[Résolu] Fenêtres intempestives publicitaires

[jfezkejpe]

Bonjour,

 

 

Vous vous en servez beaucoup?

 

Dans ce cas , voyez les propriétés internet.

 

Je me sers principalement de firefox. Pouvez vous m'aider à nettoyer pour ie ?

 

---------

 

Finalement j'ai la pub encore sous firefox

Modifié le 4 juin 2008 par jfezkejpe

[pear]

Bonjour,

 

Sous Firefox, utilisez l'extension Adblock+(outils->Modules complémentaires->Obtenir une extension

 

Sous Ie,Panneau de configuration->Options Internet

Supprimer les fichiers temporaires

Onglet confidentialité:Cocher Activer le bloqueur....puis dans paramètres (en bas),Niveau de filtre-> choisir Haut

[jfezkejpe]

Bonjour,

 

Sous Firefox, utilisez l'extension Adblock+(outils->Modules complémentaires->Obtenir une extension

 

Sous Ie,Panneau de configuration->Options Internet

Supprimer les fichiers temporaires

Onglet confidentialité:Cocher Activer le bloqueur....puis dans paramètres (en bas),Niveau de filtre-> choisir Haut

 

J'ai mis adblock sur FF et configuré les options internet pour ie. Les pubs sont toujours là. Mais je suis sure que ce n'est pas du script sur les sites qui fait apparaitre les pubs mais bien un malware.

Modifié le 4 juin 2008 par jfezkejpe

[pear]

Mais je suis sure que ce n'est pas du script sur les sites qui fait apparaitre les pubs mais bien un malware.

 

C'est possible, mais les renseignements disponibles ne nous éclairent pas.

 

On va chercher plus loin:

Télécharger DiagHelp de malékal-Morte

Télécharger Diaghelp

 

Tutoriel

Choisissez l'option 1

 

Postez le rapport ici

Modifié le 4 juin 2008 par pear

[jfezkejpe]

C'est possible, mais les renseignements disponibles ne nous éclairent pas.

 

On va chercher plus loin:

Télécharger DiagHelp de malékal-Morte

Télécharger Diaghelp

 

Tutoriel

Choisissez l'option 1

 

Postez le rapport ici

 

Dans le répertoire diaghelp, quel est le fichier que je dois exécuter ? ---- Pardon, je viens de voir le lien vers le tuto.

Modifié le 4 juin 2008 par jfezkejpe

[jfezkejpe]

voici le log DiagHelp :

 

DiagHelp version v1.4 - http://www.malekal.com

excute le 04/06/2008 à 18:23:48,78

 

 

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch

C:\WINDOWS\prefetch\CHCP.COM-16F8021E.pf -->04/06/2008 18:23:15

C:\WINDOWS\prefetch\CMD.EXE-115AA09F.pf -->04/06/2008 18:23:12

C:\WINDOWS\prefetch\AVWSC.EXE-347FCF75.pf -->04/06/2008 18:20:19

C:\WINDOWS\prefetch\NMINDEXSTORESVR.EXE-22A7DEEF.pf -->04/06/2008 18:17:24

C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->04/06/2008 18:11:36

C:\WINDOWS\prefetch\VERCLSID.EXE-168106D2.pf -->04/06/2008 18:04:32

C:\WINDOWS\prefetch\POWERPNT.EXE-364EC56A.pf -->04/06/2008 18:00:35

C:\WINDOWS\prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->04/06/2008 17:58:01

C:\WINDOWS\prefetch\FIREFOX.EXE-17EE503B.pf -->04/06/2008 17:05:47

C:\WINDOWS\prefetch\RUNDLL32.EXE-1603C497.pf -->04/06/2008 17:00:50

 

C:\WINDOWS\System32\drivers\mbamcatchme.sys -->30/05/2008 01:06:40

C:\WINDOWS\System32\drivers\mbam.sys -->30/05/2008 01:06:36

C:\WINDOWS\System32\drivers\sptd.sys -->29/04/2008 18:07:35

C:\WINDOWS\System32\drivers\avipbb.sys -->04/03/2008 13:28:53

C:\WINDOWS\System32\drivers\Usbkey.sys -->21/02/2008 16:40:59

C:\WINDOWS\System32\drivers\avgntdd.sys -->21/01/2008 18:12:56

C:\WINDOWS\System32\drivers\avgntmgr.sys -->21/01/2008 18:11:28

 

C:\WINDOWS\System32\nvapps.xml -->04/06/2008 11:49:32

C:\WINDOWS\System32\wpa.dbl -->04/06/2008 09:01:36

C:\WINDOWS\System32\compactdb.txt -->26/05/2008 11:04:28

C:\WINDOWS\System32\KGyGaAvL.sys -->10/05/2008 14:39:04

C:\WINDOWS\System32\FNTCACHE.DAT -->10/04/2008 00:07:48

C:\WINDOWS\System32\MRT.exe -->06/04/2008 07:56:20

C:\WINDOWS\System32\perfh00C.dat -->30/03/2008 10:50:38

C:\WINDOWS\System32\perfh009.dat -->30/03/2008 10:50:38

C:\WINDOWS\System32\perfc00C.dat -->30/03/2008 10:50:38

C:\WINDOWS\System32\perfc009.dat -->30/03/2008 10:50:38

C:\WINDOWS\System32\PerfStringBackup.INI -->30/03/2008 10:50:34

C:\WINDOWS\System32\win32k.sys -->20/03/2008 09:56:50

C:\WINDOWS\System32\jupdate-1.6.0_05-b13.log -->10/03/2008 10:54:27

C:\WINDOWS\System32\mshtml.dll -->01/03/2008 18:28:10

C:\WINDOWS\System32\wininet.dll -->01/03/2008 14:58:11

C:\WINDOWS\System32\webcheck.dll -->01/03/2008 14:58:11

C:\WINDOWS\System32\urlmon.dll -->01/03/2008 14:58:10

C:\WINDOWS\System32\url.dll -->01/03/2008 14:58:10

C:\WINDOWS\System32\pngfilt.dll -->01/03/2008 14:58:10

C:\WINDOWS\System32\occache.dll -->01/03/2008 14:58:10

C:\WINDOWS\System32\mstime.dll -->01/03/2008 14:58:10

C:\WINDOWS\System32\msrating.dll -->01/03/2008 14:58:10

C:\WINDOWS\System32\mshtmled.dll -->01/03/2008 14:58:09

C:\WINDOWS\System32\msfeedsbs.dll -->01/03/2008 14:58:08

C:\WINDOWS\System32\msfeeds.dll -->01/03/2008 14:58:08

 

C:\WINDOWS\wiadebug.log -->04/06/2008 11:51:07

C:\WINDOWS\0.log -->04/06/2008 11:49:41

C:\WINDOWS\WindowsUpdate.log -->04/06/2008 11:49:39

C:\WINDOWS\wiaservc.log -->04/06/2008 11:49:39

C:\WINDOWS\QTFont.qfn -->04/06/2008 11:49:34

C:\WINDOWS\bootstat.dat -->04/06/2008 11:49:26

C:\WINDOWS\SchedLgU.Txt -->04/06/2008 11:48:29

C:\WINDOWS\NeroDigital.ini -->03/06/2008 21:30:41

C:\WINDOWS\cdplayer.ini -->31/05/2008 21:22:17

C:\WINDOWS\wmsetup.log -->28/05/2008 22:42:52

C:\WINDOWS\setupapi.log -->28/05/2008 22:32:13

C:\WINDOWS\wintemp.001 -->26/05/2008 11:03:47

C:\WINDOWS\setupact.log -->24/04/2008 19:05:35

C:\WINDOWS\DPINST.LOG -->14/04/2008 11:02:15

C:\WINDOWS\tsoc.log -->09/04/2008 23:21:33

 

winlogon.exe

Verified: Signed

svchost.exe

Verified: Signed

ws2_32.dll

Verified: Signed

user32.dll

Verified: Signed

tcpip.sys

Verified: Signed

ndis.sys

Verified: Signed

null.sys

Verified: Signed

 

