Aller au contenu

kronos

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par kronos

  1. kronos

    help :s

    kronos a répondu à un(e) sujet de kronos dans Analyses et éradication malwares

    ok no prob j'ai posté sur les 2 forums parce que j'étais pressé d'avoir une réponse désolé pour le dérangement...
  2. kronos

    help :s

    kronos a répondu à un(e) sujet de kronos dans Analyses et éradication malwares

    Non je n'ai pas ce genre de message d'erreur sinon voilà le rapport : Malwarebytes' Anti-Malware 1.25 Version de la base de données: 1076 Windows 5.1.2600 Service Pack 2 22:34:12 21/08/2008 mbam-log-08-21-2008 (22-34-12).txt Type de recherche: Examen rapide Eléments examinés: 45331 Temps écoulé: 3 minute(s), 23 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  3. kronos

    help :s

    kronos a répondu à un(e) sujet de kronos dans Analyses et éradication malwares

    merci pour ta réponse, mais j'ai oublié de préciser... le mode sans échec n'a plus l'air de marcher -_- pour en revenir à la fenêtre bleu du plantage, la même fenêtre s'affichait une fois quand j'avais installé un programme, des amis l'utilisaient aussi mais pour eux aucun problème, par contre chez moi ça faisait planter le pc toute les 10 minutes...
  4. kronos
    Bonjour, J'ai téléchargé il y a quelques heures un fichier qui contenait un malware, mon fond d'écran s'est changé tout seul et affichait une image qui disait en gros: Your computer is infected! Windows has detected spyware infection! ... J'ai entre temps pu supprimer le fichier qui je pense causait ce problème car le fond d'écran ne bouge plus mais j'ai depuis eu quelques plantages, une fenêtre bleu s'affichait qui disait en gros que windows s'était éteind pour éviter certains problème... J'ai suivi la procédure décrite sur le site FuturaScience : Lancement d'ATF Cleaner, DiagHelp puis HijackThis Ci-joints les deux rapports DiagHelp et HijackThis. Merci d'avance pour votre aide. Rapport de diaghelp DiagHelp version v1.4 - http://www.malekal.com excute le 21/08/2008 à 2:05:23,01 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->21/08/2008 02:04:59 C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->21/08/2008 02:04:57 C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->21/08/2008 02:04:39 C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->21/08/2008 02:03:59 C:\WINDOWS\prefetch\layout.ini -->21/08/2008 01:10:07 C:\WINDOWS\System32\drivers\PnkBstrK.sys -->20/08/2008 00:10:15 C:\WINDOWS\System32\drivers\L6PODLV.sys -->22/03/2008 00:01:20 C:\WINDOWS\System32\drivers\l6dp.sys -->22/03/2008 00:01:20 C:\WINDOWS\System32\drivers\nv4_mini.sys -->05/12/2007 02:41:00 C:\WINDOWS\System32\drivers\scdemu.sys -->07/08/2007 02:15:07 C:\WINDOWS\System32\drivers\AvgAsCln.sys -->30/05/2007 14:10:42 C:\WINDOWS\System32\drivers\hamachi.sys -->18/04/2007 16:59:06 C:\WINDOWS\System32\PnkBstrB.exe -->21/08/2008 00:02:58 C:\WINDOWS\System32\PnkBstrA.exe -->21/08/2008 00:02:58 C:\WINDOWS\System32\pbsvc.exe -->21/08/2008 00:02:54 C:\WINDOWS\System32\blphcc7bj0el8v.scr -->20/08/2008 23:36:29 C:\WINDOWS\System32\phcc7bj0el8v.bmp -->20/08/2008 23:36:27 C:\WINDOWS\System32\wpa.dbl -->20/08/2008 23:30:08 C:\WINDOWS\System32\xfcodec.dll -->13/08/2008 00:08:56 C:\WINDOWS\System32\jupdate-1.6.0_07-b06.log -->12/08/2008 00:53:48 C:\WINDOWS\System32\javaws.exe -->10/06/2008 02:32:34 C:\WINDOWS\System32\javacpl.cpl -->10/06/2008 02:32:34 C:\WINDOWS\System32\javaw.exe -->10/06/2008 01:21:04 C:\WINDOWS\System32\java.exe -->10/06/2008 01:21:01 C:\WINDOWS\System32\FNTCACHE.DAT -->13/05/2008 18:26:13 C:\WINDOWS\System32\jupdate-1.6.0_05-b13.log -->02/05/2008 13:06:52 C:\WINDOWS\System32\SIntfNT.dll -->26/04/2008 23:06:17 C:\WINDOWS\System32\SIntf32.dll -->26/04/2008 23:06:17 C:\WINDOWS\System32\SIntf16.dll -->26/04/2008 23:06:16 C:\WINDOWS\System32\jupdate-1.5.0_04-b05.log -->22/04/2008 23:56:43 C:\WINDOWS\System32\lvcoinst.log -->17/04/2008 22:56:40 C:\WINDOWS\System32\nscompat.tlb -->05/04/2008 16:18:33 C:\WINDOWS\System32\amcompat.tlb -->05/04/2008 16:18:33 C:\WINDOWS\System32\w95inf32.dll -->05/04/2008 16:18:24 