UC à 100% au démarrage...[RESOLU]

[David de Lyon]

Bonjour.... Mon ordinateur sous windows 2000 Pro est intouchable pendant de longues minutes après le démarrage, UC affiché à 100%. Spybot, Nod32 et Outpost n'ont rien trouvé, F-Secure BlackLight et LSPFix non plus...

Voici mon log HijackThis. Merci par avance à quiconque s'y intéressera...

 

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 12:01:58, on 30/08/2007

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\System32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Eset\nod32krn.exe

C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

C:\WINDOWS\system32\MSTask.exe

C:\WINDOWS\System32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\System32\WBEM\WinMgmt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\msdtc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Eset\nod32kui.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\HiJackThis_v2.exe

 

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - Global Startup: Raccourci vers Connexion au réseau local.lnk = ?

O23 - Service: Gestion d'applications (AppMgmt) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Explorateur d'ordinateur (Browser) - Unknown owner - C:\WINDOWS\System32\services.exe

O23 - Service: Client DHCP (Dhcp) - Unknown owner - C:\WINDOWS\System32\services.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Gestionnaire de disque logique (dmserver) - Unknown owner - C:\WINDOWS\System32\services.exe

O23 - Service: Client DNS (Dnscache) - Unknown owner - C:\WINDOWS\System32\services.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - (no file)

O23 - Service: Serveur (lanmanserver) - Unknown owner - C:\WINDOWS\System32\services.exe

O23 - Service: Station de travail (lanmanworkstation) - Unknown owner - C:\WINDOWS\System32\services.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe

O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe

O23 - Service: Ouverture de session réseau (Netlogon) - Unknown owner - C:\WINDOWS\System32\lsass.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN

O23 - Service: Agent de stratégie IPSEC (PolicyAgent) - Unknown owner - C:\WINDOWS\System32\lsass.exe

O23 - Service: Emplacement protégé (ProtectedStorage) - Unknown owner -

 

Merci encore... David de Lyon

Modifié le 10 septembre 2007 par David de Lyon

[WawaSeb]

Bonjour David de Lyon,

 

*** Bienvenue sur le forum sécurité de Zebulon ! ***

 

 

Avant tout, sache que tu utilises une vieille version de HijackThis. Télécharge et installe la dernière version [v2.0.2] :

 

1) Clique ICI pour télécharger le fichier d'installation d'HijackThis :

1. Enregistre HJTInstall.exe sur ton bureau
   
2. Double-clique sur HJTInstall.exe pour lancer le programme
   
3. Par défaut, il s'installera là || C:\Program Files\Trend Micro\HijackThis
   
4. Rends-toi dans ce dossier et renomme hijackthis.exe en check.exe
   
5. Lance check.exe en double-cliquant dessus
   
6. Accepte la license en cliquant sur le bouton "I Accept"
   
7. Choisis l'option "Do a system scan and save a log file"
   
8. Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
   
9. Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
   
10. Colle le rapport que tu viens de copier sur ce forum
    
11. Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement
    

Tutoriaux : http://pageperso.aol.fr/balltrap34/demohijack.htm (ne fixe rien pour le moment !!)

http://cybersecurite.xooit.com/t138-HijackThis-2-0-2.htm

 

---> Tu devras effacer l'ancienne version d'HijackThis lorsque tu auras installé la nouvelle !

 

 

2) Télécharge DiagHelp.zip de Malekal_morte sur ton bureau.

• Décompresse-le sur ton bureau
  
• Un nouveau dossier va être créé (DiagHelp)
  
• Ouvre le et double-clique sur go.cmd (le .cmd sera peut-être invisible)
  
• Une fenêtre va s'ouvrir, choisis l'option 1
  
• L'analyse peut prendre quelques minutes, appuie sur une touche quand on te le réclame
  
• Copie/colle le rapport qui s'ouvre sur ce forum
  

N'oublie surtout pas d'appuyer sur une touche à la fin pour afficher le rapport !!

 

Bon travail à toi !

[David de Lyon]

Merci beaucoup WawaSeb.

Je fais ça de suite et je poste.

A plus.

[David de Lyon]

Voici le dernier Hijack dernière version :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:48:46, on 30/08/2007

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\System32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Eset\nod32krn.exe

C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

C:\WINDOWS\system32\MSTask.exe

C:\WINDOWS\System32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\System32\WBEM\WinMgmt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\msdtc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Eset\nod32kui.exe

C:\WINDOWS\System32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\check.exe

 

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - Global Startup: Raccourci vers Connexion au réseau local.lnk = ?

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - (no file)

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN

 

--

End of file - 2133 bytes

 

 

Ainsi que le rapport DiagHelp

 

DiagHelp version v1.1.2 - http://www.malekal.com

excute le jeu. 30/08/2007 à 19:19:52,88

 

 

Liste des derniers fichies modifies/crees dans windir\system32

C:\WINDOWS\System32/drivers\amon.sys -->13/08/2007 04:47:33

C:\WINDOWS\System32/drivers\nod32drv.sys -->13/08/2007 04:47:31

C:\WINDOWS\System32/drivers\cdr4_2k.sys -->11/08/2007 16:47:45

C:\WINDOWS\System32/drivers\DefragFs.sys -->13/03/2007 12:18:22

C:\WINDOWS\System32/drivers\PalmUSBD.sys -->04/11/2006 03:11:06

C:\WINDOWS\System32/drivers\nwrdr.sys -->01/09/2006 06:57:48

C:\WINDOWS\System32/drivers\fltmgr.sys -->22/08/2006 12:48:40

 

C:\WINDOWS\System32\OODBS.lor -->30/08/2007 17:46:11

C:\WINDOWS\System32\nvapps.xml -->29/08/2007 10:33:58

C:\WINDOWS\System32\Perflib_Perfdata_2c0.dat -->20/08/2007 12:51:47

C:\WINDOWS\System32\Perflib_Perfdata_29c.dat -->18/08/2007 22:28:20

C:\WINDOWS\System32\Perflib_Perfdata_2ac.dat -->18/08/2007 11:40:07

C:\WINDOWS\System32\Perflib_Perfdata_2a0.dat -->17/08/2007 05:44:47

C:\WINDOWS\System32\Perflib_Perfdata_294.dat -->15/08/2007 11:18:14

C:\WINDOWS\System32\Perflib_Perfdata_288.dat -->14/08/2007 12:26:53

C:\WINDOWS\System32\Perflib_Perfdata_2a4.dat -->14/08/2007 09:42:40

C:\WINDOWS\System32\Perflib_Perfdata_278.dat -->14/08/2007 00:44:46

C:\WINDOWS\System32\Perflib_Perfdata_280.dat -->13/08/2007 20:07:00

C:\WINDOWS\System32\Perflib_Perfdata_290.dat -->13/08/2007 11:32:12

C:\WINDOWS\System32\Perflib_Perfdata_284.dat -->13/08/2007 10:58:35

C:\WINDOWS\System32\Perflib_Perfdata_298.dat -->13/08/2007 10:33:27

C:\WINDOWS\System32\imon.dll -->13/08/2007 04:47:36

C:\WINDOWS\System32\Perflib_Perfdata_274.dat -->13/08/2007 03:49:52

C:\WINDOWS\System32\Perflib_Perfdata_270.dat -->13/08/2007 03:19:04

C:\WINDOWS\System32\Perflib_Perfdata_26c.dat -->13/08/2007 02:53:46

C:\WINDOWS\System32\Perflib_Perfdata_25c.dat -->12/08/2007 20:08:30

C:\WINDOWS\System32\Perflib_Perfdata_28c.dat -->12/08/2007 17:55:16

C:\WINDOWS\System32\BASSMOD.dll -->12/08/2007 10:55:19

C:\WINDOWS\System32\pwdremover.dat -->11/08/2007 12:39:29

C:\WINDOWS\System32\MRT.exe -->03/08/2007 06:34:10

C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06

C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52

 

C:\WINDOWS\WindowsUpdate.log -->30/08/2007 18:30:32

C:\WINDOWS\transp.gif -->30/08/2007 17:48:17

C:\WINDOWS\SchedLgU.Txt -->30/08/2007 14:55:20

C:\WINDOWS\ODBC.INI -->29/08/2007 11:52:00

C:\WINDOWS\NeroDigital.ini -->29/08/2007 02:27:09

C:\WINDOWS\system.ini -->28/08/2007 00:53:58

C:\WINDOWS\verypdf.ini -->11/08/2007 12:40:27

C:\WINDOWS\gswin32.ini -->11/08/2007 12:12:46

C:\WINDOWS\ShellIconCache -->08/08/2007 17:02:36

C:\WINDOWS\winDecrypt.INI -->08/08/2007 13:06:31

C:\WINDOWS\win.ini -->26/07/2007 17:09:24

C:\WINDOWS\winamp.ini -->09/07/2007 02:43:22

C:\WINDOWS\hpothb07.dat -->24/06/2007 18:24:59

C:\WINDOWS\hpothb07.tif -->24/06/2007 18:22:11

C:\WINDOWS\pack.epk -->11/06/2007 10:20:05

 

 

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\WINDOWS\system

 

06/04/1999 16:45 38 672 MAPISRVR.EXE

11/07/1997 12:37 11 856 MVTHKSVR.EXE

14/08/2002 16:03 4 672 WOWPOST.EXE

3 fichier(s) 55 200 octets

0 Rép(s) 5 296 122 368 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\WINDOWS\system32

 

19/06/2003 21:05 5 392 CSRSS.EXE

1 fichier(s) 5 392 octets

0 Rép(s) 5 296 121 856 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

04/09/2006 15:36 <DIR> .

04/09/2006 15:36 <DIR> ..

24/10/2001 18:52 237 actsetup.inf

15/06/2004 05:13 226 cc.inf

14/10/2002 02:56 65 desktop.ini

14/10/1997 18:52 697 DirectAnimation Java Classes.osd

26/08/2003 08:12 1 096 iuctl.inf

03/06/2005 04:49 752 jinstall-1_5_0_04.inf

20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd

29/06/2005 17:17 227 opuc.inf

09/10/2003 10:32 144 QTPlugin.inf

17/04/2000 23:22 2 203 SG726ACM.inf

27/08/2005 14:30 5 065 swflash.inf

24/09/1998 17:24 111 616 tdserver.ocx

02/11/2005 19:01 1 777 xscan.inf

02/11/2005 19:07 435 712 xscan53.ocx

07/11/2004 15:29 1 206 yinst.inf

07/11/2004 15:29 173 168 yinsthelper.dll

16 fichier(s) 735 353 octets

 

Total des fichiers listés :

16 fichier(s) 735 353 octets

2 Rép(s) 5 296 121 344 octets libres

 

Recherche de rootkit! (Merci S!Ri)

infection possible Magic.Control : un scan F-Secure BlackLight est recommandé

 

Recherche d'infections connues

 

Export des clefs sensibles..

 

Liste des fichiers en exception sur le pare-feu XP SP2

 

"%windir%\\system32\\rcu~x.exe"="%windir%\\system32\\rcu~x.exe:*:Enabled:@xpsp2res.dll,-22019"

 

 

Export de la clef SharedTaskScheduler

 

[sharedTaskScheduler]

 

Rechercher adresses sensibles dans le fichier HOSTS...

127.0.0.1 activexupdate.com

127.0.0.1 www.activexupdate.com

127.0.0.1 msupdater.net

127.0.0.1 www.msupdater.net

127.0.0.1 www.malwarewipeupdate.com

127.0.0.1 spyfalconupdate.com

127.0.0.1 www.spyfalconupdate.com

127.0.0.1 spyaxeupdate.com

127.0.0.1 www.spyaxeupdate.com

127.0.0.1 necessaryupdates.com

127.0.0.1 www.necessaryupdates.com

127.0.0.1 systemupdates.net

127.0.0.1 www.systemupdates.net

127.0.0.1 updates.spywarequake.com

127.0.0.1 urgentsystemupdate.com

127.0.0.1 www.urgentsystemupdate.com

127.0.0.1 urgentsystemupdate.biz

127.0.0.1 www.urgentsystemupdate.biz

127.0.0.1 trial.updates.winsoftware.com

127.0.0.1 lavasoftupdate.com

127.0.0.1 www.lavasoftupdate.com

127.0.0.1 windupdates.com

127.0.0.1 securityupdatesite.com

127.0.0.1 www.securityupdatesite.com

127.0.0.1 newupdates.lzio.com

127.0.0.1 msupdate.net

127.0.0.1 www.msupdate.net

127.0.0.1 redirect.msupdate.net

127.0.0.1 eupdatepage.com

127.0.0.1 www.eupdatepage.com

127.0.0.1 updatemysettings.com

127.0.0.1 www.updatemysettings.com

127.0.0.1 settings.updatemysettings.com

127.0.0.1 search.keyword.exeupdate.com

127.0.0.1 client.exeupdate.com

127.0.0.1 www.exeupdate.com

127.0.0.1 hotwinupdates.com

127.0.0.1 www.hotwinupdates.com

127.0.0.1 avpcheckupdate.com

127.0.0.1 www.avpcheckupdate.com

REGEDIT4

 

[taskmgr.exe]

 

 

 

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-30 19:22:38

Windows 5.0.2195 Service Pack 4 NTFS

 

scanning hidden services & system hive ...

 

scanning hidden registry entries ...

