produit nuisible non effaçable

chrifleur · le 4 septembre 2008

des soucis encore?

leredge · le 4 septembre 2008

Oui, l'ordi à encore des trucs qui utilisent le processeur sans savoir d'où cela provient.

que faire ?

@+,

leredge

leredge · le 4 septembre 2008

En fait, la procédure utilisée n'a pas apporté beaucoup d'amélioration. Car en effet, après ces quelles heures utilisations de mon ordi. il y n'a pas eu un progrès significatif.

@+,

leredge.

chrifleur · le 4 septembre 2008

* Télécharge DiagHelp.zip sur ton bureau(Merci Malekal) Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php

* Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout.

* Un nouveau dossier chercher va être créé.

* Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)

* Une fenêtre va s'ouvrir, choisis l'option 1

* L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.

* Pendant l'analyse après le rapport CATCHME sur l'écran rouge, tu dois appuyer sue entrée pour que l'outil continue ses recherches. Suis les consignes écrites.

* Une fenêtre avec le rapport s'ouvre alors. Copie/colle son contenu. (Il se trouve aussi ici : c:\resultat.txt)

* Double-clique sur ce fichier, Fais CTRL+A puis CTRL+C.

* Dans ta prochaine réponse, colle le rapport en faisant CTRL+V.

leredge · le 5 septembre 2008

Salut chrifleur,

En exécutant le programme DiagHelp un encart c'est ouvert et il m'a fallut m'y reprendre à trois pour le fermer. Voici ce qu'il disait :

You can also use the /accepteula command-line swich to accept the EULA

les choix : Print, Agree ou Decline.

SYSINTERNALS SOFTWARE LICENSE TERMS

These license terms are an agreement between Sysinternals (a wholly owned subsidiary of Microsoft Corporation) and you. Please read them. They apply to the software you are downloading from Systinternals.com, which includes the media on which you received it, if any. The terms also apply to any Sysinternals

· updates,

· supplements,

· Internet-based services, and

· support services

for this software, unless other terms accompany those items. If so, those terms apply.

BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.

If you comply with these license terms, you have the rights below.

1. INSTALLATION AND USE RIGHTS. You may install and use any number of copies of the software on your devices.

2. Scope of License. The software is licensed, not sold. This agreement only gives you some rights to use the software. Sysinternals reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. You may not

· work around any technical limitations in the binary versions of the software;

· reverse engineer, decompile or disassemble the binary versions of the software, except and only to the extent that applicable law expressly permits, despite this limitation;

· make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation;

· publish the software for others to copy;

· rent, lease or lend the software;

· transfer the software or this agreement to any third party; or

· use the software for commercial software hosting services.

3. DOCUMENTATION. Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes.

4. Export Restrictions. The software is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the software. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting <http://www.microsoft.com/exporting>.

5. SUPPORT SERVICES. Because this software is "as is," we may not provide support services for it.

6. Entire Agreement. This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.

7. Applicable Law.

a. United States. If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.

b. Outside the United States. If you acquired the software in any other country, the laws of that country apply.

8. Legal Effect. This agreement describes certain legal rights. You may have other rights under the laws of your country. You may also have rights with respect to the party from whom you acquired the software. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.

9. Disclaimer of Warranty. The software is licensed "as-is." You bear the risk of using it. SYSINTERNALS gives no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this agreement cannot change. To the extent permitted under your local laws, SYSINTERNALS excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.

10. Limitation on and Exclusion of Remedies and Damages. You can recover from SYSINTERNALS and its suppliers only direct damages up to U.S. $5.00. You cannot recover any other damages, including consequential, lost profits, special, indirect or incidental damages.

This limitation applies to

· anything related to the software, services, content (including code) on third party Internet sites, or third party programs; and

· claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.

It also applies even if Sysinternals knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.

Please note: As this software is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French.

Remarque : Ce logiciel étant distribué au Québec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en français.

EXONÉRATION DE GARANTIE. Le logiciel visé par une licence est offert « tel quel ». Toute utilisation de ce logiciel est à votre seule risque et péril. Sysinternals n'accorde aucune autre garantie expresse. Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualité marchande, d'adéquation à un usage particulier et d'absence de contrefaçon sont exclues.

LIMITATION DES DOMMAGES-INTÉRÊTS ET EXCLUSION DE RESPONSABILITÉ POUR LES DOMMAGES. Vous pouvez obtenir de Sysinternals et de ses fournisseurs une indemnisation en cas de dommages directs uniquement à hauteur de 5,00 $ US. Vous ne pouvez prétendre à aucune indemnisation pour les autres dommages, y compris les dommages spéciaux, indirects ou accessoires et pertes de bénéfices.

Cette limitation concerne :

· tout ce qui est relié au logiciel, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et

· les réclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilité stricte, de négligence ou d'une autre faute dans la limite autorisée par la loi en vigueur.

Elle s'applique également, même si Sysinternals connaissait ou devrait connaître l'éventualité d'un tel dommage. Si votre pays n'autorise pas l'exclusion ou la limitation de responsabilité pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l'exclusion ci-dessus ne s'appliquera pas à votre égard.

EFFET JURIDIQUE. Le présent contrat décrit certains droits juridiques. Vous pourriez avoir d'autres droits prévus par les lois de votre pays. Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre pays si celles-ci ne le permettent pas.

C'est quoi ce truc ?

et voici le rapport diagHelp :

