144 utilisateurs connectés
 |
|
 |
Virus mechant!
dédétraqué
le 22 novembre 2008 à 22h09
Salut keywin
Ferme cette fenêtre le scan va poursuivre
@++
Ferme cette fenêtre le scan va poursuivre
@++
répondre
keywin
le 22 novembre 2008 à 23h29
Je contiu sa demain!
-------
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
keywin
le 23 novembre 2008 à 14h35
Salut j'ai fermer la fenetre pour envoyer le fichier mais ca ne avance pas.
J'ai un rapport: je sais pas si c'est selui ci mais :DiagHelp version - http://www.malekal.com
excute le 23/11/2008 à 14:35:53,85
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->23/11/2008 14:35:48
C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->23/11/2008 14:30:31
C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->23/11/2008 14:30:27
C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->23/11/2008 14:28:53
C:\WINDOWS\prefetch\SORT.EXE-194AE83C.pf -->23/11/2008 14:27:09
C:\WINDOWS\prefetch\FIND.EXE-0EC32F1E.pf -->23/11/2008 14:26:46
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->23/11/2008 14:26:28
C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->23/11/2008 14:24:31
C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->23/11/2008 14:23:58
C:\WINDOWS\prefetch\REGEDIT.EXE-1B606482.pf -->23/11/2008 14:23:45
C:\WINDOWS\System32\drivers\PnkBstrK.sys -->22/11/2008 22:45:34
C:\WINDOWS\System32\drivers\aec.sys -->19/11/2008 16:48:15
C:\WINDOWS\System32\drivers\aswmon.sys -->18/11/2008 19:04:36
C:\WINDOWS\System32\drivers\aswmon2.sys -->18/11/2008 19:04:21
C:\WINDOWS\System32\drivers\aswSP.sys -->18/11/2008 19:03:33
C:\WINDOWS\System32\drivers\aswFsBlk.sys -->18/11/2008 19:02:43
C:\WINDOWS\System32\drivers\aswTdi.sys -->18/11/2008 19:01:23
C:\WINDOWS\System32\tmp.txt -->23/11/2008 14:23:45
C:\WINDOWS\System32\tmp.reg -->23/11/2008 14:23:45
C:\WINDOWS\System32\CONFIG.NT -->23/11/2008 14:22:06
C:\WINDOWS\System32\wpa.dbl -->23/11/2008 14:20:53
C:\WINDOWS\System32\ativvaxx.cap -->23/11/2008 14:20:38
C:\WINDOWS\System32\PnkBstrB.exe -->22/11/2008 23:45:26
C:\WINDOWS\System32\svchost.exe -->21/11/2008 21:31:13
C:\WINDOWS\System32\d3d9caps.dat -->19/11/2008 17:09:14
C:\WINDOWS\System32\rmoc3260.dll -->19/11/2008 14:34:54
C:\WINDOWS\System32\pndx5032.dll -->19/11/2008 14:34:48
C:\WINDOWS\System32\pndx5016.dll -->19/11/2008 14:34:48
C:\WINDOWS\System32\pncrt.dll -->19/11/2008 14:34:48
C:\WINDOWS\System32\aswBoot.exe -->18/11/2008 18:41:38
C:\WINDOWS\System32\AvastSS.scr -->18/11/2008 18:35:22
C:\WINDOWS\System32\satsukidecodersettings.ini -->18/11/2008 17:30:56
C:\WINDOWS\System32\FNTCACHE.DAT -->18/11/2008 16:09:27
C:\WINDOWS\System32\MRT.exe -->03/11/2008 17:10:26
C:\WINDOWS\System32\lmimirr2.dll -->16/10/2008 21:35:42
C:\WINDOWS\System32\lmimirr.dll -->16/10/2008 21:35:40
C:\WINDOWS\System32\LMIRfsClientNP.dll -->16/10/2008 20:35:58
C:\WINDOWS\System32\LMIport.dll -->16/10/2008 20:35:42
C:\WINDOWS\System32\LMIinit.dll -->16/10/2008 20:35:38
C:\WINDOWS\System32\wuweb.dll -->16/10/2008 15:13:40
C:\WINDOWS\System32\wucltui.dll -->16/10/2008 15:12:22
C:\WINDOWS\System32\wuaueng.dll -->16/10/2008 14:13:40
C:\WINDOWS\RTacDbg.txt -->23/11/2008 14:27:45
C:\WINDOWS\WindowsUpdate.log -->23/11/2008 14:23:22
C:\WINDOWS\0.log -->23/11/2008 14:20:53
C:\WINDOWS\bootstat.dat -->23/11/2008 14:20:39
C:\WINDOWS\SchedLgU.Txt -->22/11/2008 23:29:51
C:\WINDOWS\setupapi.log -->22/11/2008 17:01:37
C:\WINDOWS\ntbtlog.txt -->22/11/2008 16:00:01
C:\WINDOWS\system.ini -->22/11/2008 15:47:16
C:\WINDOWS\setupact.log -->22/11/2008 09:29:15
C:\WINDOWS\WgaNotify.log -->21/11/2008 19:28:13
C:\WINDOWS\spupdsvc.log -->21/11/2008 19:28:13
C:\WINDOWS\setuperr.log -->19/11/2008 17:23:44
C:\WINDOWS\WMSysPr9.prx -->06/09/2008 17:36:37
C:\WINDOWS\nsreg.dat -->31/08/2008 20:38:36
C:\WINDOWS\QTFont.qfn -->31/08/2008 13:39:23
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1920
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x01690000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x022f0000 0x11000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
0x02470000 0x12000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
0x02630000 0xe000 1.09.0000.0000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
0x10000000 0x9000 7.64.0000.0000 C:\WINDOWS\system32\Amhooker.dll
0x01440000 0x14000 2.01.0003.0000 C:\WINDOWS\system32\LMIRfsClientNP.dll
0x5ee60000 0x5b000 2.00.0500.0000 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x78520000 0xa3000 9.00.21022.0008 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\MSVCR90.dll
0x5e470000 0x97000 4.05.2003.0120 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll
0x02d10000 0x5b000 9.00.0000.0332 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
0x02d80000 0x4c000 9.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
0x32520000 0x12000 10.00.2609.0000 C:\Program Files\Microsoft Office\Office10\msohev.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\System32\wshext.dll
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 880
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x25000 6.14.0010.4177 C:\WINDOWS\system32\Ati2evxx.dll
0x01f00000 0x15000 4.00.0000.0784 C:\WINDOWS\system32\LMIinit.dll
0x02160000 0x42000 1.08.0031.0009 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x01150000 0x14000 2.01.0003.0000 C:\WINDOWS\system32\LMIRfsClientNP.dll
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\WINDOWS\system32
13/04/2008 18:34 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 51 359 764 480 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\WINDOWS\Downloaded Program Files
22/11/2008 17:01 <REP> .
22/11/2008 17:01 <REP> ..