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]

"OODEFRAG08.00.00.01WORKSTATION"="C57B6608B035F2BED645A9A06045C33BC6B5B30A4874FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A2D97226D213B555BA7FD869164D67949DB7CE019D40AA5C32611429638C80AB536BA79020513F6C47652CAEC2A499C72A3005CDE6A45F5A90429E3D7896BEAF9517229CBD35483A6CEEC47BF95E031D0A55A04E187D0C43D9839C28EC59CE470409EB548423BEB0C6C7142B7DD932F459C589D07E86405564C25BA62BB4338687A86BA83D538FA6EFC8B6041BD01F0B02E5381087921B538B10CA08633A575109D5279F7B370DC905BB6FDF62AE25F2F10BC6DC652E20D12DEEFEB108300665FA5ECE528F716B18A45C232DA993808E1A01F3990F15B5BC2BD6AD1ACF116F504F89326E95D9456674DE5DEC0955D5987086A23D3FB9AACF6FB5B5CF360DA8F37D0F4634E6FB96DB1D68CAB6DE7B299C6ECFD9D2F141AA1F616815717A84A908021DA379241742F34C14BDB4CA42E67B1282C47A6B054A0EF047F0B3A0104F97DCD38729329E0D80316E2CA5B39BDBEBDBBAB167B09281579016105F6E785A8190C8533DB93A9FA281F92FDA42AA3CF3538514E00C2C2B88B793DE4FEFBC6DF725838AC925468853F4AC85BA62C81DF1806983428CC608045FEEECF5740F1281A78357732652B8DEC87111C046827996F1D93979030B39FE864CEED58D57B579A5388572AF2006E43E25D679E317AF653AC3940C8558C88332C2BB08942FA68EB3860894FAA82957981B0208F17D81396C851A8F703F1F6FE5E050B823649BC369C8F0BB0417BF0021185FA1705B163DA472EDAFDE050EF4AEA34B2719FA2A6F62CAFBDC0A4ACA7BA4D6E2131F8F77F2FE52DD2BB52447181A81F22A19A8D13C3ECD84819157B036F3841F38822914AE1EDE575798C8E334B9E02C270BD7F02AA1088AC5E2843BF6E2445084E46D3F1AA6476C1974555EF7269D851C1927CC0AB2A0B4DC8B4E95D44BABD4FD53D4ADB043AE556CF45F16E2F9892C1933690D049E35CB0A596252BA0A442C3F1E0C7A44A1ACECE10DAF4E4B5267F6410C25BD121357BBA7E1A668E8FC0DFE765BF225F8724CB19B73452F5C536FDACE1B955104450C16227CB1AE730C7795E4E21F0E48EB8CC651A2CF431222CDF68C1CA79A7BECCB8FFC46CD64C19E69DDE1D3D77D7EC760F2CC57B67AC0EAA188DA0D7ED270C48480CA9F7C299021BC69578D1A1D3DC3ADA0EE1591A70BDA01F42FB17095AC8C96E6362BF0056D84C06F4436977A77A0505F2CA12F82EB267143119009E2CF08D6E27C52905F3E3D36493A373389F62598E108051127320371209CF506204C000E39EE4079063AC3D374DEBC0620D81AC700A1916C947FABEE5A02EFDA96E7BEFAD3F2E5F9A9EC95C393EDB75D780E4F16"

"OOCC06.00.00.01WSSV"="E87BD718E944754098BD09DD37761FDA9A801AF974169A340D8405B2239A8FBBFB84729C6CD0B5754CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6A0AC4980AC79335D575E7D6A3B9808A2D97226D213B555696692ED8ED21CA98CB4363691059BB210B7D1266EF2950F5DE0F45B83FCF7C6EF84DF6613E55F5DA067C90D1EC928B38728AFCC45EB02B1657238B644D89F532802A796F4CA6EEA747961E966EB624C4805772D885FD137254ED2ECD721D91BD0456336AFAE61A628AC5D4A98061E28728A1427B273AFBC5C4DD9622BA94BD2EE60ECCFC2B2767A9E74827BE2A7CF066CA754F048446BF514FDC151323CBBC247210743326B8EE380F5FBA3FBD012B6DE8269914DDEF62B942167C763131747668454428661AC733B8E56B81BF82222B6F2E967CA48EA37EB2C0A26B85E6C4F9A3DDFD24A93FA4F7CCD0387FD89E14124865123CFF600086DC7CDA4314270E0F7B213D08DF046AF3BF6572E6560D7A21F7C7DC76ED516A2AED3B8CA4FD77A93557E406B645F80E12E810D2394CE2E695D4930B03A43B09E89DF38771AAA0893CDEE9AA465B8BC485098C0AB541DB14B5F161108CE9275A49CB1195B1BB936A1C0083C54ABC835D7E31C746572035491E3BF29D0C88BB0F6C94411FD627ACA90507E1F23D8D0C699EC208D3FBFB0AC9C7056E8DE4AE8506737C236B702D3AE4A64BD26129086F0A9B1EA55FC8F4575DCCE1F20DA78D866DCCE9184379023EACA286514F27892D93B3FF8F936BB598A590C9086417D7E2C533F435AFD29B632220BC592EBBD11CA9367F90BD721F66FACF8D8376307727B5A7BA37C61E9D3D5F43F66ACF78F14AF89BCD07F209E99C983AB592FE6463ED294B7AE120CF5B150F93D0253E722A01A8D9616B0A399B562237B24D143F062D4B96F97A57A737DBB00BF875B5BABAF3E1F1313DB4AFB30A8DE8704E444C1504994DFC2A77F0D56596545187C4B69AE7553904921CE3164AD222FF4938D746F9A848C49EBC072508A9E918C53821B7DBCD334EB08432A1F27EB19A5EB91CC9AD7FC3AF8A738D4F35A342B6C609E03F1B45EE662F809DB22EFCC2EFCDE1A0F22B30673D477336B3DF2435E788993E9542244534840D83E24056D1B92C5C384C706B986905BD2F01BA47AB82314A61AE26F696A6C11BECE4F08065033D800FBC348470616B60EA4F163A00F112E73E4CD2749DFD3009A0E414065055F379247BE99F34804CF2FC79BC78BF61F696A1D3AFAEE2C33869E000D166EAFCAE214BA5ABE9466AA53D1A2E10C27CC5BB74A9A41C17D0C7A02542D379897905EC2F231291C953F8F4F69FD859076AF86F32E397071297EC4B398233AF969A6B721ED07303E75F36D383CAA3B5A8B0298D87E584729"

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Process list by traversal of KiWaitInListHead and KiWaitOutListHead

 

8 - System

148 - SMSS.EXE

176 - CSRSS.EXE

196 - WINLOGON.EXE

224 - SERVICES.EXE

236 - LSASS.EXE

336 - firefox.exe

384 - CMD.EXE

400 - svchost.exe

424 - explorer.exe

444 - LEXBCES.EXE

472 - spoolsv.exe

508 - svchost.exe

512 - notepad.exe

532 - nod32krn.exe

560 - outpost.exe

576 - check.exe

580 - TASKMGR.EXE

620 - mstask.exe

656 - tcpsvcs.exe

712 - SNMP.EXE

772 - WinMgmt.exe

816 - svchost.exe

840 - msdtc.exe

1120 - notepad.exe

1152 - nod32kui.exe

 

Total number of processes = 26

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Driver/Module list by traversal of PsLoadedModuleList

 

80400000 - \WINDOWS\System32\ntoskrnl.exe

80001000 - \WINDOWS\System32\hal.dll

EB810000 - \WINDOWS\System32\BOOTVID.dll

EB400000 - pci.sys

EB410000 - isapnp.sys

EB900000 - intelide.sys

EB680000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS

EB688000 - MountMgr.sys

BFFE3000 - ftdisk.sys

EB902000 - Diskperf.sys

EB9C8000 - \WINDOWS\System32\Drivers\WMILIB.SYS

EB904000 - dmload.sys

BFFC1000 - dmio.sys

EB814000 - PartMgr.sys

BFFB0000 - precsim.sys

BFF9D000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS

BFF87000 - atapi.sys

EB818000 - aha154x.sys

EB690000 - disk.sys

EB420000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS

BFF65000 - fltmgr.sys

EB698000 - PxHelp20.sys

BFF53000 - KSecDD.sys

BFF40000 - DefragFS.sys

BFEC2000 - Ntfs.sys

BFE98000 - NDIS.sys

BFE82000 - Mup.sys

BFD87000 - btkrnl.sys

EB6A0000 - agp440.sys

BFD47000 - \SystemRoot\system32\DRIVERS\ks.sys

EB450000 - \SystemRoot\system32\DRIVERS\STREAM.SYS

EB874000 - \SystemRoot\system32\DRIVERS\PMJ151NM.sys

EB9CF000 - \SystemRoot\System32\DRIVERS\audstub.sys

EB460000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys

EB880000 - \SystemRoot\System32\DRIVERS\ndistapi.sys

BFD30000 - \SystemRoot\System32\DRIVERS\ndiswan.sys

EB890000 - \SystemRoot\System32\DRIVERS\TDI.SYS

EB470000 - \SystemRoot\System32\DRIVERS\raspptp.sys

EB6C8000 - \SystemRoot\System32\DRIVERS\ptilink.sys

EB6D8000 - \SystemRoot\System32\DRIVERS\raspti.sys

EB480000 - \SystemRoot\system32\DRIVERS\btwdndis.sys

EB89C000 - \SystemRoot\System32\DRIVERS\NtApm.sys

EB4A0000 - \SystemRoot\System32\DRIVERS\parallel.sys

EB4B0000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

BFAC6000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys

BFAA1000 - \SystemRoot\system32\drivers\portcls.sys

EB700000 - \SystemRoot\system32\drivers\cm8330sb.sys

EB718000 - \SystemRoot\system32\drivers\cm8330.sys

EB728000 - \SystemRoot\System32\DRIVERS\cdrom.sys

EB730000 - \SystemRoot\System32\Drivers\incdrm.SYS

EB738000 - \SystemRoot\System32\DRIVERS\InCDPass.sys

EB758000 - \SystemRoot\System32\DRIVERS\USBD.SYS

EB740000 - \SystemRoot\System32\DRIVERS\uhcd.sys

EB768000 - \SystemRoot\System32\DRIVERS\openhci.sys

BFA57000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS

EB780000 - \SystemRoot\System32\DRIVERS\usbehci.sys

EB790000 - \SystemRoot\System32\DRIVERS\RTL8139.SYS

EB7A0000 - \SystemRoot\system32\DRIVERS\btport.sys

EB9EA000 - \SystemRoot\System32\DRIVERS\swenum.sys

BFA2C000 - \SystemRoot\System32\DRIVERS\update.sys

EB4C0000 - \SystemRoot\System32\DRIVERS\i8042prt.sys

EB7B8000 - \SystemRoot\System32\DRIVERS\kbdclass.sys

EB7C8000 - \SystemRoot\System32\DRIVERS\parport.sys

EB4D0000 - \SystemRoot\System32\DRIVERS\serial.sys

EB8B8000 - \SystemRoot\System32\DRIVERS\serenum.sys

EB7E0000 - \SystemRoot\System32\DRIVERS\fdc.sys

EB7F0000 - \SystemRoot\System32\DRIVERS\mouclass.sys

EB4E0000 - \SystemRoot\System32\Drivers\NDProxy.SYS

EB800000 - \SystemRoot\System32\Drivers\EFS.SYS

EB500000 - \SystemRoot\System32\DRIVERS\usbhub.sys

EB510000 - \SystemRoot\System32\DRIVERS\usbhub20.sys

EB520000 - \SystemRoot\System32\Drivers\AFS2K.SYS

EB530000 - \SystemRoot\System32\Drivers\Cdr4_2K.SYS

EB6E8000 - \SystemRoot\System32\Drivers\Cdralw2k.SYS

EB90E000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS

EBA02000 - \SystemRoot\System32\Drivers\Null.SYS

EBA04000 - \SystemRoot\System32\Drivers\Beep.SYS

EB6F8000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS

EB8E8000 - \SystemRoot\System32\drivers\vga.sys

EBA0A000 - \SystemRoot\System32\Drivers\mnmdd.SYS

EB918000 - \??\C:\WINDOWS\system32\Drivers\InCDFatRec.sys

EB8EC000 - \SystemRoot\System32\Drivers\InCDrec.SYS

BE9F3000 - \SystemRoot\System32\Drivers\InCDfs.SYS

EB710000 - \SystemRoot\System32\Drivers\Msfs.SYS

EB540000 - \SystemRoot\System32\Drivers\Npfs.SYS

EB91E000 - \SystemRoot\System32\DRIVERS\rasacd.sys

BE904000 - \SystemRoot\System32\DRIVERS\tcpip.sys

EB550000 - \SystemRoot\System32\DRIVERS\msgpc.sys

EB760000 - \SystemRoot\System32\DRIVERS\wanarp.sys

BE8AF000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS

EB560000 - \SystemRoot\System32\DRIVERS\ipfltdrv.sys

BE884000 - \SystemRoot\System32\DRIVERS\netbt.sys

EB570000 - \SystemRoot\System32\DRIVERS\netbios.sys

BE821000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS

BE7F7000 - \SystemRoot\System32\DRIVERS\rdbss.sys

EB928000 - \SystemRoot\system32\drivers\nod32drv.sys

BE77F000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys

A0000000 - \??\C:\WINDOWS\system32\win32k.sys

BD5C5000 - \SystemRoot\System32\nv4_disp.dll

BD3BD000 - \SystemRoot\System32\drivers\ws2ifsl.sys

BD28D000 - \SystemRoot\System32\drivers\afd.sys

BD253000 - \SystemRoot\system32\drivers\wdmaud.sys

EB5A0000 - \SystemRoot\system32\drivers\sysaudio.sys

EB90C000 - \SystemRoot\System32\Drivers\ParVdm.SYS

BD0EB000 - \SystemRoot\system32\drivers\amon.sys

BD281000 - \SystemRoot\System32\Drivers\Aspi32.SYS

EB7B0000 - \??\C:\WINDOWS\system32\drivers\btserial.sys

BD0B9000 - \??\C:\WINDOWS\system32\drivers\btslbcsp.sys

EB9D0000 - \SystemRoot\System32\Drivers\cdenable.sys

BD1B3000 - \SystemRoot\System32\Drivers\Fips.SYS

EB97C000 - \??\C:\WINDOWS\system32\PfModNT.sys

BD011000 - \SystemRoot\System32\Drivers\Cdfs.SYS

BCEE1000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL

BCEDD000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL

EB720000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL

BCC05000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL

BCBF9000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL

BCBF1000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL

EB9BC000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL

BCBE9000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL

EB9C2000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL

EB906000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL

BCCE1000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL

BCDC5000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL

EB770000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL

EBB08000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

 

Total number of drivers = 126

 

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\Program Files

 

30/08/2007 18:30 <DIR> .

30/08/2007 18:30 <DIR> ..

19/04/2006 12:11 <DIR> 3B Software

14/08/2005 05:36 <DIR> ABC

22/11/2001 13:05 <DIR> Accessoires

16/08/2001 21:21 <DIR> ACD Systems

11/05/2001 11:39 53 248 ACMonitor_X73.exe

27/07/2001 06:58 47 ACMonitor_X73.ini

11/07/2007 20:59 <DIR> Active+

04/12/2001 06:18 <DIR> Adaptec

04/11/2006 04:26 <DIR> Adobe

09/07/2007 02:28 <DIR> adslTV

14/08/2007 12:13 <DIR> Agnitum

09/05/2006 12:32 <DIR> Ahead

23/02/2003 16:05 <DIR> AIPTEK

09/08/2006 13:01 <DIR> AnswersThatWork

20/08/2006 16:23 <DIR> ArbeDarts

17/12/2001 14:55 <DIR> Archive Web

05/01/2007 01:53 <DIR> audiograbber

15/09/2005 17:29 <DIR> Avanquest update

14/08/2007 12:06 <DIR> AxelTime

22/11/2006 17:18 <DIR> Azureus

15/09/2005 12:28 <DIR> Bluetooth Software

30/08/2006 15:35 <DIR> CartaGoGo

13/08/2005 14:53 <DIR> CCleaner

02/08/2004 21:10 <DIR> CDRWIN5

26/06/2005 04:09 <DIR> Clickmania_demo

20/06/2007 01:21 <DIR> Common Files

24/10/2005 01:04 <DIR> Creative

26/11/2006 23:53 <DIR> DirectVobSub

16/08/2001 20:22 <DIR> DirectX

18/11/2006 02:56 <DIR> DivX

21/08/2007 07:21 <DIR> Documents To Go

12/08/2005 14:37 <DIR> DXBall2

14/08/2007 12:06 <DIR> ESET

07/12/2001 16:19 <DIR> EuroTool

01/03/2007 22:29 <DIR> FairUse Wizard 2

14/08/2007 12:13 <DIR> Fichiers communs

05/01/2007 01:51 <DIR> Free Audio Pack

01/03/2007 03:03 <DIR> Free Audio Pack2

16/09/2006 00:47 <DIR> fun4palm

09/08/2007 12:58 <DIR> Ghostgum

09/08/2007 13:25 <DIR> ghostscript-8.60

03/07/2007 12:57 <DIR> Google

25/11/2006 03:04 <DIR> Grisoft

09/08/2007 14:15 <DIR> gs

24/04/2001 04:22 1 437 gtx73.ini

27/08/2004 13:03 <DIR> Happy Note

01/05/2007 01:33 <DIR> Hewlett-Packard

14/04/2007 14:16 <DIR> hilopoker

01/05/2007 01:32 <DIR> HP

25/06/2006 00:49 <DIR> Illustrate

01/06/2005 01:20 <DIR> Image 2 ASCII Art

20/06/2007 01:21 <DIR> Internet Explorer

12/08/2005 14:39 <DIR> iPuissance 4D

10/07/2006 13:37 <DIR> Java

25/11/2006 17:25 <DIR> jv16 PowerTools

30/05/2006 20:48 <DIR> KC Softwares

28/02/2007 01:19 <DIR> Kikoo

18/11/2006 03:05 <DIR> K-Lite Codec Pack

04/04/2006 18:44 <DIR> Lavasoft

17/07/2005 12:14 <DIR> Lavasoft RegHance

12/08/2007 10:47 <DIR> LIUtilities

08/05/2001 16:36 114 688 lxarscan.dll

18/11/2006 02:57 <DIR> Matroska Pack

27/01/2006 22:43 <DIR> Mes Jeux Installés

23/04/2003 17:28 <DIR> MGI

19/07/2007 10:37 <DIR> Microsoft CAPICOM 2.1.0.2

17/12/2001 14:42 <DIR> Microsoft FrontPage

19/09/2005 15:49 <DIR> Microsoft Games

27/05/2006 00:03 <DIR> Microsoft Money

17/12/2001 14:43 <DIR> Microsoft Office

30/05/2004 22:27 <DIR> Microsoft Référence

04/12/2001 02:10 <DIR> Microsoft Script Debugger

16/08/2001 20:35 <DIR> Microsoft Visual Studio

16/08/2001 21:29 <DIR> Mjuice Media Player

26/09/2005 17:57 <DIR> Mobile Master

15/09/2005 17:28 <DIR> Mobile Media Studio

16/09/2005 02:06 <DIR> MOBILedit!

