Aller au contenu

archels

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    30

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par archels

  1. archels
    DiagHelp version v1.4 - http://www.malekal.com excute le 04/02/2008 à 16:52:57,59 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->04/02/2008 16:52:54 C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->04/02/2008 16:52:54 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->04/02/2008 16:52:20 C:\WINDOWS\prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->04/02/2008 16:51:44 C:\WINDOWS\prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->04/02/2008 16:51:44 C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->04/02/2008 16:51:24 C:\WINDOWS\prefetch\GETPOPUPINFO.EXE-22F2D0C9.pf -->04/02/2008 16:51:17 C:\WINDOWS\prefetch\REGEDIT.EXE-1B606482.pf -->04/02/2008 16:50:56 C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->04/02/2008 16:49:45 C:\WINDOWS\prefetch\TASKMGR.EXE-20256C55.pf -->04/02/2008 16:48:49 C:\WINDOWS\System32\drivers\aswmon.sys -->04/12/2007 15:56:02 C:\WINDOWS\System32\drivers\aswmon2.sys -->04/12/2007 15:55:46 C:\WINDOWS\System32\drivers\aswRdr.sys -->04/12/2007 15:53:39 C:\WINDOWS\System32\drivers\aswTdi.sys -->04/12/2007 15:51:52 C:\WINDOWS\System32\drivers\aavmker4.sys -->04/12/2007 15:49:02 C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54 C:\WINDOWS\System32\drivers\tcpip.sys -->30/10/2007 18:20:55 C:\WINDOWS\System32\xycdd.ini -->04/02/2008 16:52:56 C:\WINDOWS\System32\xycdd.ini2 -->04/02/2008 16:51:10 C:\WINDOWS\System32\wpa.dbl -->04/02/2008 16:04:51 C:\WINDOWS\System32\nvapps.xml -->04/02/2008 16:04:24 C:\WINDOWS\System32\magicpvt.dat -->04/02/2008 16:03:00 C:\WINDOWS\System32\driver.dat -->04/02/2008 16:02:33 C:\WINDOWS\System32\fbxulaaq.dllbox -->04/02/2008 13:52:38 C:\WINDOWS\System32\ehcysmdd.ini -->04/02/2008 13:40:09 C:\WINDOWS\System32\CONFIG.NT -->04/02/2008 13:23:05 C:\WINDOWS\System32\yayxvvs.dll -->04/02/2008 12:44:34 C:\WINDOWS\System32\opnnlml.dll -->04/02/2008 12:39:14 C:\WINDOWS\System32\ddcawxy.dll -->04/02/2008 12:14:23 C:\WINDOWS\System32\efcdecc.dll -->04/02/2008 11:46:42 C:\WINDOWS\System32\cbxvwtq.dll -->04/02/2008 11:37:12 C:\WINDOWS\System32\wvutttq.dll -->04/02/2008 09:34:22 C:\WINDOWS\System32\xxyvssr.dll -->04/02/2008 09:17:27 C:\WINDOWS\System32\rqrpmji.dll -->04/02/2008 08:55:48 C:\WINDOWS\System32\iiffcdd.dll -->04/02/2008 08:25:20 C:\WINDOWS\System32\tuvtqrp.dll -->04/02/2008 07:27:49 C:\WINDOWS\System32\ljjgdby.dll -->03/02/2008 20:31:37 C:\WINDOWS\System32\opnnnml.dll -->03/02/2008 18:46:36 C:\WINDOWS\System32\cbxvtqq.dll -->03/02/2008 18:33:52 C:\WINDOWS\System32\fccbyxx.dll -->03/02/2008 18:06:37 C:\WINDOWS\System32\ddcyx.dll -->02/02/2008 16:09:37 C:\WINDOWS\System32\gebyxwx.dll -->02/02/2008 16:04:14 C:\WINDOWS\QTFont.qfn -->04/02/2008 16:05:34 C:\WINDOWS\wiadebug.log -->04/02/2008 16:03:46 C:\WINDOWS\WindowsUpdate.log -->04/02/2008 16:03:39 C:\WINDOWS\wiaservc.log -->04/02/2008 16:03:36 C:\WINDOWS.log -->04/02/2008 16:03:11 C:\WINDOWS\bootstat.dat -->04/02/2008 16:03:02 C:\WINDOWS\SchedLgU.Txt -->04/02/2008 16:01:58 C:\WINDOWS\ntbtlog.txt -->04/02/2008 11:30:25 C:\WINDOWS\NeroDigital.ini -->04/02/2008 09:48:52 C:\WINDOWS\QTFont.for -->03/02/2008 20:29:53 C:\WINDOWS\wmsetup.log -->02/02/2008 20:02:55 C:\WINDOWS\HCWPNP.INI -->02/02/2008 10:23:27 C:\WINDOWS\vtplus32.ini -->28/01/2008 17:29:00 C:\WINDOWS\Irremote.ini -->28/01/2008 16:46:13 C:\WINDOWS\ODBC.INI -->28/01/2008 16:45:25 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1044 Command line: C:\WINDOWS\explorer.exe Base Size Version Path 0x44080000 0xcf000 7.00.6000.16574 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16574 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x10000000 0x12000 C:\Program Files\RocketDock\RocketDock.dll 0x00c00000 0x16f000 6.14.0010.11010 C:\WINDOWS\system32\nview.dll 0x00eb0000 0xa5000 C:\WINDOWS\system32\ddcyx.dll 0x44160000 0x127000 7.00.6000.16574 C:\WINDOWS\system32\urlmon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x01fc0000 0x21000 7.05.0000.0020 C:\Program Files\iTunes\iTunesMiniPlayer.dll 0x02010000 0xe000 7.05.0000.0013 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll 0x02160000 0x23000 7.05.0000.0020 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll 0x13420000 0x1a000 11.00.5721.5145 C:\PROGRA~1\WINDOW~2\wmpband.dll 0x44360000 0x5cd000 7.00.6000.16574 C:\WINDOWS\system32\ieframe.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x01c80000 0x15000 6.14.0010.8195 C:\WINDOWS\system32\nvwddi.dll 0x442b0000 0x3c000 7.00.6000.16574 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x67080000 0x14000 3.00.0002.0001 C:\Program Files\FileZilla Client\fzshellext.dll 0x03440000 0x91000 6.83.0074.0009 C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll 0x03660000 0xa4000 6.83.0092.0011 C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOWS\system32\MSVCP71.