DiagHelp version v1.4 - http://www.malekal.com

excute le 05/09/2008 à 9:47:38,35

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch

C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->05/09/2008 09:47:38

C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->05/09/2008 09:47:37

C:\WINDOWS\prefetch\AVWSC.EXE-347FCF75.pf -->05/09/2008 09:47:30

C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->05/09/2008 09:41:55

C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->05/09/2008 09:40:37

C:\WINDOWS\prefetch\WLLOGINPROXY.EXE-2D4B6027.pf -->05/09/2008 09:39:06

C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->05/09/2008 09:38:56

C:\WINDOWS\prefetch\REGEDIT.EXE-1B606482.pf -->05/09/2008 09:34:26

C:\WINDOWS\prefetch\IPCONFIG.EXE-2395F30B.pf -->05/09/2008 09:34:26

C:\WINDOWS\prefetch\FIND.EXE-0EC32F1E.pf -->05/09/2008 09:32:42

C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->02/09/2008 00:16:46

C:\WINDOWS\System32\drivers\mbam.sys -->02/09/2008 00:16:40

C:\WINDOWS\System32\drivers\avipbb.sys -->22/08/2008 07:43:05

C:\WINDOWS\System32\drivers\SynTP.sys -->03/07/2008 15:53:20

C:\WINDOWS\System32\drivers\IBMBLDID.sys -->02/07/2008 00:22:06

C:\WINDOWS\System32\drivers\ANC.sys -->02/07/2008 00:22:04

C:\WINDOWS\System32\drivers\tcpip.sys -->20/06/2008 13:51:12

C:\WINDOWS\System32\PROCDB.INI -->05/09/2008 09:15:21

C:\WINDOWS\System32\TPHDLOG0.LOG -->05/09/2008 09:15:19

C:\WINDOWS\System32\IPSCtrl.INI -->05/09/2008 09:15:11

C:\WINDOWS\System32\oodbs.lor -->05/09/2008 09:14:57

C:\WINDOWS\System32\TPAPSLOG.LOG -->04/09/2008 14:25:02

C:\WINDOWS\System32\EGATHDRV.SYS -->03/09/2008 08:41:53

C:\WINDOWS\System32\mlfcache.dat -->02/09/2008 12:29:58

C:\WINDOWS\System32\PerfStringBackup.INI -->29/08/2008 10:41:04

C:\WINDOWS\System32\perfh00C.dat -->29/08/2008 10:41:04

C:\WINDOWS\System32\perfh009.dat -->29/08/2008 10:41:04

C:\WINDOWS\System32\perfc00C.dat -->29/08/2008 10:41:04

C:\WINDOWS\System32\perfc009.dat -->29/08/2008 10:41:04

C:\WINDOWS\System32\wpa.dbl -->28/08/2008 08:19:02

C:\WINDOWS\System32\spupdwxp.log -->28/08/2008 08:16:34

C:\WINDOWS\System32\FNTCACHE.DAT -->28/08/2008 08:15:38

C:\WINDOWS\System32\d3d9caps.dat -->22/08/2008 08:48:21

C:\WINDOWS\System32\TZLog.log -->18/08/2008 12:03:39

C:\WINDOWS\System32\TUKernel.exe -->09/08/2008 00:28:47

C:\WINDOWS\System32\CONFIG.NT -->05/08/2008 11:32:22

C:\WINDOWS\System32\MRT.exe -->05/08/2008 11:11:02

C:\WINDOWS\System32\TuneUpDefragService.exe -->23/07/2008 13:20:04

C:\WINDOWS\System32\cdm.dll -->18/07/2008 22:10:48

C:\WINDOWS\System32\wuauclt.exe -->18/07/2008 22:10:42

C:\WINDOWS\System32\wups2.dll -->18/07/2008 22:10:40

C:\WINDOWS\System32\wucltui.dll.mui -->18/07/2008 22:10:36

C:\WINDOWS\WindowsUpdate.log -->05/09/2008 09:18:32

C:\WINDOWS\setupapi.log -->05/09/2008 09:15:25

C:\WINDOWS\wiadebug.log -->05/09/2008 09:15:20

C:\WINDOWS\wiaservc.log -->05/09/2008 09:15:17

C:\WINDOWS\0.log -->05/09/2008 09:15:02

C:\WINDOWS\bootstat.dat -->05/09/2008 09:15:01

C:\WINDOWS\SchedLgU.Txt -->05/09/2008 09:13:48

C:\WINDOWS\msnfix.txt -->04/09/2008 11:26:46

C:\WINDOWS\npornap.INI -->31/08/2008 12:21:42

C:\WINDOWS\SynInst.log -->31/08/2008 12:12:25

C:\WINDOWS\setupact.log -->31/08/2008 12:12:11

C:\WINDOWS\iis6.log -->29/08/2008 07:45:02

C:\WINDOWS\tsoc.log -->29/08/2008 07:45:01

C:\WINDOWS\tabletoc.log -->29/08/2008 07:45:01

C:\WINDOWS\ocmsn.log -->29/08/2008 07:45:01

winlogon.exe

svchost.exe

ws2_32.dll

user32.dll

tcpip.sys

ndis.sys

null.sys

ListDLLs v2.25 - DLL lister for Win9x/NT

Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------

explorer.exe pid: 3520

Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path

0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll

0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll

0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll

0x44080000 0xd0000 7.00.6000.16705 C:\WINDOWS\system32\WININET.dll

0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll

0x43e00000 0x45000 7.00.6000.16705 C:\WINDOWS\system32\iertutil.dll

0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll

0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll

0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL

0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll

0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL

0x44360000 0x5cd000 7.00.6000.16705 C:\WINDOWS\system32\ieframe.dll

0x44160000 0x127000 7.00.6000.16705 C:\WINDOWS\system32\urlmon.dll

0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll

0x442b0000 0x3c000 7.00.6000.16705 C:\WINDOWS\system32\webcheck.dll

0x10000000 0x4e000 1.00.0000.0000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL

0x5f800000 0xf2000 6.02.8071.0000 C:\WINDOWS\system32\MFC42u.DLL

0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL

0x00ce0000 0xc000 C:\PROGRA~1\ThinkPad\UTILIT~1\FR\PWRMGRRT.DLL

0x00e10000 0x19000 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL

0x00f40000 0x7000 1.60.0000.0006 C:\WINDOWS\system32\Sensor.dll

0x02ed0000 0x36000 6.14.0010.4926 C:\WINDOWS\system32\igfxdev.dll

0x03060000 0x96000 2.00.0000.0000 C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll

0x015e0000 0x13000 5.01.0000.4700 C:\WINDOWS\system32\btmmhook.dll

0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll

0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll

0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll

0x00970000 0x2c000 C:\Program Files\WinRAR\rarext.dll

0x00c00000 0x16000 600.00.0000.0002 C:\Program Files\Free Download Manager\FUM\fumshext.dll

0x00c20000 0x9000 2.00.0000.0004 C:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll

0x00c30000 0x12000 7.00.0000.0015 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll

0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL

0x02b70000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll

0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL

0x1c600000 0x7000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll

0x1c000000 0xe6000 1.19.0000.0002 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib.dll

0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll

0x038c0000 0x138000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDLib040c.dll

0x01400000 0x3000 1.19.0000.0001 C:\Program Files\Lenovo\SafeGuard PrivateDisk\PDShell040c.dll

0x03a00000 0x87000 10.00.0002.3363 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\oodsh.dll

0x03a90000 0x4b000 10.00.0012.1681 C:\PROGRA~1\OOSOFT~1\DEFRAG~1\OODSHRS.DLL

0x03bc0000 0x12000 1.01.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

ListDLLs v2.25 - DLL lister for Win9x/NT

Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------

winlogon.exe pid: 1648

Command line: winlogon.exe

Base Size Version Path

0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe

0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll

0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll

0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll

0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll

0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll

0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x10000000 0x8f000 1.02.0059.0000 C:\WINDOWS\system32\tvt_gina.dll