C:\WINDOWS\System32\w95inf16.dll -->05/04/2008 16:18:24 C:\WINDOWS\System32\L6DriverControlPanel.cpl -->02/04/2008 23:16:54 C:\WINDOWS\System32\PerfStringBackup.INI -->30/03/2008 14:31:24 C:\WINDOWS\WindowsUpdate.log -->21/08/2008 01:57:59 C:\WINDOWS\0.log -->21/08/2008 01:57:59 C:\WINDOWS\wiaservc.log -->21/08/2008 01:57:57 C:\WINDOWS\wiadebug.log -->21/08/2008 01:57:56 C:\WINDOWS\QTFont.qfn -->21/08/2008 01:57:45 C:\WINDOWS\bootstat.dat -->21/08/2008 01:57:38 C:\WINDOWS\SchedLgU.Txt -->21/08/2008 01:56:39 C:\WINDOWS\NeroDigital.ini -->20/08/2008 23:40:38 C:\WINDOWS\randseed.rnd -->20/08/2008 22:38:34 C:\WINDOWS\win.ini -->23/06/2008 22:24:21 C:\WINDOWS\SIERRA.INI -->01/05/2008 13:32:26 C:\WINDOWS\GearBox.ini -->23/04/2008 00:17:36 C:\WINDOWS\mozver.dat -->19/02/2008 18:46:58 C:\WINDOWS\dxva_sig.txt -->14/02/2008 03:16:02 C:\WINDOWS\nsreg.dat -->06/02/2008 21:42:09 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - http://www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1936 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x01520000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll 0x10000000 0x6000 7.02.0000.0157 C:\DOCUME~1\kronos\LOCALS~1\Temp\IadHide5.dll 0x01920000 0x19000 C:\Program Files\eylqvab\ActMntCmd.dll 0x37000000 0x13000 8.00.0000.0448 C:\WINDOWS\system32\EntApi.dll 0x017f0000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL 0x02200000 0x2a000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll 0x183b0000 0x7000 8.00.0000.0912 C:\Program Files\Network Associates\VirusScan\shext.dll 0x192f0000 0x3000 8.00.0000.0912 C:\Program Files\Network Associates\VirusScan\RES0c\ShExtRes.dll 0x01110000 0x6000 C:\Program Files\Unlocker\UnlockerCOM.dll 0x02230000 0x37000 3.08.0000.0000 C:\Program Files\PowerISO\PWRISOSH.DLL 0x012c0000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll 0x00d40000 0xc000 6.00.0001.1091 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll 0x01c60000 0x15000 1.01.0005.0000 C:\PROGRA~1\FlashGet\jccatch.dll 0x32520000 0x12000 10.00.2609.0000 V:\Program Files\Office10\msohev.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - http://www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 1036 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 7C7A-5667 Répertoire de C:\WINDOWS\system32 20/08/2004 01:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 7 529 672 704 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 7C7A-5667 Répertoire de C:\WINDOWS\Downloaded Program Files 07/04/2008 19:23 <REP> . 07/04/2008 19:23 <REP> .. 07/03/2007 02:00 2 504 catalog.dat 16/09/2006 19:39 65 desktop.ini 14/10/1997 18:52 697 DirectAnimation Java Classes.osd 26/07/2007 16:03 214 DivXPlugin.inf 07/03/2007 02:00 6 899 ecbootil.vxd 07/03/2007 02:00 272 040 ecmsvr32.dll 30/08/2006 21:10 551 GameLauncher.inf 01/09/2006 01:40 42 720 GameLauncher.ocx 10/11/2005 14:05 876 jinstall-1_5_0_06.inf 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 20/06/2006 16:44 379 704 MsnPUpld.dll 19/06/2006 15:40 393 MsnPUpld.inf 07/03/2007 02:00 124 536 naveng32.dll 07/03/2007 02:00 902 776 navex32a.dll 12/09/2007 09:46 259 NvidiaSmartScan.inf 04/10/2007 08:52 323 584 NvidiaSmartScan.ocx 20/06/2006 16:44 117 560 PURen-us.dll 09/01/2007 09:30 110 592 PURfr-fr.dll 07/03/2007 02:00 97 744 scrauth.dat 22/06/2006 11:41 5 032 swflash.inf 07/03/2007 02:00 11 875 symaveng.cat 07/03/2007 02:00 1 061 symaveng.inf 07/03/2007 02:00 189 004 tcdefs.dat 07/03/2007 02:00 1 375 779 tcscan7.dat 07/03/2007 02:00 336 864 tcscan8.dat 07/03/2007 02:00 775 155 tcscan9.dat 07/03/2007 02:00 453 tinf.dat 07/03/2007 02:00 148 tinfidx.dat 07/03/2007 02:00 1 957 tinfl.dat 07/03/2007 02:00 65 183 tscan1.dat 07/03/2007 02:00 3 113 tscan1hd.dat 07/03/2007 02:00 4 778 v.grd 07/03/2007 02:00 2 261 v.sig 07/03/2007 02:00 106 244 virscan.inf 07/03/2007 02:00 978 854 virscan1.dat 07/03/2007 02:00 570 174 virscan2.dat 07/03/2007 02:00 147 944 virscan3.dat 07/03/2007 02:00 320 186 virscan4.dat 07/03/2007 02:00 3 544 143 virscan5.dat 07/03/2007 02:00 390 436 virscan6.dat 07/03/2007 02:00 7 377 658 virscan7.dat 07/03/2007 02:00 1 698 312 virscan8.dat 07/03/2007 02:00 4 199 