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x01c20000 0xb000 6.83.0047.0001 C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr 0x03810000 0x87000 6.83.0015.0001 C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x00e70000 0x14000 2.01.0003.0000 C:\WINDOWS\system32\LMIRfsClientNP.dll 0x5f800000 0x16000 1.01.1593.0000 C:\PROGRA~1\WIFD1F~1\MpShHook.dll 0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll 0x7c420000 0x87000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCP80.dll 0x00a80000 0x14000 C:\WINDOWS\system32\gebyxwx.dll 0x16080000 0x19000 1.00.0003.0001 C:\Program Files\Bonjour\mdnsNSP.dll 0x039e0000 0x16000 600.00.0000.0002 C:\Program Files\Free Download Manager\FUM\fumshext.dll 0x04460000 0x4b000 6.00.6000.16431 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll 0x02960000 0x14000 2.00.0000.0005 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll 0x044b0000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL 0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x045c0000 0x74000 10.00.0000.4942 C:\Program Files\Acronis\TrueImageHome\tishell.dll 0x03a10000 0x12000 3.03.0000.0444 C:\Program Files\Acronis\TrueImageHome\timounter.dll 0x04750000 0x2b000 C:\Program Files\WinRAR\rarext.dll 0x04b80000 0x1e000 1.00.0278.0000 C:\Program Files\Pro Imaging Powertoys\Microsoft Photo Info\MSImgShellExt.dll 0x04ba0000 0x28000 1.00.0278.0000 C:\Program Files\Pro Imaging Powertoys\Microsoft Photo Info\ExtractMetadata.dll 0x7c630000 0x1b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL 0x64f00000 0x12000 4.07.1098.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll 0x051b0000 0x1b9000 2.00.0000.0007 C:\Program Files\Fichiers communs\Ahead\lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\lib\MFC71.DLL 0x05380000 0x15000 1.01.0050.0000 C:\Program Files\Pro Imaging Powertoys\Microsoft RAW Image Thumbnailer and Viewer for Windows XP\CRawViewerExtension.dll 0x053a0000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x05410000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 0x05470000 0x37000 12.00.0001.0002 C:\Program Files\Illustrate\dBpoweramp\dBShell.dll 0x05150000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 0x05a40000 0x11a000 1.05.0000.0008 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x05de0000 0x16000 1.00.0000.0003 C:\WINDOWS\system32\cgmopenbho.dll 0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll 0x01ba0000 0xf000 1.00.0000.0001 C:\WINDOWS\system32\mpvthook.dll 0x06510000 0x70a000 6.14.0010.8195 C:\WINDOWS\system32\nvcpl.dll 0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x06c20000 0x73000 6.14.0010.11010 C:\WINDOWS\system32\nvshell.dll 0x41f00000 0x7000 1.01.0000.3917 C:\WINDOWS\system32\asfsipc.dll 0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL 0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL 0x36d30000 0x1b000 11.00.8164.0000 C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 924 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x15000 4.00.0000.0680 C:\WINDOWS\system32\LMIinit.dll 0x01eb0000 0x3b000 1.07.0017.0000 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x01150000 0x14000 2.01.0003.0000 C:\WINDOWS\system32\LMIRfsClientNP.dll 0x012b0000 0x14000 C:\WINDOWS\system32\gebyxwx.dll 0x44160000 0x127000 7.00.6000.16574 C:\WINDOWS\system32\urlmon.dll 0x43e00000 0x45000 7.00.6000.16574 C:\WINDOWS\system32\iertutil.dll 0x44080000 0xcf000 7.00.6000.16574 C:\WINDOWS\system32\WININET.dll 0x01310000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est FCDA-B0EA Répertoire de C:\WINDOWS\system 27/08/1996 01:12 4 176 QTNOTIFY.EXE 1 fichier(s) 4 176 octets 0 Rép(s) 95 828 361 216 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est FCDA-B0EA Répertoire de C:\WINDOWS\system32 20/08/2004 00:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 95 828 701 184 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est FCDA-B0EA Répertoire de C:\WINDOWS\Downloaded Program Files 31/12/2007 11:47 <REP> . 31/12/2007 11:47 <REP> .. 03/12/2003 14:49 65 desktop.ini 28/04/2006 08:59 251 DownloadManagerV2.inf 20/05/2006 10:45 393 216 DownloadManagerV2.ocx 28/01/2004 16:57 232 dtc32.inf 25/07/2002 17:13 24 576 dwusplay.dll 25/07/2002 17:13 196 608 dwusplay.exe 25/06/2006 11:50 1 793 erma.inf 14/08/2007 13:02 1 588 hardwaredetection.inf 09/08/2004 05:02 327 680 isusweb.dll 29/11/2006 14:00 367 LegitCheckControl.inf 12/09/2007 09:19 71 248 LMIProxyHelper.exe 20/01/2000 14:25 1 162 Microsoft XML Parser for Java.osd 28/02/2007 20:24 361 OGAControl.inf 20/11/2007 17:02 2 721 096 RACtrl.dll 20/11/2007 17:01 663 RACtrl.inf 09/11/2006 14:36 5 019 swflash.inf 18/10/2006 19:28 461 136 wlscBase.dll 18/10/2006 19:32 320 wlscBase.inf 30/06/2003 21:41 1 689 WMV9VCM.inf 19 fichier(s) 4 209 070 octets Total des fichiers listés : 19 fichier(s) 4 209 070 octets 2 Rép(s) 95 827 337 216 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Enabled:Java Platform SE binary" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Sprite Backup for Smartphone\\SpriteService.exe"="C:\\Program Files\\Sprite Backup for Smartphone\\SpriteService.exe:*:Enabled:Sprite Backup PC Service" "C:\\Program Files\\IEPro\\MiniDM.exe"="C:\\Program Files\\IEPro\\MiniDM.exe:*:Enabled:MiniDM" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule" "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Enabled:Java Platform SE binary" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Sprite Backup for Smartphone\\SpriteService.exe"="C:\\Program Files\\Sprite Backup for Smartphone\\SpriteService.exe:*:Enabled:Sprite Backup PC Service" "C:\\Program Files\\IEPro\\MiniDM.exe"="C:\\Program Files\\IEPro\\MiniDM.exe:*:Enabled:MiniDM" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 activexupdate.com 127.0.0.1 www.activexupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 exeupdate.com 127.0.0.1 www.exeupdate.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 msupdate.net 127.0.0.1 www.msupdate.net 127.0.0.1 msupdater.net 127.0.0.1 www.msupdater.net 127.0.0.1 necessaryupdates.com 127.0.0.1 www.necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 securityupdatesite.