21/08/2008 13:57 65 desktop.ini
11/04/2007 13:55 1 292 erma.inf
13/08/2008 15:03 575 kavwebscan.inf
06/08/2008 14:36 144 swdir.inf
4 fichier(s) 2 076 octets
Total des fichiers listés :
4 fichier(s) 2 076 octets
2 Rép(s) 51 359 760 384 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\BF2.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\TeamViewer3\\TeamViewer.exe"="C:\\Program Files\\TeamViewer3\\TeamViewer.exe:*:Enabled:Application de pilotage à distance TeamViewer"
"C:\\Program Files\\UrbanTerror\\ioUrbanTerror.exe"="C:\\Program Files\\UrbanTerror\\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror"
"C:\\Program Files\\Transcendental Technologies\\PRE-FlightDEMO\\pfm.exe"="C:\\Program Files\\Transcendental Technologies\\PRE-FlightDEMO\\pfm.exe:*:Enabled:pfd"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Documents and Settings\\Pham\\Mes documents\\Downloads\\World of Warcraft\\Repair.exe"="C:\\Documents and Settings\\Pham\\Mes documents\\Downloads\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-23 14:36:05
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
528 - spoolsv.exe
576 - wlcomm.exe
728 - ijplmsvc.exe
768 - mdm.exe
848 - csrss.exe
880 - winlogon.exe
924 - services.exe
936 - lsass.exe
1132 - svchost.exe
1140 - PnkBstrA.exe
1180 - svchost.exe
1352 - svchost.exe
1432 - svchost.exe
1460 - ati2evxx.exe
1600 - svchost.exe
1672 - ashMaiSv.exe
1704 - ashWebSv.exe
1920 - explorer.exe
2028 - ashServ.exe
2284 - alg.exe
2544 - RTHDCPL.exe
2560 - AliceAgent.exe
2636 - MOM.exe
2732 - cmd.exe
2756 - Amoumain.exe
2768 - ctfmon.exe
2808 - msnmsgr.exe
2868 - PcSync2.exe
2888 - PCSuite.exe
2908 - UberIcon Manage
2980 - svchost.exe
3084 - WlanCU.exe
3180 - RocketDock.exe
3244 - soffice.bin
3252 - Thoosje Sidebar
3288 - ServiceLayer.ex
3440 - CCC.exe
3676 - NclUSBSrv.exe
3692 - YzShadow.exe
3904 - NclRSSrv.exe
4028 - firefox.exe
Total number of processes = 42
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntoskrnl.exe
806FF000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7607000 - MountMgr.sys
F74D7000 - ftdisk.sys
F798B000 - dmload.sys
F74B1000 - dmio.sys
F770F000 - PartMgr.sys
F7617000 - VolSnap.sys
F7499000 - atapi.sys
F7627000 - disk.sys
F7637000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F7479000 - fltmgr.sys
F7467000 - sr.sys
F7450000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7423000 - NDIS.sys
F798D000 - speedfan.sys
F7409000 - Mup.sys
F7A50000 - giveio.sys
BA6F8000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B8D40000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys
B8D2C000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
B8D04000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
F77EF000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B8CE0000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F77F7000 - \SystemRoot\system32\DRIVERS\usbehci.sys
B8CC7000 - \SystemRoot\System32\DRIVERS\Rtenicxp.sys
F77FF000 - \SystemRoot\system32\DRIVERS\fdc.sys
B8CB6000 - \SystemRoot\System32\DRIVERS\serial.sys
BA7D0000 - \SystemRoot\System32\DRIVERS\serenum.sys
B8CA2000 - \SystemRoot\System32\DRIVERS\parport.sys
BA6C8000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
F7807000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
BA6B8000 - \SystemRoot\System32\Drivers\Imapi.SYS
F7667000 - \SystemRoot\System32\DRIVERS\cdrom.sys
F7677000 - \SystemRoot\System32\DRIVERS\redbook.sys
B8C7F000 - \SystemRoot\System32\DRIVERS\ks.sys
BA448000 - \SystemRoot\system32\DRIVERS\lmimirr.sys
BA447000 - \SystemRoot\System32\DRIVERS\audstub.sys
F7697000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
BA7C8000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B8C68000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
F76A7000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
B9C31000 - \SystemRoot\System32\DRIVERS\raspptp.sys
F780F000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B8C57000 - \SystemRoot\System32\DRIVERS\psched.sys
B9C21000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F7817000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F781F000 - \SystemRoot\System32\DRIVERS\raspti.sys
B8C27000 - \SystemRoot\System32\DRIVERS\rdpdr.sys
B9C11000 - \SystemRoot\System32\DRIVERS\termdd.sys
F775F000 - \SystemRoot\System32\DRIVERS\mouclass.sys
F79B9000 - \SystemRoot\System32\DRIVERS\swenum.sys
B8BC9000 - \SystemRoot\System32\DRIVERS\update.sys
BA77C000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
B9C01000 - \SystemRoot\System32\Drivers\NDProxy.SYS
AC658000 - \SystemRoot\system32\drivers\AtiHdmi.sys
AC634000 - \SystemRoot\system32\drivers\portcls.sys
B9BD1000 - \SystemRoot\system32\drivers\drmk.sys
B9BC1000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79BD000 - \SystemRoot\System32\DRIVERS\USBD.SYS
AC1A8000 - \SystemRoot\system32\drivers\RtkHDAud.sys
F776F000 - \SystemRoot\system32\DRIVERS\flpydisk.sys
F79C3000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A94000 - \SystemRoot\System32\Drivers\Null.SYS
F777F000 - \SystemRoot\system32\DRIVERS\Amfilter.sys
F7787000 - \SystemRoot\System32\drivers\vga.sys
F79C5000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79C7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
B928F000 - \SystemRoot\System32\Drivers\Msfs.SYS
B9287000 - \SystemRoot\System32\Drivers\Npfs.SYS
BA778000 - \SystemRoot\System32\DRIVERS\rasacd.sys
AC0F3000 - \SystemRoot\System32\DRIVERS\ipsec.sys
AC09A000 - \SystemRoot\System32\DRIVERS\tcpip.sys
F76B7000 - \SystemRoot\System32\Drivers\aswTdi.SYS
AC074000 - \SystemRoot\System32\DRIVERS\ipnat.sys
AC024000 - \SystemRoot\System32\DRIVERS\netbt.sys
F76C7000 - \SystemRoot\System32\DRIVERS\wanarp.sys
AC002000 - \SystemRoot\System32\drivers\afd.sys
F76D7000 - \SystemRoot\System32\DRIVERS\netbios.sys
ABFD7000 - \SystemRoot\System32\DRIVERS\rdbss.sys
ABF67000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
F76F7000 - \SystemRoot\System32\Drivers\Fips.SYS
B869C000 - \SystemRoot\system32\DRIVERS\usb8023.sys
B927F000 - \SystemRoot\system32\DRIVERS\RNDISMP.SYS
B8698000 - \SystemRoot\System32\DRIVERS\hidusb.sys
F7586000 - \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
B9277000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
F7576000 - \SystemRoot\system32\DRIVERS\Amusbprt.sys
ABE7F000 - \SystemRoot\System32\Drivers\aswSP.SYS
B926F000 - \SystemRoot\System32\Drivers\Aavmker4.SYS
BF800000 - \SystemRoot\System32\win32k.sys
AC12A000 - \SystemRoot\System32\drivers\Dxapi.sys
B925F000 - \SystemRoot\System32\watchdog.sys
BF000000 - \SystemRoot\System32\drivers\dxg.sys
F7A8E000 - \SystemRoot\System32\drivers\dxgthk.sys
BF012000 - \SystemRoot\System32\ati2dvag.dll
BF062000 - \SystemRoot\System32\ati2cqag.dll
BF0EB000 - \SystemRoot\System32\atikvmag.dll
BF157000 - \SystemRoot\System32\atiok3x2.dll
BF19A000 - \SystemRoot\System32\ati3duag.dll
BF557000 - \SystemRoot\System32\ativvaxx.dll
F77CF000 - \SystemRoot\system32\DRIVERS\aswFsBlk.sys
F77DF000 - \SystemRoot\system32\DRIVERS\AegisP.sys
A9AEE000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
A9870000 - \SystemRoot\System32\Drivers\aswMon2.SYS
A9613000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F79E9000 - \SystemRoot\System32\Drivers\ParVdm.SYS
A9828000 - \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
A9549000 - \SystemRoot\System32\DRIVERS\srv.sys
A9525000 - \SystemRoot\System32\Drivers\Fastfat.SYS
A9448000 - \SystemRoot\system32\drivers\wdmaud.sys
A9A3E000 - \SystemRoot\system32\drivers\sysaudio.sys
A9720000 - \SystemRoot\System32\Drivers\aswRdr.SYS
A91D7000 - \SystemRoot\System32\Drivers\HTTP.sys
A8DDF000 - \SystemRoot\System32\Drivers\Cdfs.SYS
BA7A6000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
A84E3000 - \SystemRoot\system32\drivers\kmixer.sys
Total number of drivers = 126
Liste des programmes installes
Ad-aware 6 Personal
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 9 - Français
Adobe Shockwave Player
Alice Auto-diagnostic
Apple Software Update
Archiveur WinRAR
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Antivirus
Battlefield 2(TM) Demo
Call of Duty(R) 4 - Modern Warfare(TM) Demo
Canon iP3500 series
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CCleaner (remove only)
CDBurnerXP
Choice Guard
Contacts
DPS
Enregistrement utilisateur de Canon iP3500 series
EVEREST Ultimate Edition v4.50
HijackThis 2.0.2
Java(TM) 6 Update 7
Kaspersky Online Scanner
Kit de Connexion Alice ADSL
Lagoon 3D Screensaver 1.0
LimeWire 4.18.8
Lineage II
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office XP Standard
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB954211)
Mise à jour de sécurité pour Windows XP (KB954459)
Mise à jour de sécurité pour Windows XP (KB955069)
Mise à jour de sécurité pour Windows XP (KB956390)
Mise à jour de sécurité pour Windows XP (KB956391)
Mise à jour de sécurité pour Windows XP (KB956803)
Mise à jour de sécurité pour Windows XP (KB956841)
Mise à jour de sécurité pour Windows XP (KB957095)
Mise à jour de sécurité pour Windows XP (KB957097)
Mise à jour de sécurité pour Windows XP (KB958644)
Monopoly Version 8
Mozilla Firefox (3.0.4)
MSVC80_x86
MSVCRT
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
OCCT Perestroika 1.1.1
OpenAL
OpenOffice.org 3.0
Pack Vista Inspirat 2 1.0
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)
Package de pilotes Windows - Nokia Modem (05/22/2008 3.8)
Package de pilotes Windows - Nokia Modem (05/22/2008 7.00.0.1)
Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
PC Connectivity Solution
PIXMA Extended Survey Program
PRE-Flight
QuickTime
RealPlayer
Realtek AC'97 Audio
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Satsuki Decoder Pack
Security Update pour Microsoft .NET Framework 2.0 (KB928365)
Segoe UI
SereneScreen Marine Aquarium Time 2
Setup Wizard
Skins
SpeedFan (remove only)
SpeedTest
TeamViewer 3
Thoosje Sidebar V2.0
TmNationsForever
TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility
TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility
Trust GM-4600 Gamer Mouse
Urban Terror 4.1
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Live Bêta (tous les programmes)
Windows Live Bêta (tous les programmes)
Windows Live Call
Windows Live Messenger
Windows XP Service Pack 3
World of Warcraft
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\Program Files
22/11/2008 19:49 <REP> .