121 virscan9.dat 07/03/2007 02:00 32 virscant.dat 30/07/2007 20:24 293 wuweb.inf 07/03/2007 02:00 224 zdone.dat 46 fichier(s) 24 491 160 octets Total des fichiers listés : 46 fichier(s) 24 491 160 octets 2 Rép(s) 7 529 668 608 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon" "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\\Jeux\\Steam\\SteamApps\\kronos89\\counter-strike source\\hl2.exe"="C:\\Jeux\\Steam\\SteamApps\\kronos89\\counter-strike source\\hl2.exe:*:Enabled:hl2" "C:\\Jeux\\Titan Quest\\Titan Quest.exe"="C:\\Jeux\\Titan Quest\\Titan Quest.exe:*:Enabled:Titan Quest" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent" "C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\\Jeux\\Steam\\Steam.exe"="C:\\Jeux\\Steam\\Steam.exe:*:Enabled:Steam Client" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\\Jeux\\Exteel\\System\\Exteel.exe"="C:\\Jeux\\Exteel\\System\\Exteel.exe:*:Enabled:Exteel" "C:\\Jeux\\Project Torque\\ProjectTorque\\ProjectTorque.bin"="C:\\Jeux\\Project Torque\\ProjectTorque\\ProjectTorque.bin:*:Enabled:Project Torque" "C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Jeux\\Call Of Duty 4\\iw3mp.exe"="C:\\Jeux\\Call Of Duty 4\\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare " "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\\Jeux\\Exteel\\System\\Exteel.exe"="C:\\Jeux\\Exteel\\System\\Exteel.exe:*:Enabled:Exteel" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-21 02:06:35 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:8b9a4118 "s2"=dword:42722df3 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:42,77,10,c3,db,85,4e,95,6f,c4,20,82,2c,e1,a8,dd,df,81,7a,f7,e0,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,09,61,f9,95,06,18,4c,8e,e9,a9,fd,53,37,03,25,9a,3f,.. "khjeh"=hex:c0,b3,73,96,13,b3,42,9a,aa,64,36,7a,c6,f5,25,da,94,da,65,17,40,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:0f,16,6f,39,60,9e,6a,a2,0a,5f,b8,20,53,f3,49,b8,4c,3d,58,24,a9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:ef,ca,6d,25,39,1e,12,1f,56,27,7e,7a,a9,b4,3a,74,1b,ec,d5,99,b2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,09,61,f9,95,06,18,4c,8e,e9,a9,fd,53,37,03,25,9a,3f,.. "khjeh"=hex:c0,b3,73,96,13,b3,42,9a,aa,64,36,7a,c6,f5,25,da,94,da,65,17,40,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:0f,16,6f,39,60,9e,6a,a2,0a,5f,b8,20,53,f3,49,b8,4c,3d,58,24,a9,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (http://www.security.org.sg'>http://www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 220 - razerhid.exe 236 - RTHDCPL.exe 244 - alg.exe 288 - shstat.exe 308 - UpdaterUI.exe 336 - TBMon.exe 344 - looknstop.exe 352 - LVCOMSX.EXE 500 - iTunesHelper.ex 668 - ctfmon.exe 684 - LogitechDesktop 696 - msnmsgr.exe 748 - LWEMon.exe 756 - Steam.exe 1012 - csrss.exe 1036 - winlogon.exe 1080 - services.exe 1092 - lsass.exe 1264 - svchost.exe 1312 - svchost.exe 1424 - svchost.exe 1492 - NkbMonitor.exe 1508 - svchost.exe 1568 - svchost.exe 1936 - explorer.exe 2052 - AppleMobileDevi 2072 - guard.exe 2124 - FrameworkServic 2144 - Mcshield.exe 2196 - VsTskMgr.exe 2276 - naPrdMgr.exe 2400 - nvsvc32.exe 2464 - PnkBstrA.exe 2632 - RichVideo.exe 3052 - cmd.exe 3064 - firefox.exe 3160 - ServiceLayer.ex 3296 - iPodService.exe 3848 - NclRSSrv.exe Total number of processes = 40 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (http://www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E2000 - \WINDOWS\system32\hal.dll BADA8000 - \WINDOWS\system32\KDCOM.DLL BACB8000 - \WINDOWS\system32\BOOTVID.dll BA6D0000 - sptd.sys BADAA000 - \WINDOWS\System32\Drivers\WMILIB.SYS BA6B8000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS BA689000 - ACPI.sys BA678000 - pci.sys BA8A8000 - isapnp.sys BAE70000 - pciide.sys BAB28000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS BA8B8000 - MountMgr.sys BA659000 - ftdisk.sys BADAC000 - dmload.sys BA633000 - dmio.sys BAB30000 - PartMgr.sys BA8C8000 - sfsync02.sys BA8D8000 - VolSnap.sys BA61B000 - atapi.sys BA8E8000 - jraid.sys BA8F8000 - disk.sys BA908000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS BA5FB000 - fltmgr.sys BA5E9000 - sr.sys BA918000 - PxHelp20.sys BA5D2000 - KSecDD.sys BA545000 - Ntfs.sys BA518000 - NDIS.sys BA504000 - sfvfs02.sys BAB38000 - sfhlp02.sys BA4F2000 - sfdrv01.sys BA4D7000 - Mup.sys BADAE000 - JGOGO.sys BA9B8000 - \SystemRoot\System32\DRIVERS\intelppm.sys B95B5000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys B95A1000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS BAB48000 - \SystemRoot\System32\DRIVERS\usbuhci.sys B957E000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS BAB78000 - \SystemRoot\System32\DRIVERS\usbehci.sys B9559000 - \SystemRoot\System32\DRIVERS\HDAudBus.sys BA9C8000 - \SystemRoot\System32\DRIVERS\cdrom.sys BAB80000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys B951D000 - \SystemRoot\System32\DRIVERS\yk51x86.sys BAB88000 - \SystemRoot\System32\DRIVERS\fdc.sys B950C000 - \SystemRoot\System32\DRIVERS\serial.sys BA487000 - \SystemRoot\System32\DRIVERS\serenum.sys B94F8000 - \SystemRoot\System32\DRIVERS\parport.sys B94AE000 - \SystemRoot\System32\Drivers\a0mfo94w.SYS BABD8000 - \SystemRoot\System32\Drivers\l6dp.sys BAFB0000 - \SystemRoot\System32\DRIVERS\audstub.sys BAA28000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys B9EE5000 - \SystemRoot\System32\DRIVERS\ndistapi.sys B9497000 - \SystemRoot\System32\DRIVERS\ndiswan.sys BAA38000 - \SystemRoot\System32\DRIVERS\raspppoe.sys BAA48000 - \SystemRoot\System32\DRIVERS\raspptp.sys BABE0000 - \SystemRoot\System32\DRIVERS\TDI.SYS B9486000 - \SystemRoot\System32\DRIVERS\psched.sys BAA58000 - \SystemRoot\System32\DRIVERS\msgpc.sys BABE8000 - \SystemRoot\System32\DRIVERS\ptilink.sys BABF0000 - \SystemRoot\System32\DRIVERS\raspti.sys B9455000 - \SystemRoot\System32\DRIVERS\rdpdr.sys BAA68000 - \SystemRoot\System32\DRIVERS\termdd.sys BABF8000 - \SystemRoot\System32\DRIVERS\kbdclass.sys BAC00000 - \SystemRoot\System32\DRIVERS\mouclass.sys BAA78000 - \SystemRoot\System32\DRIVERS\lnsfw.sys BAE16000 - \SystemRoot\System32\DRIVERS\swenum.sys B9432000 - \SystemRoot\System32\DRIVERS\ks.sys B93FE000 - \SystemRoot\System32\DRIVERS\update.sys B9EC5000 - \SystemRoot\System32\DRIVERS\mssmbios.sys B9EC1000 - \SystemRoot\system32\drivers\WmBEnum.sys BAA88000 - \SystemRoot\system32\drivers\WmXlCore.sys BAA98000 - \SystemRoot\System32\DRIVERS\redbook.sys BAAA8000 - \SystemRoot\System32\Drivers\NDProxy.SYS BAAB8000 - \SystemRoot\System32\DRIVERS\usbhub.sys BAE1C000 - \SystemRoot\System32\DRIVERS\USBD.SYS B6E9A000 - \SystemRoot\system32\drivers\RtkHDAud.sys B6E76000 - \SystemRoot\system32\drivers\portcls.sys BAAD8000 - \SystemRoot\system32\drivers\drmk.sys BAC10000 - \SystemRoot\System32\DRIVERS\flpydisk.sys BAE20000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS BAF7A000 - \SystemRoot\System32\Drivers\Null.SYS BAE22000 - \SystemRoot\System32\Drivers\Beep.SYS BAF7B000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys BAC20000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS BAC28000 - \SystemRoot\System32\drivers\vga.sys BAE26000 - \SystemRoot\System32\Drivers\mnmdd.SYS BAE28000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys BAC30000 - \SystemRoot\System32\Drivers\Msfs.SYS BAC38000 - \SystemRoot\System32\Drivers\Npfs.SYS BA497000 - \SystemRoot\System32\DRIVERS\rasacd.sys B6E1B000 - \SystemRoot\System32\DRIVERS\ipsec.sys B6DC3000 - \SystemRoot\System32\DRIVERS\tcpip.sys B6DB0000 - \SystemRoot\System32\Drivers\lnsfw1.SYS B6D67000 - \SystemRoot\System32\DRIVERS\ipnat.sys BAB08000 - \SystemRoot\system32\drivers\mvstdi5x.sys B6D3F000 - \SystemRoot\System32\DRIVERS\netbt.sys BAB18000 - \SystemRoot\System32\DRIVERS\wanarp.sys B6D1D000 - \SystemRoot\System32\drivers\afd.sys BA948000 - \SystemRoot\System32\DRIVERS\netbios.sys BAC40000 - \SystemRoot\System32\Drivers\SCDEmu.SYS B6CF2000 - \SystemRoot\System32\DRIVERS\rdbss.sys BAF86000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS B6C83000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys B9D3D000 - \SystemRoot\System32\Drivers\Fips.SYS BAF88000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys B9D1D000 - \SystemRoot\System32\Drivers\Cdfs.SYS BAC50000 - \SystemRoot\System32\DRIVERS\usbccgp.sys B9D0D000 - \SystemRoot\system32\drivers\lvusbsta.sys B9CFD000 - \SystemRoot\system32\drivers\usbaudio.sys B93DE000 - \SystemRoot\System32\DRIVERS\hidusb.sys B9CED000 - \SystemRoot\System32\DRIVERS\HIDCLASS.SYS BAC58000 - \SystemRoot\System32\Drivers\Razerlow.sys B93DA000 - \SystemRoot\System32\DRIVERS\mouhid.sys B93D6000 - \SystemRoot\System32\DRIVERS\kbdhid.sys B6B6B000 - \SystemRoot\system32\DRIVERS\Camdrl.sys B9CDD000 - \SystemRoot\system32\DRIVERS\STREAM.SYS B6950000 - \SystemRoot\system32\DRIVERS\lvsvf2.sys B6E6E000 - \SystemRoot\system32\drivers\LUsbKbd.sys B6938000 - \SystemRoot\System32\Drivers\dump_atapi.sys BAE30000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys B6E5E000 - \SystemRoot\System32\drivers\Dxapi.sys BAC68000 - \SystemRoot\System32\watchdog.sys BF9C2000 - \SystemRoot\System32\drivers\dxg.sys BAE98000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D4000 - \SystemRoot\System32\nv4_disp.dll B637A000 - \SystemRoot\system32\drivers\wdmaud.sys B64EF000 - \SystemRoot\system32\drivers\sysaudio.sys B5404000 - \SystemRoot\System32\DRIVERS\mrxdav.sys BFFA0000 - \SystemRoot\System32\ATMFD.DLL BAE0E000 - \SystemRoot\System32\Drivers\ParVdm.SYS B52C2000 - \SystemRoot\System32\DRIVERS\srv.sys B5182000 - \SystemRoot\System32\DRIVERS\secdrv.sys B4F85000 - \??\C:\Program Files\CyberLink\PowerDVD\000.fcl B4E04000 - \SystemRoot\System32\Drivers\HTTP.sys B4D6F000 - \SystemRoot\system32\drivers\naiavf5x.sys B4D33000 - \??\C:\WINDOWS\system32\drivers\EntDrv51.sys B4A21000 - \SystemRoot\system32\drivers\kmixer.sys BAF43000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 140 Liste des programmes installes @BIOS B06.0601.01 Adobe Flash Player 9 ActiveX Adobe Flash Player Plugin Adobe Reader 6.0.1 Apple Mobile Device Support Apple Software Update Archiveur WinRAR Assistant de connexion Windows Live Audacity 1.2.6 AVG Anti-Spyware 7.5 Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.2 Patch Call of Duty® 4 - Modern Warfare 1.2 Patch Call of Duty® 4 - Modern Warfare 1.3 Patch Call of Duty® 4 - Modern Warfare 1.3 Patch Call of Duty® 4 - Modern Warfare 1.4 Patch Call of Duty® 4 - Modern Warfare 1.4 Patch Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch Call of Duty® 4 - Modern Warfare 1.5 Patch Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch CCleaner (remove only) Correctif Windows XP - KB873339 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB888302 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 DivX Content Uploader DivX Web Player EVEREST Corporate Edition v4.20 Far Cry (Patch 1.3) Far Cry (Patch 1.31) Far Cry (Patch 1.33) FlashGet(JetCar) Free Music Zilla Garry's Mod Gigabyte Raid Configurer GIGABYTE VGA Utility Manager GUILD WARS High Definition Audio Driver Package - KB888111 HijackThis 1.99.1 IGN Download Manager 2.3.2 iPod for Windows 2006-01-10 iPod for Windows 2006-01-10 iTunes J2SE Runtime Environment 5.0 Update 10 J2SE Runtime Environment 5.0 Update 11 J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 6 J2SE Runtime Environment 5.0 Update 9 Java 6 Update 2 Java 6 Update 3 Java 6 Update 5 Java 6 Update 7 Java SE Runtime Environment 6 Update 1 Line 6 Edit (remove only) Line 6 Uninstaller Livebox Logiciel QuickCam de Logitech Logitech Desktop Messenger Logitech Gaming Software Logitech SetPoint Look 'n' Stop 2.05p2 McAfee VirusScan Enterprise Messenger Plus! Live Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Office XP Media Content Microsoft Office XP Professional avec FrontPage mIRC Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918899) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920214) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922760) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB925486) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mozilla Firefox (2.0.0.16) MSVC80_x86 MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 Parser and SDK Nero OEM Nikon FotoShare Nikon Message Center Nokia Connectivity Cable Driver Nokia PC Suite Nokia PC Suite Norton PartitionMagic Norton PartitionMagic 8.0 NVIDIA Drivers Package de pilotes Windows - Nokia Modem (08/03/2007 6.84.0.2) Package de pilotes