Gros Virus qui Gele mon ordinateur !!
Martel80
Messages postés
107
Statut
Membre
-
mephistope -
mephistope -
Bonjour,
Je ne sais pas exactement ce qu'es le processus qui fait que mon ordinateur gele completement mais depuis quelque jour quand j'ouvre une aplcation si petite sois t'elle ...tout gele.
J'ai un quad core a 2,4ghz et 2 gig de DDR2 et je suis sous XP SP3
Es-ce que qqn pourrais m'aider sil vous plait !!
Merci beaucoup d'avance !!!
Je ne sais pas exactement ce qu'es le processus qui fait que mon ordinateur gele completement mais depuis quelque jour quand j'ouvre une aplcation si petite sois t'elle ...tout gele.
J'ai un quad core a 2,4ghz et 2 gig de DDR2 et je suis sous XP SP3
Es-ce que qqn pourrais m'aider sil vous plait !!
Merci beaucoup d'avance !!!
A voir également:
- Gros Virus qui Gele mon ordinateur !!
- Ordinateur qui rame - Guide
- Réinitialiser ordinateur - Guide
- Clavier de l'ordinateur - Guide
- Parametres de mon ordinateur - Guide
- Qu'est ce qui se lance au démarrage de l'ordinateur - Guide
47 réponses
Salut Martel80
Télécharge Dr.Web CureIt! sur le Bureau :
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
- Double clique sur l'icône de drweb-cureit.exe sur le bureau et clique sur Commencer le scan.
- Si des infections sont trouvées après ce scan rapide, clique sur le bouton Oui pour Tout.
- Après ce scan rapide, sélectionnez Analyse complète et clique sur la flèche verte à droite.
- Le scan du PC va débuter, le scan peut-être très très long.
- Si une infection sont trouvée, clique sur le bouton Oui pour Tout.
- A la fin du scan, si des infections sont trouvées, clique sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, clique sur Quarantaine.
- Au menu principal de l'outil, en haut à gauche, clique sur le menu Fichier et choisissez Enregistrer le rapport.
- Sauvegarde le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
- Ferme Dr.Web CureIt!
- Redémarre ton PC (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de l'outil Dr.Web dans ta prochaine réponse.
@++ :)
Télécharge Dr.Web CureIt! sur le Bureau :
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
- Double clique sur l'icône de drweb-cureit.exe sur le bureau et clique sur Commencer le scan.
- Si des infections sont trouvées après ce scan rapide, clique sur le bouton Oui pour Tout.
- Après ce scan rapide, sélectionnez Analyse complète et clique sur la flèche verte à droite.
- Le scan du PC va débuter, le scan peut-être très très long.
- Si une infection sont trouvée, clique sur le bouton Oui pour Tout.
- A la fin du scan, si des infections sont trouvées, clique sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, clique sur Quarantaine.
- Au menu principal de l'outil, en haut à gauche, clique sur le menu Fichier et choisissez Enregistrer le rapport.
- Sauvegarde le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
- Ferme Dr.Web CureIt!
- Redémarre ton PC (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de l'outil Dr.Web dans ta prochaine réponse.
@++ :)
Salut Martel80
Faire un ménage des fichiers inutiles et de la base de registre :
https://www.malekal.com/tutoriel-ccleaner/
Faire de nouveau un scan avec DiagHelp et poste le rapport
@++ :)
Faire un ménage des fichiers inutiles et de la base de registre :
https://www.malekal.com/tutoriel-ccleaner/
Faire de nouveau un scan avec DiagHelp et poste le rapport
@++ :)
DiagHelp version v1.4 - http://www.malekal.com
excute le 2010-03-15 à 19:52:21,12
System information for \\PC1:
Uptime: Error reading uptime
Kernel version: Microsoft Windows XP, Multiprocessor Free
Product type: Professional
Product version: 5.1
Service pack: 3
Kernel build number: 2600
Registered organization:
Registered owner: USER
Install date: 2008-01-16, 08:35:04
Activation status: Error reading status
IE version: 7.0000
System root: C:\WINDOWS
Processors: 4
Processor speed: 2.4 GHz
Processor type: Intel(R) Core(TM)2 Quad CPU Q6600 @
Physical memory: 2048 MB
Video driver: NVIDIA GeForce 8400 GS
Volume Type Format Label Size Free Free
A: Removable 0.0%
C: Fixed NTFS 232.88 GB 104.61 GB 44.9%
D: Fixed NTFS 232.88 GB 20.92 GB 9.0%
E: CD-ROM 0.0%
F: CD-ROM 0.0%
G: CD-ROM 0.0%
H: Fixed FAT32 My Book 465.65 GB 16.75 GB 3.6%
C:\WINDOWS\System32\drivers\PnkBstrK.sys -->2010-02-26 12:27:03
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->2010-01-07 17:07:14
C:\WINDOWS\System32\drivers\mbam.sys -->2010-01-07 17:07:04
C:\WINDOWS\System32\drivers\nv4_mini.sys -->2009-11-20 22:34:54
C:\WINDOWS\System32\drivers\WmXlCore.sys -->2009-09-11 13:48:04
C:\WINDOWS\System32\drivers\WmVirHid.sys -->2009-09-11 13:47:54
C:\WINDOWS\System32\drivers\WmFilter.sys -->2009-09-11 13:47:32
C:\WINDOWS\System32\Datei9 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei8 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei7 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei6 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei5 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei4 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei3 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei2 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei10 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei1 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei0 -->2010-03-15 18:35:44
C:\WINDOWS\System32\PerfStringBackup.INI -->2010-03-15 17:50:00
C:\WINDOWS\System32\perfh00C.dat -->2010-03-15 17:50:00
C:\WINDOWS\System32\perfh009.dat -->2010-03-15 17:50:00
C:\WINDOWS\System32\perfc00C.dat -->2010-03-15 17:50:00
C:\WINDOWS\System32\perfc009.dat -->2010-03-15 17:50:00
C:\WINDOWS\System32\NvApps.xml -->2010-03-15 17:46:32
C:\WINDOWS\System32\wpa.dbl -->2010-03-15 17:46:11
C:\WINDOWS\System32\mmf.sys -->2010-03-15 17:45:53
C:\WINDOWS\System32\Datei25 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei24 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei23 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei22 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei21 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei20 -->2010-03-15 17:11:45
C:\WINDOWS\QTFont.qfn -->2010-03-15 17:51:16
C:\WINDOWS\QTFont.for -->2010-03-15 17:51:16
C:\WINDOWS\setupapi.log -->2010-03-15 17:46:25
C:\WINDOWS\WindowsUpdate.log -->2010-03-15 17:46:00
C:\WINDOWS\wiaservc.log -->2010-03-15 17:45:57
C:\WINDOWS\wiadebug.log -->2010-03-15 17:45:57
C:\WINDOWS\0.log -->2010-03-15 17:45:54
C:\WINDOWS\bootstat.dat -->2010-03-15 17:45:42
C:\WINDOWS\system.ini -->2010-03-08 22:44:18
C:\WINDOWS\win.ini -->2010-03-06 01:11:21
C:\WINDOWS\Language_trs.ini -->2010-02-27 13:59:22
C:\WINDOWS\NeroDigital.ini -->2010-02-23 02:44:20
C:\WINDOWS\nsreg.dat -->2010-02-18 14:47:24
C:\WINDOWS\msmmdx9.ini -->2010-01-29 04:17:43
C:\WINDOWS\PEV.exe -->2009-12-09 23:54:07
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 10BE-1EE5
Répertoire de C:\WINDOWS
2008-11-29 18:26 <REP> $hf_mig$
2008-01-16 00:10 <REP> $MSI31Uninstall_KB893803v2$
2008-05-25 13:31 <REP> $NtServicePackUninstall$
2008-01-18 00:44 <REP> $NtServicePackUninstallIDNMitigationAPIs$
2008-01-18 00:44 <REP> $NtServicePackUninstallNLSDownlevelMapping$
2008-01-16 04:11 <REP> $NtUninstallKB873339$
2008-01-16 04:12 <REP> $NtUninstallKB885835$
2008-01-16 04:12 <REP> $NtUninstallKB885836$
2008-01-16 04:08 <REP> $NtUninstallKB886185$
2008-01-16 04:11 <REP> $NtUninstallKB887472$
2008-01-16 08:50 <REP> $NtUninstallKB888111WXPSP2$
2010-03-05 20:05 <REP> $NtUninstallKB888302$
2008-01-16 04:10 <REP> $NtUninstallKB890046$
2008-01-16 04:07 <REP> $NtUninstallKB890859$
2008-01-16 04:10 <REP> $NtUninstallKB891781$
2008-01-16 04:12 <REP> $NtUninstallKB893756$
2008-01-16 04:08 <REP> $NtUninstallKB894391$
2008-01-16 04:10 <REP> $NtUninstallKB896358$
2008-01-16 04:11 <REP> $NtUninstallKB896423$
2008-01-16 04:08 <REP> $NtUninstallKB896428$
2008-01-16 00:10 <REP> $NtUninstallKB898461$
2008-01-16 04:13 <REP> $NtUninstallKB899587$
2008-01-16 04:12 <REP> $NtUninstallKB899591$
2008-01-16 04:11 <REP> $NtUninstallKB900485$
2008-01-16 04:08 <REP> $NtUninstallKB900725$
2008-01-16 04:12 <REP> $NtUninstallKB901017$
2008-01-16 04:09 <REP> $NtUninstallKB901214$
2008-01-16 04:10 <REP> $NtUninstallKB902400$
2008-01-18 00:43 <REP> $NtUninstallKB904942$
2008-01-16 04:09 <REP> $NtUninstallKB905414$
2008-01-16 04:08 <REP> $NtUninstallKB905749$
2008-01-16 04:07 <REP> $NtUninstallKB908519$
2008-01-16 04:08 <REP> $NtUninstallKB908531$
2008-01-16 04:10 <REP> $NtUninstallKB910437$
2008-01-16 04:12 <REP> $NtUninstallKB911280$
2008-01-16 04:11 <REP> $NtUninstallKB911562$
2008-01-16 04:10 <REP> $NtUninstallKB911564$
2008-01-16 04:12 <REP> $NtUninstallKB911927$
2008-01-16 04:08 <REP> $NtUninstallKB913580$
2008-01-16 04:09 <REP> $NtUninstallKB914388$
2008-01-16 04:07 <REP> $NtUninstallKB914389$
2008-01-18 00:43 <REP> $NtUninstallKB914440$
2008-01-18 00:44 <REP> $NtUninstallKB915865$
2008-01-16 04:08 <REP> $NtUninstallKB916595$