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

explorer.exe pid: 1916

Command line: C:\WINDOWS\Explorer.EXE

 

Base Size Version Path

0x44080000 0xd0000 7.00.6000.16640 C:\WINDOWS\system32\WININET.dll

0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll

0x43e00000 0x45000 7.00.6000.16640 C:\WINDOWS\system32\iertutil.dll

0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL

0x44360000 0x5cd000 7.00.6000.16640 C:\WINDOWS\system32\ieframe.dll

0x44160000 0x127000 7.00.6000.16640 C:\WINDOWS\system32\urlmon.dll

0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll

0x442b0000 0x3c000 7.00.6000.16640 C:\WINDOWS\system32\webcheck.dll

0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll

0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll

0x67080000 0x1c000 3.00.0006.0000 C:\Program Files\FileZilla Client\fzshellext.dll

0x023d0000 0x9a000 6.86.0101.0002 C:\Program Files\Nokia\Nokia PC Suite 6\phonebrowser.dll

0x028f0000 0xc8000 6.86.0134.0006 C:\Program Files\Nokia\Nokia PC Suite 6\NGSCM.DLL

0x7c420000 0x87000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCP80.dll

0x00d20000 0xa000 6.86.0063.0000 C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr

0x02ac0000 0x8e000 6.86.0020.0000 C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr

0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll

0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll

0x16080000 0x19000 1.00.0003.0001 C:\Program Files\Bonjour\mdnsNSP.dll

0x10000000 0x8000 1.00.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

0x02e40000 0x2c000 C:\Program Files\WinRAR\rarext.dll

0x02ec0000 0x13000 7.00.0000.0011 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll

0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL

0x03c50000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll

0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll

0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS.0\system32\MFC71FRA.DLL

0x03730000 0x31000 C:\PROGRA~1\PSPADE~1\PSPADS~1.DLL

0x04900000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA

0x02140000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

0x046c0000 0x144000 4.05.0146.0000 C:\Program Files\quranradio\tbqura.dll

0x61310000 0x54000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll

0x60e20000 0x8e000 4.05.2003.0120 C:\Program Files\OpenOffice.org 2.4\program\stlport_vc7145.dll

0x03d50000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll

0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

winlogon.exe pid: 736

Command line: winlogon.exe

 

Base Size Version Path

0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe

0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll

0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll

0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 00B1-7C45

 

Répertoire de C:\WINDOWS\temp

 

04/12/2006 06:45 100 087 boot.exe

05/12/2006 10:19 23 510 720 Dotnetfx.exe

05/12/2006 16:57 16 924 156 kbs4.exe

14/12/2006 04:45 9 953 245 kbs5.exe

13/12/2006 22:29 133 465 953 kbs6.exe

05/12/2006 10:17 302 905 kbusers.exe

05/12/2006 10:17 772 984 ndp22.exe

05/12/2006 10:17 2 280 312 ndp23.exe

05/12/2006 10:17 428 578 vaio.exe

14/12/2006 15:22 1 491 801 wmdvode.exe

10 fichier(s) 189 230 741 octets

0 Rép(s) 74 197 602 304 octets libres

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 00B1-7C45

 

Répertoire de C:\WINDOWS\system32

 

04/08/2004 01:54 6 144 csrss.exe

1 fichier(s) 6 144 octets

0 Rép(s) 74 197 602 304 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 00B1-7C45

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

07/05/2008 10:32 <REP> .

07/05/2008 10:32 <REP> ..

20/01/2005 15:53 171 ampx.inf

05/12/2007 10:08 65 desktop.ini

17/05/2006 01:58 24 576 dwusplay.dll

17/05/2006 01:58 196 608 dwusplay.exe

11/04/2007 14:55 1 292 erma.inf

03/04/2006 14:23 502 FontDownATL.inf

18/07/2006 16:21 249 856 FontSmooth.dll

19/07/2006 08:13 543 FontSmooth.inf

20/11/2007 17:04 1 523 536 FP_AX_CAB_INSTALLER.exe

16/05/2007 09:22 399 gp.inf

17/05/2006 01:58 484 272 isusweb.dll

20/06/2006 16:44 379 704 MsnPUpld.dll

19/06/2006 15:40 393 MsnPUpld.inf

22/02/2002 22:03 29 696 OneCC.dll

22/02/2002 22:03 427 OneCC.inf

20/06/2006 16:44 117 560 PURen-us.dll

09/01/2007 09:30 110 592 PURfr-fr.dll

20/11/2007 16:50 247 swflash.inf

30/07/2007 20:24 293 wuweb.inf

19 fichier(s) 3 120 732 octets

 

Total des fichiers listés :

19 fichier(s) 3 120 732 octets

2 Rép(s) 74 197 602 304 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

Export des clefs sensibles..

 

 

Liste des fichiers en exception sur le pare-feu XP SP2

 

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\\Program Files\\TinaSoft\\Easy Cafe Server\\EasyServer.exe"="C:\\Program Files\\TinaSoft\\Easy Cafe Server\\EasyServer.exe:*:Enabled:EasyServer"

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"

"C:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"="C:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe:*:Enabled:VoipDiscount"

"C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Enabled:Java Platform SE binary"

"C:\\Program Files\\PrnLogServer\\psquirrel.exe"="C:\\Program Files\\PrnLogServer\\psquirrel.exe:*:Enabled:Printer Squirrel 2.0"

"C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule Plus"

"C:\\Program Files\\Cyberprinter\\Cyberp.exe"="C:\\Program Files\\Cyberprinter\\Cyberp.exe:*:Enabled:Cyberprinter"

"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

"C:\\Program Files\\Wol\\wol.exe"="C:\\Program Files\\Wol\\wol.exe:*:Enabled:WOL 1.0.3"

"C:\\Documents and Settings\\Administrateur.ORKAS\\Local Settings\\Temp\\occ.exe"="C:\\Documents and Settings\\Administrateur.ORKAS\\Local Settings\\Temp\\occ.exe:*:Enabled:OneCC Module"

"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"

"C:\\Program Files\\M6Video\\M6video.exe"="C:\\Program Files\\M6Video\\M6video.exe:*:Enabled:OneClick"

"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"

"C:\\Program Files\\UltraVNC\\winvnc.exe"="C:\\Program Files\\UltraVNC\\winvnc.exe:*:Enabled:Serveur VNC pour Win32"

"C:\\Program Files\\PRIMUSTAXE\\PRIMUSTAXE.exe"="C:\\Program Files\\PRIMUSTAXE\\PRIMUSTAXE.exe:*:Enabled: "

"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\\Program Files\\WOL Magic Packet Sender\\WakeOnLan.exe"="C:\\Program Files\\WOL Magic Packet Sender\\WakeOnLan.exe:*:Enabled:WOL - Magic Packet Sender"

"C:\\Program Files\\FileZilla Client\\filezilla.exe"="C:\\Program Files\\FileZilla Client\\filezilla.exe:*:Enabled:FileZilla FTP Client"

"C:\\Program Files\\ooVoo\\ooVoo.exe"="C:\\Program Files\\ooVoo\\ooVoo.exe:*:Enabled:ooVoo"

"C:\\Program Files\\EasyPHP 2.0b1\\apache\\bin\\Apache.exe"="C:\\Program Files\\EasyPHP 2.0b1\\apache\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"

"C:\\Program Files\\TinaSoft\\Easy Cafe Server\\EasyChat.exe"="C:\\Program Files\\TinaSoft\\Easy Cafe Server\\EasyChat.exe:*:Enabled:EasyChat"

"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

 

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

Export de la clef SharedTaskScheduler

 

[sharedTaskScheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

 

 

 

exports des policies

REGEDIT4

 

[system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

 

 

 

Export des clefs sensibles..

Rechercher adresses sensibles dans le fichier HOSTS...

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-04 18:24:24

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden services & system hive ...

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]

"s1"=dword:2df9c43f

"s2"=dword:110480d0

 

scanning hidden registry entries ...