14/08/2007 12:07 <DIR> Mozilla Firefox

17/08/2007 04:00 <DIR> Mozilla Thunderbird

04/04/2006 14:02 <DIR> MSN Messenger

07/10/2006 17:11 <DIR> MyDiscover

01/03/2007 02:47 <DIR> NCH Swift Sound

17/08/2005 03:03 <DIR> NetAbalone

19/02/2007 15:41 <DIR> NETGEAR

17/07/2005 13:03 <DIR> NetMeeting

29/08/2006 11:44 <DIR> Objective Tarot

06/03/2003 20:41 <DIR> OfficeUpdate

27/03/2006 18:28 <DIR> OfficeUpdate11

27/07/2006 18:31 <DIR> OO Software

06/07/2001 02:46 8 116 OSLO3071b2.USB

12/06/2001 15:28 8 154 OsloD3069.usb

14/08/2007 12:07 <DIR> Outlook Express

14/08/2007 12:07 <DIR> palmOne

26/09/2005 04:57 <DIR> Paprikari

16/06/2007 12:19 <DIR> PartitionMagic 8.0

08/08/2007 12:56 <DIR> PDF Password Remover v2.1

11/08/2007 12:46 <DIR> PDF Password Remover v3.0

09/08/2007 13:01 <DIR> PDFCreator

16/08/2001 20:09 <DIR> PLUS!

05/09/2006 14:06 <DIR> PointSoft

16/04/2007 12:27 <DIR> PokerTH

06/03/2005 23:45 <DIR> Power Defrag

27/08/2006 12:04 <DIR> Power-Tarot

14/04/2007 14:13 <DIR> ppoker

15/08/2005 00:20 <DIR> Program Files

02/06/2006 03:25 <DIR> PronoLoto Expert

16/08/2001 20:37 <DIR> Publication Web

18/11/2006 02:58 <DIR> QuickTime

27/02/2007 16:55 <DIR> Random Software

17/04/2007 12:21 <DIR> Raxco

18/11/2006 03:00 <DIR> RealPlayer

09/03/2005 15:09 <DIR> RealVNC

25/09/2005 07:31 <DIR> ReflexiveArcade

15/06/2007 16:15 <DIR> RegClean

27/02/2007 23:59 <DIR> Registry Repair 2006

15/06/2007 16:15 <DIR> RegSupreme

18/06/2007 20:25 <DIR> Safer Networking

07/10/2006 16:46 <DIR> SAGEM

07/06/2005 12:34 <DIR> SCIIArt

27/07/2005 14:13 <DIR> Serials 2000

12/08/2007 12:04 <DIR> Serials 2000 7.1 Plus

22/11/2001 13:21 <DIR> Services en ligne

02/06/2006 12:34 <DIR> SiSoftware

14/01/2005 01:16 <DIR> Skype

12/07/2006 13:58 <DIR> SLD Codec Pack

16/08/2001 20:32 <DIR> Snapshot Viewer

14/08/2005 19:29 <DIR> Sokoban

14/08/2005 19:28 <DIR> SolidDocuments

14/08/2007 12:07 <DIR> Spybot - Search & Destroy

19/06/2006 14:03 <DIR> Sudoku

03/05/2004 01:02 <DIR> Support Tools

25/11/2006 14:55 <DIR> Symantec

28/02/2003 13:30 <DIR> Systran

13/02/2003 16:46 <DIR> TCADWIN

30/08/2007 18:30 <DIR> Trend Micro

17/08/2007 01:09 <DIR> TuneUp Utilities 2007

17/07/2005 12:59 <DIR> Uninstall Information

23/07/2006 02:55 <DIR> uTorrent

29/08/2007 11:07 <DIR> VideoLAN

01/01/1998 01:52 <DIR> Vilma

27/02/2007 16:42 <DIR> VirtualCloneDrive

16/08/2007 17:25 <DIR> WebMediaPlayer

07/01/2005 17:29 <DIR> Webroot

05/09/2006 12:52 <DIR> Webtarot

13/02/2007 02:59 <DIR> Webteh

27/02/2007 18:05 <DIR> Western Digital Technologies

30/05/2004 21:04 <DIR> Windows Journal Viewer

25/06/2006 00:54 <DIR> Windows Media Components

01/03/2007 02:58 <DIR> Windows Media Player

29/01/2004 13:35 <DIR> Windows NT

12/04/2006 12:27 <DIR> WinHTTrack

14/08/2007 12:07 <DIR> WinRAR

10/02/2003 00:43 <DIR> WinRoute Pro

14/08/2007 12:07 <DIR> WinZip

03/07/2006 19:05 <DIR> WinZip10pro

08/05/2006 12:29 <DIR> WMV9_VCM

03/09/2006 04:38 <DIR> wormsarm

22/02/2001 23:54 768 x73_lut.dat

18/05/2004 16:34 <DIR> Xanadu

16/08/2001 21:44 <DIR> Xara

02/10/2005 15:37 <DIR> X-Setup

23/08/2005 21:13 <DIR> X-Setup Pro

02/10/2005 15:51 <DIR> X-Setup6.3

18/11/2006 02:56 <DIR> XviD

08/06/2007 16:37 <DIR> Yahoo!

30/08/2006 20:07 <DIR> YAYG

17/11/2006 18:42 <DIR> Zoom Player

7 fichier(s) 186 458 octets

162 Rép(s) 5 296 028 160 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\Program Files\fichiers communs

 

14/08/2007 12:13 <DIR> .

14/08/2007 12:13 <DIR> ..

08/05/2006 12:38 <DIR> Adaptec Shared

14/08/2005 20:15 <DIR> Adobe

06/06/2005 00:04 <DIR> Adobe Systems Shared

14/08/2007 12:13 <DIR> Agnitum Shared

08/05/2006 16:44 <DIR> Ahead

14/09/2006 23:39 <DIR> DataViz

05/12/2001 16:33 <DIR> Designer

09/08/2006 13:01 <DIR> eSellerate

09/08/2007 12:57 <DIR> GTK

26/04/2004 19:53 <DIR> Hewlett-Packard

01/05/2007 01:32 <DIR> HP

15/09/2005 17:27 <DIR> InstallShield

25/08/2005 15:52 <DIR> Java

11/08/2006 11:16 <DIR> LightScribe

12/08/2007 13:25 <DIR> Microsoft Shared

26/04/2004 19:51 <DIR> MSSoap

13/07/2006 19:09 <DIR> ODBC

07/03/2006 21:33 <DIR> PC SOFT

17/04/2007 12:21 <DIR> Raxco

18/11/2006 03:00 <DIR> Real

26/09/2005 05:12 <DIR> SC Test Branding 1 Shared

10/12/2006 12:02 <DIR> SERVICES

18/12/2006 14:27 <DIR> SYSTEM

17/08/2007 00:59 <DIR> Wise Installation Wizard

0 fichier(s) 0 octets

26 Rép(s) 5 296 027 136 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

29/01/2004 13:31 <DIR> .

29/01/2004 13:31 <DIR> ..

01/03/2002 00:03 561 209 MSONSEXT.DLL

03/06/1999 20:09 122 937 MSOWS409.DLL

08/04/1999 21:49 127 032 MSOWS40C.dll

18/03/1999 06:37 593 977 RAGENT.DLL

4 fichier(s) 1 405 155 octets

2 Rép(s) 5 296 025 600 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\Program Files\common files

 

20/06/2007 01:21 <DIR> .

20/06/2007 01:21 <DIR> ..

20/06/2007 01:21 <DIR> System

0 fichier(s) 0 octets

3 Rép(s) 5 296 025 088 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\

 

12/05/2007 18:22 68 096 diff.exe

12/05/2007 18:22 103 424 grep.exe

2 fichier(s) 171 520 octets

0 Rép(s) 5 296 032 768 octets libres

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe

c:\Documents and Settings\David\Mes documents\David\20060407_sagem_usb_drivers_setup.exe

c:\Documents and Settings\David\Mes documents\David\GoogleEarthSetup.exe

c:\Documents and Settings\David\Mes documents\David\mpas_7_15.exe

c:\Documents and Settings\David\Mes documents\David\yetisports3.exe

c:\Documents and Settings\David\Mes documents\David\Download\Ad-Reghance\regh.exe

c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\BtserverSpylite.exe

c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\instmsia.exe

c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\instmsiw.exe

c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\setup.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-aiff.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-mp3PRO-decoder.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-musepack.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-ogg.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wma.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav2.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav8.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav9.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-OggVorbis-CLI.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\db-wmfdist-wma9.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-Mp3-MP3PRO-Encoder-CLI.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-r9.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-WMA8-Encoder-CLI.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\Combined-Community-Codec-Pack-2006-07-28.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\klmcodec160.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\Matroska_Pack_Full_v1.1.2.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\MPSetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\regcln41.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\RegSupreme_setup.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\WM9Codecs.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\wmv9VCMsetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\zp_french451.exe

c:\Documents and Settings\David\Mes documents\David\Download\Drivers Clef\Win98Drv1130_8.2.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\_ISDEL.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\aballs.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Abalone.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\abalone2.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\abalone3.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\arbedarts.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CaromV302.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CAVALCAD.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CHGLINE.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\colorbreak2.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\cueclub_ns.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\dartssetupdemo.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\DDDPoolSetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\FOURMI.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\hexagon.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install_super_othello3d.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install_super_puissance4.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ipuissance4d-6.0b11-install.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\iPuissance4D-v5.03.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ISOLA.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\KickShotPoolSetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\LABYRINTHE2.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\MENUX.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\MOUSEON.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\NAFRPART.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ot_271.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\OTHELLO.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\P4.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\PBudYSetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\SETUP.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Sokoban.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\TIR.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\AuGrandBazar\tarot\_ISDEL.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\AuGrandBazar\tarot\SETUP.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\_ISDEL.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\_SETUP.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\INST32I.EXe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\SETUP.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\P4\P4.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Stack\STACK.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\Yeti1_dc_free.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports1.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports2.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports3.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports4.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports5.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports6.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports7.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports8.exe

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\LINEAR8.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\MODEM.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\PHONE.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\PHONX.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\SYS_ID.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\TTS.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\TTS_E.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Nero\LS_HSI.EXE

c:\Documents and Settings\David\Mes documents\David\Download\palm\documentstogopro7006-fr.exe

c:\Documents and Settings\David\Mes documents\David\Download\palm\Nouveau dossier\install.exe

c:\Documents and Settings\David\Mes documents\David\Download\tarot\install.exe

c:\Documents and Settings\David\Mes documents\David\Download\video\kickshotpool.exe

c:\Documents and Settings\David\Mes documents\David\Download\video\mj_40en.exe

c:\Documents and Settings\David\Mes documents\David\IDAPI\BDECFG.EXE

c:\Documents and Settings\David\Mes documents\David\OD 91\planning\PLANNING.EXE

c:\Documents and Settings\David\Mes documents\David\palm2\AdobeReader305-PalmOS_fra.exe

c:\Documents and Settings\David\Mes documents\David\palm2\setup.exe

c:\Documents and Settings\David\Mes documents\David\poker\poker2003.exe

c:\Documents and Settings\David\Mes documents\David\Registry Repair\install.exe

c:\Documents and Settings\David\Mes documents\David\Registry Repair\Registry Repair 2006.exe

c:\Documents and Settings\David\Mes documents\David\Seu\loto_dem\DISK1\_ISDEL.EXE

c:\Documents and Settings\David\Mes documents\David\Seu\loto_dem\DISK1\SETUP.EXE

c:\Documents and Settings\David\Mes documents\David\Sudoku\AUTORUN.EXE

c:\Documents and Settings\David\Mes documents\David\Sudoku\NAVIGMA.EXE

c:\Documents and Settings\David\Mes documents\David\Sudoku\setup\Setup.exe

c:\Documents and Settings\David\Mes documents\David\Sudoku\setup\Dx90c\DirectX9\dxsetup.exe

c:\Documents and Settings\David\Mes documents\David\Tarot2\Install.EXE

c:\Documents and Settings\David\Mes documents\David\Tarot2\PointSoft.exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\avg70t_271a363.exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\Crack Abonnement Norton 2003-2004 Pour Windows Xp Et 2000 (Livesubscribe).exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\netsetup.exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\David\SP16825.exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\David\SP21117.exe

c:\Documents and Settings\David\Mes documents\Downloads\Codecs for all films 2003.exe

c:\Documents and Settings\David\Mes documents\Downloads\serials 2000\s2k-v7.1.PasswordFix.exe

c:\Documents and Settings\David\Mes documents\Serials2k\s2k-v7.1.PasswordFix.exe

c:\Documents and Settings\David\Mes documents\Serials2k\ser2k70.exe

c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe

c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe

c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe

c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{8C92D38B-C1DE-490A-B6D1-AAAA8E17DCE2}\Icon8C92D38B.exe

c:\Documents and Settings\David.GABRIEL\Bureau920i32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\61.77_win2kxp_international.exe

c:\Documents and Settings\David.GABRIEL\Bureau\catchme.exe

c:\Documents and Settings\David.GABRIEL\Bureau\ccsetup136.exe

c:\Documents and Settings\David.GABRIEL\Bureau\diff.exe

c:\Documents and Settings\David.GABRIEL\Bureau\dMC-r12.exe

c:\Documents and Settings\David.GABRIEL\Bureau\dumphive.exe

c:\Documents and Settings\David.GABRIEL\Bureau\FilesInfoCmd.exe

c:\Documents and Settings\David.GABRIEL\Bureau\find2.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Fport.exe

c:\Documents and Settings\David.GABRIEL\Bureau\FU-Setup_LE.exe

c:\Documents and Settings\David.GABRIEL\Bureau\grep.exe

c:\Documents and Settings\David.GABRIEL\Bureau\HJTInstall.exe

c:\Documents and Settings\David.GABRIEL\Bureau\KProcCheck.exe

c:\Documents and Settings\David.GABRIEL\Bureau\LFiles.exe

c:\Documents and Settings\David.GABRIEL\Bureau\LISTDLLS.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Navilog1.exe

c:\Documents and Settings\David.GABRIEL\Bureau\pslist.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Setup_FreeConverter.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Setup_KRAC_EN(2).exe

c:\Documents and Settings\David.GABRIEL\Bureau\Setup_KRAC_EN.exe

c:\Documents and Settings\David.GABRIEL\Bureau\streams.exe

c:\Documents and Settings\David.GABRIEL\Bureau\swreg.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\FreePCvcR_v0.6.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\cr-cpa60.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\defrag.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\vnc-4_1-x86_win32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\wrar330fr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\antivir\40comupd.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\antivir\install.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\antivir\setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\antivir\spybotsd14.exe