2008-01-16 04:09 <REP> $NtUninstallKB917344$
2008-01-16 04:09 <REP> $NtUninstallKB918118$
2008-01-16 04:10 <REP> $NtUninstallKB918439$
2008-01-16 04:09 <REP> $NtUninstallKB919007$
2008-01-16 04:08 <REP> $NtUninstallKB920213$
2008-01-16 04:10 <REP> $NtUninstallKB920670$
2008-01-16 04:07 <REP> $NtUninstallKB920683$
2008-01-16 04:12 <REP> $NtUninstallKB920685$
2008-01-16 04:10 <REP> $NtUninstallKB920872$
2008-01-16 04:11 <REP> $NtUninstallKB921503$
2008-01-16 04:09 <REP> $NtUninstallKB922582$
2008-01-16 04:13 <REP> $NtUninstallKB922819$
2008-01-16 04:09 <REP> $NtUninstallKB923191$
2008-01-16 04:12 <REP> $NtUninstallKB923414$
2008-01-16 04:08 <REP> $NtUninstallKB923689$
2008-01-16 04:12 <REP> $NtUninstallKB923980$
2008-01-16 04:11 <REP> $NtUninstallKB924270$
2008-01-16 04:11 <REP> $NtUninstallKB924496$
2008-01-16 04:11 <REP> $NtUninstallKB924667$
2008-01-16 04:10 <REP> $NtUninstallKB925398_WMP64$
2008-05-21 19:23 <REP> $NtUninstallKB925720$
2008-01-16 04:10 <REP> $NtUninstallKB925902$
2008-01-18 19:04 <REP> $NtUninstallKB926239$
2008-01-16 04:09 <REP> $NtUninstallKB926255$
2008-01-16 04:10 <REP> $NtUninstallKB926436$
2008-01-16 04:13 <REP> $NtUninstallKB927779$
2008-01-16 04:13 <REP> $NtUninstallKB927802$
2008-01-16 04:11 <REP> $NtUninstallKB927891$
2008-01-16 04:12 <REP> $NtUninstallKB928255$
2008-01-16 04:07 <REP> $NtUninstallKB928843$
2008-01-16 04:10 <REP> $NtUninstallKB929123$
2008-01-19 09:01 <REP> $NtUninstallKB929399$
2008-01-16 04:09 <REP> $NtUninstallKB930178$
2008-01-16 04:08 <REP> $NtUninstallKB930916$
2008-01-16 04:11 <REP> $NtUninstallKB931261$
2008-01-16 04:12 <REP> $NtUninstallKB931784$
2008-01-16 04:09 <REP> $NtUninstallKB932168$
2008-01-16 04:12 <REP> $NtUninstallKB933729$
2008-01-16 04:12 <REP> $NtUninstallKB935448$
2008-01-16 04:08 <REP> $NtUninstallKB935839$
2008-01-16 04:08 <REP> $NtUninstallKB935840$
2008-01-16 04:11 <REP> $NtUninstallKB936021$
2008-01-16 04:11 <REP> $NtUninstallKB936357$
2008-01-19 09:00 <REP> $NtUninstallKB936782_WMP11$
2008-01-16 04:11 <REP> $NtUninstallKB936782_WMP9$
2008-01-16 04:12 <REP> $NtUninstallKB937894$
2008-01-16 04:08 <REP> $NtUninstallKB938127$
2008-11-29 16:12 <REP> $NtUninstallKB938464$
2008-01-16 04:11 <REP> $NtUninstallKB938828$
2008-01-16 04:11 <REP> $NtUninstallKB938829$
2008-01-19 09:01 <REP> $NtUninstallKB939683$
2008-01-16 04:09 <REP> $NtUninstallKB941202$
2008-01-16 04:09 <REP> $NtUninstallKB941568$
2008-01-16 04:09 <REP> $NtUninstallKB941569$
2008-01-16 04:11 <REP> $NtUninstallKB941644$
2008-05-21 19:23 <REP> $NtUninstallKB941693$
2008-01-16 04:08 <REP> $NtUninstallKB942615$
2008-01-16 04:09 <REP> $NtUninstallKB942763$
2008-01-16 04:12 <REP> $NtUninstallKB942840$
2008-02-13 10:00 <REP> $NtUninstallKB943055$
2008-01-18 00:43 <REP> $NtUninstallKB943460$
2008-01-16 04:13 <REP> $NtUninstallKB943460_0$
2008-01-16 04:08 <REP> $NtUninstallKB943485$
2008-01-16 04:07 <REP> $NtUninstallKB944653$
2008-05-21 19:23 <REP> $NtUninstallKB945553$
2008-02-13 10:01 <REP> $NtUninstallKB946026$
2008-01-17 01:24 <REP> $NtUninstallKB946627$
2008-08-13 07:59 <REP> $NtUninstallKB946648$
2008-05-21 19:23 <REP> $NtUninstallKB948590$
2008-05-21 19:23 <REP> $NtUninstallKB948881$
2008-05-21 19:23 <REP> $NtUninstallKB950749$
2008-07-27 21:09 <REP> $NtUninstallKB950760$
2008-07-27 21:09 <REP> $NtUninstallKB950762$
2008-08-13 07:58 <REP> $NtUninstallKB950974$
2008-08-13 07:54 <REP> $NtUninstallKB951066$
2008-08-13 07:56 <REP> $NtUninstallKB951072-v2$
2008-07-28 02:07 <REP> $NtUninstallKB951376-v2$
2008-07-27 21:10 <REP> $NtUninstallKB951698$
2008-07-27 21:06 <REP> $NtUninstallKB951748$
2008-07-28 02:05 <REP> $NtUninstallKB951978$
2008-08-13 07:55 <REP> $NtUninstallKB952287$
2008-08-13 07:59 <REP> $NtUninstallKB952954$
2008-08-13 07:59 <REP> $NtUninstallKB953839$
2008-11-29 16:08 <REP> $NtUninstallKB954154_WM11$
2008-11-29 18:24 <REP> $NtUninstallKB954211$
2008-11-29 18:18 <REP> $NtUninstallKB954459$
2008-11-29 18:17 <REP> $NtUninstallKB955069$
2008-11-29 18:26 <REP> $NtUninstallKB956391$
2008-11-29 18:26 <REP> $NtUninstallKB956803$
2008-11-29 18:21 <REP> $NtUninstallKB956841$
2008-11-29 18:25 <REP> $NtUninstallKB957095$
2008-11-29 18:20 <REP> $NtUninstallKB957097$
2008-11-29 18:18 <REP> $NtUninstallKB958644$
2008-01-18 19:04 <REP> $NtUninstallMSCompPackV1$
2008-04-01 07:38 <REP> $NtUninstallWIC$
2008-01-18 19:03 <REP> $NtUninstallWMFDist11$
2008-01-18 19:04 <REP> $NtUninstallwmp11$
2008-01-18 19:02 <REP> $NtUninstallWudf01000$
2008-04-01 07:41 <REP> $NtUninstallXPSEPSCLP$
2004-08-04 03:56 18 f7w7f7m7h7j5pf
2008-02-19 19:25 <REP> ftpcache
2008-01-18 00:46 <REP> ie7
2010-03-15 17:43 <REP> inf
2010-03-04 13:24 <REP> Installer
2008-05-10 16:25 <REP> PIF
2010-03-15 17:51 54 156 QTFont.qfn
2004-08-04 03:56 18 u8v1ffjoi8i1t7
2001-09-28 08:00 49 102 winnt.bmp
2001-09-28 08:00 49 102 winnt256.bmp
6 fichier(s) 153 145 octets
148 Rép(s) 112 325 009 408 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 10BE-1EE5
Répertoire de C:\WINDOWS\system32
2010-03-11 18:01 <REP> dllcache
2009-10-27 13:55 625 mmf(2).sys
2009-11-19 19:56 625 mmf(3).sys
2010-01-28 16:51 625 mmf(4).sys
2010-03-15 17:45 625 mmf.sys
2009-07-26 02:21 52 p3857302.pxf
2001-08-23 08:00 18 u8v1ffjoi8i1t7
13 fichier(s) 7 291 octets
1 Rép(s) 112 324 997 120 octets libres
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
userinit.exe
kernel32.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 2004
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16735 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16735 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16757 C:\WINDOWS\system32\ieframe.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x442b0000 0x3c000 7.00.6000.16735 C:\WINDOWS\system32\webcheck.dll
0x44160000 0x127000 7.00.6000.16735 C:\WINDOWS\system32\urlmon.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x60510000 0x19000 2.00.50727.3053 C:\WINDOWS\system32\dfshim.dll
0x79000000 0x46000 2.00.50727.3053 C:\WINDOWS\system32\mscoree.dll
0x78130000 0x9b000 8.00.50727.4053 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
0x79e70000 0x590000 2.00.50727.3053 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
0x00d10000 0x8000 1.00.0000.0002 C:\Program Files\VDOTool\TBPanelExt.dll
0x04ba0000 0xc44000 6.14.0011.9562 C:\WINDOWS\system32\nvcpl.dll
0x03600000 0x45000 6.14.0011.6371 C:\WINDOWS\system32\NVRSFR.DLL
0x04540000 0x10a000 6.14.0011.9562 C:\WINDOWS\system32\nvapi.dll
0x04750000 0x34000 6.14.0010.4935 C:\WINDOWS\system32\igfxpph.dll
0x01f90000 0x1a000 6.14.0010.4935 C:\WINDOWS\system32\hccutils.DLL
0x04890000 0x2d000 6.14.0010.4935 C:\WINDOWS\system32\igfxrFRA.lrc
0x057f0000 0x324000 6.14.0010.4935 C:\WINDOWS\system32\igfxress.dll
0x047e0000 0x11000 6.14.0010.4935 C:\WINDOWS\system32\igfxsrvc.dll
0x04800000 0x73000 6.14.0010.12537 C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
0x048c0000 0x14000 2.07.0003.0002 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x048e0000 0x56000 7.10.3052.0004 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
0x04940000 0x2e000 C:\Program Files\WinRAR\rarext.dll
0x04970000 0x14000 4.65.0000.0000 C:\Program Files\7-Zip\7-zip.dll
0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\wmvcore.dll
0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL
0x06b40000 0x106000 0.09.0001.0000 C:\WINDOWS\system32\lameACM.acm
0x43c10000 0x1d000 7.00.6000.16735 C:\WINDOWS\system32\URL.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x14070000 0x1b000 11.00.5721.5145 C:\WINDOWS\system32\wmpshell.dll
0x00ec0000 0x18000 1.03.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
0x06490000 0x2a000 4.01.0000.0000 C:\Program Files\PowerISO\PWRISOSH.DLL
0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\system32\wshext.dll
0x36d30000 0x19000 11.00.5510.0000 C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 780
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x020b0000 0x3b000 1.07.0018.0007 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 10BE-1EE5
Répertoire de C:\WINDOWS\Downloaded Program Files
2010-03-04 13:05 <REP> .
2010-03-04 13:05 <REP> ..
2009-02-23 18:21 <REP> CONFLICT.1
2008-01-16 08:32 65 desktop.ini
2006-05-16 12:58 24 576 dwusplay.dll
2006-05-16 12:58 196 608 dwusplay.exe
2007-11-20 17:04 1 523 536 FP_AX_CAB_INSTALLER.exe
2010-02-18 14:47 2 789 install.log
2006-05-16 12:58 484 272 isusweb.dll
2008-04-25 05:02 1 060 jinstall-6u6.inf
2009-05-14 18:55 354 MySpaceUploader2.inf
2009-05-14 19:00 3 525 696 MySpaceUploader2.ocx
2006-06-20 15:44 117 560 PURen-us.dll
2007-01-09 08:30 110 592 PURfr-ca.dll
2009-09-05 02:49 144 QTPlugin.inf
2007-11-20 16:50 247 swflash.inf
2008-05-20 20:32 267 568 sysreqlab3.dll
2008-05-01 14:28 667 SysReqLab3.osd
2010-02-18 14:47 38 428 unagiuninst.exe
16 fichier(s) 6 294 162 octets
Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1
2009-02-23 18:21 <REP> .
2009-02-23 18:21 <REP> ..