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 systemupdates.net 127.0.0.1 www.systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 updatemysettings.com 127.0.0.1 www.updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.com 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 update.680180.net 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 panda-hq.com 127.0.0.1 www.panda-hq.com catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-04 16:56:11 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\xd8\x2022\x20ac|\xff\xff\xff\xff\22\x2022\x20ac|\xf9\x20229~\2] "C040110900063D11C8EF10054038389C"="C?\WINDOWS\system32\FM20ENU.DLL" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 220 - ashServ.exe 304 - iTunesHelper.ex 780 - OUTLOOK.EXE 896 - csrss.exe 924 - winlogon.exe 968 - services.exe 980 - lsass.exe 1044 - explorer.exe 1132 - nvsvc32.exe 1180 - svchost.exe 1196 - AppleMobileDevi 1212 - mDNSResponder.e 1248 - svchost.exe 1356 - LogMeInSystray. 1364 - MsMpEng.exe 1424 - svchost.exe 1464 - svchost.exe 1480 - RocketDock.exe 1508 - DkService.exe 1580 - HCWemmon.exe 1668 - EPGService.exe 1924 - ashDisp.exe 2152 - ctfmon.exe 2172 - svchost.exe 2224 - tbmux32.exe 2256 - searchindexer.e 2508 - searchprotocolh 2592 - GoogleToolbarNo 2828 - wcescomm.exe 2948 - ashMaiSv.exe 2972 - type32.exe 3016 - rapimgr.exe 3032 - fumoei.exe 3068 - rundll32.exe 3128 - ashWebSv.exe 3176 - rundll32.exe 3320 - iPodService.exe 3332 - cmd.exe 3408 - FAST.EXE 3424 - LVComS.exe 3580 - iexplore.exe 3724 - alg.exe 3772 - hpztsb10.exe 3788 - taskmgr.exe 3844 - DrvIcon.exe 3868 - TrueImageMonito 3876 - OSE.EXE 3884 - LastFMHelper.ex 3968 - TimounterMonito 3992 - searchfilterhos 4008 - schedhlp.exe Total number of processes = 52 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntoskrnl.exe 806FD000 - \WINDOWS\system32\hal.dll F7BA2000 - \WINDOWS\system32\KDCOM.DLL F7AB2000 - \WINDOWS\system32\BOOTVID.dll F7652000 - ACPI.sys F7BA4000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS F7641000 - pci.sys F76A2000 - isapnp.sys F76B2000 - ohci1394.sys F76C2000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS F7C6A000 - pciide.sys F7922000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS F76D2000 - MountMgr.sys F7622000 - ftdisk.sys F792A000 - PartMgr.sys F76E2000 - VolSnap.sys F760A000 - atapi.sys F76F2000 - disk.sys F7702000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F75EA000 - fltmgr.sys F75D8000 - sr.sys F7AB6000 - BsStor.sys F7712000 - PxHelp20.sys F75C6000 - TPkd.sys F75AF000 - KSecDD.sys F759C000 - WudfPf.sys F750F000 - Ntfs.sys F74E2000 - NDIS.sys F7482000 - timntr.sys F7467000 - snapman.sys F7454000 - sfvfs02.sys F7932000 - sfhlp02.sys F7442000 - sfdrv01.sys F7427000 - Mup.sys F7722000 - agp440.sys F7752000 - \SystemRoot\System32\DRIVERS\nic1394.sys F7B8A000 - \SystemRoot\system32\DRIVERS\tunmp.sys F7912000 - \SystemRoot\System32\DRIVERS\intelppm.sys F62C5000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys F62B1000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS F7B9E000 - \SystemRoot\system32\drivers\magicpvt.sys F79DA000 - \SystemRoot\System32\DRIVERS\usbuhci.sys F628E000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS F79E2000 - \SystemRoot\System32\DRIVERS\usbehci.sys F626A000 - \SystemRoot\System32\DRIVERS\EL2K_XP.sys F79EA000 - \SystemRoot\system32\DRIVERS\usbohci.sys F6259000 - \SystemRoot\System32\DRIVERS\serial.sys F7403000 - \SystemRoot\System32\DRIVERS\serenum.sys F79F2000 - \SystemRoot\System32\DRIVERS\fdc.sys F6245000 - \SystemRoot\System32\DRIVERS\parport.sys F73FF000 - \SystemRoot\System32\DRIVERS\gameenum.sys F7DA6000 - \SystemRoot\system32\drivers\msmpu401.sys F6221000 - \SystemRoot\system32\drivers\portcls.sys F6E03000 - \SystemRoot\system32\drivers\drmk.sys F61FE000 - \SystemRoot\system32\drivers\ks.sys F73FB000 - \SystemRoot\System32\Drivers\cdrbsvsd.SYS F6DF3000 - \SystemRoot\System32\DRIVERS\cdrom.sys F6DE3000 - \SystemRoot\System32\DRIVERS\redbook.sys F79FA000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys F6DD3000 - \SystemRoot\System32\DRIVERS\imapi.sys F6170000 - \SystemRoot\system32\drivers\smwdm.sys F6158000 - \SystemRoot\system32\drivers\aeaudio.sys F7DAF000 - \SystemRoot\system32\DRIVERS\lmimirr.sys F7DB0000 - \SystemRoot\System32\DRIVERS\audstub.sys F7A02000 - \SystemRoot\System32\DRIVERS\rasirda.sys F7A0A000 - \SystemRoot\System32\DRIVERS\TDI.SYS F6DC3000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F73EB000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F6141000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F6DB3000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F6DA3000 - \SystemRoot\System32\DRIVERS\raspptp.sys F6130000 - \SystemRoot\System32\DRIVERS\psched.sys F6D93000 - \SystemRoot\System32\DRIVERS\msgpc.sys F7A12000 - \SystemRoot\System32\DRIVERS\ptilink.sys F7A1A000 - \SystemRoot\System32\DRIVERS\raspti.sys F6D83000 - \SystemRoot\System32\DRIVERS\termdd.sys F7A22000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F7A2A000 - \SystemRoot\System32\DRIVERS\mouclass.sys F7C18000 - \SystemRoot\System32\DRIVERS\swenum.sys F60D7000 - \SystemRoot\System32\DRIVERS\update.sys F73E3000 - \SystemRoot\System32\DRIVERS\mssmbios.sys F6D73000 - \SystemRoot\System32\Drivers\NDProxy.SYS F7762000 - \SystemRoot\System32\DRIVERS\usbhub.sys F7C1E000 - \SystemRoot\System32\DRIVERS\USBD.SYS F7A5A000 - \SystemRoot\System32\DRIVERS\flpydisk.sys F7C34000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7C8A000 - \SystemRoot\System32\Drivers\Null.SYS F7C36000 - \SystemRoot\System32\Drivers\Beep.SYS F6CE3000 - \SystemRoot\system32\drivers\MTictwl.sys F7A6A000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS F7A72000 - \SystemRoot\System32\drivers\vga.sys F7C38000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7C3A000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F4C67000 - \SystemRoot\System32\Drivers\meiudf.sys F4C56000 - \SystemRoot\System32\Drivers\Udfs.SYS F7A7A000 - \SystemRoot\System32\Drivers\Msfs.SYS F7A82000 - \SystemRoot\System32\Drivers\Npfs.SYS F6CDB000 - \SystemRoot\System32\DRIVERS\rasacd.sys F4C43000 - \SystemRoot\System32\DRIVERS\ipsec.sys F4BEB000 - \SystemRoot\System32\DRIVERS\tcpip.sys F4BCA000 - \SystemRoot\System32\DRIVERS\ipnat.sys F66A4000 - \SystemRoot\System32\Drivers\aswTdi.SYS F6694000 - \SystemRoot\System32\DRIVERS\wanarp.sys F4BA2000 - \SystemRoot\System32\DRIVERS\netbt.sys F4B6A000 - \SystemRoot\system32\DRIVERS\tcpip6.sys F6684000 - \SystemRoot\System32\DRIVERS\arp1394.sys F4B48000 - \SystemRoot\System32\drivers\afd.sys F7A92000 - \SystemRoot\system32\drivers\ip6fw.sys F6674000 - \SystemRoot\System32\DRIVERS\netbios.sys F4B1D000 - \SystemRoot\System32\DRIVERS\rdbss.sys F4AAE000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys F6634000 - \SystemRoot\System32\Drivers\Fips.SYS F7AA2000 - \SystemRoot\System32\Drivers\Aavmker4.SYS F7AAA000 - \SystemRoot\System32\DRIVERS\usbccgp.sys F60B7000 - \SystemRoot\system32\DRIVERS\hidusb.sys F77E2000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS F77F2000 - \SystemRoot\system32\DRIVERS\LVCE.sys F497F000 - \SystemRoot\system32\DRIVERS\LVCam2.dll F4916000 - \SystemRoot\system32\DRIVERS\LVCodek2.dll F7802000 - \SystemRoot\system32\DRIVERS\STREAM.SYS F7822000 - \SystemRoot\system32\drivers\lvsound2.sys F609F000 - \SystemRoot\system32\DRIVERS\kbdhid.sys F6097000 - \SystemRoot\System32\DRIVERS\mouhid.sys F7972000 - \SystemRoot\System32\DRIVERS\usbprint.sys F37DC000 - \SystemRoot\System32\Drivers\dump_atapi.sys F7C60000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F47E9000 - \SystemRoot\System32\drivers\Dxapi.sys F49E8000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys F7CC3000 - \SystemRoot\System32\drivers\dxgthk.sys BF026000 - \SystemRoot\System32\nv4_disp.dll BF012000 - \SystemRoot\System32\sam_nv4_disp.dll BFFA0000 - \SystemRoot\System32\ATMFD.DLL F49E0000 - \SystemRoot\system32\DRIVERS\tifsfilt.sys BA4D2000 - \SystemRoot\system32\DRIVERS\irda.sys BA574000 - \SystemRoot\system32\DRIVERS\mdc8021x.sys BA570000 - \SystemRoot\System32\DRIVERS\ndisuio.sys BA3A4000 - \SystemRoot\System32\Drivers\aswMon2.SYS BA10F000 - \SystemRoot\system32\drivers\wdmaud.sys BA1C4000 - \SystemRoot\system32\drivers\sysaudio.sys B9FC5000 - \SystemRoot\System32\DRIVERS\mrxdav.sys F7C5C000 - \SystemRoot\System32\Drivers\ParVdm.SYS B9E94000 - \SystemRoot\System32\Drivers\HTTP.sys BA052000 - \SystemRoot\System32\DRIVERS\ipfltdrv.sys F7BAE000 - \??\C:\Program Files\LogMeIn\x86\RaInfo.sys BA184000 - \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys B9DF2000 - \SystemRoot\System32\DRIVERS\srv.sys B9F55000 - \SystemRoot\System32\DRIVERS\secdrv.sys B9B9A000 - \SystemRoot\System32\Drivers\aswRdr.SYS B8241000 - \SystemRoot\system32\drivers\kmixer.sys BA394000 - \SystemRoot\System32\DRIVERS\asyncmac.sys F7DEE000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 153 Liste des programmes installes 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 32nd America's Cup - Demo 0.2.0.0 Acronis True Image Home Adaptateur USB-IrDA Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge 1.0 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color Common Settings Adobe Color EU Recommended Settings Adobe Color JA Extra Settings Adobe Color NA Extra Settings Adobe Common File Installer Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe ExtendScript Toolkit 2 Adobe Flash Player ActiveX Adobe Fonts All Adobe Help Center 1.0 Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Photoshop CS3 Adobe Photoshop Elements 2.0 Adobe Reader 8.1.1 - Français Adobe Setup Adobe Setup Adobe Setup Adobe Shockwave Player Adobe Stock Photos 1.0 Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 Album Cover Art Downloader 1.6.0 Allway Sync version 6.1.6 Apple Mobile Device Support Apple Software Update Archiveur WinRAR Assistant de connexion Windows Live Audacity 1.2.6 AutoUpdate AV Album Art Fixer for MCE and WMP avast! Antivirus AVIcodec (remove only) Band-in-a-Box 2005: Support de langue français Canon Camera Access Library Canon Camera Support Core Library Canon Camera WIA Driver Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon Camera Window DC_DV 6 for ZoomBrowser EX Canon Camera Window MC 6 for ZoomBrowser EX Canon EOS Kiss_N REBEL_XT 350D Pilote WIA Canon G.726 WMP-Decoder CANON iMAGE GATEWAY Task Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon PhotoRecord Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.0 Canon Utilities EOS Capture 1.5 Canon Utilities EOS Utility Canon Utilities ZoomBrowser EX CartoExploreur CCleaner (remove only) CD Art Display RC 6 CodeStuff Starter Conseiller de mise à niveau Windows Vista dBpoweramp [Calculate Audio CRC] Codec dBpoweramp FLAC Codec dBpoweramp m4a Codec dBpoweramp Monkeys Audio Codec dBpoweramp Mp2 and BwfMp2 codec dBpoweramp mp3 (Fraunhofer IIS) Codec dBpoweramp Musepack Codec dBpoweramp Music Converter dBpoweramp Ogg Vorbis Codec dBpoweramp WavPack Codec dBpoweramp Windows Media Audio 10 Codec dBpowerAMP Windows Media Audio 9 Codec Diskeeper Professional Premier Edition Dragon NaturallySpeaking 8 DxO Optics Pro import plugin DxO Optics Pro v3.5a e-COMO EasyCleaner eMule EnveloppesEditor1.09 EOS Capture 1.5 ETK (Lokal) ExposurePlot 1.10 Eye On Network (désinstallation) ffdshow (remove only) FileZilla Client 