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"clblclqfzr"="c:\documents and settings\administrateur.orkas\local settings\application data\clblclqfzr.exe clblclqfzr"

 

scanning hidden files ...

 

scan completed successfully

hidden services: 0

hidden files: 0

 

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Process list by traversal of KiWaitListHead

 

4 - System

252 - cmd.exe

256 - RTHDCPL.exe

552 - GoogleUpdaterSe

564 - iTunesHelper.ex

592 - NSLauncher.exe

712 - csrss.exe

736 - winlogon.exe

780 - services.exe

792 - lsass.exe

944 - EasyServer.exe

956 - svchost.exe

1032 - svchost.exe

1120 - svchost.exe

1160 - svchost.exe

1208 - svchost.exe

1224 - NMBgMonitor.exe

1232 - nvsvc32.exe

1240 - avgnt.exe

1248 - ctfmon.exe

1324 - svchost.exe

1336 - GoogleToolbarNo

1420 - PCSuite.exe

1492 - PcSync2.exe

1540 - spoolsv.exe

1568 - mDNSResponder.e

1576 - clblclqfzr.exe

1756 - PrnLog.exe

1916 - explorer.exe

1924 - VoipDiscount.ex

1984 - avguard.exe

2040 - AppleMobileDevi

2180 - EXCEL.EXE

2416 - ServiceLayer.ex

2596 - thunderbird.exe

2804 - PaprPort.exe

2888 - pplinks.exe

2944 - NclRSSrv.exe

2964 - iPodService.exe

3184 - ppscanmg.exe

3384 - alg.exe

3616 - wmiapsrv.exe

3804 - firefox.exe

3864 - PRIMUSTAXE.exe

3972 - svchost.exe

 

Total number of processes = 45

NOTE: Under WinXP, this will not show all processes.

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Driver/Module list by traversal of PsLoadedModuleList

 