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\CDSTART.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SYMSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\MANUAL\AR600FRA.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\OMIGRATE.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\UPSWPLUG.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\COMMONFI\SYMSHARE\CFGWIZ.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\COMMONFI\SYMSHARE\DJSNETCN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\COMMONFI\SYMSHARE\LRSEND.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\COMMONFI\SYMSHARE\SMNLNCH.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\COMMONFI\SYMSHARE\SSAUTORN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\BOOTWARN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\NAVAPW32.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\CCIMSCAN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\NAVAPSVC.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\NAVDX.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\NAVSTUB.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\NAVW32.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\NAVWNT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\OPSCAN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\QCONSOLE.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\SAVSCAN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\NAV\EXTERNAL\NORTON\APP\UNDOBOOT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\ADBLCK\COMMON\SYMSHARE\ADBLCK\ADTRASH.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\ASCORE\COMMON\SYMSHARE\ANTISPAM\ASOELNCH.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\ASCORE\COMMON\SYMSHARE\ANTISPAM\RULEWIZ.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\FIREWALL\APP\HNETWIZ.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\ISCOMMON\APP\ALERTAST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\ISCOMMON\APP\ALESCAN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\ISCOMMON\APP\IAMSTATS.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\ISCOMMON\APP\LOGEXPRT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\ISCOMMON\COMMON\SYMSHARE\ADBLCK\NSMDTR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\PCONTROL\APP\PCWIZ.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\PCONTROL\APP\URLLSTCK.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\PCONTROL\APP\URLUPDAT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\PRIVACY\APP\NISEMSVR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\SETUP\COMMON\SYMSHARE\ANTISPAM\EUDOHELP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\SYMLT\COMMON\SYMSHARE\CFGWIZ.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SETUP\SYMLT\COMMON\SYMSHARE\SMNLNCH.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\ALERULES\ALERULES.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\CCCOMMON\CCCOMMON\COMMONFI\SYMSHARE\CCAPP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\CCCOMMON\CCCOMMON\COMMONFI\SYMSHARE\CCEVTMGR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\CCCOMMON\CCCOMMON\COMMONFI\SYMSHARE\CCLGVIEW.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\CCCOMMON\CCCOMMON\COMMONFI\SYMSHARE\CCPWDSVC.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\CCCOMMON\CCCOMMON\COMMONFI\SYMSHARE\CCSETMGR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\CCCOMMON\CCCOMMON\COMMONFI\SYMSHARE\NMAIN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\DCOM98\DCOM98.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\EDISK\NED.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\FRE\FREMSI.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\FRE\FREUPDT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\LIVEREG\LRSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\LUPDATE\LUSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\MEMSCAN\MEMSCAN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\MSI\INSTMSIA.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\MSI\INSTMSIW.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\MSIE\IE55URD.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\MSIE\IE6SETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NAVTOOLS\REPAIR\AUTOUPDR\FIXUPDTR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NAVTOOLS\REPAIR\BLASTER\FIXBLAST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NAVTOOLS\REPAIR\BUGBEAR\FIXBUGB.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NAVTOOLS\REPAIR\OPASERV\FIXOPSRV.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NAVTOOLS\REPAIR\SOBIG.A\FIXSOBIG.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NAVTOOLS\REPAIR\SOBIG.B\FXSOBIGB.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NAVTOOLS\REPAIR\SOBIG.C\FIXSBIGC.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NAVTOOLS\REPAIR\SOBIG.E\FIXSBIGE.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\NISTOOLS\ISRLRSTR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\PRESCAN\PRESCAN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\PROXY\CCPXYMSI\COMMON\SYMSHARE\CCPROXY.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\SEVINST\SEVINST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\SYMLNCH\SYMLNCH.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\SYMNET\SYMNET\COMMON\SYMSHARE\SNDINST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\SYMNET\SYMNET\COMMON\SYMSHARE\SNDSRVC.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\SYMNET\SYMNET\COMMON\SYMSHARE\IDSDEFS\IDSCOLU.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\SYMNET\SYMNET\COMMON\SYMSHARE\IDSDEFS\IDSLU.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\A classer\Nouveau dossier\Symantec Norton Internet Security 2004 - Francais + Crack abonnement\SUPPORT\URLLIST\URLLIST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\fair\FairUseCommander.exe

c:\Documents and Settings\David.GABRIEL\Bureau\fair2\FairUse4WM.exe

c:\Documents and Settings\David.GABRIEL\Bureau\fair2\FairUseCommander.exe

c:\Documents and Settings\David.GABRIEL\Bureau\HP\HpAiOScrubber_v2038.exe

c:\Documents and Settings\David.GABRIEL\Bureau\HP\HpCartridgeCompatibilityWin2KXP_v2.exe

c:\Documents and Settings\David.GABRIEL\Bureau\HP\HPPSE1.12.0.46FRA.exe

c:\Documents and Settings\David.GABRIEL\Bureau\HP\rw2_021_w02_fra.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Ma111\MA111SW\autorun.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Ma111\MA111SW\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Ma111\MA111SW\utility\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\SHELEXEC.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\_ISDel.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\BackLog.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\BootWarn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\DefAlert.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\navapw32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NAVDX.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NAVDX_N.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NavRunr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NavUStub.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NAVW32.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NMain.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NRunOnce.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\nsched32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NSPlugIn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\NTaskMgr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\nvlaunch.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\POProxy.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\qconsole.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\regnav.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\regsvr32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\ScnHndlr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\sevinst.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\subfixp.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\undoboot.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\MSSHLIB\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\_ISDel.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\ADAPTER.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\CPUID.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\CS.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\CSALLOC4.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\CSALLOC5.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\DRIVELTR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\IMGICON.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\rescue.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\RESCUE32.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\RESCUEDV.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\RESCUEN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\rshell.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\RShelln.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\RShellv.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\SCSICFG.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\SS365LP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\SS365SL.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\SSCIRRUS.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\SSDBOOK.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\SSO2M.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\SSTOPIC.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\SSVADEM.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAV9XME\RESCUE\ZIPRECVR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\_ISDel.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\alertsvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\BackLog.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\BootWarn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\DefAlert.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\n32scanw.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\navapsvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\navapw32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\NavRunr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\NavUStub.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\navwnt.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\NMain.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\NPSCheck.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\npssvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\NSPlugIn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\NTaskMgr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\nvlaunch.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\POProxy.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\qconsole.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\Regnav.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\regsvr32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\ScnHndlr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\NAVNTW2K\sevinst.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\Support\ComCtl32\401COMUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\Support\ComCtl32\50COMUPD.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\Support\LiveReg\LRSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\Support\LUpdate\LUSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\Support\SHFolder\SHFOLDER.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\Support\wintDist\JAWINT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\Support\wintDist\WINTDIST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinFR\VirusDef\DefInst.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\_ISDel.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\BackLog.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\BootWarn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\DefAlert.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\navapw32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NAVDX.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NAVDX_N.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NavRunr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NavUStub.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NAVW32.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NMain.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NRunOnce.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\nsched32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NSPlugIn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\NTaskMgr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\nvlaunch.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\POProxy.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\qconsole.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\regnav.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\regsvr32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\ScnHndlr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\sevinst.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\subfixp.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\undoboot.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\MSSHLIB\SETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\_ISDel.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\ADAPTER.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\CPUID.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\CS.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\CSALLOC4.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\CSALLOC5.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\DRIVELTR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\IMGICON.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\rescue.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\RESCUE32.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\RESCUEDV.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\RESCUEN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\rshell.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\RShelln.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\RShellv.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\SCSICFG.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\SS365LP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\SS365SL.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\SSCIRRUS.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\SSDBOOK.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\SSO2M.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\SSTOPIC.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\SSVADEM.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAV9XME\RESCUE\ZIPRECVR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\_ISDel.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\alertsvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\BackLog.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\BootWarn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\DefAlert.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\n32scanw.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\navapsvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\navapw32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\NavRunr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\NavUStub.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\navwnt.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\NMain.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\NPSCheck.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\npssvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\NSPlugIn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\NTaskMgr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\nvlaunch.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\POProxy.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\qconsole.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\regnav.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\regsvr32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\ScnHndlr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\NAVNTW2K\sevinst.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\COMCTL32\401COMUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\COMCTL32\50COMUPD.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\EDISK\Ned.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\LIVEREG\LRSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\LUPDATE\LUSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\NAVTOOLS\ALL_BOOT\ALL_BOOT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\NAVTOOLS\REPAIR\FIXBUDDY.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\NAVTOOLS\REPAIR\FIXHAPPY.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\NAVTOOLS\REPAIR\FIXLIFE.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\NAVTOOLS\REPAIR\FIXLOVE.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\NAVTOOLS\REPAIR\KILL_CIH.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\NAVTOOLS\REPAIR\KILL_EZ.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\SHFOLDER\SHFOLDER.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\WINTDIST\JAWINT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\SUPPORT\WINTDIST\WINTDIST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinSP\VIRUSDEF\DEFINST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\_ISDel.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\BackLog.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\BootWarn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\DefAlert.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\navapw32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NAVDX.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NAVDX_N.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NavRunr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NavUStub.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NAVW32.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NMain.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NRunOnce.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\nsched32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NSPlugIn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\NTaskMgr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\nvlaunch.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\POProxy.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\qconsole.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\regnav.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\regsvr32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\ScnHndlr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\sevinst.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\subfixp.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\undoboot.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\MSSHLIB\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\ADAPTER.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\CPUID.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\CS.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\CSALLOC4.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\CSALLOC5.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\DRIVELTR.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\IMGICON.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\RESCUE.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\Rescue32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\RESCUEDV.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\RESCUEN.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\RShell.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\RShelln.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\RShellv.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\SCSICFG.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\SS365LP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\SS365SL.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\SSCIRRUS.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\SSDBOOK.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\SSO2M.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\SSTOPIC.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\SSVADEM.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Nav9xME\RESCUE\ZipRecvr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\_ISDel.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\alertsvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\BackLog.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\BootWarn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\DefAlert.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\n32scanw.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\navapsvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\navapw32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\NavRunr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\NavUStub.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\navwnt.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\NMain.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\NPSCheck.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\npssvc.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\NSPlugIn.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\NTaskMgr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\nvlaunch.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\POProxy.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\qconsole.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\regnav.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\regsvr32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\ScnHndlr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\NavNTW2K\sevinst.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Support\ComCtl32\401comup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Support\ComCtl32\50comupd.exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Support\LiveReg\LRSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Support\LUpdate\LUSETUP.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Support\SHFolder\ShFolder.Exe

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Support\wintDist\JAWINT.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\Support\wintDist\WINTDIST.EXE

c:\Documents and Settings\David.GABRIEL\Bureau\NoNort\BinUK\VirusDef\DefInst.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Spy\runalyz.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Spy\spybotsd_advcheck.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Spy\spybotsd_includes.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Spy\spybotsd_tools.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Spy\spybotsd14.exe

c:\Documents and Settings\David.GABRIEL\Local Settings\Application Data\WMFMetadataReader\FairUseCommander.exe_Url_kfahvpvokiuzmtgubcipixk4amkg1udf

c:\Documents and Settings\David.GABRIEL\Local Settings\Application Data\WMFMetadataReader\FairUseCommander.exe_Url_sjmhc2jh3qy0jlrfqe2jy1peeb15ux1q

c:\Documents and Settings\David.GABRIEL\Local Settings\Temp\15767.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\drivers.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Bluetooth\fma-0.1.0.35-setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Crack Abonnement Norton 2003-2004 Pour Windows Xp Et 2000 (Livesubscribe).exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\directx_9c_oct05sdk_redist.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\BVA\OD 91\planning\PLANNING.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\OD 91\planning\PLANNING.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETI1_DC_FREE.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS1.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS2.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS5.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\sagem\20060407_sagem_usb_drivers_setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\IDAPI\BDECFG.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\David\20060407_sagem_usb_drivers_setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\David\GoogleEarthSetup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\David\mpas_7_15.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\David\yetisports3.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\avg75iswt_431a836.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\CAPICOM-KB931906-v2102(2).exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\CAPICOM-KB931906-v2102.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ccsetup140.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Codecs for all films 2003.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Freeplayer-Win32-20050905.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\fsbl.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gs854w32.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gsv48w32(2).exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gsv48w32.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gtk+-2.10.13-setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\HiJackThis_v2.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\installer-15767-33-PerfectDisk-8-0-54-2000-XP-French.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\LSPFix.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\nentfrst.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OutpostProInstallFr.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OutpostProInstallPackage.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\PDFCreator-0_9_3_GPLGhostscript.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\powerdefrag.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\pwdremover.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\SBPCI_WebDrvsV5_12_01.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Service+Setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\setup-adsltv.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\spybotsd14.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\StepByStepInteractiveTraining-KB923723-x86-FRA.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\updatecdr4_53_71.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\vlc-0.8.6c-win32.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\win_easybox_4.0(2).exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\win_easybox_4.0.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB925902-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB927891-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB930178-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB931784-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB932168-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935839-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935840-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935843-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935966-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\WindowsXP-KB823980-x86-FRA.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\EasyBox\win_easybox_4.0.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\BSPlayer Pro.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Keygen.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\vsfilter.2.37_nt.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\vsfilter.2.37_nt.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\BSPlayer Pro 2.10\BSPlayer Pro.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\BSPlayer Pro 2.10\Keygen.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Nouveau dossier\dotheshit.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Nouveau dossier\OutpostSecuritySuiteProInstall.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OO.Defrag.Professional.Edition.v8.5.1788.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\serials 2000\s2k-v7.1.PasswordFix.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\The.Ultimate.Troubleshooter.v3.20-RES-crk\troubleshooter.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\The.Ultimate.Troubleshooter.v3.20-RES-crk\UltimateTroubleshooter.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\WinZip 10.0.6699 Pro (full)\winzip100.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Zone Alarm Pro 6.1.744.001\Zone Alarm Pro Key Generator.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Zone Alarm Pro 6.1.744.001\ZoneAlarm Pro 6.1.744.001.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Registre\regexp.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Serials2k\s2k-v7.1.PasswordFix.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Serials2k\ser2k70.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\testdisk-6.5\win\photorec_win.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\testdisk-6.5\win\testdisk_win.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Tune\keygen.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Tune\TU2007TrialFR.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\win\photorec_win.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\win\testdisk_win.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\ARPPRODUCTICON.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\serial2k.exe_AA64977EBEC84BDD81E8775F9F2FA2FF.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\uninst_s2k.exe_AA64977EBEC84BDD81E8775F9F2FA2FF.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\ARPPRODUCTICON.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1_45BA714564B04B5DBDC240E20FCDC6DC.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut3.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut5.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6_45BA714564B04B5DBDC240E20FCDC6DC.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\PalmDesktopShortcut.exe

c:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\VFHXLSK5\PD80ENp_x86[1].exe

c:\Documents and Settings\Gabriel\Mes documents\Downloads\wintasksprofessional.EXE

c:\Documents and Settings\Gabriel\Mes documents\Downloads\OutpostSecuritySuitePRO2007\dotheshit.exe

c:\Documents and Settings\Gabriel\Mes documents\Downloads\OutpostSecuritySuitePRO2007\OutpostSecuritySuiteProInstall.exe

c:\Documents and Settings\Gabriel\Mes documents\Downloads\PDF.Password.Remover.v3.0.WinALL-CHiCNCREAM\pwdremover.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\ARPPRODUCTICON.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe

c:\Documents and Settings\Papa\Bureau\Freeplayer-Win32-20050905.exe

c:\Documents and Settings\Papa\Bureau\Google_Earth_BZXE.exe

c:\Documents and Settings\Papa\Bureau\vlc-0.8.6c-win32.exe

c:\Documents and Settings\Papa\Local Settings\Temp\waunst_.exe

c:\Documents and Settings\Papa\Mes documents\aaw-lang-pack.exe

c:\Documents and Settings\Papa\Mes documents\ad aware w6181.exe

c:\Documents and Settings\Papa\Mes documents\emprunt.exe

c:\Documents and Settings\Papa\Mes documents\GoogleEarth-0762.exe

c:\Documents and Settings\Papa\Mes documents\OODefrag8ProfessionalEnu.exe

c:\Documents and Settings\Papa\Mes documents\powerdefrag.exe

c:\Documents and Settings\Papa\Mes documents\spyswp3_anshare356.exe

c:\Documents and Settings\Papa\Mes documents\download\Windows-KB890830-V1.22.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Setup.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe DNG Converter\Adobe DNG Converter.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\instmsia.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\instmsiw.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\setup.exe

c:\Documents and Settings\Papa\Mes documents\Secours Free\ispare.exe

c:\Documents and Settings\Papa\Mes documents\telechargement\setup_file_recover_trial.exe

c:\Program Files\Documents To Go\DocsToGo.exe

c:\Program Files\Documents To Go\HandheldInstall.exe

c:\Program Files\Documents To Go\OfficeAddinInstaller.exe

c:\Program Files\Documents To Go\OfficeAddinUninstaller.exe

c:\Program Files\Documents To Go\ptgxlat.exe

c:\Program Files\Documents To Go\ZipUtil.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\Setup.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\50comupd.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\InstMsiA.Exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\InstMsiW.Exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\msaardk.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\msxml3sp1.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\solidconverterpdf\setup.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\solidconverterpdf\solidconvertersetuppdf.exe

c:\WINDOWS\Installer\{EB807EB6-5179-48B7-98D4-7B4934A57A81}\DocumentsToGo.exe

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll

c:\Documents and Settings\David.GABRIEL\Application Data\Mozilla\Firefox\Profiles\frffk686.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\FFHook.dll

c:\Documents and Settings\David.GABRIEL\Application Data\Mozilla\Firefox\Profiles\frffk686.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\McAPFilt.dll

c:\Documents and Settings\David.GABRIEL\Application Data\TaoUSign\jsec.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll

c:\Documents and Settings\Davide\Application Data\Mozilla\Firefox\Profiles\sxi8req9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll

c:\Documents and Settings\Davide\Application Data\Mozilla\Firefox\Profiles\sxi8req9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll

c:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\o6v6juxl.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\FFHook.dll

c:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\o6v6juxl.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\McAPFilt.dll

c:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\o6v6juxl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll

c:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\o6v6juxl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll

 

****** Fin du rapport DiagHelp

Merci....

Modifié le 30 août 2007 par David de Lyon

[WawaSeb]

Bonsoir David de Lyon,

 

*** Tu n'auras pas accès au net pendant une partie de la procédure, je t'encourage à enregistrer ce texte ou à l'imprimer... ***

 

Ton système est en effet salement infecté !!!

Même si nous parvenons à enlever tous les malware's présents sur ton système, je ne pourrai pas te garantir que ton ordinateur fonctionnera parfaitement par la suite...

Cela ne m'étonne pas !!! ***

---> Outre l'aspect illégal de ce qui va suivre, tu mets ta machine en très grand danger...

Azureus

Serials 2000

Serials 2000 7.1 Plus

uTorrent

Crack Abonnement Norton 2003-2004 Pour Windows Xp Et 2000 (Livesubscribe).exe

Mes documents\Downloads\serials 2000\

Symantec Norton Internet Security 2004 - Francais + Crack abonnement\CDSTART.EXE

Lost_Season03_Episodes_01-06\Keygen.exe

Sous titre Lost S03 et Prison Break French\BSPlayer Pro 2.10\Keygen.exe

OO.Defrag.Professional.Edition.v8.5.1788.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe

Zone Alarm Pro Key Generator.exe

Tune\keygen.exe

---> Il est aberrant d'installer des logiciels antivirus piratés, ils sont la plupart du temps déjà vecteurs d'infections...

---> J'espère qu'il n'est pas trop tard...

 

 

1 ) Clique sur Démarrer, puis sur Panneau de configration et va dans l'Ajout /Suppression de programmes :

• Désinstalle (si présent) Serials 2000 et tous les programmes similaires
  
• Désinstalle (si présent) hilopoker
  
• Désinstalle (si présent) PokerTH
  

----> Les programmes de Poker viennent très souvent avec ou par des malware's !!!

 

 

2 ) Télécharge Navipromo de lazzzy et décompresse-le sur ton bureau

 

 

3 ) Télécharge Brute Force Uninstaller (de Merijn).

Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

 

FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU).

 

# Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champ "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

 

 

4 ) Démarre en mode sans échec sur ta session comme indiqué ici

• Double-clique sur Navipromo.bat (dans le dossier Navipromo073)
  
• Appuie sur la touche R, puis sur ENTER pour choisir l'option "Recherche et suppression automatique"
  

---> S'il trouve des fichiers infectés, tu devras à nouveau presser une touche pour lancer le nettoyage... (ferme le rapport = texte qui vient de s'ouvrir)

• Relance Navipromo.bat (toujours dans le dossier Navipromo073)
  
• Appuie sur la touche H, puis sur ENTER pour choisir l'option "Suppression Heuristique" (ferme à nouveau le rapport qui s'ouvre après quelques minutes)
  

5 ) Clique sur Démarrer, puis sur Panneau de configration et va dans l'Ajout /Suppression de programmes :

• Désinstalle (si présent) Media Access
  

6 ) Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

• Clique sur le petit dossier jaune (à droite de la boîte "Scriptline to execute") ;
  
• Double-clique sur EGDACCESS.bfu
  
• Tu devrais maintenant voir ceci dans la boîte "Scriptline to execute" : C:\BFU\EGDACCESS.bfu
  
• Clique sur Exécute
  

Attendre que Complete script execution apparaîsse et clique sur OK.

Clique Exit pour fermer le programme BFU.

 

 

7 ) Télécharge ATF Cleaner de Atribune sur ton bureau. Ce programme sert à nettoyer les fichiers inutiles !

 

- Double-clique sur ATF-Cleaner.exe

 

Coche ceci :

• Windows Temp
  
• Current User Temp
  
• All Users Temp
  
• Cookies
  
• Temporary Internet Files
  
• Prefetch
  
• Java Cache
  
• Recycle Bin
  

- Clique sur Empty Selected et au message "Done Cleaning" sur Ok

 

 

8 ) Télécharge gmer (je t'envoie l'adresse en privé)

• Déconnecte-toi d'internet si possible et ferme tous les programmes.
  
• Décompresse le fichier zip, renomme gmer.exe en gwennig.exe et double-clic sur gwennig.exe
  
• Clique sur l'onglet "rootkit" et ensuite sur Scan
  
• Lorsque le scan est terminé, choisis "copy"
  
• Ouvre le bloc-note et clique dans le menu Edition sur Coller
  
• Le rapport doit alors apparaître.
  
• Enregistre le fichier sur ton bureau et copie/colle son contenu ici
  

 

# Est-ce toi qui as mis ces sites (lignes commençant par 127.0.0.1) dans ton fichier HOSTS ? --> Je suppose que non

 

Merci de poster les rapports suivants :

1. Gmer
   
2. Nouvel HijackThis
   

Bon travail !

[David de Lyon]

Bonjour WawaSeb !!!!

Merci encore pour le temps que tu me consacre....

 

J'ai effectué les diverses opérations, mais le site de gmer est inaccessible (pour le moment?). Donc tout sauf gmer.

 

En attendant d'autres instructions, voici mes nouveaux rapports HijackThis, DiagHelp et Blacklight à défault:

Au fait, pour mon fichier hosts, c'était une option de Spybot qui me le remplissait. Je lui ai redonné sa forme originelle...

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 01:32:36, on 31/08/2007

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\System32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Eset\nod32krn.exe

C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

C:\WINDOWS\system32\MSTask.exe

C:\WINDOWS\System32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\System32\WBEM\WinMgmt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\msdtc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Eset\nod32kui.exe

C:\WINDOWS\System32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Program Files\Trend Micro\HijackThis\check.exe

 

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - Global Startup: Raccourci vers Connexion au réseau local.lnk = ?

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - (no file)

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN

 

--

End of file - 2187 bytes

 

 

DiagHelp version v1.1.2 - http://www.malekal.com

excute le ven. 31/08/2007 à 1:35:17,26

 

 

Liste des derniers fichies modifies/crees dans windir\system32

C:\WINDOWS\System32/drivers\amon.sys -->13/08/2007 04:47:33

C:\WINDOWS\System32/drivers\nod32drv.sys -->13/08/2007 04:47:31

C:\WINDOWS\System32/drivers\cdr4_2k.sys -->11/08/2007 16:47:45

C:\WINDOWS\System32/drivers\DefragFs.sys -->13/03/2007 12:18:22

C:\WINDOWS\System32/drivers\PalmUSBD.sys -->04/11/2006 03:11:06

C:\WINDOWS\System32/drivers\nwrdr.sys -->01/09/2006 06:57:48

C:\WINDOWS\System32/drivers\fltmgr.sys -->22/08/2006 12:48:40

 

C:\WINDOWS\System32\OODBS.lor -->31/08/2007 00:40:13

C:\WINDOWS\System32\nvapps.xml -->29/08/2007 10:33:58

C:\WINDOWS\System32\Perflib_Perfdata_2c0.dat -->20/08/2007 12:51:47

C:\WINDOWS\System32\Perflib_Perfdata_29c.dat -->18/08/2007 22:28:20

C:\WINDOWS\System32\Perflib_Perfdata_2ac.dat -->18/08/2007 11:40:07

C:\WINDOWS\System32\Perflib_Perfdata_2a0.dat -->17/08/2007 05:44:47

C:\WINDOWS\System32\Perflib_Perfdata_294.dat -->15/08/2007 11:18:14

C:\WINDOWS\System32\Perflib_Perfdata_288.dat -->14/08/2007 12:26:53

C:\WINDOWS\System32\Perflib_Perfdata_2a4.dat -->14/08/2007 09:42:40

C:\WINDOWS\System32\Perflib_Perfdata_278.dat -->14/08/2007 00:44:46

C:\WINDOWS\System32\Perflib_Perfdata_280.dat -->13/08/2007 20:07:00

C:\WINDOWS\System32\Perflib_Perfdata_290.dat -->13/08/2007 11:32:12

C:\WINDOWS\System32\Perflib_Perfdata_284.dat -->13/08/2007 10:58:35

C:\WINDOWS\System32\Perflib_Perfdata_298.dat -->13/08/2007 10:33:27

C:\WINDOWS\System32\imon.dll -->13/08/2007 04:47:36

C:\WINDOWS\System32\Perflib_Perfdata_274.dat -->13/08/2007 03:49:52

C:\WINDOWS\System32\Perflib_Perfdata_270.dat -->13/08/2007 03:19:04

C:\WINDOWS\System32\Perflib_Perfdata_26c.dat -->13/08/2007 02:53:46

C:\WINDOWS\System32\Perflib_Perfdata_25c.dat -->12/08/2007 20:08:30

C:\WINDOWS\System32\Perflib_Perfdata_28c.dat -->12/08/2007 17:55:16

C:\WINDOWS\System32\BASSMOD.dll -->12/08/2007 10:55:19

C:\WINDOWS\System32\pwdremover.dat -->11/08/2007 12:39:29

C:\WINDOWS\System32\MRT.exe -->03/08/2007 06:34:10

C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06

C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52

 

C:\WINDOWS\transp.gif -->31/08/2007 00:42:20

C:\WINDOWS\WindowsUpdate.log -->31/08/2007 00:35:38

C:\WINDOWS\IEPatchUninstall.log -->31/08/2007 00:34:53

C:\WINDOWS\Sti_Trace.log -->31/08/2007 00:31:35

C:\WINDOWS\ntbtlog.txt -->31/08/2007 00:24:18

C:\WINDOWS\SchedLgU.Txt -->31/08/2007 00:19:22

C:\WINDOWS\ODBC.INI -->29/08/2007 11:52:00

C:\WINDOWS\NeroDigital.ini -->29/08/2007 02:27:09

C:\WINDOWS\system.ini -->28/08/2007 00:53:58

C:\WINDOWS\verypdf.ini -->11/08/2007 12:40:27

C:\WINDOWS\gswin32.ini -->11/08/2007 12:12:46

C:\WINDOWS\winDecrypt.INI -->08/08/2007 13:06:31

C:\WINDOWS\win.ini -->26/07/2007 17:09:24

C:\WINDOWS\winamp.ini -->09/07/2007 02:43:22

C:\WINDOWS\hpothb07.dat -->24/06/2007 18:24:59

 

 

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\WINDOWS\system

 

06/04/1999 16:45 38 672 MAPISRVR.EXE

11/07/1997 12:37 11 856 MVTHKSVR.EXE

14/08/2002 16:03 4 672 WOWPOST.EXE

3 fichier(s) 55 200 octets

0 Rép(s) 5 926 201 856 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\WINDOWS\system32

 

19/06/2003 21:05 5 392 CSRSS.EXE

1 fichier(s) 5 392 octets

0 Rép(s) 5 926 201 344 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

04/09/2006 15:36 <DIR> .

04/09/2006 15:36 <DIR> ..

