49 <REP> System 22/08/2006 19:47 <REP> Ulead Systems 22/08/2006 19:47 <REP> Wise Installation Wizard 22/08/2006 19:47 <REP> xing shared 0 fichier(s) 0 octets 28 Rép(s) 205 876 506 624 octets libres Le volume dans le lecteur C s'appelle Disque Local XP Le numéro de série du volume est 7C86-0C44 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 22/08/2006 19:47 <REP> . 22/08/2006 19:47 <REP> .. 22/08/2006 19:47 <REP> 1033 29/01/2004 16:08 1 277 952 MSONSEXT.DLL 13/02/2001 00:23 58 784 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 06/08/2000 09:04 401 462 MSVCP60.DLL 29/01/2004 16:08 69 632 PKMAXCTL.DLL 29/01/2004 16:08 868 352 PKMCDO.DLL 29/01/2004 16:08 53 248 PKMCORE.DLL 29/01/2004 16:08 102 400 PKMFORMS.DLL 29/01/2004 16:08 622 592 PKMRES.DLL 29/01/2004 16:08 28 672 PKMSSTLB.DLL 22/01/2001 03:25 40 960 PKMTEMPL.DLL 29/01/2004 16:08 24 576 PKMTRACE.DLL 29/01/2004 16:08 86 016 PKMWS.DLL 29/01/2004 16:08 237 568 PROMDEMO.DLL 29/01/2004 16:08 184 320 SECMGR.DLL 29/01/2004 16:08 315 392 VAIDDMGR.DLL 29/01/2004 16:08 32 768 VAIMEM.DLL 18 fichier(s) 4 654 664 octets 3 Rép(s) 205 876 506 624 octets libres Le volume dans le lecteur C s'appelle Disque Local XP Le numéro de série du volume est 7C86-0C44 Répertoire de C:\Program Files\common files 22/08/2006 19:40 <REP> . 22/08/2006 19:40 <REP> .. 22/08/2006 19:40 <REP> Ahead 0 fichier(s) 0 octets 3 Rép(s) 205 876 506 624 octets libres Le volume dans le lecteur C s'appelle Disque Local XP Le numéro de série du volume est 7C86-0C44 Répertoire de C:\ 12/05/2007 18:22 68 096 diff.exe 12/05/2007 18:22 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 205 876 506 624 octets libres Le volume dans le lecteur C s'appelle Disque Local XP Le numéro de série du volume est 7C86-0C44 Répertoire de C:\ c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.1.1.5\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Application Data\TrackMania United\Patches\TmUnited_DVD_Patch_2006-12-15_Setup.exe c:\Documents and Settings\PIF\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_en_US.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{26FE1EFD-E95B-4BBA-B25C-5FF1D4360BF8}\ARPPRODUCTICON.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{26FE1EFD-E95B-4BBA-B25C-5FF1D4360BF8}\NewShortcut1_B42EE62BA4804A6CA24D32C4A3CDDD1F.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{26FE1EFD-E95B-4BBA-B25C-5FF1D4360BF8}\NewShortcut2_B42EE62BA4804A6CA24D32C4A3CDDD1F.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{410DB4DE-354D-F472-F66D-FCFF345A8960}\ARPPRODUCTICON.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{7191C910-3F72-B2CA-0FA5-F0E78F5F8FD2}\ARPPRODUCTICON.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_125f4299.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_23282bdc.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_2d9c7675.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_336a1ea6.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_3b7168ec.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_3eba2d5d.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_4a0d7d39.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_4a284e1.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_5bbf367c.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_68476603.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_6f9a65a9.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_71196d74.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_779c5be5.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_7fd2260b.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_8a42c42.exe c:\Documents and Settings\PIF\Application Data\Microsoft\Installer\{F656DC79-013A-4683-8692-B938FC00B941}\_c8d278f.exe c:\Documents and Settings\PIF\Application Data\MSNInstaller\msnauins.exe c:\Documents and Settings\PIF\Application Data\ppStream\update.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\catchme.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\diff.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\dumphive.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\find2.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\Fport.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\grep.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\KProcCheck.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\LFiles.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\LISTDLLS.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\pslist.