2007-01-09 08:30 110 592 PURfr-ca.dll
1 fichier(s) 110 592 octets
Total des fichiers listés :
17 fichier(s) 6 404 754 octets
5 Rép(s) 112 324 988 928 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Turbine\\The Lord of the Rings Online\\lotroclient.exe"="C:\\Program Files\\Turbine\\The Lord of the Rings Online\\lotroclient.exe:*:Enabled:lotroclient"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"="C:\\Program Files\\Electronic Arts\\EADM\\Core.exe:*:Disabled:EA Download Manager"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"="C:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe:*:Enabled:Dragon Age Origins Game"
"C:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"="C:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher"
"C:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"="C:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"DisableRegistryTools"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-15 19:53:10
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:18a17542
"s1"=dword:a403b3af
"s2"=dword:16e709ad
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:0c,c7,f9,fa,72,36,f9,a8,08,a1,62,43,21,00,d8,26,c8,3e,66,30,c9,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ee,1e,f2,f2,57,88,68,78,8a,6c,b1,56,ce,dd,b2,49,00,..
"khjeh"=hex:24,ea,65,92,10,f6,6d,8c,ce,32,54,a8,0d,f1,8c,bf,cc,29,c5,7e,b8,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:c9,b9,88,c4,75,18,a9,14,ed,a2,55,66,44,a4,5b,17,dc,f7,5f,6d,67,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:9a,4b,51,4a,3a,34,63,c8,55,f9,00,e3,b7,ac,d4,c2,69,05,f7,2c,b6,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:0c,c7,f9,fa,72,36,f9,a8,08,a1,62,43,21,00,d8,26,c8,3e,66,30,c9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ee,1e,f2,f2,57,88,68,78,8a,6c,b1,56,ce,dd,b2,49,00,..
"khjeh"=hex:52,3d,d1,7e,e8,82,db,e2,0c,48,5b,72,0d,14,fd,ca,38,ab,37,31,fe,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:d0,00,ea,ea,37,8a,af,f0,8d,9a,b4,f8,87,cd,0c,93,9f,e0,00,76,81,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:0c,c7,f9,fa,72,36,f9,a8,08,a1,62,43,21,00,d8,26,c8,3e,66,30,c9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ee,1e,f2,f2,57,88,68,78,8a,6c,b1,56,ce,dd,b2,49,00,..
"khjeh"=hex:24,ea,65,92,10,f6,6d,8c,ce,32,54,a8,0d,f1,8c,bf,cc,29,c5,7e,b8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:c9,b9,88,c4,75,18,a9,14,ed,a2,55,66,44,a4,5b,17,dc,f7,5f,6d,67,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:9a,4b,51,4a,3a,34,63,c8,55,f9,00,e3,b7,ac,d4,c2,69,05,f7,2c,b6,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
376 - alg.exe
756 - csrss.exe
780 - winlogon.exe
828 - services.exe
840 - lsass.exe
1020 - svchost.exe
1084 - svchost.exe
1124 - svchost.exe
1328 - spoolsv.exe
1436 - svchost.exe
1476 - M-AudioTaskBarI
1480 - svchost.exe
1516 - Runservice.exe
1560 - svchost.exe
1776 - igfxsrvc.exe
1808 - rundll32.exe
1840 - cledx.exe
1884 - ctfmon.exe
2004 - explorer.exe
2860 - cmd.exe
Total number of processes = 21
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E4000 - \WINDOWS\system32\hal.dll
B85A8000 - \WINDOWS\system32\KDCOM.DLL
B84B8000 - \WINDOWS\system32\BOOTVID.dll
B7ED4000 - sptd.sys
B85AA000 - \WINDOWS\System32\Drivers\WMILIB.SYS
B7EBC000 - \WINDOWS\System32\Drivers\SPTD5005.SYS
B7E8D000 - ACPI.sys
B7E7C000 - pci.sys
B80A8000 - isapnp.sys
B8670000 - pciide.sys
B8328000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
B80B8000 - MountMgr.sys
B7E5D000 - ftdisk.sys
B85AC000 - dmload.sys
B7E37000 - dmio.sys
B8330000 - PartMgr.sys
B80C8000 - VolSnap.sys
B7E1F000 - atapi.sys
B80D8000 - disk.sys
B80E8000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
B7DFF000 - fltmgr.sys
B7DED000 - sr.sys
B80F8000 - PxHelp20.sys
B7DCF000 - TPkd.sys
B7DB8000 - KSecDD.sys
B7D2B000 - Ntfs.sys
B7CFE000 - NDIS.sys
B8108000 - sbp2port.sys
B8118000 - ohci1394.sys
B8128000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
B7CE4000 - Mup.sys
B81B8000 - \SystemRoot\system32\DRIVERS\intelppm.sys
B7288000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
B7274000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
B724C000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
B81C8000 - \SystemRoot\system32\DRIVERS\l1e51x86.sys
B8398000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
B7228000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
B83A0000 - \SystemRoot\system32\DRIVERS\usbehci.sys
B83B0000 - \SystemRoot\system32\DRIVERS\fdc.sys
B7214000 - \SystemRoot\system32\DRIVERS\parport.sys
B85B2000 - \SystemRoot\system32\DRIVERS\ASACPI.sys
B83C8000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
B83D8000 - \SystemRoot\system32\DRIVERS\mouclass.sys
B7203000 - \SystemRoot\system32\DRIVERS\serial.sys
B8598000 - \SystemRoot\system32\DRIVERS\serenum.sys
B81E8000 - \SystemRoot\system32\DRIVERS\imapi.sys
B81F8000 - \SystemRoot\system32\DRIVERS\cdrom.sys
B8208000 - \SystemRoot\system32\DRIVERS\redbook.sys
B7140000 - \SystemRoot\system32\DRIVERS\ks.sys
B70F6000 - \SystemRoot\System32\Drivers\dtscsi.sys
B70DE000 - \SystemRoot\System32\Drivers\SCSIPORT.SYS
B8687000 - \SystemRoot\system32\DRIVERS\audstub.sys
B8218000 - \SystemRoot\system32\drivers\MotuBus.sys
B8228000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
B7CC0000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
B70C7000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
B8238000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
B8248000 - \SystemRoot\system32\DRIVERS\raspptp.sys
B8418000 - \SystemRoot\system32\DRIVERS\TDI.SYS
B70B6000 - \SystemRoot\system32\DRIVERS\psched.sys
B8258000 - \SystemRoot\system32\DRIVERS\msgpc.sys
B8428000 - \SystemRoot\system32\DRIVERS\ptilink.sys
B8438000 - \SystemRoot\system32\DRIVERS\raspti.sys
B7086000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
B8268000 - \SystemRoot\system32\DRIVERS\termdd.sys
B85B8000 - \SystemRoot\system32\DRIVERS\swenum.sys
B7028000 - \SystemRoot\system32\DRIVERS\update.sys
B7C9C000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
B8278000 - \SystemRoot\system32\DRIVERS\cledx.sys
B7C94000 - \SystemRoot\system32\drivers\WmBEnum.sys
B8288000 - \SystemRoot\system32\drivers\WmXlCore.sys
B8298000 - \SystemRoot\System32\Drivers\NDProxy.SYS
B4D69000 - \SystemRoot\system32\drivers\viahduaa.sys
B4D45000 - \SystemRoot\system32\drivers\portcls.sys
B82A8000 - \SystemRoot\system32\drivers\drmk.sys
B82B8000 - \SystemRoot\system32\DRIVERS\usbhub.sys
B85C0000 - \SystemRoot\system32\DRIVERS\USBD.SYS
B8478000 - \SystemRoot\system32\DRIVERS\flpydisk.sys
B85C4000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
B86F7000 - \SystemRoot\System32\Drivers\Null.SYS
B85C8000 - \SystemRoot\System32\Drivers\Beep.SYS
B8498000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
B84A0000 - \SystemRoot\System32\drivers\vga.sys
B85CC000 - \SystemRoot\System32\Drivers\mnmdd.SYS
B85D0000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
B84B0000 - \SystemRoot\System32\Drivers\Msfs.SYS
B8378000 - \SystemRoot\System32\Drivers\Npfs.SYS
B7CB8000 - \SystemRoot\system32\DRIVERS\rasacd.sys
B4CAA000 - \SystemRoot\system32\DRIVERS\ipsec.sys
B4C51000 - \SystemRoot\system32\DRIVERS\tcpip.sys
B4C29000 - \SystemRoot\system32\DRIVERS\netbt.sys
B4C03000 - \SystemRoot\system32\DRIVERS\ipnat.sys
B4BE1000 - \SystemRoot\System32\drivers\afd.sys
B82D8000 - \SystemRoot\system32\DRIVERS\netbios.sys
B82E8000 - \SystemRoot\System32\Drivers\SCDEmu.SYS
B4B8E000 - \SystemRoot\system32\DRIVERS\rdbss.sys
B4B1E000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
B82F8000 - \SystemRoot\System32\Drivers\Fips.SYS
B85D4000 - \SystemRoot\system32\drivers\AsIO.sys
B83C0000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
B4ADB000 - \SystemRoot\system32\DRIVERS\mausbcv.sys
B4CF9000 - \SystemRoot\system32\DRIVERS\hidusb.sys
B71F3000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
B4AB7000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B4CE9000 - \SystemRoot\system32\DRIVERS\kbdhid.sys
B4CE5000 - \SystemRoot\system32\DRIVERS\mouhid.sys
B4A9F000 - \SystemRoot\System32\Drivers\dump_atapi.sys
B85D8000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
B85A0000 - \SystemRoot\System32\drivers\Dxapi.sys
B83F0000 - \SystemRoot\System32\watchdog.sys
B71E3000 - \SystemRoot\system32\DRIVERS\wanarp.sys
BD000000 - \SystemRoot\System32\drivers\dxg.sys
B87FD000 - \SystemRoot\System32\drivers\dxgthk.sys
BD012000 - \SystemRoot\System32\nv4_disp.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
B46EB000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