3.0.2.1 FlyakiteOSX Free Download Manager 2.5 Free Mp3 Wma Converter V 1.5.1 FUJIFILM USB Driver Galerie de photos Windows Live Gaston GNU Solfege 3.8.1 Google Earth Google Toolbar for Internet Explorer Guitar Pro 5.0 Harmony Assistant Hauppauge French Help Files and Resources Hauppauge WinTV Hauppauge WinTV DVB-T EPG Service Hauppauge WinTV Infrared Remote Hauppauge WinTV Scheduler Hauppauge WinTV Soft PVR HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.0 (KB932471) HP Deskjet 5700 HP Photo and Imaging 2.2 - Scanjet 3970 Series HP Software Update IE7Pro IMG-TXT 5 inook2008 Screen Saver InterVideo FilterSDK for Hauppauge iPod for Windows 2006-03-23 iPod for Windows 2006-03-23 ITEDO IsoView ActiveX Control 3.0 iTunes iTunes Art Importer J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 J2SE Runtime Environment 5.0 Update 6 JAlbum 7.0 Java 2 Runtime Environment, SE v1.4.0_03 Java 6 Update 2 Java 6 Update 3 Java SE Runtime Environment 6 Update 1 KaraFun 1.17 KC Softwares AudioGrail KC Softwares IDPhotoStudio KeePass Password Safe 1.08 Last.fm 1.4.2.59470 Lecteur Windows Media 11 Logitech ImageStudio LogMeIn Ma-Config.com plugin MagicRotation Media Player Classic fr Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 2.0 Service Pack 1 Microsoft .NET Framework 3.0 French Language Pack Microsoft .NET Framework 3.0 Service Pack 1 Microsoft ActiveSync 4.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Data Access Components KB870669 Microsoft IntelliType Pro 5.2 Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.1 Microsoft LifeChat Microsoft National Language Support Downlevel APIs Microsoft Office Access MUI (French) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office Language Pack 2007 Service Pack 1 (SP1) Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Photo Info Microsoft RAW Image Thumbnailer and Viewer for Windows XP Version 1.0 (Build 50) Microsoft Reader Microsoft Reader Text-to-Speech pour le français Microsoft Software Update for Web Folders (French) 12 Microsoft Speech Recognition Engine 4.0 (English) Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.5 MidiScan v2.5.1 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 MP3 Update Mp3tag v2.38a MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 Parser and SDK MSXML 6.0 Parser (KB933579) MT4.0 Musicalis Natural Color Nero 7 Demo Nimo Codecs Pack v5.0 (Remove Only) Nokia Connectivity Cable Driver Nokia PC Suite Nokia PC Suite Nokia Software Updater NuonSoft ShellEnhancer 3.0 NVIDIA Drivers Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1) Partition deLuxe Partition Suite PC Connectivity Solution PDF Settings PG Music DirectX Plugins 1.3.4.1 Pilote du DVD-RAM PowerDVD Powertoys FR Pour Windows XP QuickTime RamBoost XP 4.0.6 RealSpeak Solo pour la voix francaise Virginie RocketDock 1.3.5 Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) ShareIns Skype™ 3.6 Solfegis 2.0 SoundMAX Spelling Check Dictionary From OpenOffice.org Spelling Dictionaries Support For Adobe Reader 8 Sprite Backup for Smartphone Spybot - Search & Destroy StartClock 3.2 The Panorama Factory V4 Legacy Edition Thoosje Quick Xp Optimizer Installer V2 Thoosje Sidebar V2.3 Thoosje Vista Sidebar v1.7.8 Tomb Raider: Anniversary Demo 1.0 TomTom HOME TomTom HOME TrackMania Nations ESWC 0.1.7.5 TrackMania Sunrise Extreme Demo 1.5.0 Tweak-XP Pro 4 UltraBackup 4.25 UltraISO 8.0 Premium Edition Update for Outlook 2007 Junk Email Filter (kb943597) UpdateStar Virtual Skipper 4 Demo 1.5.5 VistaBootPRO 3.1 VNC Enterprise Edition E4.2.8 VTPlus32 pour WinTV (French) WebFldrs XP Windows Communication Foundation Language Pack - FRA Windows Defender Windows Defender Signatures Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) Windows Driver Package - Nokia Modem (02/15/2007 3.1) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Installer Clean Up Windows Internet Explorer 7 Windows Live installer Windows Live Messenger Windows Live Safety Scanner Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Presentation Foundation Windows Presentation Foundation Language Pack (FRA) Windows Workflow Foundation FR Language Pack Windows XP Service Pack 2 WinISO 5.3 XML Paper Specification Shared Components Language Pack 1.0 XML Paper Specification Shared Components Pack 1.0 xp-AntiSpy 3.95-1 XviD Video Codec 14052003-1 (Koepi's developer build) Yahoo! Install Manager Yahoo! Widgets Zeb-Utility 2.1 Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est FCDA-B0EA Répertoire de C:\Program Files 04/02/2008 09:27 <REP> . 04/02/2008 09:27 <REP> .. 20/10/2007 09:32 <REP> 32nd America's Cup - Demo 20/10/2007 09:32 <REP> Acronis 25/09/2007 16:21 <REP> Adobe 16/07/2007 16:34 <REP> Album Cover Art Downloader 14/07/2007 12:24 <REP> Allway Sync 12/04/2006 08:25 <REP> Alwil Software 20/10/2007 09:32 <REP> Analog Devices 19/09/2007 09:31 <REP> Apple Software Update 24/09/2006 12:26 <REP> Astase 06/10/2007 11:06 <REP> Audacity 16/07/2007 16:42 <REP> AV Soft 20/10/2007 09:32 <REP> AVIcodec 21/01/2008 16:44 <REP> BIAB 20/06/2007 15:45 <REP> BobTheque 25/09/2007 16:05 <REP> Bonjour 14/07/2007 12:24 <REP> Bootvis 14/01/2008 12:52 <REP> BorderMaker 15/12/2005 19:15 <REP> B's Recorder GOLD5 16/04/2007 04:59 <REP> Canon 05/01/2007 17:13 <REP> CartoExploreur 11/09/2007 18:27 <REP> CCleaner 18/07/2007 07:22 <REP> CD Art Display 11/10/2006 09:26 <REP> ChangeIcon 29/10/2007 08:46 <REP> CodeStuff 10/11/2007 16:17 <REP> ColiPoste 10/10/2004 15:13 <REP> Common Files 03/12/2003 15:28 <REP> CyberLink 09/05/2007 12:47 <REP> DeskPhoto 02/07/2007 08:18 <REP> DIFX 15/12/2005 22:21 <REP> Diskeeper