804D7000 - \WINDOWS\system32\ntkrnlpa.exe

806E2000 - \WINDOWS\system32\hal.dll

F7ADB000 - \WINDOWS\system32\KDCOM.DLL

F79EB000 - \WINDOWS\system32\BOOTVID.dll

F73DA000 - spri.sys

F7ADD000 - \WINDOWS\System32\Drivers\WMILIB.SYS

F73C2000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS

F7393000 - ACPI.sys

F7382000 - pci.sys

F75DB000 - isapnp.sys

F7BA3000 - pciide.sys

F785B000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS

F75EB000 - MountMgr.sys

F7363000 - ftdisk.sys

F7ADF000 - dmload.sys

F733D000 - dmio.sys

F7863000 - PartMgr.sys

F75FB000 - VolSnap.sys

F7325000 - atapi.sys

F760B000 - disk.sys

F761B000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS

F7305000 - fltMgr.sys

F72F3000 - sr.sys

F72DC000 - KSecDD.sys

F72C9000 - WudfPf.sys

F723C000 - Ntfs.sys

F720F000 - NDIS.sys

F71F4000 - Mup.sys

F773B000 - \SystemRoot\system32\DRIVERS\intelppm.sys

F6283000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys

F626F000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

F624A000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys

F6231000 - \SystemRoot\system32\DRIVERS\Rtenicxp.sys

F795B000 - \SystemRoot\system32\DRIVERS\usbuhci.sys

F620E000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS

F7963000 - \SystemRoot\system32\DRIVERS\usbehci.sys

F796B000 - \SystemRoot\system32\DRIVERS\fdc.sys

F61FD000 - \SystemRoot\system32\DRIVERS\serial.sys

F7AC7000 - \SystemRoot\system32\DRIVERS\serenum.sys

F61E9000 - \SystemRoot\system32\DRIVERS\parport.sys

F774B000 - \SystemRoot\system32\DRIVERS\i8042prt.sys

F7973000 - \SystemRoot\system32\DRIVERS\mouclass.sys

F797B000 - \SystemRoot\system32\DRIVERS\kbdclass.sys

F775B000 - \SystemRoot\system32\DRIVERS\imapi.sys

F7983000 - \SystemRoot\system32\drivers\ASAPIW2k.sys

F7ACB000 - \SystemRoot\System32\Drivers\cdrbsdrv.SYS

F776B000 - \SystemRoot\system32\DRIVERS\cdrom.sys

F777B000 - \SystemRoot\system32\DRIVERS\redbook.sys

F61C6000 - \SystemRoot\system32\DRIVERS\ks.sys

F798B000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys

F7B21000 - \SystemRoot\system32\DRIVERS\vncdrv.sys

F7C0A000 - \SystemRoot\system32\DRIVERS\audstub.sys

F66DA000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys

F7AD7000 - \SystemRoot\system32\DRIVERS\ndistapi.sys

F61AF000 - \SystemRoot\system32\DRIVERS\ndiswan.sys

F66CA000 - \SystemRoot\system32\DRIVERS\raspppoe.sys

F66BA000 - \SystemRoot\system32\DRIVERS\raspptp.sys

F7993000 - \SystemRoot\system32\DRIVERS\TDI.SYS

F619E000 - \SystemRoot\system32\DRIVERS\psched.sys

F66AA000 - \SystemRoot\system32\DRIVERS\msgpc.sys

F799B000 - \SystemRoot\system32\DRIVERS\ptilink.sys

F79A3000 - \SystemRoot\system32\DRIVERS\raspti.sys

F616D000 - \SystemRoot\system32\DRIVERS\rdpdr.sys

F669A000 - \SystemRoot\system32\DRIVERS\termdd.sys

F7B23000 - \SystemRoot\system32\DRIVERS\swenum.sys

F6114000 - \SystemRoot\system32\DRIVERS\update.sys

F71B8000 - \SystemRoot\system32\DRIVERS\mssmbios.sys

F666A000 - \SystemRoot\System32\Drivers\NDProxy.SYS

F365E000 - \SystemRoot\system32\drivers\RtkHDAud.sys

F363C000 - \SystemRoot\system32\drivers\portcls.sys

F665A000 - \SystemRoot\system32\drivers\drmk.sys

F664A000 - \SystemRoot\system32\DRIVERS\usbhub.sys

F7B2F000 - \SystemRoot\system32\DRIVERS\USBD.SYS

F79CB000 - \SystemRoot\system32\DRIVERS\flpydisk.sys

F7B31000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS

F7D08000 - \SystemRoot\System32\Drivers\Null.SYS

F7B33000 - \SystemRoot\System32\Drivers\Beep.SYS

F79DB000 - \SystemRoot\System32\drivers\vga.sys

F7B35000 - \SystemRoot\System32\Drivers\mnmdd.SYS

F7B37000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys

F79E3000 - \SystemRoot\System32\Drivers\Msfs.SYS

F7873000 - \SystemRoot\System32\Drivers\Npfs.SYS

F7AB7000 - \SystemRoot\system32\DRIVERS\rasacd.sys

F35B9000 - \SystemRoot\system32\DRIVERS\ipsec.sys

F3560000 - \SystemRoot\system32\DRIVERS\tcpip.sys

F3538000 - \SystemRoot\system32\DRIVERS\netbt.sys

F3517000 - \SystemRoot\system32\DRIVERS\ipnat.sys

F34F5000 - \SystemRoot\System32\drivers\afd.sys

F779B000 - \SystemRoot\system32\DRIVERS\netbios.sys

F787B000 - \SystemRoot\System32\Drivers\StarOpen.SYS

F7893000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys

F77AB000 - \SystemRoot\system32\DRIVERS\wanarp.sys

F34CA000 - \SystemRoot\system32\DRIVERS\rdbss.sys

F6100000 - \??\C:\WINDOWS.0\system32\drivers\pclepci.sys

F3433000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys

F77BB000 - \SystemRoot\System32\Drivers\Fips.SYS

F3420000 - \SystemRoot\system32\DRIVERS\avipbb.sys

F7B41000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys

F305D000 - \SystemRoot\system32\DRIVERS\A0380Vid.sys

F77CB000 - \SystemRoot\system32\DRIVERS\STREAM.SYS

F78A3000 - \SystemRoot\system32\DRIVERS\usbccgp.sys

F60FC000 - \SystemRoot\system32\DRIVERS\usbscan.sys

F78AB000 - \SystemRoot\system32\DRIVERS\usbprint.sys

F78B3000 - \SystemRoot\system32\DRIVERS\USBKey.sys

F77FB000 - \SystemRoot\System32\Drivers\Cdfs.SYS

F3045000 - \SystemRoot\System32\Drivers\dump_atapi.sys

F7B45000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS

BF800000 - \SystemRoot\System32\win32k.sys

F3628000 - \SystemRoot\System32\drivers\Dxapi.sys

F78C3000 - \SystemRoot\System32\watchdog.sys

BF9C3000 - \SystemRoot\System32\drivers\dxg.sys

F7C28000 - \SystemRoot\System32\drivers\dxgthk.sys

BF9D5000 - \SystemRoot\System32\nv4_disp.dll

BAD00000 - \SystemRoot\system32\DRIVERS\ndisuio.sys

B89DB000 - \SystemRoot\system32\drivers\wdmaud.sys

BAD70000 - \SystemRoot\system32\drivers\sysaudio.sys

B8939000 - \SystemRoot\system32\DRIVERS\mrxdav.sys

F7B11000 - \SystemRoot\System32\Drivers\ParVdm.SYS

BFFA0000 - \SystemRoot\System32\ATMFD.DLL

B7861000 - \SystemRoot\system32\DRIVERS\srv.sys

B784D000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys

B78FF000 - \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS

F7B4B000 - \SystemRoot\System32\Drivers\vnccom.SYS

B727E000 - \SystemRoot\System32\Drivers\HTTP.sys

B597A000 - \SystemRoot\system32\drivers\kmixer.sys

F7BCD000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

 

Total number of drivers = 126

 

Liste des programmes installes

 

Adobe Flash Player ActiveX

Adobe Flash Player Plugin

Adobe PDF Library Files

Adobe Reader 8.1.2 - Français

Adobe Setup

Adobe Setup

Adobe Setup

Adobe Type Support

Adobe WinSoft Linguistics Plugin

Apple Mobile Device Support

Apple Software Update

Archiveur WinRAR

Assistant de connexion Windows Live

AutoUpdate

Avira AntiVir Personal – Free Antivirus

Correctif pour Lecteur Windows Media 11 (KB939683)

Correctif pour Windows Internet Explorer 7 (KB947864)

Correctif pour Windows XP (KB918093)

Correctif pour Windows XP (KB935448)

DivX

DVD Decoder Pak for Windows XP

EasyCafe Server 2.2 (Firewall Edition)

EasyPHP 2.0b1

FileZilla Client 3.0.6

First Step Guide

Free DVD Ripper Version 2.25

getPlus®_dll

GIMP 2.4.3

Google Desktop

Google Earth

Google Toolbar for Internet Explorer

Google Toolbar for Internet Explorer

GTK+ 2.10.13 runtime environment

Hexacolor 3.0

High Definition Audio Driver Package - KB888111

HijackThis 2.0.2

Hollywood FX 5.5 Additional Effects

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows XP (KB915865)

Hotfix for Windows XP (KB926239)

Htmledit v2.6.3

ImageMixer VCD2

Inkscape 0.45.1

iTunes

Java 2 Runtime Environment, SE v1.4.2

Java 6 Update 3

Java 6 Update 5

Karen's Print Logger

KONICA MINOLTA magicolor 2480MF

Lecteur Windows Media 11

magicolor 2480MF scan

Malwarebytes' Anti-Malware

Microsoft .NET Framework 2.0 Service Pack 1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Access MUI (French) 2007

Microsoft Office Excel MUI (French) 2007

Microsoft Office InfoPath MUI (French) 2007

Microsoft Office Outlook MUI (French) 2007

Microsoft Office PowerPoint MUI (French) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (Arabic) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (French) 2007

Microsoft Office Publisher MUI (French) 2007

Microsoft Office Shared MUI (French) 2007

Microsoft Office Word MUI (French) 2007

Microsoft Software Update for Web Folders (French) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)

Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)

Mise à jour de sécurité pour Windows XP (KB918118)

Mise à jour de sécurité pour Windows XP (KB920213)

Mise à jour de sécurité pour Windows XP (KB921503)

Mise à jour de sécurité pour Windows XP (KB923689)

Mise à jour de sécurité pour Windows XP (KB923694)

Mise à jour de sécurité pour Windows XP (KB924667)

Mise à jour de sécurité pour Windows XP (KB925902)

Mise à jour de sécurité pour Windows XP (KB926255)

Mise à jour de sécurité pour Windows XP (KB926436)

Mise à jour de sécurité pour Windows XP (KB927779)

Mise à jour de sécurité pour Windows XP (KB927802)

Mise à jour de sécurité pour Windows XP (KB928255)

Mise à jour de sécurité pour Windows XP (KB928843)

Mise à jour de sécurité pour Windows XP (KB929123)

Mise à jour de sécurité pour Windows XP (KB930178)

Mise à jour de sécurité pour Windows XP (KB931261)

Mise à jour de sécurité pour Windows XP (KB931784)

Mise à jour de sécurité pour Windows XP (KB932168)

Mise à jour de sécurité pour Windows XP (KB933729)

Mise à jour de sécurité pour Windows XP (KB935839)

Mise à jour de sécurité pour Windows XP (KB935840)

Mise à jour de sécurité pour Windows XP (KB936021)

Mise à jour de sécurité pour Windows XP (KB937894)

Mise à jour de sécurité pour Windows XP (KB938829)

Mise à jour de sécurité pour Windows XP (KB941202)

Mise à jour de sécurité pour Windows XP (KB941568)

Mise à jour de sécurité pour Windows XP (KB941569)

Mise à jour de sécurité pour Windows XP (KB941644)

Mise à jour de sécurité pour Windows XP (KB941693)

Mise à jour de sécurité pour Windows XP (KB943055)

Mise à jour de sécurité pour Windows XP (KB943460)

Mise à jour de sécurité pour Windows XP (KB943485)

Mise à jour de sécurité pour Windows XP (KB944653)

Mise à jour de sécurité pour Windows XP (KB945553)

Mise à jour de sécurité pour Windows XP (KB946026)

Mise à jour de sécurité pour Windows XP (KB948590)

Mise à jour de sécurité pour Windows XP (KB948881)

Mise à jour pour Windows XP (KB927891)

Mise à jour pour Windows XP (KB930916)

Mise à jour pour Windows XP (KB933360)

Mise à jour pour Windows XP (KB936357)

Mise à jour pour Windows XP (KB938828)

Mise à jour pour Windows XP (KB942763)

Mozilla Firefox (2.0.0.14)

Mozilla Thunderbird (2.0.0.14)

MSVC80_x86

MSXML 4.0 SP2 (KB925672)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 6.0 Parser (KB933579)

MultipleIEs

MyDsc2

Nero 7 Essentials

Nokia Connectivity Cable Driver

Nokia Lifeblog 2.1

Nokia MTP driver

Nokia Multimedia Factory

Nokia Multimedia Factory

Nokia PC Suite

Nokia PC Suite

Nokia Software Launcher

Nokia Video Manager

Nokia Video Manager

NVIDIA Drivers

ooVoo

OpenOffice.org 2.4

Outil de mise à jour Google

Package de pilotes Windows - Nokia Modem (03/05/2008 3.7)

Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1)

Package de pilotes Windows - Nokia Modem (08/03/2007 6.84.0.2)

Package de pilotes Windows - Nokia Modem (10/12/2007 3.6)

Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)

PC Connectivity Solution

PDF Settings

PDFCreator

PE Builder 3.1.10a

Picture Package

Pinnacle Hollywood FX for Studio

PowerDVD

PRIMUSTAXE

PSPad editor

QuickTime

quranradio Toolbar

RealPlayer

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

SAMSUNG CDMA Modem Driver Set

SAMSUNG Mobile Composite Device Software

Samsung Mobile phone USB driver Software

SAMSUNG Mobile USB Modem 1.0 Software

SAMSUNG Mobile USB Modem Software

Samsung PC Studio 3

Samsung PC Studio 3

ScanSoft PaperPort 10

Security Update for Excel 2007 (KB946974)