B452A000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
B862E000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B8630000 - \SystemRoot\System32\Drivers\TBPanel.SYS
B4A4F000 - \SystemRoot\system32\drivers\ip6fw.sys
B442A000 - \SystemRoot\system32\drivers\tcpip6.sys
B4298000 - \SystemRoot\system32\DRIVERS\srv.sys
B425B000 - \SystemRoot\system32\drivers\wdmaud.sys
B4637000 - \SystemRoot\system32\drivers\sysaudio.sys
B83B8000 - \SystemRoot\System32\Drivers\TDTCP.SYS
B4215000 - \SystemRoot\System32\Drivers\RDPWD.SYS
B49FF000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B3DE1000 - \SystemRoot\System32\Drivers\HTTP.sys
B866C000 - \??\C:\DOCUME~1\pc\LOCALS~1\Temp\mbr.sys
B86DC000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 133
Liste des programmes installes
7-Zip 4.65
Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
Access.Virus.Magic.Synth.Soundset
Access.Virus.Rob.Papen.Signatur.Sound.Set
Access.Virus.Virology.Soundset
Additive Synth 1.31 DEMO
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 7.0.9
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AKAI professional DCVocoder 1.0
Alchemy
AlgoMusic M42 Nebula v2 VSTi
AlgoMusic M51galaxy v1.1 VSTi
Antares Autotune VST RTAS TDM v5.08
Apple Software Update
Applied Acoustics Systems - Tassman 4 v4.1.3
Archiveur WinRAR
ARP2600 V 1.2
Artillery2
Arturia minimoog V v1.6
ASIO4ALL
Assistant de connexion Windows Live
Attansic Ethernet Utility
Attansic L1 Gigabit Ethernet Driver
AudioEase Altiverb VST RTAS v6.10
AudioEase Speakersphone VST RTAS v1.01
Audjoo Helix 1.0
AutoUpdate
AVIcodec (remove only)
Bass Station 1.50
BBE Sonic Sweet Bundle VST RTAS v1.0
Beta Bugs Chorrosive VST
Brainworx BX Control VST RTAS v1.0
Brainworx BX Digital VST v1.09
Cakewalk Rapture 1.2
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
CCleaner
Circle
Collab
Compadre Beatpuncher v1.1
Conectiv
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows Internet Explorer 7 (KB947864)
Correctif pour Windows XP (KB952287)
CrySonic nXstasy
DETAILERx32bit
DETAILERx32bit
DETAILERx32bit
Devastor 1.2.0
Dimension Pro 1.2
DirectWave
discoDSP Discovery Pro
DivX Converter
DivX Player
DivX Web Player
Dragon Age: Origins
DVD Shrink 3.2
EA Download Manager
EA Download Manager
East India Company and Pirate Bay Addon
Eastside UK pre-game Editor v2007.0.3
Edirol HQ Orchestral VSTi v1.03
Effectrix
ElastikVst
ElastikVst
Elevayta Extra Boy v4.91d VST
Elevayta Stream Boy v4.90d VST
Elevayta Wider Boy v4.92d VST
Elysia mpressor VST RTAS v1.0.2
Extreme 1.0
FabFilter Pro-C VST RTAS v1.10
FaceGen Modeller 3.1
Fatsondo 2.0
FilterBank v3.2
FL Studio 8
Flash to Video Encoder
FLUX Spring Pack Bundle v1.0.4.14
G-sonique Alien303 VSTi
G-sonique Renegade VSTi
GForce impOSCar v1.10 VSTi RTAS
GMediaMusic - Oddity VST2
Golden ASET Mythospheric Space Synthesizer VSTi
Hardcore
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hunting Unlimited 2009 1.0
IL Download Manager
IL Gross Beat
IL Harmless
IL Juice Pack
IL Ogun
IL Vocodex
iLok x32 driver
Image-Line PoiZone v2.1
Installation Windows Live
Installation Windows Live
Intel(R) Graphics Media Accelerator Driver
iZotope Ozone 3
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Junk Mail filter update
K-Lite Codec Pack 4.1.4 (Full)
KeyToSound - NexSyn 1.1 r16
Kinisis 1.0
KNOBSTER Bundle
KORG Legacy Collection - ANALOG EDITION 2007
KORG Legacy Collection - DIGITAL EDITION
Le Centre de Contrôle de Licences de Syncrosoft
Lecteur Windows Media 11
Lennar Digital Sylenth VSTi v1.2.1
LineUp v2.2
List_Kill'em 1.3.0.0
Loomer Aspect
LucasArts' Rogue Squadron
Luxonix Purity VSTi v1.1.2
LUXONIX ravity Bundle v1.4.3
Malwarebytes' Anti-Malware
Maximus
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Memory 1.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 Language Pack - fra
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC8 CRT for Loomer Applications
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual J# .NET Redistributable Package 1.1
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
Mise à jour de sécurité pour Windows XP (KB923689)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour de sécurité pour Windows XP (KB954211)
Mise à jour de sécurité pour Windows XP (KB954459)
Mise à jour de sécurité pour Windows XP (KB955069)
Mise à jour de sécurité pour Windows XP (KB956391)
Mise à jour de sécurité pour Windows XP (KB956803)
Mise à jour de sécurité pour Windows XP (KB956841)
Mise à jour de sécurité pour Windows XP (KB957095)
Mise à jour de sécurité pour Windows XP (KB957097)
Mise à jour de sécurité pour Windows XP (KB958644)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour pour Windows XP (KB951978)
Module linguistique Microsoft .NET Framework 3.5 - fra
Monofilter v3.2.9
Mozilla Firefox (3.6)
MSN
MSVCRT
MSXML 6.0 Parser (KB933579)
N.I. Reaktor v5.1.1
Native Instruments Absynth 4
Native Instruments Akoustik Piano
Native Instruments FM8
Native Instruments Guitar Rig 3
Native Instruments Kontakt 4
Native Instruments Kontakt 4
Native Instruments Kontakt 4
Native Instruments Kontakt 4 Factory Content
Native Instruments Kontakt 4 Factory Content
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
Native Instruments Pro-53
Native Instruments Reaktor Session One
Native Instruments Vokator
Nero 7 Essentials
NHL Eastside Hockey Manager 2007
NHL® 09
NomadFactory Limiting Amplifier LM-662 VST RTAS v1.3
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA Photoshop Plug-ins
NVIDIA PhysX
NVIDIA WDM Drivers
Ohm Force - Mobilohm VST2
OhmForce Hematohm VST2
OhmForce Ohmboyz VST2
OhmForce Predatohm VST2
OpenAL
Overloud TH1 1.1.3 VST
PC Probe II
PCM Native Reverb VST Plug-in
PCM Native Reverb VST Plug-in
PDF Settings
Phoscyon 1.8.0
Pianoteq v2.2.0
PiLfIuS! 0.9
PoiZone
PowerDVD
PowerISO
PowerProducer
ProAudioDSP Dynamic Spectrum Mapper VST RTAS v1.3.2
Prosoniq OrangeVocoder v1.4
PSP Audioware Xenon VST RTAS v1.1.1
PSP MixPack2 2.0.3
PSP sQuad 1.5.1 32bit
PSP VintageWarmer 2.0.0
PunkBuster Services
QuickTime
Realtek High Definition Audio Driver
Reason 3.0
Reese Machine VSTi
ReFX JunoX2 VSTi v1.51
reFX quadraSID 1.6.0
Replay Media Catcher
rFactor
Rob Papen Predator V1.1.0
Robotronic
Sawer
Segoe UI
SEQ1
SEQ1 Master
SEQ2
SEQ2 Master
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 - Warlords
Sid Meier's Civilization 4
Sid Meier's Civilization 4
Sierra On-Line Games (Remove only)
SimSynth
SKYLIFE SampleRobot v3.0.1
Softube Metal Amp Room VST RTAS v1.1.5
Softube Trident A-Range VST RTAS v1.0.2
Softube Tube-Tech CL 1B VST RTAS v1.0.3
Softube Tube Delay VST RTAS v1.0.5
Sonicbytes Gat'R 1.1
SONiVOX DVI Electronica
Sonnox Oxford Inflator Native VST v1.5.1
Sonnox Oxford Limiter Native VST v1.1.1
Sonnox Oxford R3 Dynamics Native VST v1.3.1
Sonnox Oxford R3 EQ Native VST v1.6.1
Sonnox Oxford Reverb Native VST v1.0
Sony Preset Manager 2.0
Sony Sound Forge 8.0
Sony Vocal Eraser
SoundToys Native Effects VST RTAS v3.1.2
Spark FXMachine 2.1
SPL Analog Code EQ Rangers Volume One VST RTAS v1.1
SPL Analog Code MicroPlugs VST RTAS v1.1
SPL Analog Code Transient Designer VST RTAS v1.1
SPL Analog Code TwinTube Processor VST RTAS v1.1
SPL Analog Code Vitalizer MK2-T VST RTAS v1.1
Steinberg HALionOne
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg Hypersonic 2
Steinberg Nuendo 4
Steinberg Nuendo Expansion Kit
Steinberg VoiceMachine v1.0
Stelsi Virtual Synth 1.0
Stereoizer v2.7
Stereoplacer v2.4
SyncroSoft Emu (Remove only)
Sytrus
Tachyon Demo
TeamSpeak 2 RC2
The Lord of the Rings Online™: Shadows of Angmar™ v01.05.00.811
Tone2 Gladiator VSTi v2.2
Torq 1.5 (Build 029 - 22 Dec 2008)
Toxic Biohazard
TPKD Installer x32
TruePianos 1.5.0
TruePianos: Amber Module 1.4.0
TruePianos: Diamond Module 1.4.0
TruePianos: Emerald Module 1.4.0
TruePianos: Sapphire Module 1.4.0
TruePianos: Sapphire Module 1.4.0
Ugo Ironhead v1.5 VSTi
Ugo M-theory v1.0 VSTi
Ugo Metallurgy v1.5 VST
Ugo Tunguska v1.1 VST
Unique
unistallSpotter
URS Classic Console Strip Pro VST RTAS v1.0
V-Station 1.50
VDOTool 5.5
Vember Audio SURGE
VHR-09 Version 7.0
VHR09
Viewpoint Media Player
Vintage Vocoder 1.03 Build 1
Viral Outbreak v1.00 VSTi
Viral Outbreak v1.00 VSTi Demo
VirSyn TERA v3.0
Visualizer v1.9.0
Vogue
Voxengo Analogflux Suite 1.3
Voxengo Lampthruster VST 2.0
VRS-4040PI Vers.1.0
Waves API Collection
WD Diagnostics
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Mail
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WOW
WWAYM - NWSynth V1.3
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 10BE-1EE5
Répertoire de C:\Program Files
2010-03-15 17:43 <REP> .
2010-03-15 17:43 <REP> ..