22/11/2008 19:49 <REP> ..
28/01/2008 12:54 <REP> 7-Zip
16/03/2008 12:41 <REP> Adobe
24/08/2008 15:12 <REP> Alice
04/01/2007 05:19 <REP> Alwil Software
06/02/2008 19:26 <REP> America's Army
01/09/2008 14:44 <REP> Apple Software Update
29/08/2008 21:50 <REP> ATI Technologies
24/02/2008 15:03 <REP> Canon
06/01/2007 22:35 <REP> CCleaner
16/02/2008 22:59 <REP> CDBurnerXP
10/02/2008 07:10 <REP> Common Files
21/08/2008 13:56 <REP> ComPlus Applications
22/08/2008 12:43 <REP> DIFX
06/09/2008 17:48 <REP> EA GAMES
12/01/2007 19:44 <REP> Electronic Arts
18/11/2008 15:09 <REP> ESET
22/11/2008 15:47 <REP> Fichiers communs
26/02/2008 17:05 <REP> Futuremark
05/01/2007 01:25 <REP> G DATA AntiVirus
01/09/2008 12:13 <REP> Google
21/08/2008 20:44 <REP> Intel
16/03/2008 12:35 <REP> Internet Explorer
24/02/2008 12:41 <REP> Java
24/02/2008 12:41 <REP> JRE
21/08/2008 21:21 <REP> Kaspersky Lab
06/01/2007 22:37 <REP> Lavalys
21/08/2008 14:57 <REP> Lavasoft
16/03/2008 15:34 <REP> Lineage II
02/02/2008 18:15 <REP> ma-config.com
21/11/2008 19:00 <REP> Malwarebytes' Anti-Malware
06/09/2008 17:21 <REP> Messenger
26/01/2008 18:09 <REP> Microsoft
21/08/2008 13:58 <REP> microsoft frontpage
21/08/2008 17:49 <REP> Microsoft Office
21/08/2008 17:49 <REP> Microsoft Visual Studio
22/11/2008 19:50 <REP> Monopoly
16/03/2008 12:35 <REP> Movie Maker
23/11/2008 14:23 <REP> Mozilla Firefox
21/08/2008 13:56 <REP> MSN
21/08/2008 13:55 <REP> MSN Gaming Zone
06/09/2008 17:15 <REP> NetMeeting
10/02/2008 16:32 <REP> Nokia
11/01/2007 03:57 <REP> OCCT
28/01/2008 18:59 <REP> OpenAL
24/02/2008 12:41 <REP> OpenOffice.org 3
16/03/2008 12:35 <REP> Outlook Express
21/01/2008 21:51 <REP> PC Connectivity Solution
01/09/2008 14:45 <REP> QuickTime
19/11/2008 13:34 <REP> Real
21/08/2008 20:47 <REP> Realtek
25/01/2008 16:48 <REP> RivaTuner v2.08
21/08/2008 13:56 <REP> Services en ligne
18/11/2008 18:56 <REP> SpeedFan
19/11/2008 17:44 <REP> SpeedTest
10/02/2008 13:58 <REP> TeamViewer3
24/08/2008 15:12 <REP> TechCity Solutions
13/01/2007 03:06 <REP> Thoosje Sidebar V2.0
03/02/2008 14:56 <REP> TmNationsForever
14/03/2008 21:40 <REP> Transcendental Technologies
22/11/2008 14:21 <REP> Trend Micro
04/03/2008 12:46 <REP> TRENDnet
21/11/2008 19:36 <REP> Trust
06/02/2008 19:23 <REP> Ubi Soft
04/03/2008 14:48 <REP> UrbanTerror
26/01/2008 18:09 <REP> Windows Live
06/09/2008 17:18 <REP> Windows Media Player
06/09/2008 17:15 <REP> Windows NT
09/02/2008 17:56 <REP> WinRAR
21/08/2008 13:58 <REP> xerox
06/01/2007 22:38 <REP> Yahoo!
0 fichier(s) 0 octets
72 Rép(s) 51 359 580 160 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\Program Files\fichiers communs
22/11/2008 15:47 <REP> .
22/11/2008 15:47 <REP> ..
16/03/2008 12:41 <REP> Adobe
19/03/2008 13:43 <REP> Blizzard Entertainment
21/08/2008 17:49 <REP> Designer
31/08/2008 14:34 <REP> DirectX
06/09/2008 20:08 <REP> InstallShield
24/02/2008 12:40 <REP> Java
26/01/2008 18:38 <REP> Microsoft Shared
21/08/2008 13:56 <REP> MSSoap
10/02/2008 16:32 <REP> Nokia
21/08/2008 14:49 <REP> ODBC
10/02/2008 16:32 <REP> PCSuite
19/11/2008 13:34 <REP> Real
21/08/2008 13:56 <REP> Services
21/08/2008 14:49 <REP> SpeechEngines
06/09/2008 17:15 <REP> System
23/08/2008 14:48 <REP> Vivendi Universal Games
26/01/2008 18:07 <REP> Windows Live
19/11/2008 13:34 <REP> xing shared
0 fichier(s) 0 octets
20 Rép(s) 51 359 580 160 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
01/01/2007 02:24 <REP> .
01/01/2007 02:24 <REP> ..
21/08/2008 17:49 <REP> 1033
01/01/2007 02:24 <REP> 1036
29/01/2004 15:08 1 277 952 MSONSEXT.DLL
13/02/2001 07:23 58 784 MSOSV.DLL
03/06/1999 13:09 122 937 MSOWS409.DLL
07/03/2001 08:00 127 033 MSOWS40c.DLL
06/08/2000 08:04 401 462 MSVCP60.DLL
29/01/2004 15:08 69 632 PKMAXCTL.DLL
29/01/2004 15:08 868 352 PKMCDO.DLL
29/01/2004 15:08 53 248 PKMCORE.DLL
29/01/2004 15:08 102 400 PKMFORMS.DLL
29/01/2004 15:38 634 880 PKMRES.DLL
29/01/2004 15:08 28 672 PKMSSTLB.DLL
22/01/2001 02:25 40 960 PKMTEMPL.DLL
29/01/2004 15:08 24 576 PKMTRACE.DLL
29/01/2004 15:08 86 016 PKMWS.DLL
29/01/2004 15:08 237 568 PROMDEMO.DLL
29/01/2004 15:08 184 320 SECMGR.DLL
29/01/2004 15:08 315 392 VAIDDMGR.DLL
29/01/2004 15:08 32 768 VAIMEM.DLL
18 fichier(s) 4 666 952 octets
4 Rép(s) 51 359 576 064 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\Program Files\common files
10/02/2008 07:10 <REP> .
10/02/2008 07:10 <REP> ..