Security Update for Office 2007 (KB947801)

Security Update for Outlook 2007 (KB946983)

Security Update for Publisher 2007 (KB936646)

Security Update for the 2007 Microsoft Office System (KB936960)

Security Update for Visio 2007 (KB947590)

Skype™ 3.6

SmartSound Quicktracks Plugin

SmartSound Quicktracks Plugin

Sony USB Driver

Sothink SWF Decompiler

Spelling Dictionaries Support For Adobe Reader 8

Spybot - Search & Destroy

Studio 9

Studio 9 Content CD/DVD

SUPER © Version 2008.bld.30 (Mar 22, 2008)

UBCD4Win 3.13

Update for Office 2007 (KB932080)

Update for Office 2007 (KB934391)

Update for Office 2007 (KB934393)

Update for Office 2007 (KB946691)

Update for Outlook 2007 Junk Email Filter (kb949037)

Update for Word 2007 (KB934173)

USB20_PC_Camera_Driver

VideoLAN VLC media player 0.8.6b

VoipDiscount

WD Diagnostics

WebFldrs XP

Windows Internet Explorer 7

Windows Live installer

Windows Live Messenger

Windows Media Format 11 runtime

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin

Yawcam v0.3.0

 

 

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 00B1-7C45

 

Répertoire de C:\Program Files

 

03/06/2008 17:14 <REP> .

03/06/2008 17:14 <REP> ..

12/03/2008 10:12 <REP> Adobe

28/01/2008 13:32 <REP> AdorageI-GfxDatas

28/01/2008 13:30 <REP> AdorageI-SAL

13/11/2007 08:39 <REP> Alwil Software

04/01/2008 12:44 <REP> AML Products

28/01/2008 13:45 <REP> aod

04/01/2008 13:14 <REP> Apple Software Update

05/01/2008 20:09 <REP> AutoWebCam

31/05/2008 10:11 <REP> Avira

02/01/2008 15:01 <REP> AviSynth 2.5

09/11/2007 21:43 <REP> AvRack

12/03/2008 18:02 <REP> BeDesk Express Facturation 4

23/02/2008 15:14 <REP> Bonjour

06/12/2007 19:18 <REP> Borland

09/11/2007 17:14 <REP> Cener Development

09/11/2007 17:14 <REP> Clock

09/11/2007 16:58 <REP> ComPlus Applications

24/05/2008 09:12 <REP> Converter

09/11/2007 17:14 <REP> Cpuz

08/02/2008 16:26 <REP> CyberLink

26/05/2008 11:02 <REP> CZ Solution

12/03/2008 16:07 <REP> Data-Concept

17/03/2008 15:44 <REP> DIFX

28/01/2008 14:04 <REP> DivX

02/01/2008 15:13 <REP> DVD Decrypter

15/01/2008 18:20 <REP> EasyPHP 2.0b1

22/04/2008 11:59 <REP> eRightSoft

09/11/2007 17:14 <REP> Everest

14/04/2008 11:01 <REP> Fichiers communs

04/02/2008 11:33 <REP> FileZilla Client

19/02/2008 16:56 <REP> FLIP Flash Album Free

09/11/2007 17:14 <REP> FoxitReader

03/01/2008 11:19 <REP> Free DVD Ripper

24/12/2007 14:17 <REP> Gimp Pack Mode

26/01/2008 13:11 <REP> GIMP-2.0

05/05/2008 13:44 <REP> Google

19/01/2008 14:57 <REP> Hexacolor

10/04/2008 11:20 <REP> Htmledit

13/11/2007 10:49 <REP> HyperTechnologies

08/02/2008 12:38 <REP> Inkscape

09/11/2007 22:47 <REP> Intel

09/04/2008 23:20 <REP> Internet Explorer

04/01/2008 13:17 <REP> iPod

04/01/2008 13:17 <REP> iTunes

14/04/2008 18:39 <REP> Java

14/01/2008 19:24 <REP> Karen's Power Tools

23/12/2007 17:08 <REP> KONICA MINOLTA

23/02/2008 14:20 <REP> Macromedia

03/06/2008 17:14 <REP> Malwarebytes' Anti-Malware

03/01/2008 10:59 <REP> MediaCoder

09/11/2007 17:04 <REP> microsoft frontpage

09/11/2007 17:14 <REP> Microsoft Games

06/12/2007 18:46 <REP> Microsoft Office

06/12/2007 18:46 <REP> Microsoft Visual Studio

06/12/2007 18:46 <REP> Microsoft Works

22/04/2008 10:48 <REP> Movie Maker

04/06/2008 16:58 <REP> Mozilla Firefox

04/06/2008 11:50 <REP> Mozilla Thunderbird

28/04/2008 15:06 <REP> Mp3 My Mp3 2.0

06/12/2007 18:46 <REP> MSBuild

09/11/2007 16:58 <REP> MSN Gaming Zone

09/11/2007 23:04 <REP> MSN Messenger

09/11/2007 17:02 <REP> MSXML 4.0

06/12/2007 20:23 <REP> MSXML 6.0

28/03/2008 10:15 <REP> MultipleIEs

30/01/2008 19:37 <REP> MyFreeTV

13/05/2008 15:59 <REP> Naevius YouTube Converter

06/12/2007 18:13 <REP> Nero

05/12/2007 10:08 <REP> NetMeeting

14/04/2008 10:59 <REP> Nokia

31/03/2008 17:34 <REP> ooVoo

01/04/2008 10:30 <REP> OpenOffice.org 2.4

09/11/2007 17:14 <REP> Outils Orkas

23/12/2007 01:07 <REP> Outlook Express

14/04/2008 11:00 <REP> PC Connectivity Solution

03/01/2008 19:31 <REP> PDFCreator

05/01/2008 20:34 <REP> PhotoCam

09/11/2007 17:14 <REP> PhotoFiltre Studio

28/01/2008 13:58 <REP> Pinnacle

22/01/2008 16:06 <REP> PIXELA

04/06/2008 18:17 <REP> PRIMUSTAXE

24/05/2008 09:10 <REP> proDAD

15/01/2008 18:33 <REP> PSPad editor

04/01/2008 13:16 <REP> QuickTime

02/02/2008 13:24 <REP> quranradio

28/04/2008 13:28 <REP> Ratajik Software

28/01/2008 13:45 <REP> Real

06/12/2007 18:01 <REP> Realtek

09/11/2007 21:43 <REP> Realtek AC97

09/11/2007 21:43 <REP> Realtek Sound Manager

22/02/2008 11:28 <REP> Samsung

27/12/2007 12:55 <REP> ScanSoft

09/11/2007 17:00 <REP> Services en ligne

13/11/2007 10:24 <REP> Skype

28/01/2008 12:50 <REP> SmartSound Software

22/01/2008 16:03 <REP> Sony Corporation

23/02/2008 19:27 <REP> SourceTec

31/05/2008 13:42 <REP> Spybot - Search & Destroy

06/12/2007 19:18 <REP> TinaSoft

09/11/2007 17:14 <REP> Topdesk

24/05/2008 09:06 <REP> Total Video Converter

09/11/2007 17:14 <REP> UberIcon

24/05/2008 09:04 <REP> UltraVNC

26/07/2002 18:02 153 088 UNWISE.EXE

30/01/2008 18:19 <REP> VideoLAN

23/12/2007 17:28 <REP> VoipDiscount.com

24/12/2007 12:28 <REP> Webcam

28/03/2008 15:49 <REP> Western Digital Technologies

06/12/2007 19:48 <REP> Windows Live

09/11/2007 17:02 <REP> Windows Media Connect 2

05/12/2007 10:28 <REP> Windows Media Player

05/12/2007 10:31 <REP> Windows NT

09/11/2007 17:14 <REP> Windows Photo Gallery

09/11/2007 17:14 <REP> Windows Sidebar

13/11/2007 11:43 <REP> winlock

05/12/2007 10:29 <REP> WinRAR

09/11/2007 17:05 <REP> xerox

25/12/2007 21:14 <REP> Yawcam

1 fichier(s) 153 088 octets

120 Rép(s) 74 183 716 864 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 00B1-7C45

 

Répertoire de C:\Program Files\fichiers communs

 

14/04/2008 11:01 <REP> .