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\streams.exe c:\Documents and Settings\PIF\Bureau\DiagHelp\swreg.exe c:\Documents and Settings\PIF\Local Settings\Application Data\Microsoft\Messenger\metal090592@hotmail.fr\Sharing Folders\guit40@hotmail.com\vcsc.exe c:\Documents and Settings\PIF\Local Settings\Apps\2.0\WJDDYGO1.4H7\7JVG4C0X.26L\ogc...tion_3fb45ee9c3b7cb1e_0003.0000_a0c9c90512ac4d8e\OGC.exe c:\Documents and Settings\PIF\Local Settings\Temp\AutoRun.exe c:\Documents and Settings\PIF\Local Settings\Temp\eauninstall.exe c:\Documents and Settings\PIF\Local Settings\Temp\Need for Speed Most Wanted_uninst.exe c:\Documents and Settings\PIF\Local Settings\Temp\_ISTMP1.DIR\_ISTMP0.DIR\ISUninst.exe c:\Documents and Settings\PIF\Local Settings\Temp\_ISTMP2.DIR\_ISTMP0.DIR\ISUninst.exe c:\Documents and Settings\PIF\Mes documents\powarc1001fr.exe c:\Documents and Settings\PIF\Mes documents\powarc964fr.exe c:\Documents and Settings\PIF\Mes documents\darkmoon4.11\darkmoon.exe c:\Documents and Settings\PIF\Mes documents\darkmoon4.11\upx.exe c:\Documents and Settings\PIF\Mes documents\final\SpyGestion.exe c:\Documents and Settings\PIF\Mes documents\GTA San Andreas User Files\GTASA_Console.exe c:\Documents and Settings\PIF\Mes documents\GTA San Andreas User Files\SAAC.exe c:\Documents and Settings\PIF\Mes documents\GTA San Andreas User Files\spark_0.9\Spark.exe c:\Documents and Settings\PIF\Mes documents\GTA San Andreas User Files\spark_0.9\SparkCS.exe c:\Documents and Settings\PIF\Mes documents\GTA San Andreas User Files\Txd_Workshop_4.0b\txdworkshop.exe c:\Documents and Settings\PIF\Mes documents\KONAMI\ANTI\KonamiLauncher.exe c:\Documents and Settings\PIF\Mes documents\Mes images\émoticons\avatar\UnFREEz.exe c:\Documents and Settings\PIF\Mes documents\Outil Divers\ATF-Cleaner.exe c:\Documents and Settings\PIF\Mes documents\Project64 v1.5\Project64.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll c:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\PIF\Application Data\Identities\{002AVPFP-JHLQ-ABE5-BDB1-205DPQMIMVV9}\xmlparse.dll c:\Documents and Settings\PIF\Application Data\Macromedia\Dreamweaver 8\Configuration\Flash Player\FlashPlayerW.dll c:\Documents and Settings\PIF\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\PIF\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\PIF\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\2kPrerequisite.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\avcodec-51.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\avformat-51.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\avutil-49.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\FFMpegBridge.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\ImageShackCom.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\msvcr71.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\SDL.dll c:\Documents and Settings\PIF\Application Data\Mozilla\Firefox\Profiles\9u5wnpwj.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\swscale-0.dll c:\Documents and Settings\PIF\Application Data\ppStream\1.0.0.1398\powerplayer.dll c:\Documents and Settings\PIF\Application Data\ppStream\1.0.0.1398\psnetwork.dll c:\Documents and Settings\PIF\Application Data\SystemRequirementsLab\SRLProxyI.dll c:\Documents and Settings\PIF\Application Data\SystemRequirementsLab\SRLProxyJ.dll c:\Documents and Settings\PIF\Application Data\SystemRequirementsLab\SRLProxyK.dll c:\Documents and Settings\PIF\Application Data\SystemRequirementsLab\SRLProxyL.dll ****** Fin du rapport DiagHelp
-
rapport sdfix: SDFix: Version 1.88 Run by PIF on 20/06/2007 at 12:27 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Missing Security Center Service Restoring Missing SharedAccess Service Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\WINDOWS\system\smss.exe - Deleted Removing Temp Files... ADS Check: Checking C:\WINDOWS C:\WINDOWS No streams found. Checking C:\WINDOWS\system32 C:\WINDOWS\system32 No streams found. Checking C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking C:\WINDOWS\system32\ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"="C:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI" "C:\\Program Files\\Autodesk\\backburner\\monitor.exe"="C:\\Program Files\\Autodesk\\backburner\\monitor.exe:*:Enabled:backburner 2.3 monitor" "C:\\Program Files\\Autodesk\\backburner\\manager.exe"="C:\\Program Files\\Autodesk\\backburner\\manager.exe:*:Enabled:backburner 2.3 manager" "C:\\Program Files\\Autodesk\\backburner\\server.exe"="C:\\Program Files\\Autodesk\\backburner\\server.exe:*:Enabled:backburner 2.3 server" "C:\\Program Files\\PPLive\\PPLive.exe"="C:\\Program Files\\PPLive\\PPLive.exe:*:Enabled:PPLive" "C:\\Documents and Settings\\PIF\\Bureau\\SopCast\\SopCast.exe"="C:\\Documents and Settings\\PIF\\Bureau\\SopCast\\SopCast.exe:*:Enabled:SoP Client" "C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SoP Client" "C:\\Documents and Settings\\PIF\\Bureau\\SopCast_062\\SopCast\\SopCast.exe"="C:\\Documents and Settings\\PIF\\Bureau\\SopCast_062\\SopCast\\SopCast.exe:*:Enabled:SoP Client" "C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPStream" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe:*:Enabled:TrueVector Service" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\TvAnts\\Tvants.exe"="C:\\Program Files\\TvAnts\\Tvants.exe:*:Enabled:TVAnts" "C:\\Program Files\\GuildFTPd\\GuildFTPd.exe"="C:\\Program Files\\GuildFTPd\\GuildFTPd.exe:*:Enabled:GuildFTPd FTP Server Deamon" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Mozilla Firefox" "C:\\Soldat\\Soldat.exe"="C:\\Soldat\\Soldat.exe:*:Enabled:Soldat" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\girder\\girder.exe"="C:\\Program