10/02/2008 07:10 <REP> INCA Shared
0 fichier(s) 0 octets
3 Rép(s) 51 359 576 064 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\
16/03/2006 08:33 2 648 768 VCREDI~1.EXE
1 fichier(s) 2 648 768 octets
0 Rép(s) 51 359 576 064 octets libres
c:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_fre.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstCCD.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCS.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
c:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Installer\CommonCustomActions\UninstCCD.exe
c:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Installer\CommonCustomActions\UninstPCS.exe
c:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
c:\Documents and Settings\Pham\Application Data\Canneverbe_Limited\cdbxpp.exe_Url_nfryvllqiqb1hla4nzefaejvhwflc2o0
c:\Documents and Settings\Pham\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\maconfsetup.exe
c:\Documents and Settings\Pham\Bureau\ComboFix.exe
c:\Documents and Settings\Pham\Bureau\EA games keygen.exe
c:\Documents and Settings\Pham\Bureau\HJTInstall.exe
c:\Documents and Settings\Pham\Bureau\mbam-setup(2).exe
c:\Documents and Settings\Pham\Bureau\Satsuki.Decoder.Pack.3.1.1.7.exe
c:\Documents and Settings\Pham\Bureau\SDFix.exe
c:\Documents and Settings\Pham\Bureau\setupfre.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix.exe
c:\Documents and Settings\Pham\Bureau\Wow.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\404Fix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\dumphive.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\exit.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\GenericRenosFix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\HostsChk.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\IEDFix.C.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\IEDFix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\o4Patch.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\Policies.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\Process.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\Reboot.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\restart.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\SmiUpdate.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\SrchSTS.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\swreg.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\swsc.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\swxcacls.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\UIFix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\unzip.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\VACFix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\VCCLSID.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\WS2Fix.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\BackgroundDownloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\Launcher.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\Repair.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\Wow.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.0.7561-to-2.3.2.7741-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.0.7561-to-2.3.2.7741-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.2.7741-to-2.3.3.7799-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.2.7741-to-2.3.3.7799-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.3.7799-to-2.4.0.8089-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.0.8089-to-2.4.1.8125-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.0.8089-to-2.4.1.8125-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.1.8125-to-2.4.2.8278-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.1.8125-to-2.4.2.8278-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.2.8278-to-2.4.3.8606-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.2.8278-to-2.4.3.8606-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.2-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.2-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.3-to-3.0.2-frFR-Win-Final-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WowError.exe
c:\Documents and Settings\Pham\SmitfraudFix\404Fix.exe
c:\Documents and Settings\Pham\SmitfraudFix\dumphive.exe
c:\Documents and Settings\Pham\SmitfraudFix\exit.exe
c:\Documents and Settings\Pham\SmitfraudFix\GenericRenosFix.exe
c:\Documents and Settings\Pham\SmitfraudFix\HostsChk.exe
c:\Documents and Settings\Pham\SmitfraudFix\IEDFix.C.exe
c:\Documents and Settings\Pham\SmitfraudFix\IEDFix.exe
c:\Documents and Settings\Pham\SmitfraudFix\o4Patch.exe
c:\Documents and Settings\Pham\SmitfraudFix\Policies.exe
c:\Documents and Settings\Pham\SmitfraudFix\Process.exe
c:\Documents and Settings\Pham\SmitfraudFix\Reboot.exe
c:\Documents and Settings\Pham\SmitfraudFix\restart.exe
c:\Documents and Settings\Pham\SmitfraudFix\SmiUpdate.exe
c:\Documents and Settings\Pham\SmitfraudFix\SrchSTS.exe
c:\Documents and Settings\Pham\SmitfraudFix\swreg.exe
c:\Documents and Settings\Pham\SmitfraudFix\swsc.exe
c:\Documents and Settings\Pham\SmitfraudFix\swxcacls.exe
c:\Documents and Settings\Pham\SmitfraudFix\UIFix.exe
c:\Documents and Settings\Pham\SmitfraudFix\unzip.exe
c:\Documents and Settings\Pham\SmitfraudFix\VACFix.exe
c:\Documents and Settings\Pham\SmitfraudFix\VCCLSID.exe
c:\Documents and Settings\Pham\SmitfraudFix\WS2Fix.exe
c:\Documents and Settings\Pham\temp\TeamViewer3\TeamViewer_.exe
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0401\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0401\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0401\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0404\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0404\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0404\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0405\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0405\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0405\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0406\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0406\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0406\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0407\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0407\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0407\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0408\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0408\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0408\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0409\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0409\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0409\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040b\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040b\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040b\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040c\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040c\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040c\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040e\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040e\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040e\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0410\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0410\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0410\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0411\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0411\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0411\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0412\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0412\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0412\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0413\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0413\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0413\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0414\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0414\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0414\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0415\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0415\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0415\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0419\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0419\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0419\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041D\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041D\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041D\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041E\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041E\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041E\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041F\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041F\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041F\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0421\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0421\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0421\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0804\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0804\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0804\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0816\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0816\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0816\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0c0a\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0c0a\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0c0a\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll
c:\Documents and Settings\Pham\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
c:\Documents and Settings\Pham\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\extensions\bkmrksync@nokia.com\components\BkMrkExt.dll
c:\Documents and Settings\Pham\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_KÉVIN.tar.gz a l'adresse http://upload.malekal.com
J'ai un rapport: je sais pas si c'est selui ci mais :DiagHelp version - http://www.malekal.com
excute le 23/11/2008 à 14:35:53,85
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->23/11/2008 14:35:48
C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->23/11/2008 14:30:31
C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->23/11/2008 14:30:27
C:\WINDOWS\prefetch\IEXPLORE.EXE-27122324.pf -->23/11/2008 14:28:53
C:\WINDOWS\prefetch\SORT.EXE-194AE83C.pf -->23/11/2008 14:27:09
C:\WINDOWS\prefetch\FIND.EXE-0EC32F1E.pf -->23/11/2008 14:26:46
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->23/11/2008 14:26:28
C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->23/11/2008 14:24:31
C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->23/11/2008 14:23:58
C:\WINDOWS\prefetch\REGEDIT.EXE-1B606482.pf -->23/11/2008 14:23:45
C:\WINDOWS\System32\drivers\PnkBstrK.sys -->22/11/2008 22:45:34
C:\WINDOWS\System32\drivers\aec.sys -->19/11/2008 16:48:15
C:\WINDOWS\System32\drivers\aswmon.sys -->18/11/2008 19:04:36
C:\WINDOWS\System32\drivers\aswmon2.sys -->18/11/2008 19:04:21
C:\WINDOWS\System32\drivers\aswSP.sys -->18/11/2008 19:03:33
C:\WINDOWS\System32\drivers\aswFsBlk.sys -->18/11/2008 19:02:43
C:\WINDOWS\System32\drivers\aswTdi.sys -->18/11/2008 19:01:23
C:\WINDOWS\System32\tmp.txt -->23/11/2008 14:23:45
C:\WINDOWS\System32\tmp.reg -->23/11/2008 14:23:45
C:\WINDOWS\System32\CONFIG.NT -->23/11/2008 14:22:06
C:\WINDOWS\System32\wpa.dbl -->23/11/2008 14:20:53
C:\WINDOWS\System32\ativvaxx.cap -->23/11/2008 14:20:38
C:\WINDOWS\System32\PnkBstrB.exe -->22/11/2008 23:45:26
C:\WINDOWS\System32\svchost.exe -->21/11/2008 21:31:13
C:\WINDOWS\System32\d3d9caps.dat -->19/11/2008 17:09:14
C:\WINDOWS\System32\rmoc3260.dll -->19/11/2008 14:34:54
C:\WINDOWS\System32\pndx5032.dll -->19/11/2008 14:34:48
C:\WINDOWS\System32\pndx5016.dll -->19/11/2008 14:34:48
C:\WINDOWS\System32\pncrt.dll -->19/11/2008 14:34:48
C:\WINDOWS\System32\aswBoot.exe -->18/11/2008 18:41:38
C:\WINDOWS\System32\AvastSS.scr -->18/11/2008 18:35:22
C:\WINDOWS\System32\satsukidecodersettings.ini -->18/11/2008 17:30:56
C:\WINDOWS\System32\FNTCACHE.DAT -->18/11/2008 16:09:27
C:\WINDOWS\System32\MRT.exe -->03/11/2008 17:10:26
C:\WINDOWS\System32\lmimirr2.dll -->16/10/2008 21:35:42
C:\WINDOWS\System32\lmimirr.dll -->16/10/2008 21:35:40
C:\WINDOWS\System32\LMIRfsClientNP.dll -->16/10/2008 20:35:58
C:\WINDOWS\System32\LMIport.dll -->16/10/2008 20:35:42
C:\WINDOWS\System32\LMIinit.dll -->16/10/2008 20:35:38
C:\WINDOWS\System32\wuweb.dll -->16/10/2008 15:13:40
C:\WINDOWS\System32\wucltui.dll -->16/10/2008 15:12:22
C:\WINDOWS\System32\wuaueng.dll -->16/10/2008 14:13:40
C:\WINDOWS\RTacDbg.txt -->23/11/2008 14:27:45
C:\WINDOWS\WindowsUpdate.log -->23/11/2008 14:23:22
C:\WINDOWS\0.log -->23/11/2008 14:20:53
C:\WINDOWS\bootstat.dat -->23/11/2008 14:20:39
C:\WINDOWS\SchedLgU.Txt -->22/11/2008 23:29:51
C:\WINDOWS\setupapi.log -->22/11/2008 17:01:37
C:\WINDOWS\ntbtlog.txt -->22/11/2008 16:00:01
C:\WINDOWS\system.ini -->22/11/2008 15:47:16
C:\WINDOWS\setupact.log -->22/11/2008 09:29:15
C:\WINDOWS\WgaNotify.log -->21/11/2008 19:28:13
C:\WINDOWS\spupdsvc.log -->21/11/2008 19:28:13
C:\WINDOWS\setuperr.log -->19/11/2008 17:23:44
C:\WINDOWS\WMSysPr9.prx -->06/09/2008 17:36:37
C:\WINDOWS\nsreg.dat -->31/08/2008 20:38:36
C:\WINDOWS\QTFont.qfn -->31/08/2008 13:39:23
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1920
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x01690000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x022f0000 0x11000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
0x02470000 0x12000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
0x02630000 0xe000 1.09.0000.0000 C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
0x10000000 0x9000 7.64.0000.0000 C:\WINDOWS\system32\Amhooker.dll
0x01440000 0x14000 2.01.0003.0000 C:\WINDOWS\system32\LMIRfsClientNP.dll
0x5ee60000 0x5b000 2.00.0500.0000 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x78520000 0xa3000 9.00.21022.0008 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\MSVCR90.dll
0x5e470000 0x97000 4.05.2003.0120 C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll
0x02d10000 0x5b000 9.00.0000.0332 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
0x02d80000 0x4c000 9.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
0x32520000 0x12000 10.00.2609.0000 C:\Program Files\Microsoft Office\Office10\msohev.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\System32\wshext.dll
0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 880
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x25000 6.14.0010.4177 C:\WINDOWS\system32\Ati2evxx.dll
0x01f00000 0x15000 4.00.0000.0784 C:\WINDOWS\system32\LMIinit.dll
0x02160000 0x42000 1.08.0031.0009 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x01150000 0x14000 2.01.0003.0000 C:\WINDOWS\system32\LMIRfsClientNP.dll
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\WINDOWS\system32
13/04/2008 18:34 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 51 359 764 480 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\WINDOWS\Downloaded Program Files
22/11/2008 17:01 <REP> .