Corporation 20/10/2007 09:32 <REP> DivX 24/03/2007 12:29 <REP> DSpeech 20/10/2007 09:32 <REP> DVD-RAM 06/05/2007 15:47 <REP> DxO Labs 25/09/2007 08:25 <REP> Eggiz 12/05/2007 20:19 <REP> ElcomSoft 20/10/2007 09:32 <REP> eMule 20/10/2007 09:32 <REP> EnveloppesEditor 05/09/2006 08:06 <REP> ExposurePlot 09/11/2006 08:44 <REP> Eye On Network 28/01/2008 16:46 <REP> Fichiers communs 20/10/2007 09:32 <REP> FileZilla Client 07/08/2006 20:36 <REP> Finale 2006 07/08/2006 20:35 <REP> Finale NotePad 2005a 07/08/2006 20:36 <REP> Finale Performance Assessment 07/01/2007 18:53 <REP> Free Audio Pack 06/11/2007 09:11 <REP> Free Download Manager 29/06/2007 07:44 <REP> Gaston 14/07/2007 12:36 <REP> GetRight 17/07/2007 10:06 <REP> GNU Solfege 30/05/2007 05:43 <REP> Google 04/02/2008 09:27 <REP> Grisoft 20/10/2007 09:32 <REP> Guitar Pro 5 28/01/2008 12:04 <REP> Guitools 14/07/2007 12:24 <REP> Harmony Assistant 11/06/2007 14:03 <REP> Hewlett-Packard 11/06/2007 13:14 <REP> HP 05/01/2008 09:36 <REP> IE7Pro 14/01/2008 11:53 <REP> IEPro 14/07/2007 12:05 <REP> Illustrate 27/03/2007 19:28 <REP> IMG-TXT 5 03/12/2003 15:06 <REP> Intel 12/12/2007 11:01 <REP> Internet Explorer 06/11/2007 09:53 <REP> iPod 20/10/2006 19:53 <REP> ITEDO Software 06/11/2007 09:53 <REP> iTunes 19/07/2007 05:29 <REP> iTunes Art Importer 26/02/2007 13:54 <REP> JAlbum 26/02/2007 13:56 <REP> JAlbum7.0 19/10/2007 16:12 <REP> Java 23/09/2007 13:05 <REP> KaraFun 25/08/2007 15:52 <REP> KC Softwares 13/09/2007 11:34 <REP> KeePass Password Safe 11/01/2008 14:35 <REP> Last.fm 04/11/2006 11:11 <REP> Lavalys Everest Ultimate Edition 15/01/2006 17:46 <REP> Logitech 26/12/2007 08:33 <REP> LogMeIn 26/09/2007 09:20 <REP> ma-config.com 28/12/2007 09:41 <REP> MagicRotation 09/11/2006 11:34 <REP> Media Player Classic 03/12/2003 15:42 <REP> Mediostream 08/03/2006 15:59 <REP> Messenger 23/12/2007 20:30 <REP> Messenger Plus! Live 20/09/2007 08:23 <REP> Microsoft ActiveSync 14/03/2006 10:50 <REP> Microsoft AntiSpyware 09/05/2007 08:04 <REP> Microsoft CAPICOM 2.1.0.2 08/12/2003 15:22 <REP> microsoft frontpage 11/03/2005 20:21 <REP> Microsoft IntelliType Pro 19/05/2007 07:52 <REP> Microsoft LifeChat 25/09/2007 14:35 <REP> Microsoft Office 09/01/2006 15:48 <REP> Microsoft Reader 16/11/2007 20:21 <REP> Microsoft SQL Server Compact Edition 25/09/2007 14:35 <REP> Microsoft Visual Studio 25/09/2007 14:31 <REP> Microsoft Visual Studio 8 10/03/2007 11:10 <REP> Microsoft Windows Vista Upgrade Advisor 25/09/2007 14:36 <REP> Microsoft Works 10/03/2007 13:20 <REP> Microsoft.NET 31/03/2006 07:41 <REP> Monte Cristo 28/04/2007 07:24 <REP> Movie Maker 26/06/2007 10:45 <REP> MP3 Update 01/10/2007 14:34 <REP> MP3Gain 16/07/2007 16:39 <REP> Mp3tag 16/12/2005 10:43 <REP> mpc_xp_6.4.8.7_fr 25/09/2007 14:35 <REP> MSBuild 03/12/2003 14:46 <REP> MSN Gaming Zone 31/12/2007 13:15 <REP> MSN Password Recovery 13/10/2006 13:14 <REP> MSXML 4.0 09/05/2007 09:05 <REP> MSXML 6.0 21/05/2006 15:18 <REP> Musicalis 20/12/2005 09:33 <REP> Nero 30/09/2004 02:57 <REP> NetMeeting 21/08/2006 20:51 <REP> NimoCodec Pack 02/07/2007 08:36 <REP> Nokia 24/12/2003 18:30 <REP> Nullsoft 18/06/2007 17:46 <REP> NuonSoft 06/04/2007 16:58 <REP> ObjectDock 08/09/2006 11:35 <REP> OfficeUpdate11 14/06/2007 10:18 <REP> Outlook Express 12/05/2007 20:00 <REP> Passware 02/07/2007 08:18 <REP> PC Connectivity Solution 26/06/2007 10:32 <REP> PeerTV 10/10/2007 10:25 <REP> pese_courrier 31/12/2007 10:20 <REP> Philips ToUcam Camera 16/10/2007 11:21 <REP> Poster Forge 23/09/2007 15:11 <REP> PowerTracks DirectX Plugins 02/04/2007 17:58 <REP> Pro Imaging Powertoys 07/04/2007 14:18 <REP> PROnetworks 16/10/2007 11:25 <REP> ProPoster 02/05/2007 07:27 <REP> PSCS2 09/08/2006 18:38 <REP> PTLens 25/09/2007 08:30 <REP> Qliner Hotkeys 06/11/2007 09:52 <REP> QuickTime 31/10/2007 11:26 <REP> RamBoost XP 14/06/2007 16:38 <REP> RealVNC 07/04/2007 08:18 <REP> Reference Assemblies 10/08/2006 04:37 <REP> REGSHAVE 06/04/2007 16:58 <REP> RK Launcher 06/04/2007 17:58 <REP> rk-launcher_rk_launcher_0.4_francais_14854 16/10/2007 10:34 <REP> RocketDock 10/01/2006 17:57 <REP> Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g 31/03/2007 07:52 <REP> Scanner 25/09/2007 08:28 <REP> ScanSoft 28/04/2007 07:22 <REP> SearchSpy 28/12/2007 09:39 <REP> SEC 23/05/2007 08:29 <REP> Skype 07/08/2006 20:38 <REP> SmartMusic Applications 10/08/2006 06:13 <REP> Smoky City Design 09/07/2007 08:57 <REP> Sprite Backup for Smartphone 11/01/2008 14:15 <REP> Spybot - Search & Destroy 07/11/2007 08:33 <REP> StartClock 17/12/2005 19:35 <REP> StartupCPL_EXE 13/10/2006 15:37 <REP> Tcpview 19/07/2007 05:23 <REP> The GodFather 15/01/2008 13:58 <REP> Thoosje 22/01/2008 13:47 <REP> Thoosje Sidebar V2.3 27/02/2007 16:14 <REP> Thoosje Vista Sidebar v1.7.8 26/05/2007 09:13 <REP> Tomb Raider - Anniversary Demo 05/11/2007 13:54 <REP> TomTom HOME 05/11/2007 13:54 <REP> TomTom HOME 2 16/12/2005 12:32 <REP> ToniArts 06/04/2007 19:49 <REP> TopDesk Trial 31/01/2006 15:56 <REP> TrackMania Nations ESWC 16/12/2005 19:43 <REP> TrackMania Sunrise Extreme Demo 04/02/2008 08:42 <REP> Trend Micro 03/02/2008 19:22 <REP> Tweak-XP Pro 4 24/05/2007 16:40 <REP> UltraISO 30/10/2007 18:05 <REP> vdownloader 16/12/2005 14:40 <REP> Virtual Skipper 4 Demo 24/08/2007 18:22 <REP> VistaDriveIcon 29/04/2007 07:29 <REP> VisualTooltip22 25/08/2007 08:25 <REP> Volumouse 28/01/2008 16:46 <REP> vtplus 28/12/2005 13:50 <REP> Wanadoo 06/09/2007 15:02 <REP> WhereIsIt 13/03/2007 09:56 <REP> Windows Defender 16/04/2007 05:36 <REP> Windows Desktop Search 16/06/2006 07:02 <REP> Windows Installer Clean Up 16/11/2007 20:22 <REP> Windows Live 09/11/2006 18:01 <REP> Windows Live Safety Center 15/01/2006 17:52 <REP> Windows Media Components 28/04/2007 07:24 <REP> Windows Media Connect 2 11/12/2007 12:52 <REP> Windows Media Player 28/04/2007 07:24 <REP> Windows NT 21/08/2006 20:51 <REP> WinISO 15/12/2005 21:22 <REP> WinRAR 06/04/2007 16:58 <REP> WinRoll 04/02/2008 09:44 <REP> WinTV 03/12/2003 14:50 <REP> xerox 09/01/2006 15:51 <REP> xp-AntiSpy 21/08/2006 20:51 <REP> XviD 24/12/2007 17:57 <REP> Yahoo! 