0x00cb0000 0x21a000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_gina_plugin.dll

0x00ed0000 0xd9000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\css_wait_bar.dll

0x00ab0000 0x40000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssuserdatadispatcher.dll

0x01090000 0x1ce000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\csswait.dll

0x01260000 0xa8000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_banner.dll

0x01310000 0x107000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\cssdlgpwentry.dll

0x01420000 0x10f000 7.00.0051.0000 C:\Program Files\Lenovo\Client Security Solution\dlganswerprompt.dll

0x01530000 0x55000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tvttsp.dll

0x01590000 0xa2000 1.01.0003.0006 C:\Program Files\Lenovo\Client Security Solution\tcsrpc.dll

0x016c0000 0x859000 1.10.0051.0000 C:\Program Files\Fichiers communs\Lenovo\tvt_res.dll

0x7c140000 0x106000 7.10.6030.0000 C:\WINDOWS\system32\MFC71.DLL

0x7c360000 0x56000 7.10.6030.0000 C:\WINDOWS\system32\MSVCR71.dll

0x5d360000 0xf000 7.10.6030.0000 C:\WINDOWS\system32\MFC71FRA.DLL

0x316b0000 0x3c000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\pscssint.dll

0x4eb80000 0x1a6000 5.01.3102.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll

0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll

0x30000000 0x4b000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\infra.dll

0x31bb0000 0x11000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\VTI.DLL

0x02310000 0x8000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll

0x02320000 0x2a000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll

0x0a000000 0x30000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll

0x7c3c0000 0x7c000 7.10.6030.0000 C:\WINDOWS\system32\MSVCP71.dll

0x02350000 0x18000 5.00.0000.0000 C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll

0x02430000 0x1a000 5.06.0002.3649 C:\WINDOWS\system32\psqlpwd.dll

0x31320000 0x115000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll

0x74da0000 0x6d000 5.30.0023.1230 C:\WINDOWS\system32\RICHED20.DLL

0x30280000 0x30f000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll

0x30680000 0x263000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\bio.dll

0x31690000 0xb000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll

0x300a0000 0xc7000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\remote.dll

0x03170000 0x7000 1.00.0003.0000 C:\Program Files\Lenovo\HOTKEY\tphklock.dll

0x30200000 0x5a000 5.06.0002.3649 C:\Program Files\ThinkVantage Fingerprint Software\crypto.dll

0x03530000 0xd000 2.00.0000.0000 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll

0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll

0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL

Le volume dans le lecteur C s'appelle Preload

Le numéro de série du volume est 14CD-7516

Répertoire de C:\WINDOWS\system32

14/04/2008 04:33 6 144 csrss.exe

1 fichier(s) 6 144 octets

0 Rép(s) 28 259 106 816 octets libres

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle Preload

Le numéro de série du volume est 14CD-7516

Répertoire de C:\WINDOWS\Downloaded Program Files

20/08/2008 01:20 <REP> .

20/08/2008 01:20 <REP> ..

26/03/2007 11:16 449 acpir.inf

12/12/2007 10:33 747 AdSignerADP.inf

08/06/2008 21:13 <REP> CONFLICT.1

26/01/2006 23:52 65 desktop.ini

11/04/2007 14:55 1 292 erma.inf

16/05/2007 09:22 399 gp.inf

16/03/2005 12:34 7 407 lang.ini

14/03/2005 14:38 126 live.ini

02/08/2007 15:47 569 MSNPUpld.inf

15/06/2007 09:02 632 392 OberonGameHost.dll

15/06/2007 09:01 332 OberonGameHost_dbg.inf

01/06/2006 02:57 1 331 oscan8.inf

14/03/2005 14:58 7 073 scanoptions.tsi

09/09/2005 18:45 1 516 wvc1dmo.inf

13 fichier(s) 653 698 octets

Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1

08/06/2008 21:13 <REP> .

08/06/2008 21:13 <REP> ..

20/06/2006 15:44 379 704 MsnPUpld.dll

19/06/2006 14:40 393 MsnPUpld.inf

20/06/2006 15:44 117 560 PURen-us.dll

09/01/2007 08:30 110 592 PURfr-fr.dll

4 fichier(s) 608 249 octets

Total des fichiers listés :

17 fichier(s) 1 261 947 octets

5 Rép(s) 28 259 151 872 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..

Liste des fichiers en exception sur le pare-feu XP SP2

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"

"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"

"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"

"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"

"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"

"C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"

"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"

"D:\\Livebox\\RGWRepair.exe"="D:\\Livebox\\RGWRepair.exe:*:Enabled:RGWRepair"

"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:LocalSubNet:Enabled:eMule"

"C:\\Program Files\\eMule\\dserver.exe"="C:\\Program Files\\eMule\\dserver.exe:*:Enabled:dserver"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"

"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"

"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Export de la clef SharedTaskScheduler

[sharedTaskScheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

REGEDIT4

[taskmgr.exe]

exports des policies

REGEDIT4

[system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

Export des clefs sensibles..

Rechercher adresses sensibles dans le fichier HOSTS...