22/11/2008 17:01 <REP> ..
21/08/2008 13:57 65 desktop.ini
11/04/2007 13:55 1 292 erma.inf
13/08/2008 15:03 575 kavwebscan.inf
06/08/2008 14:36 144 swdir.inf
4 fichier(s) 2 076 octets
Total des fichiers listés :
4 fichier(s) 2 076 octets
2 Rép(s) 51 359 760 384 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\BF2.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\TeamViewer3\\TeamViewer.exe"="C:\\Program Files\\TeamViewer3\\TeamViewer.exe:*:Enabled:Application de pilotage à distance TeamViewer"
"C:\\Program Files\\UrbanTerror\\ioUrbanTerror.exe"="C:\\Program Files\\UrbanTerror\\ioUrbanTerror.exe:*:Enabled:ioUrbanTerror"
"C:\\Program Files\\Transcendental Technologies\\PRE-FlightDEMO\\pfm.exe"="C:\\Program Files\\Transcendental Technologies\\PRE-FlightDEMO\\pfm.exe:*:Enabled:pfd"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Documents and Settings\\Pham\\Mes documents\\Downloads\\World of Warcraft\\Repair.exe"="C:\\Documents and Settings\\Pham\\Mes documents\\Downloads\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-23 14:36:05
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
528 - spoolsv.exe
576 - wlcomm.exe
728 - ijplmsvc.exe
768 - mdm.exe
848 - csrss.exe
880 - winlogon.exe
924 - services.exe
936 - lsass.exe
1132 - svchost.exe
1140 - PnkBstrA.exe
1180 - svchost.exe
1352 - svchost.exe
1432 - svchost.exe
1460 - ati2evxx.exe
1600 - svchost.exe
1672 - ashMaiSv.exe
1704 - ashWebSv.exe
1920 - explorer.exe
2028 - ashServ.exe
2284 - alg.exe
2544 - RTHDCPL.exe
2560 - AliceAgent.exe
2636 - MOM.exe
2732 - cmd.exe
2756 - Amoumain.exe
2768 - ctfmon.exe
2808 - msnmsgr.exe
2868 - PcSync2.exe
2888 - PCSuite.exe
2908 - UberIcon Manage
2980 - svchost.exe
3084 - WlanCU.exe
3180 - RocketDock.exe
3244 - soffice.bin
3252 - Thoosje Sidebar
3288 - ServiceLayer.ex
3440 - CCC.exe
3676 - NclUSBSrv.exe
3692 - YzShadow.exe
3904 - NclRSSrv.exe
4028 - firefox.exe
Total number of processes = 42
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntoskrnl.exe
806FF000 - \WINDOWS\system32\hal.dll
F7987000 - \WINDOWS\system32\KDCOM.DLL
F7897000 - \WINDOWS\system32\BOOTVID.dll
F75A7000 - ACPI.sys
F7989000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
F7596000 - pci.sys
F75F7000 - isapnp.sys
F7A4F000 - pciide.sys
F7707000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
F7607000 - MountMgr.sys
F74D7000 - ftdisk.sys
F798B000 - dmload.sys
F74B1000 - dmio.sys
F770F000 - PartMgr.sys
F7617000 - VolSnap.sys
F7499000 - atapi.sys
F7627000 - disk.sys
F7637000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
F7479000 - fltmgr.sys
F7467000 - sr.sys
F7450000 - KSecDD.sys
F7B52000 - Ntfs.sys
F7423000 - NDIS.sys
F798D000 - speedfan.sys
F7409000 - Mup.sys
F7A50000 - giveio.sys
BA6F8000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B8D40000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys
B8D2C000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
B8D04000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
F77EF000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B8CE0000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
F77F7000 - \SystemRoot\system32\DRIVERS\usbehci.sys
B8CC7000 - \SystemRoot\System32\DRIVERS\Rtenicxp.sys
F77FF000 - \SystemRoot\system32\DRIVERS\fdc.sys
B8CB6000 - \SystemRoot\System32\DRIVERS\serial.sys
BA7D0000 - \SystemRoot\System32\DRIVERS\serenum.sys
B8CA2000 - \SystemRoot\System32\DRIVERS\parport.sys
BA6C8000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
F7807000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
BA6B8000 - \SystemRoot\System32\Drivers\Imapi.SYS
F7667000 - \SystemRoot\System32\DRIVERS\cdrom.sys
F7677000 - \SystemRoot\System32\DRIVERS\redbook.sys
B8C7F000 - \SystemRoot\System32\DRIVERS\ks.sys
BA448000 - \SystemRoot\system32\DRIVERS\lmimirr.sys
BA447000 - \SystemRoot\System32\DRIVERS\audstub.sys
F7697000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
BA7C8000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B8C68000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
F76A7000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
B9C31000 - \SystemRoot\System32\DRIVERS\raspptp.sys
F780F000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B8C57000 - \SystemRoot\System32\DRIVERS\psched.sys
B9C21000 - \SystemRoot\System32\DRIVERS\msgpc.sys
F7817000 - \SystemRoot\System32\DRIVERS\ptilink.sys
F781F000 - \SystemRoot\System32\DRIVERS\raspti.sys
B8C27000 - \SystemRoot\System32\DRIVERS\rdpdr.sys
B9C11000 - \SystemRoot\System32\DRIVERS\termdd.sys
F775F000 - \SystemRoot\System32\DRIVERS\mouclass.sys
F79B9000 - \SystemRoot\System32\DRIVERS\swenum.sys
B8BC9000 - \SystemRoot\System32\DRIVERS\update.sys
BA77C000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
B9C01000 - \SystemRoot\System32\Drivers\NDProxy.SYS
AC658000 - \SystemRoot\system32\drivers\AtiHdmi.sys
AC634000 - \SystemRoot\system32\drivers\portcls.sys
B9BD1000 - \SystemRoot\system32\drivers\drmk.sys
B9BC1000 - \SystemRoot\System32\DRIVERS\usbhub.sys
F79BD000 - \SystemRoot\System32\DRIVERS\USBD.SYS
AC1A8000 - \SystemRoot\system32\drivers\RtkHDAud.sys
F776F000 - \SystemRoot\system32\DRIVERS\flpydisk.sys
F79C3000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7A94000 - \SystemRoot\System32\Drivers\Null.SYS
F777F000 - \SystemRoot\system32\DRIVERS\Amfilter.sys
F7787000 - \SystemRoot\System32\drivers\vga.sys
F79C5000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F79C7000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
B928F000 - \SystemRoot\System32\Drivers\Msfs.SYS
B9287000 - \SystemRoot\System32\Drivers\Npfs.SYS
BA778000 - \SystemRoot\System32\DRIVERS\rasacd.sys
AC0F3000 - \SystemRoot\System32\DRIVERS\ipsec.sys
AC09A000 - \SystemRoot\System32\DRIVERS\tcpip.sys
F76B7000 - \SystemRoot\System32\Drivers\aswTdi.SYS
AC074000 - \SystemRoot\System32\DRIVERS\ipnat.sys
AC024000 - \SystemRoot\System32\DRIVERS\netbt.sys
F76C7000 - \SystemRoot\System32\DRIVERS\wanarp.sys
AC002000 - \SystemRoot\System32\drivers\afd.sys
F76D7000 - \SystemRoot\System32\DRIVERS\netbios.sys
ABFD7000 - \SystemRoot\System32\DRIVERS\rdbss.sys
ABF67000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
F76F7000 - \SystemRoot\System32\Drivers\Fips.SYS
B869C000 - \SystemRoot\system32\DRIVERS\usb8023.sys
B927F000 - \SystemRoot\system32\DRIVERS\RNDISMP.SYS
B8698000 - \SystemRoot\System32\DRIVERS\hidusb.sys
F7586000 - \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
B9277000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
F7576000 - \SystemRoot\system32\DRIVERS\Amusbprt.sys
ABE7F000 - \SystemRoot\System32\Drivers\aswSP.SYS
B926F000 - \SystemRoot\System32\Drivers\Aavmker4.SYS