Files\\girder\\girder.exe:*:Enabled:Trust Girder" "C:\\Program Files\\Promixis\\Girder\\girder.exe"="C:\\Program Files\\Promixis\\Girder\\girder.exe:*:Enabled:Trust Girder" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)" "C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)" "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate" "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe:*:Enabled:Server dedicato SWAT 4 - The Stetchkov Syndicate" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\girder\\girder.exe"="C:\\Program Files\\girder\\girder.exe:*:Enabled:Trust Girder" "C:\\Program Files\\Promixis\\Girder\\girder.exe"="C:\\Program Files\\Promixis\\Girder\\girder.exe:*:Enabled:Trust Girder" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- Backups Folder: - C:\SDFix\backups\backups.zip Listing Files with Hidden Attributes: C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\10_credui.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\13_fontext.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\16_inetcplc.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\19_keymgr.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\23_moricons.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\24_msgina.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\25_mshtml.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\27_mstask.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\28_mstscax.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\29_mydocs.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\31_netid.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\32_netshell.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\33_newdev.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\35_ntshrui.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\37_occache.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\39_printui.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\3_browseui.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\40_rasdlg.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\42_shdoclc.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\43_shdocvw.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\44_shell32.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\45_shimgvw.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\46_shlwapi.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\49_stobject.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\4_cabview.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\52_syssetup.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\55_themeui.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\57_url.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\58_urlmon.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\59_webcheck.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\61_wininet.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\62_WINNTBBU.DLL\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\63_winsrv.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\64_xpsp2res.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\65_zipfldr.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\69_msoeres.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\71_wmploc.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\8_cmdial32.dll\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\9_console.dll\Thumbs.db C:\Documents and Settings\PIF\Mes documents\darkmoon4.11\upx.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\12_explorer.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\26_mspaint.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\34_notepad.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\41_regedit.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\47_sndrec32.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\48_sndvol32.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\51_sysocmgr.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\53_taskmgr.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\5_calc.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\60_wiaacmgr.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\66_logonui.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\67_iexplore.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\68_msimn.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\6_cleanmgr.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\70_wmplayer.exe\Thumbs.db C:\WINDOWS\BricoPacks\Vista Inspirat\ResFiles\7_cmd.exe\Thumbs.db C:\WINDOWS\system32\KGyGaAvL.sys C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\151d391a3b44491efc77d331ddebc3c6\BIT9.tmp C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\c79a30536ea2517915fa2308ae81fe8c\BIT8.tmp C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\eb441692f33d2f3e9fa2b18f882616b3\BIT1E.tmp C:\WINDOWS\system32\config\default.tmp.LOG C:\WINDOWS\system32\config\software.tmp.LOG C:\WINDOWS\system32\config\system.tmp.LOG Listing User Accounts: Administrateur ASPNET HelpAssistant Invit‚ PIF SUPPORT_388945a0 La commande s'est termin‚e correctement. Finished rapport HJT: Logfile of HijackThis v1.99.1 Scan saved at 12:37:39, on 20/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\UltraVNC\WinVNC.exe C:\WINDOWS\system32\Fast.