06/04/2007 16:58 <REP> YzShadow 07/05/2007 14:27 <REP> Zeb-Utility 0 fichier(s) 0 octets 195 Rép(s) 95 826 882 560 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est FCDA-B0EA Répertoire de C:\Program Files\fichiers communs 28/01/2008 16:46 <REP> . 28/01/2008 16:46 <REP> .. 13/10/2007 06:13 <REP> Acronis 25/09/2007 16:05 <REP> Adobe 09/08/2006 19:28 <REP> Adobe Systems Shared 20/12/2005 09:36 <REP> Ahead 24/12/2003 18:29 <REP> AOL 24/12/2003 18:30 <REP> aolback 13/07/2007 09:41 <REP> Apple 16/04/2007 04:57 <REP> Canon 10/03/2007 13:20 <REP> DESIGNER 24/05/2007 16:38 <REP> EZB Systems 10/08/2005 16:35 <REP> Hewlett-Packard 21/05/2007 11:38 <REP> InstallShield 28/01/2008 16:46 <REP> IviSDK 09/08/2006 20:10 <REP> Java 09/01/2006 15:49 <REP> L&H 15/01/2006 17:50 <REP> Logitech 25/09/2007 15:52 <REP> Macrovision Shared 19/12/2007 15:52 <REP> Microsoft Shared 03/12/2003 14:47 <REP> MSSoap 09/08/2006 18:35 <REP> Nikon 02/07/2007 08:36 <REP> Nokia 03/12/2003 14:41 <REP> ODBC 06/05/2007 15:55 <REP> PACE Anti-Piracy 02/07/2007 08:18 <REP> PCSuite 06/03/2004 15:33 <REP> Real 21/05/2007 11:38 <REP> scansoft shared 03/12/2003 14:48 <REP> Services 03/12/2003 14:41 <REP> SpeechEngines 02/11/2006 18:22 <REP> SWF Studio 14/06/2007 10:18 <REP> System 0 fichier(s) 0 octets 32 Rép(s) 95 826 886 656 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est FCDA-B0EA Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 19/12/2007 15:55 <REP> . 19/12/2007 15:55 <REP> .. 15/12/2005 23:03 <REP> 1033 25/09/2007 14:41 <REP> 1036 28/08/2007 23:55 973 168 MSONSEXT.DLL 26/10/2006 19:12 40 256 MSOSV.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 07/03/2001 09:00 127 033 MSOWS40c.DLL 11/07/2003 02:25 80 448 PKMWS.DLL 18/03/1999 05:37 593 977 RAGENT.DLL 6 fichier(s) 1 937 819 octets 4 Rép(s) 95 826 886 656 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est FCDA-B0EA Répertoire de C:\Program Files\common files 10/10/2004 15:13 <REP> . 10/10/2004 15:13 <REP> .. 10/10/2004 15:13 <REP> Microsoft Shared 03/08/2004 13:17 <REP> System 0 fichier(s) 0 octets 4 Rép(s) 95 826 886 656 octets libres c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre_web.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe c:\Documents and Settings\All Users\Application Data\Last.fm\Client\UninstITW\unins000.exe c:\Documents and Settings\All Users\Application Data\Last.fm\Client\UninstWMP\unins000.exe c:\Documents and Settings\Propritaire\Local Settings\Temp\photoshop9-fr_FR-RET\Photoshop_902_Update\setup.exe c:\Documents and Settings\Propriétaire\Application Data\IE7pro\prosetup.exe c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{121634B0-2F4A-11D3-ADA3-00C04F52DD53}\Icon386ED4E3.exe c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{1A7F7794-22CF-4F40-B210-F990F0B58199}\UpdateStar.exe c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{2E5A5B57-57FC-4C79-A239-9DB280ADEC2A}\ARPPRODUCTICON.exe c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\ARPPRODUCTICON.exe c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe c:\Documents and Settings\Propriétaire\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\Propriétaire\Application Data\UpdateStar\UpdateStar.exe c:\Documents and Settings\Propriétaire\Bureau\hijackthis_hijackthis_2.02_anglais_17891.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\gzip.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\md5sums.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\sigcheck.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\Propriétaire\Bureau\DiagHelp\DiagHelp\tar.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\CANON_INC\EOS_Utility.exe_StrongName_muhfu2gnawkmjd0qlpv1espmrau2qmqw c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Eggiz\Meteo_Fusion.exe_Url_5cmoxx1fd5gueyccpshzf1q3h23ui3c2 c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer1336\Setup.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer1336\redist\WindowsInstaller-KB893803-v2-x86.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer1336\redist\WindowsServer2003-KB898715-ia64-enu.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer1336\redist\WindowsServer2003-KB898715-x64-enu.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer1336\redist\WindowsServer2003-KB898715-x86-enu.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer1336\redist\WindowsXP-KB898715-x64-enu.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer3068\Setup.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer3068\redist\WindowsInstaller-KB893803-v2-x86.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer3068\redist\WindowsServer2003-KB898715-ia64-enu.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer3068\redist\WindowsServer2003-KB898715-x64-enu.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer3068\redist\WindowsServer2003-KB898715-x86-enu.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Installer3068\redist\WindowsXP-KB898715-x64-enu.