127.0.0.1 www.activexupdate.com

127.0.0.1 activexupdate.com

127.0.0.1 www.avpcheckupdate.com

127.0.0.1 avpcheckupdate.com

127.0.0.1 client.exeupdate.com

127.0.0.1 www.eupdatepage.com

127.0.0.1 eupdatepage.com

127.0.0.1 www.exeupdate.com

127.0.0.1 exeupdate.com

127.0.0.1 www.hotwinupdates.com

127.0.0.1 hotwinupdates.com

127.0.0.1 www.lavasoftupdate.com

127.0.0.1 lavasoftupdate.com

127.0.0.1 www.malwarewipeupdate.com

127.0.0.1 malwarewipeupdate.com

127.0.0.1 www.msupdate.net

127.0.0.1 msupdate.net

127.0.0.1 www.msupdater.net

127.0.0.1 msupdater.net

127.0.0.1 www.necessaryupdates.com

127.0.0.1 necessaryupdates.com

127.0.0.1 newupdates.lzio.com

127.0.0.1 redirect.msupdate.net

127.0.0.1 search.keyword.exeupdate.com

127.0.0.1 www.securityupdatesite.com

127.0.0.1 securityupdatesite.com

127.0.0.1 settings.updatemysettings.com

127.0.0.1 www.spyaxeupdate.com

127.0.0.1 spyaxeupdate.com

127.0.0.1 www.spyfalconupdate.com

127.0.0.1 spyfalconupdate.com

127.0.0.1 www.systemupdates.net

127.0.0.1 systemupdates.net

127.0.0.1 trial.updates.winsoftware.com

127.0.0.1 update.680180.net

127.0.0.1 www.updatemysettings.com

127.0.0.1 updatemysettings.com

127.0.0.1 updates.spywarequake.com

127.0.0.1 www.urgentsystemupdate.biz

127.0.0.1 urgentsystemupdate.biz

127.0.0.1 www.urgentsystemupdate.com

127.0.0.1 urgentsystemupdate.com

127.0.0.1 windupdates.com

127.0.0.1 update.shareaza.com

127.0.0.1 www.antispywareupdates.net

127.0.0.1 antispywareupdates.net

127.0.0.1 www.flwupdate.com

127.0.0.1 flwupdate.com

127.0.0.1 www.mpegupdate.com

127.0.0.1 mpegupdate.com

127.0.0.1 www.movupdate.com

127.0.0.1 movupdate.com

127.0.0.1 www.pandaantivirus-2007.com

127.0.0.1 pandaantivirus-2007.com

127.0.0.1 www.pandadownload-now.com

127.0.0.1 pandadownload-now.com

127.0.0.1 www.panda-hq.com

127.0.0.1 panda-hq.com

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-05 09:52:03

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]

"OODEFRAG10.00.00.01WORKSTATION"="D89080994D4813D016F6F62A6A914549CEEE7CD62532A71A9594484CFB2BCF3EBE0525D4A52

0FB0CA4268BF2B7E7D6D82E831A1799341734ADB64FD4CABF62278B661EBB76120711C547CB2D5752

850D3A422450EDAAEAE3C417720C0337F3182898DD1CFC0C8A7ACEF9FD2683C88C4F56A353F1F835E

1846A2402223679EB7EF0A6E804A55FB3E20A7EFB6EA7A2FB8C59C178AEC256147523F2620AAAD304

48B8BCD8C917C081ECB5BCB4DAE42139378DDBF57B0976EA99E5BA0CF95CF5CCE9C12B5B04284AC73

C833C29058D647D46B354C412BD6023D51FD60A6DF7F4A7DA48FEBC9E127BECC74CFEBC9E127BECC7

4CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC793

3A2D97226D213B5559DB7CE019D40AA5C9DB7CE019D40AA5CEEE5D9EEA86E62995E2AAA2C44707446

9ADD2F13269F97558A435AAE8A3D9B7A0F2E315CFC29D5F63607CDD45282A0856F1EE9FB202672185

8447E89DBF20B61184671FCF0E520B24AA3575D7D00AD2AF4A23D558E7FC3AD18B48A12F4E7F23746

1FED78A65CBFF1CE82DB2CB3C5ACA479A720E246CB4AF3CF21F58634A0E4E776BA3C2D2715B64B1CB

C33DB4601305BEE78C89B81004BBC292C765C5EF6F7D0ADB036ACDBED0DCB2D7EF6B9E734D0246876

33AADCE1904DF28B0DBB1796454690AC7ABB96974B74A307074A32382A4FA018A0EFD98EE4E19D0BF

7026901690FEBEDE954081B02B741AC06C221B6DA1D72E495005E759AA5BF08BC3F448A08662D46AC

A4C9CE437D6ED5DB8D142E07C0607C58A1B4DA84BC9474A53779DCC5F9E8202B8ED6622522B87F33C

A51F0D6658F8DF54F0856FC3C77D7BF6441F24BEED47394A50E5743F6CEBA7BC98027F52747DE40BA

EA525F2E6C4BDAF1339FC6DA4C51DBB4B2833B3E03AAE6952E4B1418F44A49C5D38F0D1197FD0EC0C

E06EA48CDDCB439EC902FB050876E64C9AA63BB2ABB690899A26BD5C4B03064F720EC377C4C9B6547

FAC8F9D01E4C27A8E89D8B1CB43DCD7C72E1E4E03B60A67239851B1F6C4D9DB116AF3BC3CE7F0003F

E7D74A2CBA4969B3A5C957D87FE036BF3F35A219BCC7B7F8793880F8D4BC5F4344158BB28C415FD0C

4E37519331ABEFC3F750904DDE4CE74927E7B963360180A8308B070905B10CC8A90CB5F1E083F1F2D

8CBA0098F1386A8A1D66F6C8CF207CF8DD7C9BE9187142AE8C928C7B9A3C79CDF0FA8E9AB04DBC63C

450057DC8DD2EFA8F76DAD5AE5463B879ACBD1AD592D315AD1249EC588C81B36185FE97AF491A44E2

07FD09350395C861C655CF2A33FF71940AF6B353F176DD3A4A5FB7B8650DAD4F32FB5367F65BF6ADF

5FC900B78108747711A61279705D58B98F7A3D5007D6128BD2FBFD5D28EFBCED471095FD59CDC20BA

CBCBB3BE55A92967B65DD130B2EE1"

scanning hidden files ...