14/04/2008 11:01 <REP> ..

23/02/2008 15:14 <REP> Adobe

18/02/2008 12:21 <REP> Adobe Systems Shared

06/12/2007 18:30 <REP> Ahead

04/01/2008 13:12 <REP> Apple

06/12/2007 18:46 <REP> DESIGNER

24/12/2007 14:34 <REP> GTK

22/01/2008 16:04 <REP> InstallShield

13/11/2007 11:10 <REP> Java

23/02/2008 14:22 <REP> Macromedia

23/02/2008 14:23 <REP> Macromedia Shared

23/02/2008 15:02 <REP> Macrovision Shared

04/04/2008 09:11 <REP> Microsoft Shared

09/11/2007 16:59 <REP> MSSoap

22/01/2008 16:03 <REP> muvee Technologies

14/04/2008 11:01 <REP> Nokia

05/02/2008 19:53 <REP> NSV

05/02/2008 19:53 <REP> Nullsoft

09/11/2007 17:42 <REP> ODBC

14/04/2008 11:01 <REP> PCSuite

05/01/2008 18:54 <REP> Real

27/12/2007 12:55 <REP> Scansoft Shared

05/12/2007 10:08 <REP> Services

06/12/2007 19:41 <REP> Skype

23/02/2008 19:20 <REP> SourceTec

09/11/2007 17:42 <REP> SpeechEngines

23/12/2007 01:07 <REP> System

05/01/2008 18:54 <REP> xing shared

0 fichier(s) 0 octets

29 Rép(s) 74 183 725 056 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 00B1-7C45

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

06/12/2007 18:43 <REP> .

06/12/2007 18:43 <REP> ..

06/12/2007 18:43 <REP> 1036

26/10/2006 20:49 970 528 MSONSEXT.DLL

26/10/2006 21:12 40 256 MSOSV.DLL

03/06/1999 13:09 122 937 MSOWS409.DLL

07/03/2001 08:00 127 033 MSOWS40c.DLL

4 fichier(s) 1 260 754 octets

3 Rép(s) 74 183 725 056 octets libres

 

 

 

 

c:\Documents and Settings\Administrateur\IXP000.TMP\VCREDI~3.EXE

c:\Documents and Settings\Administrateur\Local Settings\Temp\GoogleToolbarInstaller_fr.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\jinstaller142.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{072D1F91-44E7-4212-AB9B-6B70CC9BA4EF}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{296E015E-0A2A-4FA9-90F7-9BFD3460A6B7}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{2B367649-81F9-4781-AAB5-CA989B76E7CA}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{53E6A05B-18CF-4AC7-B21A-8CD1769A381B}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{5E4DABB6-B965-402B-879B-9335A0C7DBC4}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{707C55D9-C32E-47E8-A36C-4ABF01135760}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{A3C03373-EA3B-4317-89CD-B7A4C782162F}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{A91BF1EC-AC19-4274-A845-F55DA6E25130}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{ADF6E4E8-6DB7-401E-9662-E5D557FD6703}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{BE9FAB71-D030-4BB8-9F9B-D6DA9314E4E2}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{C060BB87-AEEF-452B-87FD-704E87044791}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{CB6190CA-2E89-4E1D-A9AB-B83FCC7E0DF1}\sign.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{D699059D-4B03-4440-8FE9-281EC3789EAE}\sign.exe

c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe

c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe

c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe

c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{CC3BB986-C785-4373-AE86-1F369C6A9B63}\_10366384BFE0F2643D649E.exe

c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{CC3BB986-C785-4373-AE86-1F369C6A9B63}\_FF113621F82C2AF9D5DC27.exe

c:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\3D.exe

c:\Documents and Settings\Administrateur\Bureau\algerian news papers.exe

c:\Documents and Settings\Administrateur\Bureau\hd.exe

c:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\catchme.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\diff.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\dumphive.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\find2.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\Fport.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\grep.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\gzip.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\KProcCheck.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\LFiles.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\md5sums.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\pslist.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\sigcheck.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\streams.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\swreg.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\tar.exe

c:\Documents and Settings\Administrateur\IXP000.TMP\VCREDI~3.EXE

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe\Updater5\Install\flash9-fr_FR\flash9-fr_FR_9_0_2_Update.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3512\Setup.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3512\redist\WindowsInstaller-KB893803-v2-x86.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3512\redist\WindowsServer2003-KB898715-ia64-enu.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3512\redist\WindowsServer2003-KB898715-x64-enu.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3512\redist\WindowsServer2003-KB898715-x86-enu.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3512\redist\WindowsXP-KB898715-x64-enu.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3984\Setup.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3984\redist\WindowsInstaller-KB893803-v2-x86.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3984\redist\WindowsServer2003-KB898715-ia64-enu.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3984\redist\WindowsServer2003-KB898715-x64-enu.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3984\redist\WindowsServer2003-KB898715-x86-enu.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Installer3984\redist\WindowsXP-KB898715-x64-enu.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\_ISDel.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\1tyto4jz.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\40comupd.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\5553rx6p.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\66q6taa5.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\DPInst.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\DPInst64.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\easycafe_server.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\GoogleToolbarInstaller_fr.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\i42ne94e.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\jinstaller142.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Nokia_Multimedia_Factory_2_0.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Nokia_PC_Suite_rel_6_86_9_0_fre.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\NokiaVideoManager1.6.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\occ.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\ose00000.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\PnPutil.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\r49vftbe.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\SkypeSetup.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\uninstall.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\7zS2.tmp\winvnc.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Adobe Reader 8\Setup.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\codecs\x264.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\DRDld\mbam-setup.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\ICD1.tmp\jinstall.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\IPMx2\Setup.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\IPMx2\x64\Difx64.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher2304\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher2464\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3224\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3224\StagingArea\1393.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3224\StagingArea\1423.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3224\StagingArea\1732.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3412\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3504\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3508\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3508\StagingArea\4185.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3524\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3524\StagingArea\1074.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3524\StagingArea\1243.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3524\StagingArea\1342.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3852\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher3852\StagingArea\12801.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\Patcher\Patcher596\RTPatch\patch.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\WD_36.tmp\INSTALL.EXE

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\50ComUpd.Exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\q311542_WXP_SP1_x86_ENU.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-ARA.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-CHS.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-CHT.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-CSY.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-DAN.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-DEU.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-ELL.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-ENU.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-ESN.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-FIN.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-FRA.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-HEB.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-HUN.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-ITA.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-JPN.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-KOR.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-NLD.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-NOR.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-PLK.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-PTB.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-PTG.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-RUS.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-SVE.exe

c:\Documents and Settings\Administrateur\Local Settings\Temp\{9C8412E5-F074-4EA2-B4B0-F88E261FAFB1}\{9E491AB7-4589-48CA-9CBB-874CB2788391}\WindowsXP-KB822603-x86-TRK.exe

c:\Documents and Settings\Administrateur\Mes documents\INSTALL.EXE

c:\Documents and Settings\Administrateur\Mes documents\ptprnlog-setup.exe

c:\Documents and Settings\Administrateur\Mes documents\SUPERsetup.exe

c:\Documents and Settings\Administrateur\Mes documents\dvdxp\fo-pdvd4.exe

c:\Documents and Settings\Administrateur\Mes documents\dvdxp\French.exe

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\PowerpointImageExtractor.exe

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\Reflet.exe

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\Micro Application Dessinateur Studio 2003 Fr\Micro Application Dessinateur Studio Fr\AUTORUN.EXE

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\Micro Application Dessinateur Studio 2003 Fr\Micro Application Dessinateur Studio Fr\NAVIGMA.EXE