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Saitek\Software\Profiler.exe C:\Program Files\Saitek\Software\SaiMfd.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\WinFast\WFTVFM\WFWIZ.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\fast.exe C:\WINDOWS\system32\taskswitch.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE C:\Program Files\TGTSoft\StyleXP\StyleXP.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\GénéaTique2004\PdfDrv\Install\PDFSaver.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\KO Approach\Approach.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\TaskbarEx\TaskbarEx.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe C:\Program Files\MSN Messenger\livecall.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hijackthis\Maxi40.exe \?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [saiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe O4 - HKLM\..\Run: [DXM6Patch_9904] C:\WINDOWS\p_9904.exe /Q:A O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [iPConnect] C:\Documents and Settings\PIF\Bureau\IPConnect.exe O4 - HKLM\..\Run: [Desk-Com] C:\Program Files\Desk-Com\Ghost Recon\Desk-Com.exe O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [backgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [star Alarme] c:\Program Files\Star Alarme\staralarme.exe O4 - HKLM\..\Run: [notautorised] C:\Program Files\BPK\notautorised.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKCU\..\Run: [E06FXLRD_17770532] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Magical Glass] "C:\Program Files\Magical Glass\Magical Glass.exe" /a O4 - HKCU\..\Run: [Girder4] C:\Program Files\Promixis\Girder\girder.exe O4 - HKCU\..\Run: [PDFSaver] C:\Program Files\GénéaTique2004\PdfDrv\Install\PDFSaver.exe O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: KO Approach.lnk = C:\Program Files\KO Approach\Approach.exe O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Startup: Raccourci vers TaskbarEx.lnk = C:\Program Files\TaskbarEx\TaskbarEx.exe O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Belkin Wireless USB Utility.lnk = C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Save Flash - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\controle parental\bin\lsp.dll' missing O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200610...ex/qtplugin.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/T...nx.1.0.0.67.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1154163549680 O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162 O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15023/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: winxka32 - winxka32.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe" -service (file missing)
-
je vous tiens au courant...
-
voila tout: Wed Jun 20 08:21:04 2007 EliBagle v10.41 ©2007 S.G.H. / Satinfo S.L. ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Eliminado Bagle C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle C:\DOCUMENTS AND SETTINGS\PIF\APPLICATION DATA\HIDIRES\HIDR.EXE --> Eliminado Bagle C:\DOCUMENTS AND SETTINGS\PIF\APPLICATION DATA\HIDIRES\M_HOOK.SYS --> Eliminado Bagle (rootkit) Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.41 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\HLDRRR.EXE --> Eliminado Bagle Eliminada Carpeta "%WinDir%\exefld" Restaurada Clave: "SafeBoot\Minimal y Network" Wed Jun 20 08:22:39 2007 EliBagle v10.41 ©2007 S.G.H. / Satinfo S.L. ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ apparemment il a fait sont boulot Logfile of HijackThis v1.99.1 Scan saved at 08:30:36, on 20/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Saitek\Software\Profiler.exe C:\Program Files\Saitek\Software\SaiMfd.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\WinFast\WFTVFM\WFWIZ.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\fast.exe C:\WINDOWS\system32\taskswitch.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\GénéaTique2004\PdfDrv\Install\PDFSaver.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\KO Approach\Approach.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\TaskbarEx\TaskbarEx.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Program Files\UltraVNC\WinVNC.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\Fast.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\livecall.exe C:\Documents and Settings\PIF\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe O4 - HKLM\..\Run: [saiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe O4 - HKLM\..\Run: [DXM6Patch_9904] C:\WINDOWS\p_9904.exe /Q:A O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [iPConnect] C:\Documents and Settings\PIF\Bureau\IPConnect.exe O4 - HKLM\..\Run: [Desk-Com] C:\Program Files\Desk-Com\Ghost Recon\Desk-Com.exe O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [backgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [star Alarme] c:\Program Files\Star Alarme\staralarme.exe O4 - HKLM\..