Windows - Nokia Modem (10/12/2007 3.6) Panda TotalScan PC Connectivity Solution PictureProject Pirates, Vikings and Knights II Beta 1.0 Postal 2 Share The Pain PowerDVD PowerDVD Ultra PowerISO Programme de gestion Camera de Logitech® PunkBuster Services QuickTime Razer Copperhead Real Alternative 1.39 Realtek High Definition Audio Driver Steam Team Fortress 2 TeamSpeak 2 RC2 Test Drive Unlimited Unlocker 1.8.5 Ventrilo Client VideoLAN VLC media player 0.8.5 Virtools 3D Life Player WebFldrs XP Winamp (remove only) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Live installer Windows Live Messenger Windows Media Format Runtime Windows XP Service Pack 2 WinZip World of Warcraft Wow Cartographe 1.07 Xfire (remove only) Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 7C7A-5667 Répertoire de C:\Program Files 20/08/2008 22:34 <REP> . 20/08/2008 22:34 <REP> .. 16/09/2006 21:01 <REP> Adobe 03/12/2006 23:08 <REP> Ahead 15/09/2007 12:20 <REP> Apple Software Update 09/05/2008 00:27 <REP> Audacity 03/11/2006 00:17 <REP> Audio Converter 30/11/2007 19:05 <REP> Azureus 06/02/2007 20:58 <REP> CCleaner 23/04/2008 00:17 <REP> Common Files 16/09/2006 19:38 <REP> ComPlus Applications 12/01/2008 20:45 <REP> CyberLink 08/02/2007 14:21 <REP> DAEMON Tools 25/02/2008 22:31 <REP> DIFX 15/02/2008 01:22 <REP> DivX 27/08/2007 15:52 <REP> DJ2000 Demo 20/08/2008 22:34 <REP> eylqvab 16/07/2008 20:24 <REP> Fichiers communs 09/05/2008 11:40 <REP> FlashGet 03/06/2008 19:35 <REP> Free Music Zilla 16/09/2006 21:04 <REP> GigaByte 13/09/2007 21:12 <REP> Grisoft 16/10/2006 19:38 <REP> Guitar Pro 5 17/06/2008 13:54 <REP> IDoser v4 28/01/2007 23:04 <REP> IGN 16/09/2006 20:50 <REP> Intel 19/02/2008 18:43 <REP> Internet Explorer 19/11/2007 02:12 <REP> iPod 19/11/2007 02:12 <REP> iTunes 12/08/2008 00:53 <REP> Java 21/11/2007 01:36 <REP> Lavalys 23/04/2008 00:17 <REP> Line6 04/02/2007 19:49 <REP> Logitech 24/04/2008 02:33 <REP> Media Player Classic 17/09/2006 23:03 <REP> Messenger 29/10/2007 15:43 <REP> Messenger Plus! Live 09/02/2007 15:45 <REP> MessengerDiscovery 16/09/2006 19:40 <REP> microsoft frontpage 12/04/2008 00:23 <REP> mIRC 17/09/2006 01:48 <REP> Movie Maker 21/08/2008 01:58 <REP> Mozilla Firefox 16/09/2006 19:38 <REP> MSN 16/09/2006 19:37 <REP> MSN Gaming Zone 29/10/2007 15:36 <REP> MSN Messenger 12/04/2007 19:51 <REP> MSNServersX 24/11/2006 00:18 <REP> MSXML 4.0 17/09/2006 01:45 <REP> NetMeeting 16/09/2006 22:11 <REP> Network Associates 08/08/2007 15:56 <REP> Nikon 25/02/2008 22:31 <REP> Nokia 17/09/2006 23:03 <REP> Outlook Express 19/02/2008 18:48 <REP> Panda Security 25/02/2008 22:31 <REP> PC Connectivity Solution 12/01/2008 19:10 <REP> PowerISO 19/11/2007 02:11 <REP> QuickTime 16/09/2006 20:04 <REP> Razer 24/04/2008 02:33 <REP> Real Alternative 16/09/2006 20:52 <REP> Realtek 16/09/2006 21:29 <REP> SAGEM 16/09/2006 19:38 <REP> Services en ligne 16/09/2006 22:35 <REP> Soft4Ever 13/01/2008 21:10 <REP> Symantec 17/09/2006 02:13 <REP> Teamspeak2_RC2 16/04/2007 13:10 <REP> Unlocker 04/01/2008 18:13 <REP> uTorrent 17/12/2007 17:58 <REP> Ventrilo 02/10/2006 21:56 <REP> VideoLAN 09/12/2007 20:38 <REP> Virtools 07/01/2008 22:56 <REP> Winamp 29/10/2007 15:20 <REP> Windows Live 05/04/2008 16:18 <REP> Windows Media Player 17/09/2006 01:45 <REP> Windows NT 10/11/2006 21:13 <REP> WinRAR 27/09/2006 21:23 <REP> WinZip 17/07/2008 20:21 <REP> WowCartographe 16/09/2006 19:40 <REP> xerox 18/08/2008 21:33 <REP> Xfire 16/09/2006 20:45 <REP> Yahoo! 0 fichier(s) 0 octets 78 Rép(s) 7 528 542 208 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 7C7A-5667 Répertoire de C:\Program Files\fichiers communs 16/07/2008 20:24 <REP> . 16/07/2008 20:24 <REP> .. 16/09/2006 23:04 <REP> Adobe 03/12/2006 23:08 <REP> Ahead 07/07/2007 12:51 <REP> Apple 16/07/2008 20:24 <REP> Blizzard Entertainment 16/09/2006 22:11 <REP> Cisco Systems 12/11/2007 22:14 <REP> Designer 16/10/2006 20:10 <REP> InstallShield 15/10/2006 02:18 <REP> Java 04/02/2007 19:49 <REP> Logitech 26/02/2008 19:31 <REP> Microsoft Shared 16/09/2006 19:38 <REP> MSSoap 08/08/2007 16:10 <REP> muvee Technologies 16/09/2006 22:11 <REP> Network Associates 08/08/2007 16:10 <REP> Nikon 25/02/2008 22:31 <REP> Nokia 16/09/2006 21:27 <REP> ODBC 25/02/2008 22:31 <REP> PCSuite 16/09/2006 19:38 <REP> Services 16/09/2006 21:26 <REP> SpeechEngines 12/11/2007 22:13 <REP> System 17/12/2007 17:57 <REP> Wise Installation Wizard 0 fichier(s) 0 octets 23 Rép(s) 7 528 542 208 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 7C7A-5667 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 12/11/2007 22:14 <REP> . 