24/10/2001 18:52 237 actsetup.inf

15/06/2004 05:13 226 cc.inf

14/10/2002 02:56 65 desktop.ini

14/10/1997 18:52 697 DirectAnimation Java Classes.osd

26/08/2003 08:12 1 096 iuctl.inf

03/06/2005 04:49 752 jinstall-1_5_0_04.inf

20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd

29/06/2005 17:17 227 opuc.inf

09/10/2003 10:32 144 QTPlugin.inf

17/04/2000 23:22 2 203 SG726ACM.inf

27/08/2005 14:30 5 065 swflash.inf

24/09/1998 17:24 111 616 tdserver.ocx

02/11/2005 19:01 1 777 xscan.inf

02/11/2005 19:07 435 712 xscan53.ocx

07/11/2004 15:29 1 206 yinst.inf

07/11/2004 15:29 173 168 yinsthelper.dll

16 fichier(s) 735 353 octets

 

Total des fichiers listés :

16 fichier(s) 735 353 octets

2 Rép(s) 5 926 200 832 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

Export des clefs sensibles..

 

Liste des fichiers en exception sur le pare-feu XP SP2

 

"%windir%\\system32\\rcu~x.exe"="%windir%\\system32\\rcu~x.exe:*:Enabled:@xpsp2res.dll,-22019"

 

 

Export de la clef SharedTaskScheduler

 

[sharedTaskScheduler]

 

Rechercher adresses sensibles dans le fichier HOSTS...

REGEDIT4

 

[taskmgr.exe]

 

 

 

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-31 01:51:27

Windows 5.0.2195 Service Pack 4 NTFS

 

scanning hidden services & system hive ...

 

scanning hidden registry entries ...

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]

"OODEFRAG08.00.00.01WORKSTATION"="C57B6608B035F2BED645A9A06045C33BC6B5B30A4874FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A2D97226D213B555BA7FD869164D67949DB7CE019D40AA5C32611429638C80AB536BA79020513F6C47652CAEC2A499C72A3005CDE6A45F5A90429E3D7896BEAF9517229CBD35483A6CEEC47BF95E031D0A55A04E187D0C43D9839C28EC59CE470409EB548423BEB0C6C7142B7DD932F459C589D07E86405564C25BA62BB4338687A86BA83D538FA6EFC8B6041BD01F0B02E5381087921B538B10CA08633A575109D5279F7B370DC905BB6FDF62AE25F2F10BC6DC652E20D12DEEFEB108300665FA5ECE528F716B18A45C232DA993808E1A01F3990F15B5BC2BD6AD1ACF116F504F89326E95D9456674DE5DEC0955D5987086A23D3FB9AACF6FB5B5CF360DA8F37D0F4634E6FB96DB1D68CAB6DE7B299C6ECFD9D2F141AA1F616815717A84A908021DA379241742F34C14BDB4CA42E67B1282C47A6B054A0EF047F0B3A0104F97DCD38729329E0D80316E2CA5B39BDBEBDBBAB167B09281579016105F6E785A8190C8533DB93A9FA281F92FDA42AA3CF3538514E00C2C2B88B793DE4FEFBC6DF725838AC925468853F4AC85BA62C81DF1806983428CC608045FEEECF5740F1281A78357732652B8DEC87111C046827996F1D93979030B39FE864CEED58D57B579A5388572AF2006E43E25D679E317AF653AC3940C8558C88332C2BB08942FA68EB3860894FAA82957981B0208F17D81396C851A8F703F1F6FE5E050B823649BC369C8F0BB0417BF0021185FA1705B163DA472EDAFDE050EF4AEA34B2719FA2A6F62CAFBDC0A4ACA7BA4D6E2131F8F77F2FE52DD2BB52447181A81F22A19A8D13C3ECD84819157B036F3841F38822914AE1EDE575798C8E334B9E02C270BD7F02AA1088AC5E2843BF6E2445084E46D3F1AA6476C1974555EF7269D851C1927CC0AB2A0B4DC8B4E95D44BABD4FD53D4ADB043AE556CF45F16E2F9892C1933690D049E35CB0A596252BA0A442C3F1E0C7A44A1ACECE10DAF4E4B5267F6410C25BD121357BBA7E1A668E8FC0DFE765BF225F8724CB19B73452F5C536FDACE1B955104450C16227CB1AE730C7795E4E21F0E48EB8CC651A2CF431222CDF68C1CA79A7BECCB8FFC46CD64C19E69DDE1D3D77D7EC760F2CC57B67AC0EAA188DA0D7ED270C48480CA9F7C299021BC69578D1A1D3DC3ADA0EE1591A70BDA01F42FB17095AC8C96E6362BF0056D84C06F4436977A77A0505F2CA12F82EB267143119009E2CF08D6E27C52905F3E3D36493A373389F62598E108051127320371209CF506204C000E39EE4079063AC3D374DEBC0620D81AC700A1916C947FABEE5A02EFDA96E7BEFAD3F2E5F9A9EC95C393EDB75D780E4F16"

"OOCC06.00.00.01WSSV"="E87BD718E944754098BD09DD37761FDA9A801AF974169A340D8405B2239A8FBBFB84729C6CD0B5754CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6A0AC4980AC79335D575E7D6A3B9808A2D97226D213B555696692ED8ED21CA98CB4363691059BB210B7D1266EF2950F5DE0F45B83FCF7C6EF84DF6613E55F5DA067C90D1EC928B38728AFCC45EB02B1657238B644D89F532802A796F4CA6EEA747961E966EB624C4805772D885FD137254ED2ECD721D91BD0456336AFAE61A628AC5D4A98061E28728A1427B273AFBC5C4DD9622BA94BD2EE60ECCFC2B2767A9E74827BE2A7CF066CA754F048446BF514FDC151323CBBC247210743326B8EE380F5FBA3FBD012B6DE8269914DDEF62B942167C763131747668454428661AC733B8E56B81BF82222B6F2E967CA48EA37EB2C0A26B85E6C4F9A3DDFD24A93FA4F7CCD0387FD89E14124865123CFF600086DC7CDA4314270E0F7B213D08DF046AF3BF6572E6560D7A21F7C7DC76ED516A2AED3B8CA4FD77A93557E406B645F80E12E810D2394CE2E695D4930B03A43B09E89DF38771AAA0893CDEE9AA465B8BC485098C0AB541DB14B5F161108CE9275A49CB1195B1BB936A1C0083C54ABC835D7E31C746572035491E3BF29D0C88BB0F6C94411FD627ACA90507E1F23D8D0C699EC208D3FBFB0AC9C7056E8DE4AE8506737C236B702D3AE4A64BD26129086F0A9B1EA55FC8F4575DCCE1F20DA78D866DCCE9184379023EACA286514F27892D93B3FF8F936BB598A590C9086417D7E2C533F435AFD29B632220BC592EBBD11CA9367F90BD721F66FACF8D8376307727B5A7BA37C61E9D3D5F43F66ACF78F14AF89BCD07F209E99C983AB592FE6463ED294B7AE120CF5B150F93D0253E722A01A8D9616B0A399B562237B24D143F062D4B96F97A57A737DBB00BF875B5BABAF3E1F1313DB4AFB30A8DE8704E444C1504994DFC2A77F0D56596545187C4B69AE7553904921CE3164AD222FF4938D746F9A848C49EBC072508A9E918C53821B7DBCD334EB08432A1F27EB19A5EB91CC9AD7FC3AF8A738D4F35A342B6C609E03F1B45EE662F809DB22EFCC2EFCDE1A0F22B30673D477336B3DF2435E788993E9542244534840D83E24056D1B92C5C384C706B986905BD2F01BA47AB82314A61AE26F696A6C11BECE4F08065033D800FBC348470616B60EA4F163A00F112E73E4CD2749DFD3009A0E414065055F379247BE99F34804CF2FC79BC78BF61F696A1D3AFAEE2C33869E000D166EAFCAE214BA5ABE9466AA53D1A2E10C27CC5BB74A9A41C17D0C7A02542D379897905EC2F231291C953F8F4F69FD859076AF86F32E397071297EC4B398233AF969A6B721ED07303E75F36D383CAA3B5A8B0298D87E584729"

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Process list by traversal of KiWaitInListHead and KiWaitOutListHead

 

8 - System

148 - SMSS.EXE

176 - CSRSS.EXE

196 - WINLOGON.EXE

224 - SERVICES.EXE

236 - LSASS.EXE

408 - svchost.exe

444 - LEXBCES.EXE

472 - spoolsv.exe

504 - svchost.exe

572 - nod32krn.exe

592 - outpost.exe

612 - mstask.exe

632 - tcpsvcs.exe

640 - check.exe

668 - SNMP.EXE

712 - WinMgmt.exe

808 - svchost.exe

852 - msdtc.exe

908 - explorer.exe

1192 - nod32kui.exe

1232 - TASKMGR.EXE

1284 - CMD.EXE

1316 - fsbl.exe

1320 - firefox.exe

 

Total number of processes = 25

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Driver/Module list by traversal of PsLoadedModuleList

 

80400000 - \WINDOWS\System32\ntoskrnl.exe

80001000 - \WINDOWS\System32\hal.dll

EB810000 - \WINDOWS\System32\BOOTVID.dll

EB400000 - pci.sys

EB410000 - isapnp.sys

EB900000 - intelide.sys

EB680000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS

EB688000 - MountMgr.sys

BFFE3000 - ftdisk.sys

EB902000 - Diskperf.sys

EB9C8000 - \WINDOWS\System32\Drivers\WMILIB.SYS

EB904000 - dmload.sys

BFFC1000 - dmio.sys

EB814000 - PartMgr.sys

BFFB0000 - precsim.sys

BFF9D000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS

BFF87000 - atapi.sys

EB818000 - aha154x.sys

EB690000 - disk.sys

EB420000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS

BFF65000 - fltmgr.sys

EB698000 - PxHelp20.sys

BFF53000 - KSecDD.sys

BFF40000 - DefragFS.sys

BFEC2000 - Ntfs.sys

BFE98000 - NDIS.sys

BFE82000 - Mup.sys

BFD87000 - btkrnl.sys

EB6A0000 - agp440.sys

BFD47000 - \SystemRoot\system32\DRIVERS\ks.sys

EB450000 - \SystemRoot\system32\DRIVERS\STREAM.SYS

EB874000 - \SystemRoot\system32\DRIVERS\PMJ151NM.sys

EB9CF000 - \SystemRoot\System32\DRIVERS\audstub.sys

EB460000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys

EB880000 - \SystemRoot\System32\DRIVERS\ndistapi.sys

BFD30000 - \SystemRoot\System32\DRIVERS\ndiswan.sys

EB890000 - \SystemRoot\System32\DRIVERS\TDI.SYS

EB470000 - \SystemRoot\System32\DRIVERS\raspptp.sys

EB6C8000 - \SystemRoot\System32\DRIVERS\ptilink.sys

EB6D8000 - \SystemRoot\System32\DRIVERS\raspti.sys

EB480000 - \SystemRoot\system32\DRIVERS\btwdndis.sys

EB89C000 - \SystemRoot\System32\DRIVERS\NtApm.sys

EB4A0000 - \SystemRoot\System32\DRIVERS\parallel.sys

EB4B0000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

BFAC6000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys

BFAA1000 - \SystemRoot\system32\drivers\portcls.sys

EB700000 - \SystemRoot\system32\drivers\cm8330sb.sys

EB718000 - \SystemRoot\system32\drivers\cm8330.sys

EB728000 - \SystemRoot\System32\DRIVERS\cdrom.sys

EB730000 - \SystemRoot\System32\Drivers\incdrm.SYS

EB738000 - \SystemRoot\System32\DRIVERS\InCDPass.sys

EB758000 - \SystemRoot\System32\DRIVERS\USBD.SYS

EB740000 - \SystemRoot\System32\DRIVERS\uhcd.sys

EB768000 - \SystemRoot\System32\DRIVERS\openhci.sys

BFA57000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS

EB780000 - \SystemRoot\System32\DRIVERS\usbehci.sys

EB790000 - \SystemRoot\System32\DRIVERS\RTL8139.SYS

EB7A0000 - \SystemRoot\system32\DRIVERS\btport.sys

EB9EA000 - \SystemRoot\System32\DRIVERS\swenum.sys

BFA2C000 - \SystemRoot\System32\DRIVERS\update.sys

EB4C0000 - \SystemRoot\System32\DRIVERS\i8042prt.sys

EB7B8000 - \SystemRoot\System32\DRIVERS\kbdclass.sys

EB7C8000 - \SystemRoot\System32\DRIVERS\parport.sys

EB4D0000 - \SystemRoot\System32\DRIVERS\serial.sys

EB8B8000 - \SystemRoot\System32\DRIVERS\serenum.sys

EB7E0000 - \SystemRoot\System32\DRIVERS\fdc.sys

EB7F0000 - \SystemRoot\System32\DRIVERS\mouclass.sys

EB4E0000 - \SystemRoot\System32\Drivers\NDProxy.SYS

EB800000 - \SystemRoot\System32\Drivers\EFS.SYS

EB500000 - \SystemRoot\System32\DRIVERS\usbhub.sys

EB510000 - \SystemRoot\System32\DRIVERS\usbhub20.sys

EB520000 - \SystemRoot\System32\Drivers\AFS2K.SYS

EB530000 - \SystemRoot\System32\Drivers\Cdr4_2K.SYS

EB6E8000 - \SystemRoot\System32\Drivers\Cdralw2k.SYS

EB90E000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS

EBA02000 - \SystemRoot\System32\Drivers\Null.SYS

EBA04000 - \SystemRoot\System32\Drivers\Beep.SYS

EB6F8000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS

EB8E8000 - \SystemRoot\System32\drivers\vga.sys

EBA0A000 - \SystemRoot\System32\Drivers\mnmdd.SYS

EB918000 - \??\C:\WINDOWS\system32\Drivers\InCDFatRec.sys

EB8EC000 - \SystemRoot\System32\Drivers\InCDrec.SYS

BE9F3000 - \SystemRoot\System32\Drivers\InCDfs.SYS

EB710000 - \SystemRoot\System32\Drivers\Msfs.SYS

EB540000 - \SystemRoot\System32\Drivers\Npfs.SYS

EB91E000 - \SystemRoot\System32\DRIVERS\rasacd.sys

BE904000 - \SystemRoot\System32\DRIVERS\tcpip.sys

EB550000 - \SystemRoot\System32\DRIVERS\msgpc.sys

EB760000 - \SystemRoot\System32\DRIVERS\wanarp.sys

BE8AF000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS

EB560000 - \SystemRoot\System32\DRIVERS\ipfltdrv.sys

BE884000 - \SystemRoot\System32\DRIVERS\netbt.sys

EB570000 - \SystemRoot\System32\DRIVERS\netbios.sys

BE821000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS

BE7F7000 - \SystemRoot\System32\DRIVERS\rdbss.sys

EB926000 - \SystemRoot\system32\drivers\nod32drv.sys

BE77F000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys

A0000000 - \??\C:\WINDOWS\system32\win32k.sys

BD5C5000 - \SystemRoot\System32\nv4_disp.dll

BD3B1000 - \SystemRoot\System32\drivers\ws2ifsl.sys

BD265000 - \SystemRoot\System32\drivers\afd.sys

EB9B4000 - \SystemRoot\System32\Drivers\ParVdm.SYS

BD122000 - \SystemRoot\system32\drivers\amon.sys

BD2B9000 - \SystemRoot\System32\Drivers\Aspi32.SYS

EB6B8000 - \??\C:\WINDOWS\system32\drivers\btserial.sys

BD0E8000 - \SystemRoot\system32\drivers\wdmaud.sys

BD0B6000 - \??\C:\WINDOWS\system32\drivers\btslbcsp.sys

BD30D000 - \SystemRoot\system32\drivers\sysaudio.sys

EBB57000 - \SystemRoot\System32\Drivers\cdenable.sys

BD1ED000 - \SystemRoot\System32\Drivers\Fips.SYS

EB960000 - \??\C:\WINDOWS\system32\PfModNT.sys

BD016000 - \SystemRoot\System32\Drivers\Cdfs.SYS

BC223000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL

BC21F000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL

EB778000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL

BC213000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL

BC20B000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL

BC203000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL

EB982000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL

BCBBF000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL

EB98A000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL

EB990000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL

BCA4B000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL

BCA3F000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL

EB7B0000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL

BCB73000 - \??\C:\DOCUME~1\DAVID~1.GAB\Temp\F-Secure\BlackLight\fsbldrv.sys

EBAC1000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

 

Total number of drivers = 127

 

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\Program Files

 

31/08/2007 00:00 <DIR> .