\Run: [notautorised] C:\Program Files\BPK\notautorised.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKCU\..\Run: [E06FXLRD_17770532] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Magical Glass] "C:\Program Files\Magical Glass\Magical Glass.exe" /a O4 - HKCU\..\Run: [Girder4] C:\Program Files\Promixis\Girder\girder.exe O4 - HKCU\..\Run: [PDFSaver] C:\Program Files\GénéaTique2004\PdfDrv\Install\PDFSaver.exe O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: KO Approach.lnk = C:\Program Files\KO Approach\Approach.exe O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Startup: Raccourci vers TaskbarEx.lnk = C:\Program Files\TaskbarEx\TaskbarEx.exe O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\UberIcon\UberIcon Manager.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Belkin Wireless USB Utility.lnk = C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: &Télécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Save Flash - res://C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210 O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm O8 - Extra context menu item: Tout t&élécharger avec NetTransport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\controle parental\bin\lsp.dll' missing O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200610...ex/qtplugin.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/T...nx.1.0.0.67.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1154163549680 O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162 O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/...rg/ESTPTest.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15023/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: winxka32 - winxka32.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe" -service (file missing) je vais passer spybot ewido et ad-aware se Merci surtout pour ton aide sa me fait vraiment plaisir
-
J'ai la solution!!!! sur à 80% j'ai démarré et avant qu'il ait pu rebooter je suis allé dans le gestionnaire de tache et j'ai regardé les processus connaissant tous ceux qui doivent apparaitre après avoir démarré je me suis rendu compte qu'il y en avait un nommé hldrrr.exe . J'ai mis fin à la tache et la miracle mon ordi reste allumé en fait la première fois qu'il était resté allumé j'avais déja fait ça mais c'était pour vérifier une petite recher et j'ai vu que c'était un cheval de troi... Donc je suis peut-être dans la bonne catégorie je suppose qu'il faut le rapports HJT et elibagla?
-
bon j'ai redémarré , sa recommence pfff
-
bon je cromprend plus aprés avoir redémarré en boucle pendant 20 min il s'est décidé à reter allumé je dois faire quelque chose?? ou j'essaie de redémarrer?
-
l'ordinateur a démarré, mais il me met une erreur d'exécution concernant deamon tools (this program requires at least windows 2000 with sptd 1.24 or higher Kernel dbugger must be desactivated) et il affiche 2 fenêtres de l'invite de commande qui disparaissent puis il s'arrète d'un coup et redémarre PS: j'ai réessayé et cette fois il ne m'a pas mis les deux fenêtres de l'invite de commande ça recommence il démarre et s'éteint j'ai essayé en mode sans échec là il va meme pas j'usque au bureau il plante après ou pendant le chargement désespérant...
-
j"essaie de suite je vous tiens au courant Edit : opération en cours...
-
Salut si si il démarre puisque quand j'arrive en mode sans échec il me met aussi l'écran bleu je vais essayer derniere bonne configuration connue édit: ça ne foctionne pas non plus (quelques instants passés sur le bureau et ça plante) Est-ce qu'un modérateur peut déplacer le topic section matériel svp Merci
-
Personne???
-
bonsoir, tout d'abord je précise que je suis nouveau, je ne pense pas m'être trompé de catégorie... J'ai éteint mon ordinateur " à la sauvage" sans passer par "démarrer", Depuis, mon PC m'affiche un écran leu (soit après le démarrage une fois sur mon bureau soit en mde sans échec après le chargement du fichier systèe.. J'ai EN MODE SANS ECHEC : "un problème a été détecté et windows a été arrêté afin de pévenir tout dommage sur votre ordinateur. Si vous voyer cet éran d'arrêt pour la première fois, rédemarrez votre ordinateur......." et avec ça: info techniques : *** STOP: 0x0000007B (0xF78CA528,0xC0000034,0x00000000,0x00000000) ils disent aussi " recherchez tout virus sur votre ordinateur. supprimez tout disque dur ou controleur de disque dur nouvellement installé. vérifiez votre disque dur afin de vous assurer qu'il est correctement configuré et terminé. écutez CHKDSK /F pour vérifier la présence d'un domage sur votre disque dur puis rédémarrez l'ordi." MODE NORMAL: ENSUITE : quand je démarre normalement tout va bien mon bureau s'affiche et 1min plus tard écran bleu: cette fois ci --> *** STOP: 0x0000007E (0x0000001D,0x80572D08,0xF7902B40,0xF790283C) quelqu'un peut il m'aider parce que là, je suis désespérée et j'ai déjà fouillé sur le forum juste un petit truc peut etre que sa aidera j'ai un clavier et une sours logitech (je dis sa je dis rien lol) GRAND MERCI A CEUX QUI POURRONT ME SECOURIR