scan completed successfully

hidden services: 0

hidden files: 0

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System

236 - svchost.exe

496 - ACWLIcon.exe

696 - tvt_reg_monitor

712 - TPHDEXLG.exe

960 - AwaySch.EXE

1192 - AcSvc.exe

1308 - pdservice.exe

1324 - oodtray.exe

1376 - logmon.exe

1396 - IPSSVC.EXE

1444 - acs.exe

1480 - avguard.exe

1604 - mdm.exe

1624 - csrss.exe

1648 - winlogon.exe

1692 - services.exe

1704 - lsass.exe

1840 - ibmpmsvc.exe

1884 - svchost.exe

1892 - oodag.exe

1956 - svchost.exe

1996 - svchost.exe

2084 - fdm.exe

2380 - sqlservr.exe

2464 - alg.exe

3060 - avgnt.exe

3104 - ctfmon.exe

3112 - taskmgr.exe

3120 - BTSTAC~1.EXE

3176 - notepad.exe

3212 - MemOptimizer.ex

3220 - fum.exe

3240 - fumoei.exe

3272 - CamTray.exe

3300 - wcescomm.exe

3396 - winamp.exe

3416 - cssauth.exe

3468 - PicasaMediaDete

3500 - rapimgr.exe

3520 - explorer.exe

3732 - BTTray.exe

3844 - DLG.exe

3860 - SynTPEnh.exe

3892 - TpShocks.exe

3908 - TPOSDSVC.exe

4056 - SMax4.exe

4412 - cmd.exe

4684 - iexplore.exe

4688 - firefox.exe

Total number of processes = 50

NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntkrnlpa.exe

806E4000 - \WINDOWS\system32\hal.dll

F7ABD000 - \WINDOWS\system32\KDCOM.DLL

F79CD000 - \WINDOWS\system32\BOOTVID.dll

F748D000 - ACPI.sys

F7ABF000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS

F747C000 - pci.sys

F75BD000 - isapnp.sys

F79D1000 - compbatt.sys

F79D5000 - \WINDOWS\system32\DRIVERS\BATTC.SYS

F7B85000 - pciide.sys

F783D000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS

F745E000 - pcmcia.sys

F75CD000 - MountMgr.sys

F743F000 - ftdisk.sys

F7AC1000 - dmload.sys

F7419000 - dmio.sys

F7845000 - PartMgr.sys

F79D9000 - ACPIEC.sys

F7B86000 - \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS

F75DD000 - VolSnap.sys

F7401000 - atapi.sys

F7339000 - iaStor.sys

F75ED000 - disk.sys

F75FD000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS

F7319000 - fltmgr.sys

F7307000 - sr.sys

F760D000 - PxHelp20.sys

F72F0000 - KSecDD.sys

F7263000 - Ntfs.sys

F7236000 - NDIS.sys

F7218000 - Apsx86.sys

F784D000 - ApsHM86.sys

F761D000 - ohci1394.sys

F762D000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS

F71FE000 - Mup.sys

F765D000 - \SystemRoot\system32\DRIVERS\nic1394.sys

F6BC3000 - \SystemRoot\system32\DRIVERS\intelppm.sys

F5878000 - \SystemRoot\system32\DRIVERS\igxpmp32.sys

F5864000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

F583C000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys

F5811000 - \SystemRoot\system32\DRIVERS\b57xp32.sys

F578A000 - \SystemRoot\system32\DRIVERS\ar5211.sys

F7935000 - \SystemRoot\system32\DRIVERS\usbuhci.sys

F5766000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS

F793D000 - \SystemRoot\system32\DRIVERS\usbehci.sys

F573E000 - \SystemRoot\system32\drivers\tifm21.sys

F572A000 - \SystemRoot\system32\DRIVERS\sdbus.sys

F6BB3000 - \SystemRoot\system32\DRIVERS\i8042prt.sys

F7945000 - \SystemRoot\system32\DRIVERS\kbdclass.sys

F56F2000 - \SystemRoot\system32\DRIVERS\SynTP.sys

F7B17000 - \SystemRoot\system32\DRIVERS\USBD.SYS

F794D000 - \SystemRoot\system32\DRIVERS\mouclass.sys

F7955000 - \SystemRoot\system32\DRIVERS\nscirda.sys

F7AB1000 - \SystemRoot\system32\DRIVERS\irenum.sys

F795D000 - \SystemRoot\system32\DRIVERS\atmeltpm.sys

F7AB9000 - \SystemRoot\system32\DRIVERS\CmBatt.sys

F71DA000 - \SystemRoot\system32\DRIVERS\ibmpmdrv.sys

F6BA3000 - \SystemRoot\system32\DRIVERS\imapi.sys

F7965000 - \SystemRoot\system32\drivers\iviaspi.sys

F6B93000 - \SystemRoot\system32\DRIVERS\cdrom.sys

F6B83000 - \SystemRoot\system32\DRIVERS\redbook.sys

F56CF000 - \SystemRoot\system32\DRIVERS\ks.sys

F55FE000 - \SystemRoot\system32\DRIVERS\btkrnl.sys

F796D000 - \SystemRoot\system32\DRIVERS\tvtpktfilter.sys

F7CD7000 - \SystemRoot\system32\DRIVERS\audstub.sys

F7975000 - \SystemRoot\system32\DRIVERS\rasirda.sys

F797D000 - \SystemRoot\system32\DRIVERS\TDI.SYS

F6B73000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys

F71C6000 - \SystemRoot\system32\DRIVERS\ndistapi.sys

F55E7000 - \SystemRoot\system32\DRIVERS\ndiswan.sys

F6B63000 - \SystemRoot\system32\DRIVERS\raspppoe.sys

F773D000 - \SystemRoot\system32\DRIVERS\raspptp.sys

F55D6000 - \SystemRoot\system32\DRIVERS\psched.sys

F774D000 - \SystemRoot\system32\DRIVERS\msgpc.sys

F7985000 - \SystemRoot\system32\DRIVERS\ptilink.sys

F798D000 - \SystemRoot\system32\DRIVERS\raspti.sys

F55A6000 - \SystemRoot\system32\DRIVERS\rdpdr.sys

F775D000 - \SystemRoot\system32\DRIVERS\termdd.sys

F7995000 - \SystemRoot\system32\DRIVERS\psadd.sys

F7B19000 - \SystemRoot\system32\DRIVERS\swenum.sys

F5548000 - \SystemRoot\system32\DRIVERS\update.sys

F7171000 - \SystemRoot\system32\DRIVERS\mssmbios.sys

F778D000 - \SystemRoot\system32\DRIVERS\wsimd.sys

F799D000 - \SystemRoot\system32\DRIVERS\btport.sys

F5E8E000 - \SystemRoot\System32\Drivers\NDProxy.SYS

AA5DB000 - \SystemRoot\system32\drivers\ADIHdAud.sys

AA5B7000 - \SystemRoot\system32\drivers\portcls.sys

F77BD000 - \SystemRoot\system32\drivers\drmk.sys

AA5A0000 - \SystemRoot\system32\drivers\AEAudio.sys

AA56C000 - \SystemRoot\system32\DRIVERS\HSFHWAZL.sys

AA47A000 - \SystemRoot\system32\DRIVERS\HSF_DPV.sys

AA3C7000 - \SystemRoot\system32\DRIVERS\HSF_CNXT.sys

F788D000 - \SystemRoot\System32\Drivers\Modem.SYS

A98E4000 - \SystemRoot\system32\DRIVERS\usbhub.sys

F551C000 - \SystemRoot\System32\Drivers\i2omgmt.SYS

F7B51000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS

F7C89000 - \SystemRoot\System32\Drivers\Null.SYS

F7B53000 - \SystemRoot\System32\Drivers\Beep.SYS

A83B5000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

A83AD000 - \SystemRoot\System32\drivers\vga.sys

F7B55000 - \SystemRoot\System32\Drivers\mnmdd.SYS

F7B59000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys

A83A5000 - \SystemRoot\System32\Drivers\Msfs.SYS

A839D000 - \SystemRoot\System32\Drivers\Npfs.SYS

F5514000 - \SystemRoot\system32\DRIVERS\rasacd.sys

A5A93000 - \SystemRoot\system32\DRIVERS\ipsec.sys

A5A3A000 - \SystemRoot\system32\DRIVERS\tcpip.sys

A5A12000 - \SystemRoot\system32\DRIVERS\netbt.sys

A59EC000 - \SystemRoot\system32\DRIVERS\ipnat.sys

A59CA000 - \SystemRoot\System32\drivers\afd.sys

A845E000 - \SystemRoot\system32\DRIVERS\netbios.sys

A8395000 - \SystemRoot\System32\drivers\TSMAPIP.SYS

A838D000 - \SystemRoot\System32\drivers\Tppwrif.sys

A8385000 - \SystemRoot\system32\DRIVERS\TPHKDRV.sys

A837D000 - \SystemRoot\System32\drivers\TDSMAPI.SYS

A77B5000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys

A77AD000 - \SystemRoot\System32\drivers\Smapint.sys

A588F000 - \SystemRoot\system32\DRIVERS\rdbss.sys

A581F000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys

F7B5B000 - \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys

A843E000 - \SystemRoot\System32\Drivers\Fips.SYS

A7C10000 - \SystemRoot\system32\DRIVERS\wanarp.sys

A7C00000 - \SystemRoot\system32\DRIVERS\arp1394.sys

A55A4000 - \SystemRoot\system32\DRIVERS\avipbb.sys

A9B58000 - \SystemRoot\system32\DRIVERS\hidusb.sys

A7BD0000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

F7B5F000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys

A9B54000 - \SystemRoot\System32\drivers\ANC.SYS

A599A000 - \SystemRoot\System32\Drivers\tcusb.sys

A51A2000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS

A7B23000 - \SystemRoot\system32\DRIVERS\mouhid.sys

9BAD9000 - \SystemRoot\System32\Drivers\Fastfat.SYS

9BA11000 - \SystemRoot\System32\Drivers\dump_iaStor.sys

BF800000 - \SystemRoot\System32\win32k.sys

9D4A6000 - \SystemRoot\System32\drivers\Dxapi.sys

9C388000 - \SystemRoot\System32\watchdog.sys

BF000000 - \SystemRoot\System32\drivers\dxg.sys

F7C45000 - \SystemRoot\System32\drivers\dxgthk.sys

BF024000 - \SystemRoot\System32\igxpgd32.dll

BF012000 - \SystemRoot\System32\igxprd32.dll

BF04F000 - \SystemRoot\System32\igxpdv32.DLL

BF1E7000 - \SystemRoot\System32\igxpdx32.DLL

9C077000 - \??\C:\Program Files\Fichiers communs\ThinkVantage Fingerprint Software\Drivers\smihlp.sys

9B9FB000 - \SystemRoot\system32\DRIVERS\irda.sys

9B9E5000 - \SystemRoot\system32\DRIVERS\nwlnkipx.sys

F6BF3000 - \SystemRoot\system32\DRIVERS\nwlnknb.sys

9F922000 - \SystemRoot\system32\DRIVERS\ndisuio.sys

9B995000 - \SystemRoot\system32\DRIVERS\nwrdr.sys

9B968000 - \SystemRoot\system32\DRIVERS\mrxdav.sys

A22EB000 - \SystemRoot\system32\DRIVERS\PROCDD.SYS

F7AC9000 - \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS

9F155000 - \SystemRoot\system32\DRIVERS\mdmxsdk.sys

9B84E000 - \SystemRoot\system32\DRIVERS\srv.sys

9D979000 - \SystemRoot\system32\DRIVERS\nwlnkspx.sys

9B812000 - \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys

F7AEB000 - \??\C:\WINDOWS\System32\drivers\pmemnt.sys

A4063000 - \??\C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys

F7C59000 - \??\C:\Program Files\SMI2\smi2.sys

A2ED1000 - \SystemRoot\System32\Drivers\Cdfs.SYS

9B7BA000 - \??\C:\WINDOWS\system32\drivers\tvtfilter.sys

9B1E5000 - \SystemRoot\system32\drivers\wdmaud.sys

A2F41000 - \SystemRoot\system32\drivers\sysaudio.sys

9A3F2000 - \SystemRoot\System32\Drivers\btwusb.sys

9A374000 - \SystemRoot\system32\DRIVERS\btwdndis.sys

9A2F4000 - \SystemRoot\system32\drivers\btaudio.sys

9A032000 - \SystemRoot\system32\drivers\kmixer.sys

F7C25000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

Total number of drivers = 168

Liste des programmes installes

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office system

Access - Aide

Activation Assistant for the 2007 Microsoft Office suites

Adobe AIR

Adobe Flash Player 9 ActiveX

Adobe Flash Player ActiveX

Adobe Flash Player Plugin

Apple Software Update

Archiveur WinRAR

Assistant de connexion Windows Live

Assistant UltraNav ThinkPad

Audacity 1.3.5 (Unicode)

Avira AntiVir Personal - Free Antivirus

CCleaner (remove only)

Client Security Solution

Configuration du ThinkPad

Correctif pour Windows Internet Explorer 7 (KB947864)

Correctif pour Windows XP (KB952287)

Creative WebCam Center

Creative WebCam NX Ultra Driver (1.01.03.0112)

eMule

ffdshow [rev 1977] [2008-05-28]

Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)

Fonctions d'accessibilité TrackPoint

Free Download Manager 2.5

Free Easy Burner V 3.8

FTP Utility

G-Force

GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)

Gestionnaire d'alimentation ThinkPad

Gestionnaire de contacts professionnels pour Outlook 2007 SP1

Gestionnaire de présentation

getPlus®_ocx

GIMP 2.4.4

Help Center

HijackThis 2.0.2

Incrustation

InfraRecorder

Integrated camera

Intel® Graphics Media Accelerator Driver

InterVideo Register Manager

InterVideo WinDVD

InterVideo WinDVD Creator 3

Java 6 Update 7

LADSPA_plugins-win-0.4.15

Lecteur Windows Media 10

Macromedia Flash Player 8

Maintenance Manager

Malwarebytes' Anti-Malware

Media Player Classic fr

Message Center

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB928366)

Microsoft .NET Framework 2.0 Language Pack - FRA

Microsoft .NET Framework 2.0 Service Pack 1

Microsoft ActiveSync

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office Access MUI (French) 2007

Microsoft Office Excel MUI (French) 2007

Microsoft Office InfoPath MUI (French) 2007

Microsoft Office Language Pack 2007 Service Pack 1 (SP1)

Microsoft Office Outlook MUI (French) 2007

Microsoft Office PowerPoint MUI (French) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (Arabic) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (French) 2007

Microsoft Office Publisher MUI (French) 2007

Microsoft Office Shared MUI (French) 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Word MUI (French) 2007