BF800000 - \SystemRoot\System32\win32k.sys
AC12A000 - \SystemRoot\System32\drivers\Dxapi.sys
B925F000 - \SystemRoot\System32\watchdog.sys
BF000000 - \SystemRoot\System32\drivers\dxg.sys
F7A8E000 - \SystemRoot\System32\drivers\dxgthk.sys
BF012000 - \SystemRoot\System32\ati2dvag.dll
BF062000 - \SystemRoot\System32\ati2cqag.dll
BF0EB000 - \SystemRoot\System32\atikvmag.dll
BF157000 - \SystemRoot\System32\atiok3x2.dll
BF19A000 - \SystemRoot\System32\ati3duag.dll
BF557000 - \SystemRoot\System32\ativvaxx.dll
F77CF000 - \SystemRoot\system32\DRIVERS\aswFsBlk.sys
F77DF000 - \SystemRoot\system32\DRIVERS\AegisP.sys
A9AEE000 - \SystemRoot\System32\DRIVERS\ndisuio.sys
A9870000 - \SystemRoot\System32\Drivers\aswMon2.SYS
A9613000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F79E9000 - \SystemRoot\System32\Drivers\ParVdm.SYS
A9828000 - \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
A9549000 - \SystemRoot\System32\DRIVERS\srv.sys
A9525000 - \SystemRoot\System32\Drivers\Fastfat.SYS
A9448000 - \SystemRoot\system32\drivers\wdmaud.sys
A9A3E000 - \SystemRoot\system32\drivers\sysaudio.sys
A9720000 - \SystemRoot\System32\Drivers\aswRdr.SYS
A91D7000 - \SystemRoot\System32\Drivers\HTTP.sys
A8DDF000 - \SystemRoot\System32\Drivers\Cdfs.SYS
BA7A6000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
A84E3000 - \SystemRoot\system32\drivers\kmixer.sys
Total number of drivers = 126
Liste des programmes installes
Ad-aware 6 Personal
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 9 - Français
Adobe Shockwave Player
Alice Auto-diagnostic
Apple Software Update
Archiveur WinRAR
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
avast! Antivirus
Battlefield 2(TM) Demo
Call of Duty(R) 4 - Modern Warfare(TM) Demo
Canon iP3500 series
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CCleaner (remove only)
CDBurnerXP
Choice Guard
Contacts
DPS
Enregistrement utilisateur de Canon iP3500 series
EVEREST Ultimate Edition v4.50
HijackThis 2.0.2
Java(TM) 6 Update 7
Kaspersky Online Scanner
Kit de Connexion Alice ADSL
Lagoon 3D Screensaver 1.0
LimeWire 4.18.8
Lineage II
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office XP Standard
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB954211)
Mise à jour de sécurité pour Windows XP (KB954459)
Mise à jour de sécurité pour Windows XP (KB955069)
Mise à jour de sécurité pour Windows XP (KB956390)
Mise à jour de sécurité pour Windows XP (KB956391)
Mise à jour de sécurité pour Windows XP (KB956803)
Mise à jour de sécurité pour Windows XP (KB956841)
Mise à jour de sécurité pour Windows XP (KB957095)
Mise à jour de sécurité pour Windows XP (KB957097)
Mise à jour de sécurité pour Windows XP (KB958644)
Monopoly Version 8
Mozilla Firefox (3.0.4)
MSVC80_x86
MSVCRT
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
OCCT Perestroika 1.1.1
OpenAL
OpenOffice.org 3.0
Pack Vista Inspirat 2 1.0
Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)
Package de pilotes Windows - Nokia Modem (05/22/2008 3.8)
Package de pilotes Windows - Nokia Modem (05/22/2008 7.00.0.1)
Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
PC Connectivity Solution
PIXMA Extended Survey Program
PRE-Flight
QuickTime
RealPlayer
Realtek AC'97 Audio
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Satsuki Decoder Pack
Security Update pour Microsoft .NET Framework 2.0 (KB928365)
Segoe UI
SereneScreen Marine Aquarium Time 2
Setup Wizard
Skins
SpeedFan (remove only)
SpeedTest
TeamViewer 3
Thoosje Sidebar V2.0
TmNationsForever
TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility
TRENDnet TEW-424UB Wireless USB 2.0 Adapter Driver and Utility
Trust GM-4600 Gamer Mouse
Urban Terror 4.1
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Live Bêta (tous les programmes)
Windows Live Bêta (tous les programmes)
Windows Live Call
Windows Live Messenger
Windows XP Service Pack 3
World of Warcraft
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\Program Files
22/11/2008 19:49 <REP> .
22/11/2008 19:49 <REP> ..
28/01/2008 12:54 <REP> 7-Zip
16/03/2008 12:41 <REP> Adobe
24/08/2008 15:12 <REP> Alice
04/01/2007 05:19 <REP> Alwil Software
06/02/2008 19:26 <REP> America's Army
01/09/2008 14:44 <REP> Apple Software Update
29/08/2008 21:50 <REP> ATI Technologies
24/02/2008 15:03 <REP> Canon
06/01/2007 22:35 <REP> CCleaner
16/02/2008 22:59 <REP> CDBurnerXP
10/02/2008 07:10 <REP> Common Files
21/08/2008 13:56 <REP> ComPlus Applications
22/08/2008 12:43 <REP> DIFX
06/09/2008 17:48 <REP> EA GAMES
12/01/2007 19:44 <REP> Electronic Arts
18/11/2008 15:09 <REP> ESET
22/11/2008 15:47 <REP> Fichiers communs
26/02/2008 17:05 <REP> Futuremark
05/01/2007 01:25 <REP> G DATA AntiVirus
01/09/2008 12:13 <REP> Google
21/08/2008 20:44 <REP> Intel
16/03/2008 12:35 <REP> Internet Explorer
24/02/2008 12:41 <REP> Java
24/02/2008 12:41 <REP> JRE
21/08/2008 21:21 <REP> Kaspersky Lab
06/01/2007 22:37 <REP> Lavalys
21/08/2008 14:57 <REP> Lavasoft
16/03/2008 15:34 <REP> Lineage II
02/02/2008 18:15 <REP> ma-config.com
21/11/2008 19:00 <REP> Malwarebytes' Anti-Malware
06/09/2008 17:21 <REP> Messenger
26/01/2008 18:09 <REP> Microsoft
21/08/2008 13:58 <REP> microsoft frontpage
21/08/2008 17:49 <REP> Microsoft Office
21/08/2008 17:49 <REP> Microsoft Visual Studio
22/11/2008 19:50 <REP> Monopoly
16/03/2008 12:35 <REP> Movie Maker
23/11/2008 14:23 <REP> Mozilla Firefox
21/08/2008 13:56 <REP> MSN
21/08/2008 13:55 <REP> MSN Gaming Zone
06/09/2008 17:15 <REP> NetMeeting
10/02/2008 16:32 <REP> Nokia
11/01/2007 03:57 <REP> OCCT
28/01/2008 18:59 <REP> OpenAL
24/02/2008 12:41 <REP> OpenOffice.org 3
16/03/2008 12:35 <REP> Outlook Express
21/01/2008 21:51 <REP> PC Connectivity Solution
01/09/2008 14:45 <REP> QuickTime
19/11/2008 13:34 <REP> Real
21/08/2008 20:47 <REP> Realtek
25/01/2008 16:48 <REP> RivaTuner v2.08
21/08/2008 13:56 <REP> Services en ligne
18/11/2008 18:56 <REP> SpeedFan
19/11/2008 17:44 <REP> SpeedTest
10/02/2008 13:58 <REP> TeamViewer3
24/08/2008 15:12 <REP> TechCity Solutions
13/01/2007 03:06 <REP> Thoosje Sidebar V2.0
03/02/2008 14:56 <REP> TmNationsForever
14/03/2008 21:40 <REP> Transcendental Technologies
22/11/2008 14:21 <REP> Trend Micro
04/03/2008 12:46 <REP> TRENDnet
21/11/2008 19:36 <REP> Trust
06/02/2008 19:23 <REP> Ubi Soft
04/03/2008 14:48 <REP> UrbanTerror
26/01/2008 18:09 <REP> Windows Live
06/09/2008 17:18 <REP> Windows Media Player
06/09/2008 17:15 <REP> Windows NT
09/02/2008 17:56 <REP> WinRAR
21/08/2008 13:58 <REP> xerox
06/01/2007 22:38 <REP> Yahoo!
0 fichier(s) 0 octets
72 Rép(s) 51 359 580 160 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\Program Files\fichiers communs
22/11/2008 15:47 <REP> .
22/11/2008 15:47 <REP> ..