2009-05-23 13:04 <REP> 7-Zip
2009-07-27 17:48 <REP> AAMS
2009-10-25 22:45 <REP> AAS
2009-08-11 20:19 <REP> Access.Virus.Magic.Synth.Soundset
2008-07-14 10:44 <REP> Adobe
2009-12-11 16:36 <REP> AGEIA Technologies
2009-07-26 01:45 <REP> AKAI professional M.I. Corp
2009-11-16 21:46 <REP> Antares Audio Technologies
2009-10-27 14:42 <REP> AnyToISO
2008-05-23 10:38 <REP> Apple Software Update
2009-10-27 14:06 <REP> Arturia
2009-03-21 22:10 <REP> ASIO4ALL v2
2008-02-12 21:30 <REP> ASUS
2008-01-16 08:53 <REP> Attansic
2010-03-04 13:15 <REP> Audacity 1.3 Beta (Unicode)
2008-01-19 23:20 <REP> Audio Ease
2008-01-18 19:18 <REP> AVIcodec
2010-02-04 06:57 <REP> BBE Sound
2008-01-17 15:47 <REP> BillP Studios
2009-12-25 21:15 <REP> Brainworx Music
2009-12-16 13:41 <REP> Cakewalk
2010-01-09 20:16 <REP> CCleaner
2008-01-17 18:19 <REP> Common Files
2008-11-29 17:26 <REP> Comodo
2008-01-16 08:30 <REP> ComPlus Applications
2008-07-18 06:06 <REP> CyberLink
2010-02-17 12:32 <REP> D16 Group
2010-01-30 01:00 <REP> D16 Group(2)
2001-12-31 22:53 <REP> DAEMON Tools
2009-12-31 23:48 <REP> Devine Machine
2010-03-04 13:07 <REP> Diablo II
2008-01-22 13:01 <REP> DIFX
2008-08-17 11:42 <REP> DivX
2009-12-11 16:29 <REP> Dragon Age
2009-05-29 15:46 <REP> DVD Shrink
2010-03-04 13:16 <REP> EA Sports
2009-09-08 12:27 <REP> Eastside UK
2008-02-09 14:40 <REP> EDIROL
2009-05-24 14:01 <REP> Electronic Arts
2009-01-18 17:00 <REP> Elevayta Creativity Tools
2010-01-28 01:51 <REP> Elysia
2010-01-30 13:07 <REP> EMI
2009-06-04 14:54 <REP> energy XT
2010-03-04 13:09 <REP> EzGenerator3
2009-01-18 16:57 <REP> FabFilter
2008-05-30 20:47 <REP> Fatsondo
2008-06-22 00:03 <REP> FAW
2010-03-08 22:37 <REP> Fichiers communs
2008-10-03 19:09 <REP> Firaxis Games
2009-12-25 21:19 <REP> Flux
2008-12-13 16:54 <REP> FriendBlasterPro
2009-09-28 21:30 <REP> FXpansion
2010-02-13 22:10 <REP> GeoVid
2010-01-28 03:25 <REP> GForce
2010-03-04 13:31 <REP> Google
2008-08-11 19:34 <REP> Hunting Unlimited 2009
2008-12-13 16:53 <REP> iCall
2010-01-17 02:30 <REP> Image-Line
2008-01-16 08:44 <REP> Intel
2009-09-27 15:11 <REP> InterLok
2008-11-29 18:25 <REP> Internet Explorer
2010-02-13 21:59 <REP> IVCsoft
2008-01-16 11:55 <REP> iZotope
2008-07-24 12:25 <REP> Java
2009-10-27 14:13 <REP> KeyToSound
2010-01-08 03:13 <REP> K-Lite Codec Pack
2010-02-18 13:52 <REP> KORG
2010-03-15 07:31 <REP> List_Kill'em
2010-02-16 18:56 <REP> Loomer
2009-08-28 19:55 <REP> LucasArts
2009-12-03 00:32 <REP> LUXONIX
2010-03-05 17:27 <REP> Malwarebytes' Anti-Malware
2009-05-31 17:35 <REP> M-Audio
2008-08-13 07:59 <REP> Messenger
2009-12-29 19:01 <REP> Microsoft
2008-01-16 08:33 <REP> microsoft frontpage
2008-01-16 08:41 <REP> Microsoft Office
2008-01-16 08:41 <REP> Microsoft.NET
2010-03-04 13:22 <REP> MOTU
2008-05-25 13:35 <REP> Movie Maker
2010-02-21 22:41 <REP> Mozilla Firefox
2008-04-01 07:40 <REP> MSBuild
2009-12-29 18:53 <REP> MSN
2008-01-16 08:29 <REP> MSN Gaming Zone
2008-04-01 07:38 <REP> MSXML 6.0
2010-01-17 02:28 <REP> Native Instruments
2008-01-16 08:03 <REP> Nero
2008-08-24 23:49 <REP> NetMeeting
2008-06-23 17:47 <REP> Nomad Factory
2009-12-02 11:18 <REP> NovaLogic
2009-11-24 01:21 <REP> NuGen Audio
2010-01-11 17:39 <REP> NVIDIA Corporation
2008-01-16 08:29 <REP> Online Services
2008-09-04 16:43 <REP> OpenAL
2009-11-16 21:49 <REP> Outlook Express
2009-03-21 22:07 <REP> Outsim
2009-12-20 14:15 <REP> Paradox Interactive
2010-03-04 13:25 <REP> Pcsx2
2008-06-23 23:44 <REP> Pianoteq 2.2
2009-12-29 19:58 <REP> PiLfIuS
2008-06-23 13:18 <REP> PowerISO
2010-02-23 22:21 <REP> Pro Audio DSP
2008-01-16 00:58 <REP> Propellerhead
2010-02-16 13:50 <REP> PSPaudioware
2010-02-23 15:03 <REP> QuickTime
2009-05-08 01:41 <REP> Realtek
2008-04-01 07:40 <REP> Reference Assemblies
2008-06-20 06:22 <REP> ReFX JunoX2
2010-02-24 13:42 <REP> Replay Media Catcher
2010-01-10 19:48 <REP> rFactor
2009-05-08 06:45 <REP> rgcaudio software
2008-07-10 17:52 <REP> Rob.Papen.Signatur.Sound.Set
2009-12-21 14:17 <REP> SEGA
2008-01-16 08:32 <REP> Services en ligne
2010-01-10 01:10 <REP> Singular Inversions
2009-12-30 12:57 <REP> SKYLIFE
2010-02-10 00:44 <REP> Softube
2009-10-02 01:52 <REP> Sonicism Digital Audio Solutions
2009-10-16 01:19 <REP> SONiVOX
2009-12-25 21:27 <REP> Sonnox
2008-01-16 16:40 <REP> Sony
2008-01-16 16:18 <REP> Sony Setup
2010-01-30 13:18 <REP> SoundPerformanceLab
2010-02-10 09:30 <REP> SoundToys
2008-10-05 16:17 <REP> Sports Interactive
2010-02-18 07:30 <REP> Steinberg
2010-02-16 18:53 <REP> StudioDevil
2009-10-29 22:46 <REP> Sugar Bytes
2010-03-15 17:43 <REP> Syncrosoft
2010-02-12 12:27 <REP> TC Electronic
2009-06-04 14:28 <REP> TcWo
excute le 2010-03-15 à 19:52:21,12
System information for \\PC1:
Uptime: Error reading uptime
Kernel version: Microsoft Windows XP, Multiprocessor Free
Product type: Professional
Product version: 5.1
Service pack: 3
Kernel build number: 2600
Registered organization:
Registered owner: USER
Install date: 2008-01-16, 08:35:04
Activation status: Error reading status
IE version: 7.0000
System root: C:\WINDOWS
Processors: 4
Processor speed: 2.4 GHz
Processor type: Intel(R) Core(TM)2 Quad CPU Q6600 @
Physical memory: 2048 MB
Video driver: NVIDIA GeForce 8400 GS
Volume Type Format Label Size Free Free
A: Removable 0.0%
C: Fixed NTFS 232.88 GB 104.61 GB 44.9%
D: Fixed NTFS 232.88 GB 20.92 GB 9.0%
E: CD-ROM 0.0%
F: CD-ROM 0.0%
G: CD-ROM 0.0%
H: Fixed FAT32 My Book 465.65 GB 16.75 GB 3.6%
C:\WINDOWS\System32\drivers\PnkBstrK.sys -->2010-02-26 12:27:03
C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->2010-01-07 17:07:14
C:\WINDOWS\System32\drivers\mbam.sys -->2010-01-07 17:07:04
C:\WINDOWS\System32\drivers\nv4_mini.sys -->2009-11-20 22:34:54
C:\WINDOWS\System32\drivers\WmXlCore.sys -->2009-09-11 13:48:04
C:\WINDOWS\System32\drivers\WmVirHid.sys -->2009-09-11 13:47:54
C:\WINDOWS\System32\drivers\WmFilter.sys -->2009-09-11 13:47:32
C:\WINDOWS\System32\Datei9 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei8 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei7 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei6 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei5 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei4 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei3 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei2 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei10 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei1 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei0 -->2010-03-15 18:35:44
C:\WINDOWS\System32\PerfStringBackup.INI -->2010-03-15 17:50:00
C:\WINDOWS\System32\perfh00C.dat -->2010-03-15 17:50:00
C:\WINDOWS\System32\perfh009.dat -->2010-03-15 17:50:00
C:\WINDOWS\System32\perfc00C.dat -->2010-03-15 17:50:00
C:\WINDOWS\System32\perfc009.dat -->2010-03-15 17:50:00
C:\WINDOWS\System32\NvApps.xml -->2010-03-15 17:46:32
C:\WINDOWS\System32\wpa.dbl -->2010-03-15 17:46:11
C:\WINDOWS\System32\mmf.sys -->2010-03-15 17:45:53
C:\WINDOWS\System32\Datei25 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei24 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei23 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei22 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei21 -->2010-03-15 17:11:45
C:\WINDOWS\System32\Datei20 -->2010-03-15 17:11:45
C:\WINDOWS\QTFont.qfn -->2010-03-15 17:51:16
C:\WINDOWS\QTFont.for -->2010-03-15 17:51:16
C:\WINDOWS\setupapi.log -->2010-03-15 17:46:25
C:\WINDOWS\WindowsUpdate.log -->2010-03-15 17:46:00
C:\WINDOWS\wiaservc.log -->2010-03-15 17:45:57
C:\WINDOWS\wiadebug.log -->2010-03-15 17:45:57
C:\WINDOWS\0.log -->2010-03-15 17:45:54
C:\WINDOWS\bootstat.dat -->2010-03-15 17:45:42
C:\WINDOWS\system.ini -->2010-03-08 22:44:18
C:\WINDOWS\win.ini -->2010-03-06 01:11:21
C:\WINDOWS\Language_trs.ini -->2010-02-27 13:59:22
C:\WINDOWS\NeroDigital.ini -->2010-02-23 02:44:20
C:\WINDOWS\nsreg.dat -->2010-02-18 14:47:24
C:\WINDOWS\msmmdx9.ini -->2010-01-29 04:17:43
C:\WINDOWS\PEV.exe -->2009-12-09 23:54:07
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 10BE-1EE5
Répertoire de C:\WINDOWS
2008-11-29 18:26 <REP> $hf_mig$
2008-01-16 00:10 <REP> $MSI31Uninstall_KB893803v2$
2008-05-25 13:31 <REP> $NtServicePackUninstall$
2008-01-18 00:44 <REP> $NtServicePackUninstallIDNMitigationAPIs$
2008-01-18 00:44 <REP> $NtServicePackUninstallNLSDownlevelMapping$
2008-01-16 04:11 <REP> $NtUninstallKB873339$
2008-01-16 04:12 <REP> $NtUninstallKB885835$
2008-01-16 04:12 <REP> $NtUninstallKB885836$
2008-01-16 04:08 <REP> $NtUninstallKB886185$
2008-01-16 04:11 <REP> $NtUninstallKB887472$
2008-01-16 08:50 <REP> $NtUninstallKB888111WXPSP2$
2010-03-05 20:05 <REP> $NtUninstallKB888302$
2008-01-16 04:10 <REP> $NtUninstallKB890046$
2008-01-16 04:07 <REP> $NtUninstallKB890859$
2008-01-16 04:10 <REP> $NtUninstallKB891781$
2008-01-16 04:12 <REP> $NtUninstallKB893756$
2008-01-16 04:08 <REP> $NtUninstallKB894391$
2008-01-16 04:10 <REP> $NtUninstallKB896358$
2008-01-16 04:11 <REP> $NtUninstallKB896423$
2008-01-16 04:08 <REP> $NtUninstallKB896428$
2008-01-16 00:10 <REP> $NtUninstallKB898461$
2008-01-16 04:13 <REP> $NtUninstallKB899587$
2008-01-16 04:12 <REP> $NtUninstallKB899591$