12/11/2007 22:14 <REP> .. 12/11/2007 22:14 <REP> 1033 12/11/2007 22:14 <REP> 1036 15/02/2001 06:45 1 318 912 MSONSEXT.DLL 13/02/2001 09:23 58 784 MSOSV.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 07/03/2001 09:00 127 033 MSOWS40c.DLL 06/08/2000 10:04 401 462 MSVCP60.DLL 22/01/2001 04:25 69 632 PKMAXCTL.DLL 22/01/2001 04:25 872 448 PKMCDO.DLL 22/01/2001 04:25 159 744 PKMCORE.DLL 07/02/2001 10:59 106 496 PKMFORMS.DLL 12/02/2001 05:03 684 032 PKMRES.DLL 22/01/2001 04:25 28 672 PKMSSTLB.DLL 22/01/2001 04:25 40 960 PKMTEMPL.DLL 22/01/2001 04:25 24 576 PKMTRACE.DLL 22/01/2001 04:25 86 016 PKMWS.DLL 22/01/2001 04:25 237 568 PROMDEMO.DLL 22/01/2001 04:25 184 320 SECMGR.DLL 22/01/2001 04:25 323 584 VAIDDMGR.DLL 22/01/2001 04:25 32 768 VAIMEM.DLL 18 fichier(s) 4 879 944 octets 4 Rép(s) 7 528 542 208 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 7C7A-5667 Répertoire de C:\Program Files\common files 23/04/2008 00:17 <REP> . 23/04/2008 00:17 <REP> .. 23/04/2008 00:17 <REP> Digidesign 27/05/2008 18:20 <REP> INCA Shared 0 fichier(s) 0 octets 4 Rép(s) 7 528 542 208 octets libres c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_fre.exe c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstCCD.exe c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCS.exe c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCSFEMsi.exe c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Packages\Nokia_PC_Suite\CustomActions\NSU_Inst_fix.exe c:\Documents and Settings\All Users\Application Data\Installations\{3741689E-584D-40C9-B011-373A0371846D}\Installer\CommonCustomActions\Sleep.exe c:\Documents and Settings\All Users\Application Data\Installations\{3741689E-584D-40C9-B011-373A0371846D}\Installer\CommonCustomActions\vcredistExec.exe c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe c:\Documents and Settings\kronos\Application Data\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe c:\Documents and Settings\kronos\Application Data\WholeSecurity\CAT\WSOOPScan.exe c:\Documents and Settings\kronos\Application Data\WholeSecurity\CAT\WSUIEE.exe c:\Documents and Settings\kronos\Bureau\realalt-pc.exe c:\Documents and Settings\kronos\Bureau\sa-mp-0.2.2-R2.exe c:\Documents and Settings\kronos\Bureau\clé usb\GP5.exe c:\Documents and Settings\kronos\Bureau\guitare\ccsetup137.exe c:\Documents and Settings\kronos\Bureau\guitare\daemon408-x86.exe c:\Documents and Settings\kronos\Bureau\guitare\Postal2_ShareThePain_Patch1409.exe c:\Documents and Settings\kronos\Bureau\guitare\punisherfr.exe c:\Documents and Settings\kronos\Bureau\guitare\qc848fra.exe c:\Documents and Settings\kronos\Bureau\guitare\Divers\ArchBot 0.3.exe c:\Documents and Settings\kronos\Bureau\guitare\Divers\fgf173.exe c:\Documents and Settings\kronos\Bureau\guitare\Divers\MDL_1.00.19.exe c:\Documents and Settings\kronos\Bureau\guitare\Divers\MsgPlusLive-401.exe c:\Documents and Settings\kronos\Bureau\guitare\Divers\patchts2fr.exe c:\Documents and Settings\kronos\Bureau\guitare\Divers\ts2_client_rc2_2032.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\rFactor.1.150.loader.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\catchme.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\diff.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\dumphive.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\find2.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\Fport.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\grep.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\gzip.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\KProcCheck.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\LFiles.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\LISTDLLS.