16/03/2008 12:41 <REP> Adobe
19/03/2008 13:43 <REP> Blizzard Entertainment
21/08/2008 17:49 <REP> Designer
31/08/2008 14:34 <REP> DirectX
06/09/2008 20:08 <REP> InstallShield
24/02/2008 12:40 <REP> Java
26/01/2008 18:38 <REP> Microsoft Shared
21/08/2008 13:56 <REP> MSSoap
10/02/2008 16:32 <REP> Nokia
21/08/2008 14:49 <REP> ODBC
10/02/2008 16:32 <REP> PCSuite
19/11/2008 13:34 <REP> Real
21/08/2008 13:56 <REP> Services
21/08/2008 14:49 <REP> SpeechEngines
06/09/2008 17:15 <REP> System
23/08/2008 14:48 <REP> Vivendi Universal Games
26/01/2008 18:07 <REP> Windows Live
19/11/2008 13:34 <REP> xing shared
0 fichier(s) 0 octets
20 Rép(s) 51 359 580 160 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
01/01/2007 02:24 <REP> .
01/01/2007 02:24 <REP> ..
21/08/2008 17:49 <REP> 1033
01/01/2007 02:24 <REP> 1036
29/01/2004 15:08 1 277 952 MSONSEXT.DLL
13/02/2001 07:23 58 784 MSOSV.DLL
03/06/1999 13:09 122 937 MSOWS409.DLL
07/03/2001 08:00 127 033 MSOWS40c.DLL
06/08/2000 08:04 401 462 MSVCP60.DLL
29/01/2004 15:08 69 632 PKMAXCTL.DLL
29/01/2004 15:08 868 352 PKMCDO.DLL
29/01/2004 15:08 53 248 PKMCORE.DLL
29/01/2004 15:08 102 400 PKMFORMS.DLL
29/01/2004 15:38 634 880 PKMRES.DLL
29/01/2004 15:08 28 672 PKMSSTLB.DLL
22/01/2001 02:25 40 960 PKMTEMPL.DLL
29/01/2004 15:08 24 576 PKMTRACE.DLL
29/01/2004 15:08 86 016 PKMWS.DLL
29/01/2004 15:08 237 568 PROMDEMO.DLL
29/01/2004 15:08 184 320 SECMGR.DLL
29/01/2004 15:08 315 392 VAIDDMGR.DLL
29/01/2004 15:08 32 768 VAIMEM.DLL
18 fichier(s) 4 666 952 octets
4 Rép(s) 51 359 576 064 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\Program Files\common files
10/02/2008 07:10 <REP> .
10/02/2008 07:10 <REP> ..
10/02/2008 07:10 <REP> INCA Shared
0 fichier(s) 0 octets
3 Rép(s) 51 359 576 064 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 588D-CDF1
Répertoire de C:\
16/03/2006 08:33 2 648 768 VCREDI~1.EXE
1 fichier(s) 2 648 768 octets
0 Rép(s) 51 359 576 064 octets libres
c:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_fre.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstCCD.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCS.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
c:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Installer\CommonCustomActions\UninstCCD.exe
c:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Installer\CommonCustomActions\UninstPCS.exe
c:\Documents and Settings\All Users\Application Data\Installations\{D5577624-0626-4C4B-87AA-D966DA1739D6}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
c:\Documents and Settings\Pham\Application Data\Canneverbe_Limited\cdbxpp.exe_Url_nfryvllqiqb1hla4nzefaejvhwflc2o0
c:\Documents and Settings\Pham\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\maconfsetup.exe
c:\Documents and Settings\Pham\Bureau\ComboFix.exe
c:\Documents and Settings\Pham\Bureau\EA games keygen.exe
c:\Documents and Settings\Pham\Bureau\HJTInstall.exe
c:\Documents and Settings\Pham\Bureau\mbam-setup(2).exe
c:\Documents and Settings\Pham\Bureau\Satsuki.Decoder.Pack.3.1.1.7.exe
c:\Documents and Settings\Pham\Bureau\SDFix.exe
c:\Documents and Settings\Pham\Bureau\setupfre.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix.exe
c:\Documents and Settings\Pham\Bureau\Wow.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\Pham\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\404Fix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\dumphive.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\exit.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\GenericRenosFix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\HostsChk.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\IEDFix.C.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\IEDFix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\o4Patch.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\Policies.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\Process.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\Reboot.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\restart.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\SmiUpdate.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\SrchSTS.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\swreg.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\swsc.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\swxcacls.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\UIFix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\unzip.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\VACFix.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\VCCLSID.exe
c:\Documents and Settings\Pham\Bureau\SmitfraudFix\WS2Fix.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\BackgroundDownloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\Launcher.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\Repair.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\Wow.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.0.7561-to-2.3.2.7741-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.0.7561-to-2.3.2.7741-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.2.7741-to-2.3.3.7799-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.2.7741-to-2.3.3.7799-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.3.3.7799-to-2.4.0.8089-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.0.8089-to-2.4.1.8125-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.0.8089-to-2.4.1.8125-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.1.8125-to-2.4.2.8278-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.1.8125-to-2.4.2.8278-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.2.8278-to-2.4.3.8606-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.2.8278-to-2.4.3.8606-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.2-frFR-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.2-frFR-patch.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WoW-2.4.3-to-3.0.2-frFR-Win-Final-downloader.exe
c:\Documents and Settings\Pham\Mes documents\Downloads\World of Warcraft\WowError.exe
c:\Documents and Settings\Pham\SmitfraudFix\404Fix.exe
c:\Documents and Settings\Pham\SmitfraudFix\dumphive.exe
c:\Documents and Settings\Pham\SmitfraudFix\exit.exe
c:\Documents and Settings\Pham\SmitfraudFix\GenericRenosFix.exe
c:\Documents and Settings\Pham\SmitfraudFix\HostsChk.exe
c:\Documents and Settings\Pham\SmitfraudFix\IEDFix.C.exe
c:\Documents and Settings\Pham\SmitfraudFix\IEDFix.exe
c:\Documents and Settings\Pham\SmitfraudFix\o4Patch.exe
c:\Documents and Settings\Pham\SmitfraudFix\Policies.exe
c:\Documents and Settings\Pham\SmitfraudFix\Process.exe
c:\Documents and Settings\Pham\SmitfraudFix\Reboot.exe
c:\Documents and Settings\Pham\SmitfraudFix\restart.exe
c:\Documents and Settings\Pham\SmitfraudFix\SmiUpdate.exe
c:\Documents and Settings\Pham\SmitfraudFix\SrchSTS.exe
c:\Documents and Settings\Pham\SmitfraudFix\swreg.exe
c:\Documents and Settings\Pham\SmitfraudFix\swsc.exe
c:\Documents and Settings\Pham\SmitfraudFix\swxcacls.exe
c:\Documents and Settings\Pham\SmitfraudFix\UIFix.exe
c:\Documents and Settings\Pham\SmitfraudFix\unzip.exe
c:\Documents and Settings\Pham\SmitfraudFix\VACFix.exe
c:\Documents and Settings\Pham\SmitfraudFix\VCCLSID.exe
c:\Documents and Settings\Pham\SmitfraudFix\WS2Fix.exe
c:\Documents and Settings\Pham\temp\TeamViewer3\TeamViewer_.exe
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0401\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0401\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0401\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0404\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0404\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0404\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0405\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0405\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0405\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0406\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0406\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0406\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0407\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0407\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0407\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0408\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0408\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0408\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0409\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0409\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0409\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040b\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040b\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040b\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040c\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040c\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040c\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040e\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040e\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\040e\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0410\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0410\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0410\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0411\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0411\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0411\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0412\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0412\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0412\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0413\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0413\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0413\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0414\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0414\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0414\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0415\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0415\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0415\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0419\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0419\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0419\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041D\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041D\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041D\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041E\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041E\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041E\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041F\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041F\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\041F\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0421\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0421\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0421\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0804\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0804\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0804\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0816\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0816\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0816\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0c0a\CNMlr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0c0a\CNMsr8V.dll
c:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP3500 series\LanguageModules\0c0a\CNMur8V.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll
c:\Documents and Settings\Pham\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
c:\Documents and Settings\Pham\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\extensions\bkmrksync@nokia.com\components\BkMrkExt.dll
c:\Documents and Settings\Pham\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_KÉVIN.tar.gz a l'adresse http://upload.malekal.com
-->Message édité par keywin le 23/11/2008 14:39:03<--
-------
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
dédétraqué
le 23 novembre 2008 à 16h15
Salut keywin
Télécharge clean.zip (de Malekal) http://www.malekal.com/download/clean.zip
décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier Clean
- Ouvre le dossier Clean double-clic sur clean.cmd ou clean
- Choisis l'option 1 valide par Entrée.
- Laisse le scan se dérouler
- Poste le rapport ici dans ta prochaine réponse.