2008-01-16 04:11 <REP> $NtUninstallKB900485$
2008-01-16 04:08 <REP> $NtUninstallKB900725$
2008-01-16 04:12 <REP> $NtUninstallKB901017$
2008-01-16 04:09 <REP> $NtUninstallKB901214$
2008-01-16 04:10 <REP> $NtUninstallKB902400$
2008-01-18 00:43 <REP> $NtUninstallKB904942$
2008-01-16 04:09 <REP> $NtUninstallKB905414$
2008-01-16 04:08 <REP> $NtUninstallKB905749$
2008-01-16 04:07 <REP> $NtUninstallKB908519$
2008-01-16 04:08 <REP> $NtUninstallKB908531$
2008-01-16 04:10 <REP> $NtUninstallKB910437$
2008-01-16 04:12 <REP> $NtUninstallKB911280$
2008-01-16 04:11 <REP> $NtUninstallKB911562$
2008-01-16 04:10 <REP> $NtUninstallKB911564$
2008-01-16 04:12 <REP> $NtUninstallKB911927$
2008-01-16 04:08 <REP> $NtUninstallKB913580$
2008-01-16 04:09 <REP> $NtUninstallKB914388$
2008-01-16 04:07 <REP> $NtUninstallKB914389$
2008-01-18 00:43 <REP> $NtUninstallKB914440$
2008-01-18 00:44 <REP> $NtUninstallKB915865$
2008-01-16 04:08 <REP> $NtUninstallKB916595$
2008-01-16 04:09 <REP> $NtUninstallKB917344$
2008-01-16 04:09 <REP> $NtUninstallKB918118$
2008-01-16 04:10 <REP> $NtUninstallKB918439$
2008-01-16 04:09 <REP> $NtUninstallKB919007$
2008-01-16 04:08 <REP> $NtUninstallKB920213$
2008-01-16 04:10 <REP> $NtUninstallKB920670$
2008-01-16 04:07 <REP> $NtUninstallKB920683$
2008-01-16 04:12 <REP> $NtUninstallKB920685$
2008-01-16 04:10 <REP> $NtUninstallKB920872$
2008-01-16 04:11 <REP> $NtUninstallKB921503$
2008-01-16 04:09 <REP> $NtUninstallKB922582$
2008-01-16 04:13 <REP> $NtUninstallKB922819$
2008-01-16 04:09 <REP> $NtUninstallKB923191$
2008-01-16 04:12 <REP> $NtUninstallKB923414$
2008-01-16 04:08 <REP> $NtUninstallKB923689$
2008-01-16 04:12 <REP> $NtUninstallKB923980$
2008-01-16 04:11 <REP> $NtUninstallKB924270$
2008-01-16 04:11 <REP> $NtUninstallKB924496$
2008-01-16 04:11 <REP> $NtUninstallKB924667$
2008-01-16 04:10 <REP> $NtUninstallKB925398_WMP64$
2008-05-21 19:23 <REP> $NtUninstallKB925720$
2008-01-16 04:10 <REP> $NtUninstallKB925902$
2008-01-18 19:04 <REP> $NtUninstallKB926239$
2008-01-16 04:09 <REP> $NtUninstallKB926255$
2008-01-16 04:10 <REP> $NtUninstallKB926436$
2008-01-16 04:13 <REP> $NtUninstallKB927779$
2008-01-16 04:13 <REP> $NtUninstallKB927802$
2008-01-16 04:11 <REP> $NtUninstallKB927891$
2008-01-16 04:12 <REP> $NtUninstallKB928255$
2008-01-16 04:07 <REP> $NtUninstallKB928843$
2008-01-16 04:10 <REP> $NtUninstallKB929123$
2008-01-19 09:01 <REP> $NtUninstallKB929399$
2008-01-16 04:09 <REP> $NtUninstallKB930178$
2008-01-16 04:08 <REP> $NtUninstallKB930916$
2008-01-16 04:11 <REP> $NtUninstallKB931261$
2008-01-16 04:12 <REP> $NtUninstallKB931784$
2008-01-16 04:09 <REP> $NtUninstallKB932168$
2008-01-16 04:12 <REP> $NtUninstallKB933729$
2008-01-16 04:12 <REP> $NtUninstallKB935448$
2008-01-16 04:08 <REP> $NtUninstallKB935839$
2008-01-16 04:08 <REP> $NtUninstallKB935840$
2008-01-16 04:11 <REP> $NtUninstallKB936021$
2008-01-16 04:11 <REP> $NtUninstallKB936357$
2008-01-19 09:00 <REP> $NtUninstallKB936782_WMP11$
2008-01-16 04:11 <REP> $NtUninstallKB936782_WMP9$
2008-01-16 04:12 <REP> $NtUninstallKB937894$
2008-01-16 04:08 <REP> $NtUninstallKB938127$
2008-11-29 16:12 <REP> $NtUninstallKB938464$
2008-01-16 04:11 <REP> $NtUninstallKB938828$
2008-01-16 04:11 <REP> $NtUninstallKB938829$
2008-01-19 09:01 <REP> $NtUninstallKB939683$
2008-01-16 04:09 <REP> $NtUninstallKB941202$
2008-01-16 04:09 <REP> $NtUninstallKB941568$
2008-01-16 04:09 <REP> $NtUninstallKB941569$
2008-01-16 04:11 <REP> $NtUninstallKB941644$
2008-05-21 19:23 <REP> $NtUninstallKB941693$
2008-01-16 04:08 <REP> $NtUninstallKB942615$
2008-01-16 04:09 <REP> $NtUninstallKB942763$
2008-01-16 04:12 <REP> $NtUninstallKB942840$
2008-02-13 10:00 <REP> $NtUninstallKB943055$
2008-01-18 00:43 <REP> $NtUninstallKB943460$
2008-01-16 04:13 <REP> $NtUninstallKB943460_0$
2008-01-16 04:08 <REP> $NtUninstallKB943485$
2008-01-16 04:07 <REP> $NtUninstallKB944653$
2008-05-21 19:23 <REP> $NtUninstallKB945553$
2008-02-13 10:01 <REP> $NtUninstallKB946026$
2008-01-17 01:24 <REP> $NtUninstallKB946627$
2008-08-13 07:59 <REP> $NtUninstallKB946648$
2008-05-21 19:23 <REP> $NtUninstallKB948590$
2008-05-21 19:23 <REP> $NtUninstallKB948881$
2008-05-21 19:23 <REP> $NtUninstallKB950749$
2008-07-27 21:09 <REP> $NtUninstallKB950760$
2008-07-27 21:09 <REP> $NtUninstallKB950762$
2008-08-13 07:58 <REP> $NtUninstallKB950974$
2008-08-13 07:54 <REP> $NtUninstallKB951066$
2008-08-13 07:56 <REP> $NtUninstallKB951072-v2$
2008-07-28 02:07 <REP> $NtUninstallKB951376-v2$
2008-07-27 21:10 <REP> $NtUninstallKB951698$
2008-07-27 21:06 <REP> $NtUninstallKB951748$
2008-07-28 02:05 <REP> $NtUninstallKB951978$
2008-08-13 07:55 <REP> $NtUninstallKB952287$
2008-08-13 07:59 <REP> $NtUninstallKB952954$
2008-08-13 07:59 <REP> $NtUninstallKB953839$
2008-11-29 16:08 <REP> $NtUninstallKB954154_WM11$
2008-11-29 18:24 <REP> $NtUninstallKB954211$
2008-11-29 18:18 <REP> $NtUninstallKB954459$
2008-11-29 18:17 <REP> $NtUninstallKB955069$
2008-11-29 18:26 <REP> $NtUninstallKB956391$
2008-11-29 18:26 <REP> $NtUninstallKB956803$
2008-11-29 18:21 <REP> $NtUninstallKB956841$
2008-11-29 18:25 <REP> $NtUninstallKB957095$
2008-11-29 18:20 <REP> $NtUninstallKB957097$
2008-11-29 18:18 <REP> $NtUninstallKB958644$
2008-01-18 19:04 <REP> $NtUninstallMSCompPackV1$
2008-04-01 07:38 <REP> $NtUninstallWIC$
2008-01-18 19:03 <REP> $NtUninstallWMFDist11$
2008-01-18 19:04 <REP> $NtUninstallwmp11$
2008-01-18 19:02 <REP> $NtUninstallWudf01000$
2008-04-01 07:41 <REP> $NtUninstallXPSEPSCLP$
2004-08-04 03:56 18 f7w7f7m7h7j5pf
2008-02-19 19:25 <REP> ftpcache
2008-01-18 00:46 <REP> ie7
2010-03-15 17:43 <REP> inf
2010-03-04 13:24 <REP> Installer
2008-05-10 16:25 <REP> PIF
2010-03-15 17:51 54 156 QTFont.qfn
2004-08-04 03:56 18 u8v1ffjoi8i1t7
2001-09-28 08:00 49 102 winnt.bmp
2001-09-28 08:00 49 102 winnt256.bmp
6 fichier(s) 153 145 octets
148 Rép(s) 112 325 009 408 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 10BE-1EE5
Répertoire de C:\WINDOWS\system32
2010-03-11 18:01 <REP> dllcache
2009-10-27 13:55 625 mmf(2).sys
2009-11-19 19:56 625 mmf(3).sys
2010-01-28 16:51 625 mmf(4).sys
2010-03-15 17:45 625 mmf.sys
2009-07-26 02:21 52 p3857302.pxf
2001-08-23 08:00 18 u8v1ffjoi8i1t7
13 fichier(s) 7 291 octets
1 Rép(s) 112 324 997 120 octets libres
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
userinit.exe
kernel32.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 2004
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16735 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16735 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16757 C:\WINDOWS\system32\ieframe.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x442b0000 0x3c000 7.00.6000.16735 C:\WINDOWS\system32\webcheck.dll
0x44160000 0x127000 7.00.6000.16735 C:\WINDOWS\system32\urlmon.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x60510000 0x19000 2.00.50727.3053 C:\WINDOWS\system32\dfshim.dll
0x79000000 0x46000 2.00.50727.3053 C:\WINDOWS\system32\mscoree.dll
0x78130000 0x9b000 8.00.50727.4053 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
0x79e70000 0x590000 2.00.50727.3053 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
0x00d10000 0x8000 1.00.0000.0002 C:\Program Files\VDOTool\TBPanelExt.dll
0x04ba0000 0xc44000 6.14.0011.9562 C:\WINDOWS\system32\nvcpl.dll
0x03600000 0x45000 6.14.0011.6371 C:\WINDOWS\system32\NVRSFR.DLL
0x04540000 0x10a000 6.14.0011.9562 C:\WINDOWS\system32\nvapi.dll
0x04750000 0x34000 6.14.0010.4935 C:\WINDOWS\system32\igfxpph.dll
0x01f90000 0x1a000 6.14.0010.4935 C:\WINDOWS\system32\hccutils.DLL
0x04890000 0x2d000 6.14.0010.4935 C:\WINDOWS\system32\igfxrFRA.lrc
0x057f0000 0x324000 6.14.0010.4935 C:\WINDOWS\system32\igfxress.dll
0x047e0000 0x11000 6.14.0010.4935 C:\WINDOWS\system32\igfxsrvc.dll
0x04800000 0x73000 6.14.0010.12537 C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
0x048c0000 0x14000 2.07.0003.0002 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
0x048e0000 0x56000 7.10.3052.0004 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
0x04940000 0x2e000 C:\Program Files\WinRAR\rarext.dll
0x04970000 0x14000 4.65.0000.0000 C:\Program Files\7-Zip\7-zip.dll
0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\wmvcore.dll
0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL
0x06b40000 0x106000 0.09.0001.0000 C:\WINDOWS\system32\lameACM.acm
0x43c10000 0x1d000 7.00.6000.16735 C:\WINDOWS\system32\URL.dll
0x4eb80000 0x1a6000 5.01.3102.5581 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll
0x14070000 0x1b000 11.00.5721.5145 C:\WINDOWS\system32\wmpshell.dll
0x00ec0000 0x18000 1.03.0000.0000 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
0x06490000 0x2a000 4.01.0000.0000 C:\Program Files\PowerISO\PWRISOSH.DLL
0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\system32\wshext.dll
0x36d30000 0x19000 11.00.5510.0000 C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 780
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x020b0000 0x3b000 1.07.0018.0007 C:\WINDOWS\system32\WgaLogon.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 10BE-1EE5
Répertoire de C:\WINDOWS\Downloaded Program Files
2010-03-04 13:05 <REP> .