Microsoft Software Update for Web Folders (French) 12

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

Microsoft SQL Server Native Client

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Works 6-9 Converter

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)

Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)

Mise à jour de sécurité pour Windows XP (KB941569)

Mise à jour de sécurité pour Windows XP (KB946648)

Mise à jour de sécurité pour Windows XP (KB950760)

Mise à jour de sécurité pour Windows XP (KB950762)

Mise à jour de sécurité pour Windows XP (KB950974)

Mise à jour de sécurité pour Windows XP (KB951066)

Mise à jour de sécurité pour Windows XP (KB951376-v2)

Mise à jour de sécurité pour Windows XP (KB951376)

Mise à jour de sécurité pour Windows XP (KB951698)

Mise à jour de sécurité pour Windows XP (KB951748)

Mise à jour de sécurité pour Windows XP (KB952954)

Mise à jour de sécurité pour Windows XP (KB953839)

Mise à jour pour Windows XP (KB951072-v2)

Mise à jour pour Windows XP (KB951978)

Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA

Montpellier Business Plan Classic

Mozilla Firefox (3.0.1)

MSXML 4.0 SP2 (KB936181)

MSXML 6.0 Parser (KB933579)

O&O Defrag Professional Edition

OpenOffice.org Installer 1.0

Orange Plug-in messagerie vocale 888

PC-Doctor 5 pour Windows

Picasa 2

QuickTime

RecordNow Audio

RecordNow Copy

RecordNow Data

Remove Multimedia Center

Rescue and Recovery

Rescue and Recovery Critical Patch for Windows Update (KB917422)

Security Update for 2007 Microsoft Office System (KB951596)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Office Excel 2007 (KB951546)

Security Update for Microsoft Office PowerPoint 2007 (KB951338)

Security Update for Microsoft Office Publisher 2007 (KB950114)

Security Update for Microsoft Office Word 2007 (KB950113)

Security Update for Visio 2007 (KB947590)

ServerMaker 2001

SoundMAX

Sumatra PDF reader

Supplément à Productivity Center pour ThinkPad

System Migration Assistant

System Update

Système de protection active ThinkVantage

Texas Instruments PCIxx21/x515/xx12 drivers.

ThinkPad Bluetooth with Enhanced Data Rate Software

ThinkPad FullScreen Magnifier

ThinkPad Modem

ThinkPad PC Card Power Policy

ThinkPad Power Management Driver

ThinkPad UltraNav Driver

ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g)

ThinkVantage Access Connections

ThinkVantage Fingerprint Software 5.6

ThinkVantage Productivity Center

ThinkVantage Technologies Welcome Message

TIPCI

Total Commander (Remove or Repair)

TuneUp Utilities 2008

Update for Microsoft Office Outlook 2007 (KB952142)

Update for Office 2007 (KB946691)

Update for Outlook 2007 Junk Email Filter (kb955433)

Utilitaire de personnalisation du clavier ThinkPad

Utilitaire ThinkPad EasyEject

Utilitaire ThinkPad UltraNav

VideoLAN VLC media player 0.8.6f

Wallpapers

WebFldrs XP

Winamp

Windows Live installer

Windows Live Messenger

Windows Live Toolbar

Windows Media Connect

Windows Media Format Runtime

Windows Media Player 10 Hotfix - KB894476

Windows Media Player Firefox Plugin

Windows XP Service Pack 3

XP Themes

Le volume dans le lecteur C s'appelle Preload

Le numéro de série du volume est 14CD-7516

Répertoire de C:\Program Files

04/09/2008 10:38 <REP> .

04/09/2008 10:38 <REP> ..

27/04/2008 18:55 <REP> Activation Assistant for the 2007 Microsoft Office suites

06/08/2008 12:20 <REP> Adobe

10/02/2008 23:40 <REP> Alwil Software

10/02/2008 18:27 <REP> Analog Devices

22/08/2008 10:05 <REP> Apple Software Update

04/09/2008 10:33 <REP> Audacity 1.3 Beta (Unicode)