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Last.fm\Client\Updaterd.exe c:\Documents and Settings\Propriétaire\Local Settings\Application Data\Yahoo\Widget Engine\Widget Data\Neon Gauges\treeinfo.exe c:\Documents and Settings\Propriétaire\Local Settings\Temp\eraseme_83040.exe c:\Documents and Settings\Propriétaire\Local Settings\Temp\Setup + Patch.exe c:\Documents and Settings\Propriétaire\Local Settings\Temp\temp_01.exe c:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\6HOWPIJW\avgas-setup-7.5.1.43[1].exe c:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9VS3TXKL\HJTInstall[1].exe c:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9VS3TXKL\is151383[1].exe c:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\PAQCT8R4\SexClean4[1].exe c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Default\MpEngine.dll c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{AEEA6ADD-55DE-4C60-BE02-DBACB8B4E1BB}\mpengine.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\Propriétaire\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\Propriétaire\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\Propriétaire\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Clock\tool.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Hotkeys\tool.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Jaggle\tool.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Screenshots\Screenshots.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Screenshots\tool.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Shell\Interop.Shell32.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Shell\ShellTool.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Shell\tool.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Volume\tool.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Zip\tool.dll c:\Documents and Settings\Propriétaire\Application Data\qliner\hotkeys\Zip\Zip.dll c:\Documents and Settings\Propriétaire\Application Data\TaoUSign\jseccapi.dll c:\Documents and Settings\Propriétaire\Application Data\UpdateStar\libeay32.dll c:\Documents and Settings\Propriétaire\Application Data\UpdateStar\msvcr80.dll c:\Documents and Settings\Propriétaire\Application Data\UpdateStar\ssleay32.dll c:\Documents and Settings\Propriétaire\Application Data\UpdateStar\ustarrs.dll c:\Documents and Settings\Propriétaire\Local Settings\Application Data\assembly\dl3\QYYCXYQN.H08\XY62ACG5.LCL\40cd510d\ec82373d_1e8fc701\ShellTool.DLL c:\Documents and Settings\Propriétaire\Local Settings\Application Data\assembly\dl3\QYYCXYQN.H08\XY62ACG5.LCL\85250ea3\de5b303d_1e8fc701\Interop.Shell32.DLL c:\Documents and Settings\Propriétaire\Local Settings\Application Data\assembly\dl3\QYYCXYQN.H08\XY62ACG5.LCL\ec5028d5\a0473c3d_1e8fc701\tool.DLL c:\Documents and Settings\Propriétaire\Local Settings\Application Data\assembly\dl3\QYYCXYQN.H08\XY62ACG5.LCL\f80ac941\d6ac003d_1e8fc701\tool.DLL c:\Documents and Settings\Propriétaire\Local Settings\Application Data\assembly\dl3\QYYCXYQN.H08\XY62ACG5.LCL\ff6a5ab3\46e5393d_1e8fc701\tool.DLL ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_NEWBOY.tar.gz a l'adresse http://upload.malekal.com
  2. archels
    J'ai collé la totalité du fichier qui s'est créé et qui se nomme catchme.log Ou je le trouve le rapport de DiagHelp ?
  3. archels
    catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-04 13:08:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\xd8\x2022\x20ac|\xff\xff\xff\xff\22\x2022\x20ac|\xf9\x20229~\2] "C040110900063D11C8EF10054038389C"="C?\WINDOWS\system32\FM20ENU.DLL" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0
  4. archels
    Voila le log : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:48:21, on 04/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\BMWgroup\ETKLokal\transbase\tbmux32.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\fast.exe C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\VistaDriveIcon\DrvIcon.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\WINDOWS\HCWemmon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Free Download Manager\FUM\fumoei.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Last.fm\LastFMHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [backgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\system32\fast.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [NuonSoft ShellEnhancer StartupHelper] C:\Program Files\NuonSoft\ShellEnhancer\StartupHelper.exe O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\VistaDriveIcon\DrvIcon.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [HCWemmon] HCWemmon.exe O4 - HKLM\..\Run: [WinCast] E:\cdsetup\setup.exe -lfra O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinPrint.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Gestionnaire de tâches.lnk = C:\WINDOWS\system32\taskmgr.exe O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir avec GetRight - C:\Program Files\GetRight\GRbrowse.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télecharger avec GetRight - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_FR_XP.cab O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (Contrôleur de DownloadManager) - http://dlmanager.akamaitools.com.edgesuite...vex-2.0.6.0.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwared...ion_2_0_4_9.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Transbase - Transaction Software, D 81737 Munich - C:\BMWgroup\ETKLokal\transbase\tbmux32.exe O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- End of file - 13815 bytes
  5. archels
    Bonjour à tous, mon avast a détecté plusieurs fichiers infestés par le trojan Win32:TratBHO. Malgré leur suppression ils réapparaissent au redémarrage suivant. Quelqu'un pourrait-il m'aider à résoudre mon problème ?
×
×
  • Créer...