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\Micro Application Dessinateur Studio 2003 Fr\Micro Application Dessinateur Studio Fr\mm_ress\DEPANN\_ISDEL.EXE

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\Micro Application Dessinateur Studio 2003 Fr\Micro Application Dessinateur Studio Fr\mm_ress\DEPANN\REGOCX32.EXE

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\Micro Application Dessinateur Studio 2003 Fr\Micro Application Dessinateur Studio Fr\mm_ress\DEPANN\SETUP.EXE

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\Micro Application Dessinateur Studio 2003 Fr\Micro Application Dessinateur Studio Fr\setup\Setup.exe

c:\Documents and Settings\Administrateur\Mes documents\usb mars08\20080116114650468_Samsung_PC_Studio_WINXP_313_GK2.exe

c:\Documents and Settings\Administrateur\Mes documents\usb mars08\youtube_converter.exe

c:\Documents and Settings\Administrateur\Mes documents\usb mars08\Alcohol 120 v.1.9.6 full version+serial\Alcohol120_1.9.6.5429_Retail.exe

c:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\Quick Launch\3D.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{0FC76B71-2534-4354-B255-3468578E3F47}\Nokia_PC_Suite_rel_6_86_9_0_fre.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{0FC76B71-2534-4354-B255-3468578E3F47}\Installer\CommonCustomActions\UninstCCD.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{0FC76B71-2534-4354-B255-3468578E3F47}\Installer\CommonCustomActions\UninstPCS.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{0FC76B71-2534-4354-B255-3468578E3F47}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_fre_web.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstCCD.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCS.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Packages\Nokia_PC_Suite\CustomActions\NSU_Inst_fix.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{4CFB3821-1582-4f3b-BF8D-30986923B36B}\Nokia_Multimedia_Factory_2_0.exe

c:\Documents and Settings\All Users.WINDOWS\Application Data\Installations\{B1B4E612-9ACC-4fab-BD04-1721D9503266}\NokiaVideoManager1.6.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\20080116114650468_Samsung_PC_Studio_WINXP_313_GK2.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\easysetup.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\iTunesSetup.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\motherboard_monitor_language_pack_francais_francais_9626.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\motherboard_monitor_motherboard_monitor_5.3.7.0_francais_9626.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\Nokia_PC_Suite_rel_6_85_14_1_fre_web.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\OOo_2.4.0_Win32Intel_install_fr.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\PDFCreator-0_9_5_setup.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\pebuilder3110a.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\Setup_FreeVideoConverter.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\setupvoipdiscount.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\UltraVNC-102-Setup-Fr.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\VideoGetInstaller_trial.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\WebCam3GDrvsV2_0505.EXE

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\alcchkid.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\alcrmv.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\alcrmv64.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\alcrmv9x.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\alcupd.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\AlcUpd64.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\ALCXDEV.EXE

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\ChCfg.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\GETDXVER.EXE

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\SetCDfmt.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\setup.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\Ap\AvRack2.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\Ap\MPIE4STD.EXE

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\Ap\Mpstd.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\Ap\RtlRack.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\WDM\alcrmv.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\WDM\alcrmv64.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\WDM\ChCfg.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\WDM\CPLUtl64.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\WDM\RTLCPL.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\WDM\SoundMan.exe

c:\Documents and Settings\All Users.WINDOWS\Documents\realtek\WinNT4\SoundMan.exe

c:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch\3D.exe

c:\Documents and Settings\Default User\IXP000.TMP\VCREDI~3.EXE

c:\Documents and Settings\Default User.WINDOWS\Application Data\Microsoft\Internet Explorer\Quick Launch\3D.exe

c:\Documents and Settings\Default User.WINDOWS\IXP000.TMP\VCREDI~3.EXE

c:\Documents and Settings\Administrateur\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll

c:\Documents and Settings\Administrateur\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll

c:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\hglwy98u.default\extensions\{3bc418d7-ec15-4914-a9c8-5cbec3194dbd}\components\FFAlert.dll

c:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\hglwy98u.default\extensions\{3bc418d7-ec15-4914-a9c8-5cbec3194dbd}\components\npmozax.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\authplay.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\Importers\AI_EPS_PDF_Import.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\Importers\AIImport.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\Importers\FhDbRdr.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Macromedia\Flash MX 2004\en\Configuration\Importers\Fireworks Library.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Formats\7z.dll

c:\Documents and Settings\Administrateur\Mes documents\Haci Karim\productions\Micro Application Dessinateur Studio 2003 Fr\Micro Application Dessinateur Studio Fr\mm_ress\DEPANN\_SETUP.DLL

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll

c:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

c:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

 

****** Fin du rapport DiagHelp

Veuillez svp envoyer le fichier C:\upload_moi_LACYBERTOUR.tar.gz a l'adresse http://upload.malekal.com

[pear]

Bonsoir,

 

Télécharger SDFix (créé par AndyManchesta)

et le sauvegarder sur le Bureau.

 

* Double cliquer sur SDFix.exe et choisir Install pour l'extraire dans un dossier dédié sur le Bureau.

 

Redémarrer en mode sans échec

 

* Ouvrir le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clic sur RunThis.bat pour lancer le script.

* Appuyer sur Y pour commencer le processus de nettoyage.

* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis demandera d'appuyer sur une touche pour redémarrer.

 

Si Sdfix ne se lance pas:

Démarrer->Exécuter

Copiez/collez ceci:

%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exe

cliquez ok, et validez.

Redémarrez et essayez de nouveau de lancer Sdfix.

 

 

* Le redémarrage sera plus lent qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

* Appuyer sur une touche pour finir l'exécution du script et charger les icônes du Bureau.

* Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

* Postez le rapport ici.

Si sdfix ne se lançait pas , renommez le sodafix.exe par exemple.

[jfezkejpe]

Bonjour,

 

Voici le log SDfix --- " Une pube fenêtre, à l'instant, viens de s'afficher sur FF"

 

SDFix: Version 1.187

Run by Administrateur on 05/06/2008 at 09:02

 

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\ADMINI~1\Bureau\SDFix

 

Checking Services :

 

 

Restoring Windows Registry Values

Restoring Windows Default Hosts File

 

Rebooting

 

 

Checking Files :

 

Trojan Files Found:

 

C:\WINDOWS.EXE - Deleted

C:\WINDOWS.EXE - Deleted

 

 

 

 

 

Removing Temp Files

 

ADS Check :

 

 

 

Final Check :

 

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-05 09:15:20

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden services & system hive ...

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]

"s1"=dword:2df9c43f

"s2"=dword:110480d0

 

scanning hidden registry entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

 

 

Remaining Services :

 

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\\Program Files\\TinaSoft\\Easy Cafe Server\\EasyServer.exe"="C:\\Program Files\\TinaSoft\\Easy Cafe Server\\EasyServer.exe:*:Enabled:EasyServer"

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"="C:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe:*:Enabled:VoipDiscount"

"C:\\WINDOWS.0\\system32\\javaw.exe"="C:\\WINDOWS.0\\system32\\javaw.exe:*:Enabled:Java Platform SE binary"

"C:\\Program Files\\PrnLogServer\\psquirrel.exe"="C:\\Program Files\\PrnLogServer\\psquirrel.exe:*:Enabled:Printer Squirrel 2.0"

"C:\\Program Files\\Cyberprinter\\Cyberp.exe"="C:\\Program Files\\Cyberprinter\\Cyberp.exe:*:Enabled:Cyberprinter"

"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

"C:\\Program Files\\Wol\\wol.exe"="C:\\Program Files\\Wol\\wol.exe:*:Enabled:WOL 1.0.3"

"C:\\Documents and Settings\\Administrateur.ORKAS\\Local Settings\\Temp\\occ.exe"="C:\\Documents and Settings\\Administrateur.ORKAS\\Local Settings\\Temp\\occ.exe:*:Enabled:OneCC Module"

"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"

"C:\\Program Files\\M6Video\\M6video.exe"="C:\\Program Files\\M6Video\\M6video.exe:*:Enabled:OneClick"