05/08/2008 11:40 <REP> Avira

07/03/2008 10:50 <REP> CapAlpha

19/05/2008 12:11 <REP> CCleaner

25/01/2006 19:50 <REP> ComPlus Applications

10/02/2008 18:27 <REP> CONEXANT

02/05/2008 14:32 <REP> Creative

27/04/2008 18:55 <REP> Dactylo

27/04/2008 18:55 <REP> Digital Line Detect

29/08/2008 00:44 <REP> eMule

02/08/2008 13:47 <REP> FairUse Wizard 2

31/05/2008 13:37 <REP> ffdshow

03/08/2008 08:47 <REP> Fichiers communs

28/08/2008 18:53 <REP> Foxit Software

31/08/2008 12:10 <REP> Free Download Manager

07/07/2008 07:50 <REP> Free Easy Burner

29/02/2008 06:35 <REP> GIMP-2.0

02/08/2008 23:51 <REP> Google

19/05/2008 15:57 <REP> InfraRecorder

12/02/2008 02:31 <REP> Intel

18/08/2008 12:03 <REP> Internet Explorer

28/05/2008 09:53 <REP> InterVideo

26/05/2008 13:28 <REP> Inventel

28/08/2008 18:55 <REP> Java

17/04/2008 14:24 <REP> K-Lite Codec Pack

22/02/2008 17:05 <REP> KONICA MINOLTA

22/08/2008 08:19 <REP> Lenovo

02/09/2008 09:54 <REP> Malwarebytes' Anti-Malware

27/04/2008 18:59 <REP> Media Player Classic

28/08/2008 08:11 <REP> Messenger

27/04/2008 18:59 <REP> Microsoft ActiveSync

11/02/2008 14:53 <REP> Microsoft CAPICOM 2.1.0.2

25/01/2006 19:57 <REP> microsoft frontpage

10/02/2008 19:02 <REP> Microsoft Office

10/02/2008 19:02 <REP> Microsoft Small Business

23/07/2008 20:03 <REP> Microsoft SQL Server

10/02/2008 18:55 <REP> Microsoft Visual Studio

10/02/2008 23:32 <REP> Microsoft Visual Studio 8

27/04/2008 18:54 <REP> Microsoft Works

10/02/2008 18:55 <REP> Microsoft.NET

28/08/2008 08:07 <REP> Movie Maker

05/09/2008 09:17 <REP> Mozilla Firefox

10/02/2008 23:35 <REP> MSBuild

25/01/2006 19:49 <REP> MSN

25/01/2006 19:49 <REP> MSN Gaming Zone

10/02/2008 18:23 <REP> MSXML 4.0

11/02/2008 14:53 <REP> MSXML 6.0

31/05/2008 15:28 <REP> Multimedia Center for Think Offerings

28/08/2008 08:03 <REP> NetMeeting

27/04/2008 18:59 <REP> NetWaiting

27/04/2008 18:59 <REP> Online Services

11/02/2008 00:19 <REP> OO Software

02/03/2008 10:56 <REP> orange

28/08/2008 08:03 <REP> Outlook Express

03/05/2008 09:47 <REP> PCDR5

02/08/2008 23:51 <REP> Picasa2

13/06/2008 09:53 <REP> QuickTime

27/04/2008 19:00 <REP> Services en ligne

27/04/2008 19:00 <REP> SMI2

25/05/2008 12:38 <REP> SoundSpectrum

28/08/2008 19:21 <REP> SumatraPDF

14/08/2008 13:52 <REP> Sun

10/02/2008 18:25 <REP> Synaptics

12/02/2008 02:43 <REP> ThinkPad

28/05/2008 09:54 <REP> ThinkVantage

27/04/2008 19:00 <REP> ThinkVantage Fingerprint Software

27/04/2008 19:26 <REP> TmNationsForever

06/08/2008 09:41 <REP> Trend Micro

22/08/2008 08:37 <REP> TuneUp Utilities 2008

27/04/2008 19:00 <REP> TVT SMBus

05/06/2008 11:09 <REP> VideoLAN

23/07/2008 13:16 <REP> Winamp

28/02/2008 19:55 <REP> Windows Desktop Search

11/02/2008 22:10 <REP> Windows Live

27/04/2008 19:00 <REP> Windows Live Toolbar

27/04/2008 19:00 <REP> Windows Media Connect 2

28/08/2008 08:03 <REP> Windows Media Player

28/08/2008 08:03 <REP> Windows NT

27/04/2008 19:00 <REP> WinRAR

25/01/2006 19:57 <REP> xerox

0 fichier(s) 0 octets

87 Rép(s) 28 258 312 192 octets libres

Le volume dans le lecteur C s'appelle Preload

Le numéro de série du volume est 14CD-7516

Répertoire de C:\Program Files\fichiers communs

03/08/2008 08:47 <REP> .

03/08/2008 08:47 <REP> ..

06/08/2008 12:20 <REP> Adobe

24/06/2008 10:51 <REP> Adobe AIR

03/08/2008 08:48 <REP> AVSMedia

27/04/2008 18:55 <REP> DESIGNER

26/05/2008 13:28 278 528 FDEUnInstaller.exe

31/05/2008 15:30 <REP> Installshield

12/02/2008 03:01 <REP> InterVideo

17/04/2008 13:31 <REP> Java

27/05/2008 15:53 <REP> Lenovo

03/08/2008 08:47 <REP> Microsoft Shared

25/01/2006 19:51 <REP> MSSoap

12/02/2008 00:36 <REP> NSV

04/07/2008 05:59 <REP> Oberon Media

25/01/2006 11:45 <REP> ODBC

25/01/2006 19:51 <REP> Services

27/04/2008 18:56 <REP> snp2std

27/04/2008 18:56 <REP> Sonic Shared

25/01/2006 11:44 <REP> SpeechEngines

13/02/2008 08:59 <REP> Symantec Shared

28/08/2008 08:03 <REP> System

12/02/2008 02:48 <REP> ThinkVantage Fingerprint Software

03/08/2008 11:44 <REP> Wise Installation Wizard

1 fichier(s) 278 528 octets

23 Rép(s) 28 258 320 384 octets libres

Le volume dans le lecteur C s'appelle Preload

Le numéro de série du volume est 14CD-7516

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

01/08/2008 18:30 <REP> .

01/08/2008 18:30 <REP> ..

27/04/2008 18:56 <REP> 1036

28/08/2007 23:55 973 168 MSONSEXT.DLL

26/10/2006 21:12 40 256 MSOSV.DLL

03/06/1999 22:09 122 937 MSOWS409.DLL

07/03/2001 17:00 127 033 MSOWS40c.DLL

4 fichier(s) 1 263 394 octets

3 Rép(s) 28 258 320 384 octets libres

c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe

c:\Documents and Settings\Régis Granger\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe

c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe

c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe

c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\ARPPRODUCTICON.exe

c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut1_EDA1C1F7F27E4B20B9BC39964452DBB1.exe

c:\Documents and Settings\Régis Granger\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut2_EDA1C1F7F27E4B20B9BC39964452DBB1.exe

c:\Documents and Settings\Régis Granger\Bureau\OTViewIt.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\catchme.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\diff.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\dumphive.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\find2.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\Fport.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\grep.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\gzip.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\KProcCheck.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LFiles.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\md5sums.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\pslist.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\sigcheck.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\streams.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\swreg.exe

c:\Documents and Settings\Régis Granger\Bureau\DiagHelp\tar.exe

c:\Documents and Settings\Régis Granger\Bureau\HJT\HJTInstall.exe

c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\catchme.exe

c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Hostsclean.exe

c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\MD5File.exe

c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\Process.exe

c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\setpath.exe

c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\swreg.exe

c:\Documents and Settings\Régis Granger\Bureau\MSNFix\incl\zip.exe

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll

c:\Documents and Settings\Administrateur\Local Settings\Application Data\Seven Zip\Formats\7z.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll

c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\core.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\file.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\fmod.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\gfx2d_dd7.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\imglib.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\jpeg.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\logger.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\luxor_ar_web.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\net.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\snd3d_fmod.dll

c:\Documents and Settings\All Users\Application Data\MumboJumbo\MJOLauncher\Oberon\luxor_ar_web\ui2.dll

c:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\zone\zuma\Zuma.dll

c:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\mia.dll

c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll

c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll

c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll

c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll

c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll

c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll

c:\Documents and Settings\Default User\Local Settings\Application Data\Seven Zip\Formats\7z.dll

c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll

c:\Documents and Settings\Régis Granger\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll

c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\js32.dll

c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll

c:\Documents and Settings\Régis Granger\Application Data\Mozilla\Firefox\Profiles\pq5irnan.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll

c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll

c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll

c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll

c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll

c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll

c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll

c:\Documents and Settings\Régis Granger\Local Settings\Application Data\Seven Zip\Formats\7z.dll

****** Fin du rapport DiagHelp

C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->05/09/2008 09:17:38

C:\WINDOWS\prefetch\TASKMGR.EXE-20256C55.pf -->05/09/2008 09:17:20

C:\WINDOWS\prefetch\BTSTAC~1.EXE-22A3B15B.pf -->05/09/2008 09:17:12