31/08/2007 00:00 <DIR> ..

19/04/2006 12:11 <DIR> 3B Software

14/08/2005 05:36 <DIR> ABC

22/11/2001 13:05 <DIR> Accessoires

16/08/2001 21:21 <DIR> ACD Systems

11/05/2001 11:39 53 248 ACMonitor_X73.exe

27/07/2001 06:58 47 ACMonitor_X73.ini

11/07/2007 20:59 <DIR> Active+

04/12/2001 06:18 <DIR> Adaptec

04/11/2006 04:26 <DIR> Adobe

09/07/2007 02:28 <DIR> adslTV

14/08/2007 12:13 <DIR> Agnitum

09/05/2006 12:32 <DIR> Ahead

23/02/2003 16:05 <DIR> AIPTEK

09/08/2006 13:01 <DIR> AnswersThatWork

20/08/2006 16:23 <DIR> ArbeDarts

17/12/2001 14:55 <DIR> Archive Web

05/01/2007 01:53 <DIR> audiograbber

15/09/2005 17:29 <DIR> Avanquest update

14/08/2007 12:06 <DIR> AxelTime

22/11/2006 17:18 <DIR> Azureus

15/09/2005 12:28 <DIR> Bluetooth Software

30/08/2006 15:35 <DIR> CartaGoGo

13/08/2005 14:53 <DIR> CCleaner

02/08/2004 21:10 <DIR> CDRWIN5

26/06/2005 04:09 <DIR> Clickmania_demo

20/06/2007 01:21 <DIR> Common Files

24/10/2005 01:04 <DIR> Creative

26/11/2006 23:53 <DIR> DirectVobSub

16/08/2001 20:22 <DIR> DirectX

18/11/2006 02:56 <DIR> DivX

21/08/2007 07:21 <DIR> Documents To Go

12/08/2005 14:37 <DIR> DXBall2

14/08/2007 12:06 <DIR> ESET

07/12/2001 16:19 <DIR> EuroTool

01/03/2007 22:29 <DIR> FairUse Wizard 2

14/08/2007 12:13 <DIR> Fichiers communs

05/01/2007 01:51 <DIR> Free Audio Pack

01/03/2007 03:03 <DIR> Free Audio Pack2

16/09/2006 00:47 <DIR> fun4palm

09/08/2007 12:58 <DIR> Ghostgum

09/08/2007 13:25 <DIR> ghostscript-8.60

03/07/2007 12:57 <DIR> Google

25/11/2006 03:04 <DIR> Grisoft

09/08/2007 14:15 <DIR> gs

24/04/2001 04:22 1 437 gtx73.ini

27/08/2004 13:03 <DIR> Happy Note

01/05/2007 01:33 <DIR> Hewlett-Packard

01/05/2007 01:32 <DIR> HP

25/06/2006 00:49 <DIR> Illustrate

01/06/2005 01:20 <DIR> Image 2 ASCII Art

20/06/2007 01:21 <DIR> Internet Explorer

12/08/2005 14:39 <DIR> iPuissance 4D

10/07/2006 13:37 <DIR> Java

25/11/2006 17:25 <DIR> jv16 PowerTools

30/05/2006 20:48 <DIR> KC Softwares

28/02/2007 01:19 <DIR> Kikoo

18/11/2006 03:05 <DIR> K-Lite Codec Pack

04/04/2006 18:44 <DIR> Lavasoft

17/07/2005 12:14 <DIR> Lavasoft RegHance

12/08/2007 10:47 <DIR> LIUtilities

08/05/2001 16:36 114 688 lxarscan.dll

18/11/2006 02:57 <DIR> Matroska Pack

27/01/2006 22:43 <DIR> Mes Jeux Installés

23/04/2003 17:28 <DIR> MGI

19/07/2007 10:37 <DIR> Microsoft CAPICOM 2.1.0.2

17/12/2001 14:42 <DIR> Microsoft FrontPage

19/09/2005 15:49 <DIR> Microsoft Games

27/05/2006 00:03 <DIR> Microsoft Money

17/12/2001 14:43 <DIR> Microsoft Office

30/05/2004 22:27 <DIR> Microsoft Référence

04/12/2001 02:10 <DIR> Microsoft Script Debugger

16/08/2001 20:35 <DIR> Microsoft Visual Studio

16/08/2001 21:29 <DIR> Mjuice Media Player

26/09/2005 17:57 <DIR> Mobile Master

15/09/2005 17:28 <DIR> Mobile Media Studio

16/09/2005 02:06 <DIR> MOBILedit!

14/08/2007 12:07 <DIR> Mozilla Firefox

17/08/2007 04:00 <DIR> Mozilla Thunderbird

04/04/2006 14:02 <DIR> MSN Messenger

07/10/2006 17:11 <DIR> MyDiscover

01/03/2007 02:47 <DIR> NCH Swift Sound

17/08/2005 03:03 <DIR> NetAbalone

19/02/2007 15:41 <DIR> NETGEAR

17/07/2005 13:03 <DIR> NetMeeting

29/08/2006 11:44 <DIR> Objective Tarot

06/03/2003 20:41 <DIR> OfficeUpdate

27/03/2006 18:28 <DIR> OfficeUpdate11

27/07/2006 18:31 <DIR> OO Software

06/07/2001 02:46 8 116 OSLO3071b2.USB

12/06/2001 15:28 8 154 OsloD3069.usb

14/08/2007 12:07 <DIR> Outlook Express

14/08/2007 12:07 <DIR> palmOne

26/09/2005 04:57 <DIR> Paprikari

16/06/2007 12:19 <DIR> PartitionMagic 8.0

08/08/2007 12:56 <DIR> PDF Password Remover v2.1

11/08/2007 12:46 <DIR> PDF Password Remover v3.0

09/08/2007 13:01 <DIR> PDFCreator

16/08/2001 20:09 <DIR> PLUS!

05/09/2006 14:06 <DIR> PointSoft

06/03/2005 23:45 <DIR> Power Defrag

27/08/2006 12:04 <DIR> Power-Tarot

30/08/2007 23:24 <DIR> ppoker

15/08/2005 00:20 <DIR> Program Files

02/06/2006 03:25 <DIR> PronoLoto Expert

16/08/2001 20:37 <DIR> Publication Web

18/11/2006 02:58 <DIR> QuickTime

27/02/2007 16:55 <DIR> Random Software

17/04/2007 12:21 <DIR> Raxco

18/11/2006 03:00 <DIR> RealPlayer

09/03/2005 15:09 <DIR> RealVNC

25/09/2005 07:31 <DIR> ReflexiveArcade

15/06/2007 16:15 <DIR> RegClean

27/02/2007 23:59 <DIR> Registry Repair 2006

15/06/2007 16:15 <DIR> RegSupreme

18/06/2007 20:25 <DIR> Safer Networking

07/10/2006 16:46 <DIR> SAGEM

07/06/2005 12:34 <DIR> SCIIArt

27/07/2005 14:13 <DIR> Serials 2000

30/08/2007 23:44 <DIR> Serials 2000 7.1 Plus

22/11/2001 13:21 <DIR> Services en ligne

02/06/2006 12:34 <DIR> SiSoftware

14/01/2005 01:16 <DIR> Skype

12/07/2006 13:58 <DIR> SLD Codec Pack

16/08/2001 20:32 <DIR> Snapshot Viewer

14/08/2005 19:29 <DIR> Sokoban

14/08/2005 19:28 <DIR> SolidDocuments

14/08/2007 12:07 <DIR> Spybot - Search & Destroy

19/06/2006 14:03 <DIR> Sudoku

03/05/2004 01:02 <DIR> Support Tools

25/11/2006 14:55 <DIR> Symantec

28/02/2003 13:30 <DIR> Systran

13/02/2003 16:46 <DIR> TCADWIN

30/08/2007 18:30 <DIR> Trend Micro

31/08/2007 00:18 <DIR> TuneUp Utilities 2007

17/07/2005 12:59 <DIR> Uninstall Information

23/07/2006 02:55 <DIR> uTorrent

29/08/2007 11:07 <DIR> VideoLAN

01/01/1998 01:52 <DIR> Vilma

27/02/2007 16:42 <DIR> VirtualCloneDrive

07/01/2005 17:29 <DIR> Webroot

05/09/2006 12:52 <DIR> Webtarot

13/02/2007 02:59 <DIR> Webteh

27/02/2007 18:05 <DIR> Western Digital Technologies

30/05/2004 21:04 <DIR> Windows Journal Viewer

25/06/2006 00:54 <DIR> Windows Media Components

01/03/2007 02:58 <DIR> Windows Media Player

29/01/2004 13:35 <DIR> Windows NT

12/04/2006 12:27 <DIR> WinHTTrack

14/08/2007 12:07 <DIR> WinRAR

10/02/2003 00:43 <DIR> WinRoute Pro

14/08/2007 12:07 <DIR> WinZip

03/07/2006 19:05 <DIR> WinZip10pro

08/05/2006 12:29 <DIR> WMV9_VCM

03/09/2006 04:38 <DIR> wormsarm

22/02/2001 23:54 768 x73_lut.dat

18/05/2004 16:34 <DIR> Xanadu

16/08/2001 21:44 <DIR> Xara

02/10/2005 15:37 <DIR> X-Setup

30/08/2007 23:46 <DIR> X-Setup Pro

30/08/2007 23:47 <DIR> X-Setup6.3

18/11/2006 02:56 <DIR> XviD

30/08/2007 23:49 <DIR> Yahoo!

30/08/2006 20:07 <DIR> YAYG

17/11/2006 18:42 <DIR> Zoom Player

7 fichier(s) 186 458 octets

159 Rép(s) 5 925 482 496 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\Program Files\fichiers communs

 

14/08/2007 12:13 <DIR> .

14/08/2007 12:13 <DIR> ..

08/05/2006 12:38 <DIR> Adaptec Shared

14/08/2005 20:15 <DIR> Adobe

06/06/2005 00:04 <DIR> Adobe Systems Shared

14/08/2007 12:13 <DIR> Agnitum Shared

08/05/2006 16:44 <DIR> Ahead

14/09/2006 23:39 <DIR> DataViz

05/12/2001 16:33 <DIR> Designer

09/08/2006 13:01 <DIR> eSellerate

09/08/2007 12:57 <DIR> GTK

26/04/2004 19:53 <DIR> Hewlett-Packard

01/05/2007 01:32 <DIR> HP

15/09/2005 17:27 <DIR> InstallShield

25/08/2005 15:52 <DIR> Java

11/08/2006 11:16 <DIR> LightScribe

12/08/2007 13:25 <DIR> Microsoft Shared

26/04/2004 19:51 <DIR> MSSoap

13/07/2006 19:09 <DIR> ODBC

07/03/2006 21:33 <DIR> PC SOFT

17/04/2007 12:21 <DIR> Raxco

18/11/2006 03:00 <DIR> Real

26/09/2005 05:12 <DIR> SC Test Branding 1 Shared

10/12/2006 12:02 <DIR> SERVICES

18/12/2006 14:27 <DIR> SYSTEM

17/08/2007 00:59 <DIR> Wise Installation Wizard

0 fichier(s) 0 octets

26 Rép(s) 5 925 481 984 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

29/01/2004 13:31 <DIR> .

29/01/2004 13:31 <DIR> ..

01/03/2002 00:03 561 209 MSONSEXT.DLL

03/06/1999 20:09 122 937 MSOWS409.DLL

08/04/1999 21:49 127 032 MSOWS40C.dll

18/03/1999 06:37 593 977 RAGENT.DLL

4 fichier(s) 1 405 155 octets

2 Rép(s) 5 925 480 448 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\Program Files\common files

 

20/06/2007 01:21 <DIR> .

20/06/2007 01:21 <DIR> ..