- Le rapport ce trouve également ici C:\rapport_clean.txt
Un tuto : http://mickael.barroux.free.fr/securite/clean.php
@++
Télécharge clean.zip (de Malekal) http://www.malekal.com/download/clean.zip
décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier Clean
- Ouvre le dossier Clean double-clic sur clean.cmd ou clean
- Choisis l'option 1 valide par Entrée.
- Laisse le scan se dérouler
- Poste le rapport ici dans ta prochaine réponse.
- Le rapport ce trouve également ici C:\rapport_clean.txt
Un tuto : http://mickael.barroux.free.fr/securite/clean.php
@++
keywin
le 23 novembre 2008 à 17h27
23/11/2008 a 17:24:48,73
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\ALCXMNTR.EXE FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\init32.exe FOUND
*** Recherche des fichiers dans C:\Program Files
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\ALCXMNTR.EXE FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\init32.exe FOUND
*** Recherche des fichiers dans C:\Program Files
-------
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
keywin
le 23 novembre 2008 à 17h29
j'ai supprimer les fichiers avec Found
comme dans le tuto
comme dans le tuto
-------
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
dédétraqué
le 23 novembre 2008 à 17h37
Salut keywin
Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
Double-clique sur OTMoveIt3.exe sur le bureau
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3
Ton PC va redémarrer pour finir la suppression
Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
@++
Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
Double-clique sur OTMoveIt3.exe sur le bureau
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3
Ton PC va redémarrer pour finir la suppression
Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
@++
keywin
le 23 novembre 2008 à 17h59
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Documents and Settings\Pham\Mes documents\eicar.com moved successfully.
C:\Documents and Settings\Pham\Mes documents\EICAR.txt moved successfully.
File/Folder C:\WINDOWS\ALCXMNTR.EXE not found.
File/Folder C:\WINDOWS\system32\init32.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Pham\LOCALS~1\Temp\2.wmz scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Pham\LOCALS~1\Temp\etilqs_8bQP2cULxEMPe6GqRv5V scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Pham\LOCALS~1\Temp\NGLALog.txt scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Pham\LOCALS~1\Temp\Perflib_Perfdata_cb4.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7ec.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11232008_175532
Files moved on Reboot...
C:\DOCUME~1\Pham\LOCALS~1\Temp\2.wmz moved successfully.
File C:\DOCUME~1\Pham\LOCALS~1\Temp\etilqs_8bQP2cULxEMPe6GqRv5V not found!
C:\DOCUME~1\Pham\LOCALS~1\Temp\NGLALog.txt moved successfully.
File C:\DOCUME~1\Pham\LOCALS~1\Temp\Perflib_Perfdata_cb4.dat not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_7ec.dat moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\XUL.mfl moved successfully.
Process explorer.exe killed successfully.
========== FILES ==========
C:\Documents and Settings\Pham\Mes documents\eicar.com moved successfully.
C:\Documents and Settings\Pham\Mes documents\EICAR.txt moved successfully.
File/Folder C:\WINDOWS\ALCXMNTR.EXE not found.
File/Folder C:\WINDOWS\system32\init32.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Pham\LOCALS~1\Temp\2.wmz scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Pham\LOCALS~1\Temp\etilqs_8bQP2cULxEMPe6GqRv5V scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Pham\LOCALS~1\Temp\NGLALog.txt scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Pham\LOCALS~1\Temp\Perflib_Perfdata_cb4.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7ec.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11232008_175532
Files moved on Reboot...
C:\DOCUME~1\Pham\LOCALS~1\Temp\2.wmz moved successfully.
File C:\DOCUME~1\Pham\LOCALS~1\Temp\etilqs_8bQP2cULxEMPe6GqRv5V not found!
C:\DOCUME~1\Pham\LOCALS~1\Temp\NGLALog.txt moved successfully.
File C:\DOCUME~1\Pham\LOCALS~1\Temp\Perflib_Perfdata_cb4.dat not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_7ec.dat moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Pham\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9jwbdch.default\XUL.mfl moved successfully.
-------
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
dédétraqué
le 23 novembre 2008 à 18h08
Salut keywin
On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :
http://pc-system.fr/TC/ToolsCleaner2.exe
- Double clique sur ToolsCleaner2.exe sur le bureau
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
- Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.
-----
Désactive la restauration système :
- Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système
- Coche la case désactiver la restauration et applique
Redémarre l’ordinateur et réactive la restauration système.
Tutoriel : http://www.libellules.ch/desactiver_restauration.php
Refais un scan en ligne avec Kaspersky pour vérification
@++
On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :
http://pc-system.fr/TC/ToolsCleaner2.exe
- Double clique sur ToolsCleaner2.exe sur le bureau
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
- Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.
-----
Désactive la restauration système :
- Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système
- Coche la case désactiver la restauration et applique
Redémarre l’ordinateur et réactive la restauration système.
Tutoriel : http://www.libellules.ch/desactiver_restauration.php
Refais un scan en ligne avec Kaspersky pour vérification
@++
keywin
le 23 novembre 2008 à 18h46
[ Rapport ToolsCleaner version 2.2.6 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\Combofix.txt: trouvé !
C:\rapport_clean.txt: trouvé !
C:\SDFIX: trouvé !
C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Pham\SmitFraudfix: trouvé !
C:\Documents and Settings\Pham\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Pham\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\DiagHelp: trouvé !
C:\Documents and Settings\Pham\Bureau\SmitFraudfix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Pham\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\Pham\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Pham\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Pham\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\Pham\Bureau\SmitFraudFix.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\rapport_clean.txt: supprimé !
C:\Documents and Settings\Pham\Bureau\OTMoveIt3.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\SDFIX: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Pham\SmitFraudfix: supprimé !
C:\Documents and Settings\Pham\Bureau\DiagHelp: supprimé !
C:\Documents and Settings\Pham\Bureau\SmitFraudfix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
-->- Recherche:
C:\Combofix.txt: trouvé !
C:\rapport_clean.txt: trouvé !
C:\SDFIX: trouvé !
C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Pham\SmitFraudfix: trouvé !
C:\Documents and Settings\Pham\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Pham\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Pham\Bureau\DiagHelp: trouvé !
C:\Documents and Settings\Pham\Bureau\SmitFraudfix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Pham\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\Pham\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Pham\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Pham\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\Pham\Bureau\SmitFraudFix.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\rapport_clean.txt: supprimé !
C:\Documents and Settings\Pham\Bureau\OTMoveIt3.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\SDFIX: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Pham\SmitFraudfix: supprimé !
C:\Documents and Settings\Pham\Bureau\DiagHelp: supprimé !
C:\Documents and Settings\Pham\Bureau\SmitFraudfix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
-------
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
keywin
le 23 novembre 2008 à 19h22
Il me rester encore 1 virus, 3 fichiers infecté
-------
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
Tuto pour demande de config:
http://forum.telecharger.01net.com/telecharger/univers_micro/divers/tuto-dema(...)
|
|
|
PRODUITS
- Portables |
- PC |
- Moniteurs |
- Photo / Vidéo |
- T.V. |
- Audio |
- GPS |
- Stockage |
- Téléphonie |
- autres catégories
TÉLÉCHARGER - LOGICIELS
- Windows & logiciels |
- Bureautique |
- Développement |
- Internet |
- Jeux |
- Loisirs |
- Multimédia |
- Personnaliser son pc |
- Sécurité |
- Utilitaires |
- Logiciels Linux |
- logiciels Mac
JEUX VIDÉOS
- jeux PC |
- Xbox |
- Playstation |
- Wii |
- PSP |
- DS |
- Action |
- Aventure |
- MMORPG |
- Sports |
- Simulation |
- Enfant |
- Soluces et astuces
LOISIRS
01NET PRO
- Réseaux et Internet |
- Programmation et développement |
- Logiciels d'entreprise |
- Systèmes d'exploitation en entreprise |
- Sécurité en entreprise |
- Entreprenariat |
- Emploi |
- Services PRO |
- Matériel PRO
AVIS ET COMMENTAIRES
- Les actualités de 01net. |
- Avis sur les jeux vidéos |
- Avis sur les produits |
- Avis sur les logiciels |
A PROPOS DE 01NET
publicité
Messages des modérateurs
Discussions les plus actives
- mon pc rame a mort j ai des pic de uc a 70 a 100 %
- virus ou anti-virus 360? comment s'en débarrasser, je galère
- PC extremement lent et msg d'erreur
- disque dur,amovible,interne ne s'ouvre plus en 2 clic(virus)
- Connection internet impossible causée par virus
- comment nettoyer mon ordinateur?
- [RESOLU] Avast, pare feu ... tous bloqués !!
- infecté par spyware-secure ? (résolu)
- macrovirus : W97/Thus.AD (résolu)
- virus et disfonctionnement
 |
 |
Art
Tour de marché à la FIAC.
|
 |
||
L'ORDINATEUR INDIVIDUEL
Le mensuel informatique qui vous informe et vous conseille.
Nous contacter
|
Charte de confiance
|
Voir notice légale
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
Tous droits réservés © 1999 - 2009 Internext - 01net.