2010-03-04 13:05 <REP> ..
2009-02-23 18:21 <REP> CONFLICT.1
2008-01-16 08:32 65 desktop.ini
2006-05-16 12:58 24 576 dwusplay.dll
2006-05-16 12:58 196 608 dwusplay.exe
2007-11-20 17:04 1 523 536 FP_AX_CAB_INSTALLER.exe
2010-02-18 14:47 2 789 install.log
2006-05-16 12:58 484 272 isusweb.dll
2008-04-25 05:02 1 060 jinstall-6u6.inf
2009-05-14 18:55 354 MySpaceUploader2.inf
2009-05-14 19:00 3 525 696 MySpaceUploader2.ocx
2006-06-20 15:44 117 560 PURen-us.dll
2007-01-09 08:30 110 592 PURfr-ca.dll
2009-09-05 02:49 144 QTPlugin.inf
2007-11-20 16:50 247 swflash.inf
2008-05-20 20:32 267 568 sysreqlab3.dll
2008-05-01 14:28 667 SysReqLab3.osd
2010-02-18 14:47 38 428 unagiuninst.exe
16 fichier(s) 6 294 162 octets
Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1
2009-02-23 18:21 <REP> .
2009-02-23 18:21 <REP> ..
2007-01-09 08:30 110 592 PURfr-ca.dll
1 fichier(s) 110 592 octets
Total des fichiers listés :
17 fichier(s) 6 404 754 octets
5 Rép(s) 112 324 988 928 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Turbine\\The Lord of the Rings Online\\lotroclient.exe"="C:\\Program Files\\Turbine\\The Lord of the Rings Online\\lotroclient.exe:*:Enabled:lotroclient"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"="C:\\Program Files\\Electronic Arts\\EADM\\Core.exe:*:Disabled:EA Download Manager"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"="C:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe:*:Enabled:Dragon Age Origins Game"
"C:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"="C:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher"
"C:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"="C:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"DisableRegistryTools"=dword:00000000
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-15 19:53:10
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:18a17542
"s1"=dword:a403b3af
"s2"=dword:16e709ad
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:0c,c7,f9,fa,72,36,f9,a8,08,a1,62,43,21,00,d8,26,c8,3e,66,30,c9,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ee,1e,f2,f2,57,88,68,78,8a,6c,b1,56,ce,dd,b2,49,00,..
"khjeh"=hex:24,ea,65,92,10,f6,6d,8c,ce,32,54,a8,0d,f1,8c,bf,cc,29,c5,7e,b8,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:c9,b9,88,c4,75,18,a9,14,ed,a2,55,66,44,a4,5b,17,dc,f7,5f,6d,67,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:9a,4b,51,4a,3a,34,63,c8,55,f9,00,e3,b7,ac,d4,c2,69,05,f7,2c,b6,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:0c,c7,f9,fa,72,36,f9,a8,08,a1,62,43,21,00,d8,26,c8,3e,66,30,c9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ee,1e,f2,f2,57,88,68,78,8a,6c,b1,56,ce,dd,b2,49,00,..
"khjeh"=hex:52,3d,d1,7e,e8,82,db,e2,0c,48,5b,72,0d,14,fd,ca,38,ab,37,31,fe,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:d0,00,ea,ea,37,8a,af,f0,8d,9a,b4,f8,87,cd,0c,93,9f,e0,00,76,81,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:0c,c7,f9,fa,72,36,f9,a8,08,a1,62,43,21,00,d8,26,c8,3e,66,30,c9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ee,1e,f2,f2,57,88,68,78,8a,6c,b1,56,ce,dd,b2,49,00,..
"khjeh"=hex:24,ea,65,92,10,f6,6d,8c,ce,32,54,a8,0d,f1,8c,bf,cc,29,c5,7e,b8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:c9,b9,88,c4,75,18,a9,14,ed,a2,55,66,44,a4,5b,17,dc,f7,5f,6d,67,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:9a,4b,51,4a,3a,34,63,c8,55,f9,00,e3,b7,ac,d4,c2,69,05,f7,2c,b6,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
376 - alg.exe
756 - csrss.exe
780 - winlogon.exe
828 - services.exe
840 - lsass.exe
1020 - svchost.exe
1084 - svchost.exe
1124 - svchost.exe
1328 - spoolsv.exe
1436 - svchost.exe
1476 - M-AudioTaskBarI
1480 - svchost.exe
1516 - Runservice.exe
1560 - svchost.exe
1776 - igfxsrvc.exe
1808 - rundll32.exe
1840 - cledx.exe
1884 - ctfmon.exe
2004 - explorer.exe
2860 - cmd.exe
Total number of processes = 21
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E4000 - \WINDOWS\system32\hal.dll
B85A8000 - \WINDOWS\system32\KDCOM.DLL
B84B8000 - \WINDOWS\system32\BOOTVID.dll
B7ED4000 - sptd.sys
B85AA000 - \WINDOWS\System32\Drivers\WMILIB.SYS
B7EBC000 - \WINDOWS\System32\Drivers\SPTD5005.SYS
B7E8D000 - ACPI.sys
B7E7C000 - pci.sys
B80A8000 - isapnp.sys
B8670000 - pciide.sys
B8328000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
B80B8000 - MountMgr.sys
B7E5D000 - ftdisk.sys
B85AC000 - dmload.sys
B7E37000 - dmio.sys
B8330000 - PartMgr.sys
B80C8000 - VolSnap.sys
B7E1F000 - atapi.sys
B80D8000 - disk.sys
B80E8000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
B7DFF000 - fltmgr.sys
B7DED000 - sr.sys
B80F8000 - PxHelp20.sys
B7DCF000 - TPkd.sys
B7DB8000 - KSecDD.sys
B7D2B000 - Ntfs.sys
B7CFE000 - NDIS.sys
B8108000 - sbp2port.sys
B8118000 - ohci1394.sys
B8128000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
B7CE4000 - Mup.sys
B81B8000 - \SystemRoot\system32\DRIVERS\intelppm.sys
B7288000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
B7274000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
B724C000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
B81C8000 - \SystemRoot\system32\DRIVERS\l1e51x86.sys
B8398000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
B7228000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
B83A0000 - \SystemRoot\system32\DRIVERS\usbehci.sys
B83B0000 - \SystemRoot\system32\DRIVERS\fdc.sys
B7214000 - \SystemRoot\system32\DRIVERS\parport.sys
B85B2000 - \SystemRoot\system32\DRIVERS\ASACPI.sys
B83C8000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
B83D8000 - \SystemRoot\system32\DRIVERS\mouclass.sys
B7203000 - \SystemRoot\system32\DRIVERS\serial.sys
B8598000 - \SystemRoot\system32\DRIVERS\serenum.sys
B81E8000 - \SystemRoot\system32\DRIVERS\imapi.sys
B81F8000 - \SystemRoot\system32\DRIVERS\cdrom.sys
B8208000 - \SystemRoot\system32\DRIVERS\redbook.sys
B7140000 - \SystemRoot\system32\DRIVERS\ks.sys
B70F6000 - \SystemRoot\System32\Drivers\dtscsi.sys
B70DE000 - \SystemRoot\System32\Drivers\SCSIPORT.SYS
B8687000 - \SystemRoot\system32\DRIVERS\audstub.sys
B8218000 - \SystemRoot\system32\drivers\MotuBus.sys
B8228000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
B7CC0000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
B70C7000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
B8238000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
B8248000 - \SystemRoot\system32\DRIVERS\raspptp.sys
B8418000 - \SystemRoot\system32\DRIVERS\TDI.SYS
B70B6000 - \SystemRoot\system32\DRIVERS\psched.sys
B8258000 - \SystemRoot\system32\DRIVERS\msgpc.sys
B8428000 - \SystemRoot\system32\DRIVERS\ptilink.sys
B8438000 - \SystemRoot\system32\DRIVERS\raspti.sys
B7086000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
B8268000 - \SystemRoot\system32\DRIVERS\termdd.sys
B85B8000 - \SystemRoot\system32\DRIVERS\swenum.sys
B7028000 - \SystemRoot\system32\DRIVERS\update.sys
B7C9C000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
B8278000 - \SystemRoot\system32\DRIVERS\cledx.sys
B7C94000 - \SystemRoot\system32\drivers\WmBEnum.sys
B8288000 - \SystemRoot\system32\drivers\WmXlCore.sys
B8298000 - \SystemRoot\System32\Drivers\NDProxy.SYS
B4D69000 - \SystemRoot\system32\drivers\viahduaa.sys
B4D45000 - \SystemRoot\system32\drivers\portcls.sys
B82A8000 - \SystemRoot\system32\drivers\drmk.sys
B82B8000 - \SystemRoot\system32\DRIVERS\usbhub.sys
B85C0000 - \SystemRoot\system32\DRIVERS\USBD.SYS
B8478000 - \SystemRoot\system32\DRIVERS\flpydisk.sys
B85C4000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
B86F7000 - \SystemRoot\System32\Drivers\Null.SYS
B85C8000 - \SystemRoot\System32\Drivers\Beep.SYS
B8498000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
B84A0000 - \SystemRoot\System32\drivers\vga.sys
B85CC000 - \SystemRoot\System32\Drivers\mnmdd.SYS
B85D0000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
B84B0000 - \SystemRoot\System32\Drivers\Msfs.SYS
B8378000 - \SystemRoot\System32\Drivers\Npfs.SYS
B7CB8000 - \SystemRoot\system32\DRIVERS\rasacd.sys
B4CAA000 - \SystemRoot\system32\DRIVERS\ipsec.sys
B4C51000 - \SystemRoot\system32\DRIVERS\tcpip.sys
B4C29000 - \SystemRoot\system32\DRIVERS\netbt.sys
B4C03000 - \SystemRoot\system32\DRIVERS\ipnat.sys
B4BE1000 - \SystemRoot\System32\drivers\afd.sys
B82D8000 - \SystemRoot\system32\DRIVERS\netbios.sys
B82E8000 - \SystemRoot\System32\Drivers\SCDEmu.SYS
B4B8E000 - \SystemRoot\system32\DRIVERS\rdbss.sys
B4B1E000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
B82F8000 - \SystemRoot\System32\Drivers\Fips.SYS
B85D4000 - \SystemRoot\system32\drivers\AsIO.sys
B83C0000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
B4ADB000 - \SystemRoot\system32\DRIVERS\mausbcv.sys
B4CF9000 - \SystemRoot\system32\DRIVERS\hidusb.sys
B71F3000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
B4AB7000 - \SystemRoot\System32\Drivers\Fastfat.SYS
B4CE9000 - \SystemRoot\system32\DRIVERS\kbdhid.sys
B4CE5000 - \SystemRoot\system32\DRIVERS\mouhid.sys
B4A9F000 - \SystemRoot\System32\Drivers\dump_atapi.sys
B85D8000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
B85A0000 - \SystemRoot\System32\drivers\Dxapi.sys
B83F0000 - \SystemRoot\System32\watchdog.sys
B71E3000 - \SystemRoot\system32\DRIVERS\wanarp.sys
BD000000 - \SystemRoot\System32\drivers\dxg.sys