"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"

"C:\\Program Files\\UltraVNC\\winvnc.exe"="C:\\Program Files\\UltraVNC\\winvnc.exe:*:Enabled:Serveur VNC pour Win32"

"C:\\Program Files\\PRIMUSTAXE\\PRIMUSTAXE.exe"="C:\\Program Files\\PRIMUSTAXE\\PRIMUSTAXE.exe:*:Enabled: "

"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\\Program Files\\WOL Magic Packet Sender\\WakeOnLan.exe"="C:\\Program Files\\WOL Magic Packet Sender\\WakeOnLan.exe:*:Enabled:WOL - Magic Packet Sender"

"C:\\Program Files\\FileZilla Client\\filezilla.exe"="C:\\Program Files\\FileZilla Client\\filezilla.exe:*:Enabled:FileZilla FTP Client"

"C:\\Program Files\\ooVoo\\ooVoo.exe"="C:\\Program Files\\ooVoo\\ooVoo.exe:*:Enabled:ooVoo"

"C:\\Program Files\\EasyPHP 2.0b1\\apache\\bin\\Apache.exe"="C:\\Program Files\\EasyPHP 2.0b1\\apache\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"

"C:\\Program Files\\TinaSoft\\Easy Cafe Server\\EasyChat.exe"="C:\\Program Files\\TinaSoft\\Easy Cafe Server\\EasyChat.exe:*:Enabled:EasyChat"

"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

Remaining Files :

 

 

File Backups: - C:\DOCUME~1\ADMINI~1.ORK\Bureau\SDFix\backups\backups.zip

 

Files with Hidden Attributes :

 

Wed 8 Sep 2004 33,280 A..H. --- "C:\Program Files\Clock\tcplayer.exe"

Wed 8 Sep 2004 83,968 A..H. --- "C:\Program Files\Clock\tcprop.exe"

Wed 8 Sep 2004 37,888 A..H. --- "C:\Program Files\Clock\tcsntp.exe"

Wed 8 Sep 2004 37,888 A..H. --- "C:\Program Files\Clock\tctimer.exe"

Tue 19 Feb 2008 249,856 ...H. --- "C:\Program Files\FLIP Flash Album Free\~LiveUpdate.exe"

Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"

Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"

Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

Mon 13 Nov 2006 1,249,280 A..H. --- "C:\Program Files\Windows Sidebar\sidebar_clear.exe"

Thu 9 Nov 2006 40,960 A..H. --- "C:\Program Files\Windows Sidebar\vadvapi32.dll"

Thu 9 Nov 2006 40,960 A..H. --- "C:\Program Files\Windows Sidebar\vadvapi32.dll001"

Thu 9 Nov 2006 137,216 A..H. --- "C:\Program Files\Windows Sidebar\vcomctl32.dll"

Thu 9 Nov 2006 137,216 A..H. --- "C:\Program Files\Windows Sidebar\vcomctl32.dll001"

Thu 9 Nov 2006 8,704 A..H. --- "C:\Program Files\Windows Sidebar\vduser.dll"

Thu 9 Nov 2006 8,704 A..H. --- "C:\Program Files\Windows Sidebar\vduser.dll001"

Thu 9 Nov 2006 3,072 A..H. --- "C:\Program Files\Windows Sidebar\vdwmapi.dll"

Thu 9 Nov 2006 3,072 A..H. --- "C:\Program Files\Windows Sidebar\vdwmapi.dll001"

Thu 9 Nov 2006 9,216 A..H. --- "C:\Program Files\Windows Sidebar\viphlpapi.dll"

Thu 9 Nov 2006 9,216 A..H. --- "C:\Program Files\Windows Sidebar\viphlpapi.dll001"

Thu 9 Nov 2006 51,200 A..H. --- "C:\Program Files\Windows Sidebar\vkernel32.dll"

Thu 9 Nov 2006 51,200 A..H. --- "C:\Program Files\Windows Sidebar\vkernel32.dll001"

Thu 9 Nov 2006 10,752 A..H. --- "C:\Program Files\Windows Sidebar\vmsvcrt.dll"

Thu 9 Nov 2006 10,752 A..H. --- "C:\Program Files\Windows Sidebar\vmsvcrt.dll001"

Thu 9 Nov 2006 2,560 A..H. --- "C:\Program Files\Windows Sidebar\vnetapi32.dll"

Thu 9 Nov 2006 2,560 A..H. --- "C:\Program Files\Windows Sidebar\vnetapi32.dll001"

Thu 9 Nov 2006 77,312 A..H. --- "C:\Program Files\Windows Sidebar\vntdll.dll"

Thu 9 Nov 2006 77,312 A..H. --- "C:\Program Files\Windows Sidebar\vntdll.dll001"

Thu 9 Nov 2006 3,584 A..H. --- "C:\Program Files\Windows Sidebar\vpropsys.dll"

Thu 9 Nov 2006 3,584 A..H. --- "C:\Program Files\Windows Sidebar\vpropsys.dll001"

Thu 9 Nov 2006 21,504 A..H. --- "C:\Program Files\Windows Sidebar\vshell32.dll"

Thu 9 Nov 2006 21,504 A..H. --- "C:\Program Files\Windows Sidebar\vshell32.dll001"

Wed 8 Nov 2006 38,912 A..H. --- "C:\Program Files\Windows Sidebar\vshellext.dll"

Thu 9 Nov 2006 147,968 A..H. --- "C:\Program Files\Windows Sidebar\vslc.dll"

Thu 9 Nov 2006 147,968 A..H. --- "C:\Program Files\Windows Sidebar\vslc.dll001"

Thu 9 Nov 2006 35,328 A..H. --- "C:\Program Files\Windows Sidebar\vuser32.dll"

Thu 9 Nov 2006 35,328 A..H. --- "C:\Program Files\Windows Sidebar\vuser32.dll001"

Thu 9 Nov 2006 6,144 A..H. --- "C:\Program Files\Windows Sidebar\vuxtheme.dll"

Thu 9 Nov 2006 6,144 A..H. --- "C:\Program Files\Windows Sidebar\vuxtheme.dll001"

Thu 9 Nov 2006 3,072 A..H. --- "C:\Program Files\Windows Sidebar\vwlanapi.dll"

Thu 9 Nov 2006 3,072 A..H. --- "C:\Program Files\Windows Sidebar\vwlanapi.dll001"

Thu 9 Nov 2006 3,072 A..H. --- "C:\Program Files\Windows Sidebar\vwlanutil.dll"

Thu 9 Nov 2006 3,072 A..H. --- "C:\Program Files\Windows Sidebar\vwlanutil.dll001"

Sat 11 Nov 2006 435,200 A..H. --- "C:\WINDOWS\Drive\SIGN.exe"

Sat 11 Nov 2006 435,200 A..H. --- "C:\WINDOWS\Drive\SIGN.exe"

Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"

Sat 10 May 2008 7,520 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"

Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"

Mon 17 Dec 2007 27,648 ..SH. --- "C:\WINDOWS\system32\Smab0.dll"

Sat 2 Feb 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS.0\DRM\DRMv1.bak"

Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"

Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"

Fri 14 Mar 2008 13,824 A.SHR --- "C:\Program Files\eRightSoft\SUPER\DXdump.exe"

Sat 29 Mar 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"

Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"

Sat 2 Feb 2008 0 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS.0\DRM\Cache\Indiv01.tmp"

Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"

Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"

Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"

Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"

Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"

Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"

Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"

Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"

Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"

Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"

Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"

Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"

Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"

Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"

Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"

Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"

Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"

Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"

Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"

Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"

Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"

Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"

Thu 20 Mar 2008 5,632 ..SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT2.tmp"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT5.tmp"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT9.tmp"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT1.tmp"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT6.tmp"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT3.tmp"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT8.tmp"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT4.tmp"

Sat 22 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT7.tmp"

 

Finished!

Modifié le 5 juin 2008 par jfezkejpe

[pear]

Bonjour,

 

Encore des pubs ?

[jfezkejpe]

Bonjour,

 

Encore des pubs ?

 

Oui encore des pubs même sous FF