20/06/2007 01:21 <DIR> System

0 fichier(s) 0 octets

3 Rép(s) 5 925 479 936 octets libres

Le volume dans le lecteur C s'appelle Disque local

Le numéro de série du volume est 545F-803A

 

Répertoire de C:\

 

12/05/2007 18:22 68 096 diff.exe

12/05/2007 18:22 103 424 grep.exe

2 fichier(s) 171 520 octets

0 Rép(s) 5 925 479 424 octets libres

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe

c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe

c:\Documents and Settings\David\Mes documents\David\20060407_sagem_usb_drivers_setup.exe

c:\Documents and Settings\David\Mes documents\David\GoogleEarthSetup.exe

c:\Documents and Settings\David\Mes documents\David\mpas_7_15.exe

c:\Documents and Settings\David\Mes documents\David\yetisports3.exe

c:\Documents and Settings\David\Mes documents\David\Download\Ad-Reghance\regh.exe

c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\BtserverSpylite.exe

c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\instmsia.exe

c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\instmsiw.exe

c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\setup.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-aiff.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-mp3PRO-decoder.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-musepack.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-ogg.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wma.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav2.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav8.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav9.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-OggVorbis-CLI.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\db-wmfdist-wma9.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-Mp3-MP3PRO-Encoder-CLI.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-r9.exe

c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-WMA8-Encoder-CLI.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\Combined-Community-Codec-Pack-2006-07-28.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\klmcodec160.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\Matroska_Pack_Full_v1.1.2.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\MPSetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\regcln41.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\RegSupreme_setup.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\WM9Codecs.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\wmv9VCMsetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\codecs\zp_french451.exe

c:\Documents and Settings\David\Mes documents\David\Download\Drivers Clef\Win98Drv1130_8.2.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\_ISDEL.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\aballs.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Abalone.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\abalone2.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\abalone3.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\arbedarts.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CaromV302.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CAVALCAD.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CHGLINE.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\colorbreak2.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\cueclub_ns.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\dartssetupdemo.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\DDDPoolSetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\FOURMI.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\hexagon.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install_super_othello3d.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install_super_puissance4.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ipuissance4d-6.0b11-install.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\iPuissance4D-v5.03.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ISOLA.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\KickShotPoolSetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\LABYRINTHE2.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\MENUX.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\MOUSEON.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\NAFRPART.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ot_271.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\OTHELLO.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\P4.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\PBudYSetup.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\SETUP.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Sokoban.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\TIR.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\AuGrandBazar\tarot\_ISDEL.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\AuGrandBazar\tarot\SETUP.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\_ISDEL.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\_SETUP.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\INST32I.EXe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\SETUP.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\P4\P4.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Stack\STACK.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\Yeti1_dc_free.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports1.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports2.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports3.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports4.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports5.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports6.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports7.exe

c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports8.exe

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\LINEAR8.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\MODEM.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\PHONE.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\PHONX.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\SYS_ID.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\TTS.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Mobile\TTS_E.EXE

c:\Documents and Settings\David\Mes documents\David\Download\Nero\LS_HSI.EXE

c:\Documents and Settings\David\Mes documents\David\Download\palm\documentstogopro7006-fr.exe

c:\Documents and Settings\David\Mes documents\David\Download\palm\Nouveau dossier\install.exe

c:\Documents and Settings\David\Mes documents\David\Download\tarot\install.exe

c:\Documents and Settings\David\Mes documents\David\Download\video\kickshotpool.exe

c:\Documents and Settings\David\Mes documents\David\Download\video\mj_40en.exe

c:\Documents and Settings\David\Mes documents\David\IDAPI\BDECFG.EXE

c:\Documents and Settings\David\Mes documents\David\OD 91\planning\PLANNING.EXE

c:\Documents and Settings\David\Mes documents\David\palm2\AdobeReader305-PalmOS_fra.exe

c:\Documents and Settings\David\Mes documents\David\palm2\setup.exe

c:\Documents and Settings\David\Mes documents\David\poker\poker2003.exe

c:\Documents and Settings\David\Mes documents\David\Registry Repair\install.exe

c:\Documents and Settings\David\Mes documents\David\Registry Repair\Registry Repair 2006.exe

c:\Documents and Settings\David\Mes documents\David\Seu\loto_dem\DISK1\_ISDEL.EXE

c:\Documents and Settings\David\Mes documents\David\Seu\loto_dem\DISK1\SETUP.EXE

c:\Documents and Settings\David\Mes documents\David\Sudoku\AUTORUN.EXE

c:\Documents and Settings\David\Mes documents\David\Sudoku\NAVIGMA.EXE

c:\Documents and Settings\David\Mes documents\David\Sudoku\setup\Setup.exe

c:\Documents and Settings\David\Mes documents\David\Sudoku\setup\Dx90c\DirectX9\dxsetup.exe

c:\Documents and Settings\David\Mes documents\David\Tarot2\Install.EXE

c:\Documents and Settings\David\Mes documents\David\Tarot2\PointSoft.exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\avg70t_271a363.exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\netsetup.exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\David\SP16825.exe

c:\Documents and Settings\David\Mes documents\David\Vacances 2005\David\SP21117.exe

c:\Documents and Settings\David\Mes documents\Downloads\Codecs for all films 2003.exe

c:\Documents and Settings\David\Mes documents\Downloads\serials 2000\s2k-v7.1.PasswordFix.exe

c:\Documents and Settings\David\Mes documents\Serials2k\s2k-v7.1.PasswordFix.exe

c:\Documents and Settings\David\Mes documents\Serials2k\ser2k70.exe

c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe

c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe

c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe

c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{8C92D38B-C1DE-490A-B6D1-AAAA8E17DCE2}\Icon8C92D38B.exe

c:\Documents and Settings\David.GABRIEL\Bureau\ATF-Cleaner.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\catchme.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\diff.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\dumphive.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\FilesInfoCmd.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\find2.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\Fport.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\grep.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\HJTInstall.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\KProcCheck.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\LFiles.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\LISTDLLS.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\pslist.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\streams.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\swreg.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (2)\ATF-Cleaner.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)920i32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\61.77_win2kxp_international.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\dMC-r12.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_FreeConverter.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_KRAC_EN(2).exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_KRAC_EN.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\FreePCvcR_v0.6.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\cr-cpa60.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\defrag.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\vnc-4_1-x86_win32.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\wrar330fr.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\40comupd.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\install.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\spybotsd14.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair\FairUseCommander.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair2\FairUse4WM.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair2\FairUseCommander.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HpAiOScrubber_v2038.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HpCartridgeCompatibilityWin2KXP_v2.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HPPSE1.12.0.46FRA.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\rw2_021_w02_fra.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\autorun.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\utility\Setup.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\runalyz.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_advcheck.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_includes.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_tools.exe

c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd14.exe

c:\Documents and Settings\David.GABRIEL\Local Settings\Application Data\WMFMetadataReader\FairUseCommander.exe_Url_kfahvpvokiuzmtgubcipixk4amkg1udf

c:\Documents and Settings\David.GABRIEL\Local Settings\Application Data\WMFMetadataReader\FairUseCommander.exe_Url_sjmhc2jh3qy0jlrfqe2jy1peeb15ux1q

c:\Documents and Settings\David.GABRIEL\Local Settings\Temp\15767.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\drivers.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Bluetooth\fma-0.1.0.35-setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\directx_9c_oct05sdk_redist.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\BVA\OD 91\planning\PLANNING.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\OD 91\planning\PLANNING.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETI1_DC_FREE.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS1.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS2.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS5.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\sagem\20060407_sagem_usb_drivers_setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\IDAPI\BDECFG.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\David\20060407_sagem_usb_drivers_setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\David\GoogleEarthSetup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\David\mpas_7_15.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\David\yetisports3.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ATF-Cleaner(2).exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ATF-Cleaner.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\avg75iswt_431a836.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\CAPICOM-KB931906-v2102(2).exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\CAPICOM-KB931906-v2102.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ccsetup140.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Codecs for all films 2003.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Freeplayer-Win32-20050905.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\fsbl.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gs854w32.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gsv48w32(2).exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gsv48w32.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gtk+-2.10.13-setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\HiJackThis_v2.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\installer-15767-33-PerfectDisk-8-0-54-2000-XP-French.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\LSPFix.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\nentfrst.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OutpostProInstallFr.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OutpostProInstallPackage.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\PDFCreator-0_9_3_GPLGhostscript.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\powerdefrag.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\pwdremover.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\SBPCI_WebDrvsV5_12_01.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Service+Setup.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\setup-adsltv.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\spybotsd14.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\StepByStepInteractiveTraining-KB923723-x86-FRA.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\updatecdr4_53_71.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\vlc-0.8.6c-win32.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\win_easybox_4.0(2).exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\win_easybox_4.0.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB925902-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB927891-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB930178-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB931784-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB932168-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935839-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935840-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935843-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935966-x86-FRA.EXE

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\WindowsXP-KB823980-x86-FRA.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\EasyBox\win_easybox_4.0.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\BSPlayer Pro.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\vsfilter.2.37_nt.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\vsfilter.2.37_nt.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\BSPlayer Pro 2.10\BSPlayer Pro.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Nouveau dossier\dotheshit.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Nouveau dossier\OutpostSecuritySuiteProInstall.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\The.Ultimate.Troubleshooter.v3.20-RES-crk\troubleshooter.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\The.Ultimate.Troubleshooter.v3.20-RES-crk\UltimateTroubleshooter.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\WinZip 10.0.6699 Pro (full)\winzip100.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Zone Alarm Pro 6.1.744.001\Zone Alarm Pro Key Generator.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Zone Alarm Pro 6.1.744.001\ZoneAlarm Pro 6.1.744.001.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Registre\regexp.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Serials2k\s2k-v7.1.PasswordFix.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Serials2k\ser2k70.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\testdisk-6.5\win\photorec_win.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\testdisk-6.5\win\testdisk_win.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\Tune\TU2007TrialFR.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\win\photorec_win.exe

c:\Documents and Settings\David.GABRIEL\Mes documents\win\testdisk_win.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\ARPPRODUCTICON.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\serial2k.exe_AA64977EBEC84BDD81E8775F9F2FA2FF.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\uninst_s2k.exe_AA64977EBEC84BDD81E8775F9F2FA2FF.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\ARPPRODUCTICON.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1_45BA714564B04B5DBDC240E20FCDC6DC.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut3.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut5.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6_45BA714564B04B5DBDC240E20FCDC6DC.exe

c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\PalmDesktopShortcut.exe

c:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\VFHXLSK5\PD80ENp_x86[1].exe

c:\Documents and Settings\Gabriel\Mes documents\Downloads\wintasksprofessional.EXE

c:\Documents and Settings\Gabriel\Mes documents\Downloads\OutpostSecuritySuitePRO2007\dotheshit.exe

c:\Documents and Settings\Gabriel\Mes documents\Downloads\OutpostSecuritySuitePRO2007\OutpostSecuritySuiteProInstall.exe

c:\Documents and Settings\Gabriel\Mes documents\Downloads\PDF.Password.Remover.v3.0.WinALL-CHiCNCREAM\pwdremover.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\ARPPRODUCTICON.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe

c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe

c:\Documents and Settings\Papa\Bureau\Freeplayer-Win32-20050905.exe

c:\Documents and Settings\Papa\Bureau\Google_Earth_BZXE.exe

c:\Documents and Settings\Papa\Bureau\vlc-0.8.6c-win32.exe

c:\Documents and Settings\Papa\Local Settings\Temp\waunst_.exe

c:\Documents and Settings\Papa\Mes documents\aaw-lang-pack.exe

c:\Documents and Settings\Papa\Mes documents\ad aware w6181.exe

c:\Documents and Settings\Papa\Mes documents\emprunt.exe

c:\Documents and Settings\Papa\Mes documents\GoogleEarth-0762.exe

c:\Documents and Settings\Papa\Mes documents\OODefrag8ProfessionalEnu.exe

c:\Documents and Settings\Papa\Mes documents\powerdefrag.exe

c:\Documents and Settings\Papa\Mes documents\spyswp3_anshare356.exe

c:\Documents and Settings\Papa\Mes documents\download\Windows-KB890830-V1.22.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Setup.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe DNG Converter\Adobe DNG Converter.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\instmsia.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\instmsiw.exe

c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\setup.exe

c:\Documents and Settings\Papa\Mes documents\Secours Free\ispare.exe

c:\Documents and Settings\Papa\Mes documents\telechargement\setup_file_recover_trial.exe

c:\Program Files\Documents To Go\DocsToGo.exe

c:\Program Files\Documents To Go\HandheldInstall.exe

c:\Program Files\Documents To Go\OfficeAddinInstaller.exe

c:\Program Files\Documents To Go\OfficeAddinUninstaller.exe

c:\Program Files\Documents To Go\ptgxlat.exe

c:\Program Files\Documents To Go\ZipUtil.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\Setup.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\50comupd.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\InstMsiA.Exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\InstMsiW.Exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\msaardk.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\msxml3sp1.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\solidconverterpdf\setup.exe

c:\Program Files\SolidDocuments\installer\solidconverterpdf\solidconverterpdf\solidconvertersetuppdf.exe

c:\WINDOWS\Installer\{EB807EB6-5179-48B7-98D4-7B4934A57A81}\DocumentsToGo.exe

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll

c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll

c:\Documents and Settings\David.GABRIEL\Application Data\Mozilla\Firefox\Profiles\frffk686.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\FFHook.dll

c:\Documents and Settings\David.GABRIEL\Application Data\Mozilla\Firefox\Profiles\frffk686.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\McAPFilt.dll

c:\Documents and Settings\David.GABRIEL\Application Data\TaoUSign\jsec.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll

c:\Documents and Settings\Davide\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll

c:\Documents and Settings\Davide\Application Data\Mozilla\Firefox\Profiles\sxi8req9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll

c:\Documents and Settings\Davide\Application Data\Mozilla\Firefox\Profiles\sxi8req9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll

c:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\o6v6juxl.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\FFHook.dll

c:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\o6v6juxl.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\McAPFilt.dll

c:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\o6v6juxl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll

c:\Documents and Settings\Papa\Application Data\Mozilla\Firefox\Profiles\o6v6juxl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll

 

****** Fin du rapport DiagHelp

 

Et enfin, le rapport Fsbl (Blacklight) :

 

08/31/07 01:43:41 [info]: BlackLight Engine 1.0.61 initialized

08/31/07 01:43:41 [info]: OS: 5.0 build 2195 (Service Pack 4)

08/31/07 01:43:42 [Note]: 7019 4

08/31/07 01:43:42 [Note]: 7005 0

08/31/07 01:44:32 [Note]: 7006 0

08/31/07 01:44:34 [Note]: 7011 908

08/31/07 01:45:35 [Note]: 7026 0

08/31/07 01:47:57 [Note]: 7026 0

08/31/07 01:47:58 [Note]: 7015 1324

08/31/07 01:47:58 [Note]: 7015 87

08/31/07 01:49:56 [Note]: FSRAW library version 1.7.1021

08/31/07 01:50:07 [info]: Hidden file: c:\:Q30lsldxJoudresxAaaqpcawXc

08/31/07 01:50:07 [Note]: 7002 0

08/31/07 01:50:07 [Note]: 7003 1

08/31/07 02:10:35 [Note]: 7007 0

 

Je sais, je me répète, mais mille Merci...

[David de Lyon]

Bonjour WawaSeb....

J'ai finalement trouvé gmer (sur un autre site "toocharger" mais version 1.0.12)

Renommé sur le bureau comme indiqué. Problème : Ecran bleu et redémarrage (retenté=pareil)

 

Je te reposte un Hijack :

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:21:28, on 31/08/2007

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\System32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Eset\nod32krn.exe

C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

C:\WINDOWS\System32\rsvp.exe

C:\WINDOWS\system32\MSTask.exe

C:\WINDOWS\System32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\System32\WBEM\WinMgmt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\msdtc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Eset\nod32kui.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\check.exe

 

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - Global Startup: Raccourci vers Connexion au réseau local.lnk = ?

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - (no file)

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe

O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN

 

--

End of file - 2130 bytes

 

A bientôt...

[WawaSeb]

Bonsoir David de Lyon,

 

*** J'ai besoin de prendre tout le temps nécessaire à l'analyse et à la prise d'infos pour ton sujet...***

 

--> Ce soir, je suis complètement malade... je te répondrai probablement dans la journée de demain...

--> Il faudrait que tu sauvegardes toutes tes données, ton système est très mal en point !

 

Merci pout ta compréhension...

@ demain,

 

[David de Lyon]

Merci à toi de prendre le temps de me répondre malgré ton état.

 

Soigne toi bien, à bientôt et merci encore.

 

PS: Si tu as une autre adresse valide pour gmer, le lien est mort.

 

Je ne suis pas pressé.

 

Merci encore.

 

[David de Lyon]

Re bonjour WawaSeb,

 

Dernière précision :

J'ai pu télécharger la dernière version de gmer sur le site que tu m'as indiqué, mais sur un autre ordinateur avec IE7.

Je ne peux toujours pas joindre ce site avec mon ordinateur (j'utilise Firefox) malgré une purification totale du fichier hosts.

 

Après avoir lancé l'interface gmer (en suivant scrupuleusement tes instructions), dès que je clique sur "scan", écran bleu....

 

A bientôt. J'espère que tu vas mieux....