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\md5sums.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\pslist.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\sigcheck.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\streams.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\swreg.exe c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\tar.exe c:\Documents and Settings\kronos\Bureau\POD\Line 6 Monkey v1[1].15 Installer.exe c:\Documents and Settings\kronos\Bureau\Radio\HipHop6.exe c:\Documents and Settings\kronos\Bureau\tampon\Installation_LooknStop_205.exe c:\Documents and Settings\kronos\Bureau\tampon\wrar360fr.exe c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\80dfc463\004fcd5c_eceec701\_Launcher.EXE c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\80dfc463\bede22d5_1a40c801\_Launcher.EXE c:\Documents and Settings\kronos\Mes documents\My Games\Titan Quest\TitanQuest1_15.exe c:\Documents and Settings\kronos\Mes documents\My Games\Titan Quest\TitanQuest1_20.exe c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll c:\Documents and Settings\All Users\Application Data\Line 6\L6TWXG\L6TWXG.dll c:\Documents and Settings\All Users\Application Data\Line 6\L6TWXG\data\twx\L6TWX.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\kronos\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\1e71a7f5\00db1220_48eac701\NLog.DLL c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\573ef35d\0070e32d_b0ebc701\NC.Logging.DLL c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\573ef35d\b62ff3d4_1a40c801\NC.Logging.DLL c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\f28527a5\00132dc9_b9ebc701\UnRar.Net.DLL c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\f28527a5\3258dbd4_1a40c801\UnRar.Net.DLL c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\fdb6c786\003eea69_eceec701\_Launcher.resources.DLL c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\fdb6c786\c456fad4_1a40c801\_Launcher.resources.DLL ****** Fin du rapport DiagHelp Rapport de hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 02:18:40, on 21/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Razer\Copperhead\razerhid.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe C:\Program Files\Soft4Ever\looknstop\looknstop.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Logitech\Profiler\lwemon.exe V:\Program Files\Nikon\NkbMonitor.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Razer\Copperhead\razertra.exe C:\Program Files\Razer\Copperhead\razerofa.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\kronos\Bureau\Nouveau dossier\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe boot O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [lphcc7bj0el8v] C:\WINDOWS\system32\lphcc7bj0el8v.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork O4 - HKCU\..\Run: [start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui O4 - HKCU\..\Run: [steam] "C:\Jeux\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [infoproc] C:\WINDOWS\system32\kpglkxub.exe O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = V:\Program Files\Office10\OSA.EXE O4 - Global Startup: NkbMonitor.exe.lnk = V:\Program Files\Nikon\NkbMonitor.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://V:\PROGRA~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.line6.net O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... .6.108.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3663720312 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player ... taller.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{C193F000-A84E-4B7D-8BF8-C4660A10FB0E}: NameServer = 192.168.1.1 O18 - Protocol: bw+0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: ActMntCmd - {3BEC3050-8B2F-5E91-FCBF-08891E626AE7} - C:\Program Files\eylqvab\ActMntCmd.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Windows Audio Server (Audios) - Unknown owner - c:\Recycle\svchost.exe (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Window Image Worker (windownetpker) - Unknown owner - C:\Program Files\Internet Explorer\svchost.exe (file missing)
×
×
  • Créer...