B87FD000 - \SystemRoot\System32\drivers\dxgthk.sys
BD012000 - \SystemRoot\System32\nv4_disp.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
B46EB000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
B452A000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
B862E000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B8630000 - \SystemRoot\System32\Drivers\TBPanel.SYS
B4A4F000 - \SystemRoot\system32\drivers\ip6fw.sys
B442A000 - \SystemRoot\system32\drivers\tcpip6.sys
B4298000 - \SystemRoot\system32\DRIVERS\srv.sys
B425B000 - \SystemRoot\system32\drivers\wdmaud.sys
B4637000 - \SystemRoot\system32\drivers\sysaudio.sys
B83B8000 - \SystemRoot\System32\Drivers\TDTCP.SYS
B4215000 - \SystemRoot\System32\Drivers\RDPWD.SYS
B49FF000 - \SystemRoot\System32\Drivers\Cdfs.SYS
B3DE1000 - \SystemRoot\System32\Drivers\HTTP.sys
B866C000 - \??\C:\DOCUME~1\pc\LOCALS~1\Temp\mbr.sys
B86DC000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 133
Liste des programmes installes
7-Zip 4.65
Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
Access.Virus.Magic.Synth.Soundset
Access.Virus.Rob.Papen.Signatur.Sound.Set
Access.Virus.Virology.Soundset
Additive Synth 1.31 DEMO
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 7.0.9
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AKAI professional DCVocoder 1.0
Alchemy
AlgoMusic M42 Nebula v2 VSTi
AlgoMusic M51galaxy v1.1 VSTi
Antares Autotune VST RTAS TDM v5.08
Apple Software Update
Applied Acoustics Systems - Tassman 4 v4.1.3
Archiveur WinRAR
ARP2600 V 1.2
Artillery2
Arturia minimoog V v1.6
ASIO4ALL
Assistant de connexion Windows Live
Attansic Ethernet Utility
Attansic L1 Gigabit Ethernet Driver
AudioEase Altiverb VST RTAS v6.10
AudioEase Speakersphone VST RTAS v1.01
Audjoo Helix 1.0
AutoUpdate
AVIcodec (remove only)
Bass Station 1.50
BBE Sonic Sweet Bundle VST RTAS v1.0
Beta Bugs Chorrosive VST
Brainworx BX Control VST RTAS v1.0
Brainworx BX Digital VST v1.09
Cakewalk Rapture 1.2
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
CCleaner
Circle
Collab
Compadre Beatpuncher v1.1
Conectiv
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows Internet Explorer 7 (KB947864)
Correctif pour Windows XP (KB952287)
CrySonic nXstasy
DETAILERx32bit
DETAILERx32bit
DETAILERx32bit
Devastor 1.2.0
Dimension Pro 1.2
DirectWave
discoDSP Discovery Pro
DivX Converter
DivX Player
DivX Web Player
Dragon Age: Origins
DVD Shrink 3.2
EA Download Manager
EA Download Manager
East India Company and Pirate Bay Addon
Eastside UK pre-game Editor v2007.0.3
Edirol HQ Orchestral VSTi v1.03
Effectrix
ElastikVst
ElastikVst
Elevayta Extra Boy v4.91d VST
Elevayta Stream Boy v4.90d VST
Elevayta Wider Boy v4.92d VST
Elysia mpressor VST RTAS v1.0.2
Extreme 1.0
FabFilter Pro-C VST RTAS v1.10
FaceGen Modeller 3.1
Fatsondo 2.0
FilterBank v3.2
FL Studio 8
Flash to Video Encoder
FLUX Spring Pack Bundle v1.0.4.14
G-sonique Alien303 VSTi
G-sonique Renegade VSTi
GForce impOSCar v1.10 VSTi RTAS
GMediaMusic - Oddity VST2
Golden ASET Mythospheric Space Synthesizer VSTi
Hardcore
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hunting Unlimited 2009 1.0
IL Download Manager
IL Gross Beat
IL Harmless
IL Juice Pack
IL Ogun
IL Vocodex
iLok x32 driver
Image-Line PoiZone v2.1
Installation Windows Live
Installation Windows Live
Intel(R) Graphics Media Accelerator Driver
iZotope Ozone 3
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Junk Mail filter update
K-Lite Codec Pack 4.1.4 (Full)
KeyToSound - NexSyn 1.1 r16
Kinisis 1.0
KNOBSTER Bundle
KORG Legacy Collection - ANALOG EDITION 2007
KORG Legacy Collection - DIGITAL EDITION
Le Centre de Contrôle de Licences de Syncrosoft
Lecteur Windows Media 11
Lennar Digital Sylenth VSTi v1.2.1
LineUp v2.2
List_Kill'em 1.3.0.0
Loomer Aspect
LucasArts' Rogue Squadron
Luxonix Purity VSTi v1.1.2
LUXONIX ravity Bundle v1.4.3
Malwarebytes' Anti-Malware
Maximus
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Memory 1.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 Language Pack - fra
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC8 CRT for Loomer Applications
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual J# .NET Redistributable Package 1.1
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)
Mise à jour de sécurité pour Windows XP (KB923689)
Mise à jour de sécurité pour Windows XP (KB938464)
Mise à jour de sécurité pour Windows XP (KB941569)
Mise à jour de sécurité pour Windows XP (KB946648)
Mise à jour de sécurité pour Windows XP (KB950760)
Mise à jour de sécurité pour Windows XP (KB950762)
Mise à jour de sécurité pour Windows XP (KB950974)
Mise à jour de sécurité pour Windows XP (KB951066)
Mise à jour de sécurité pour Windows XP (KB951376-v2)
Mise à jour de sécurité pour Windows XP (KB951698)
Mise à jour de sécurité pour Windows XP (KB951748)
Mise à jour de sécurité pour Windows XP (KB952954)
Mise à jour de sécurité pour Windows XP (KB953839)
Mise à jour de sécurité pour Windows XP (KB954211)
Mise à jour de sécurité pour Windows XP (KB954459)
Mise à jour de sécurité pour Windows XP (KB955069)
Mise à jour de sécurité pour Windows XP (KB956391)
Mise à jour de sécurité pour Windows XP (KB956803)
Mise à jour de sécurité pour Windows XP (KB956841)
Mise à jour de sécurité pour Windows XP (KB957095)
Mise à jour de sécurité pour Windows XP (KB957097)
Mise à jour de sécurité pour Windows XP (KB958644)
Mise à jour pour Windows XP (KB951072-v2)
Mise à jour pour Windows XP (KB951978)
Module linguistique Microsoft .NET Framework 3.5 - fra
Monofilter v3.2.9
Mozilla Firefox (3.6)
MSN
MSVCRT
MSXML 6.0 Parser (KB933579)
N.I. Reaktor v5.1.1
Native Instruments Absynth 4
Native Instruments Akoustik Piano
Native Instruments FM8
Native Instruments Guitar Rig 3
Native Instruments Kontakt 4
Native Instruments Kontakt 4
Native Instruments Kontakt 4
Native Instruments Kontakt 4 Factory Content
Native Instruments Kontakt 4 Factory Content
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
Native Instruments Pro-53
Native Instruments Reaktor Session One
Native Instruments Vokator
Nero 7 Essentials
NHL Eastside Hockey Manager 2007
NHL® 09
NomadFactory Limiting Amplifier LM-662 VST RTAS v1.3
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA Photoshop Plug-ins
NVIDIA PhysX
NVIDIA WDM Drivers
Ohm Force - Mobilohm VST2
OhmForce Hematohm VST2
OhmForce Ohmboyz VST2
OhmForce Predatohm VST2
OpenAL
Overloud TH1 1.1.3 VST
PC Probe II
PCM Native Reverb VST Plug-in
PCM Native Reverb VST Plug-in
PDF Settings
Phoscyon 1.8.0
Pianoteq v2.2.0
PiLfIuS! 0.9
PoiZone
PowerDVD
PowerISO
PowerProducer
ProAudioDSP Dynamic Spectrum Mapper VST RTAS v1.3.2
Prosoniq OrangeVocoder v1.4
PSP Audioware Xenon VST RTAS v1.1.1
PSP MixPack2 2.0.3
PSP sQuad 1.5.1 32bit
PSP VintageWarmer 2.0.0
PunkBuster Services
QuickTime
Realtek High Definition Audio Driver
Reason 3.0
Reese Machine VSTi
ReFX JunoX2 VSTi v1.51
reFX quadraSID 1.6.0
Replay Media Catcher
rFactor
Rob Papen Predator V1.1.0
Robotronic
Sawer
Segoe UI
SEQ1
SEQ1 Master
SEQ2
SEQ2 Master
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 - Warlords
Sid Meier's Civilization 4
Sid Meier's Civilization 4
Sierra On-Line Games (Remove only)
SimSynth
SKYLIFE SampleRobot v3.0.1
Softube Metal Amp Room VST RTAS v1.1.5
Softube Trident A-Range VST RTAS v1.0.2
Softube Tube-Tech CL 1B VST RTAS v1.0.3
Softube Tube Delay VST RTAS v1.0.5
Sonicbytes Gat'R 1.1
SONiVOX DVI Electronica
Sonnox Oxford Inflator Native VST v1.5.1
Sonnox Oxford Limiter Native VST v1.1.1
Sonnox Oxford R3 Dynamics Native VST v1.3.1
Sonnox Oxford R3 EQ Native VST v1.6.1
Sonnox Oxford Reverb Native VST v1.0
Sony Preset Manager 2.0
Sony Sound Forge 8.0
Sony Vocal Eraser
SoundToys Native Effects VST RTAS v3.1.2
Spark FXMachine 2.1
SPL Analog Code EQ Rangers Volume One VST RTAS v1.1
SPL Analog Code MicroPlugs VST RTAS v1.1
SPL Analog Code Transient Designer VST RTAS v1.1
SPL Analog Code TwinTube Processor VST RTAS v1.1
SPL Analog Code Vitalizer MK2-T VST RTAS v1.1
Steinberg HALionOne
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg Hypersonic 2
Steinberg Nuendo 4
Steinberg Nuendo Expansion Kit
Steinberg VoiceMachine v1.0
Stelsi Virtual Synth 1.0
Stereoizer v2.7
Stereoplacer v2.4
SyncroSoft Emu (Remove only)
Sytrus
Tachyon Demo
TeamSpeak 2 RC2
The Lord of the Rings Online™: Shadows of Angmar™ v01.05.00.811
Tone2 Gladiator VSTi v2.2
Torq 1.5 (Build 029 - 22 Dec 2008)
Toxic Biohazard
TPKD Installer x32
TruePianos 1.5.0
TruePianos: Amber Module 1.4.0
TruePianos: Diamond Module 1.4.0
TruePianos: Emerald Module 1.4.0
TruePianos: Sapphire Module 1.4.0
TruePianos: Sapphire Module 1.4.0
Ugo Ironhead v1.5 VSTi
Ugo M-theory v1.0 VSTi
Ugo Metallurgy v1.5 VST
Ugo Tunguska v1.1 VST
Unique
unistallSpotter
URS Classic Console Strip Pro VST RTAS v1.0
V-Station 1.50
VDOTool 5.5
Vember Audio SURGE
VHR-09 Version 7.0
VHR09
Viewpoint Media Player
Vintage Vocoder 1.03 Build 1
Viral Outbreak v1.00 VSTi
Viral Outbreak v1.00 VSTi Demo
VirSyn TERA v3.0
Visualizer v1.9.0
Vogue
Voxengo Analogflux Suite 1.3
Voxengo Lampthruster VST 2.0
VRS-4040PI Vers.1.0
Waves API Collection
WD Diagnostics
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Mail
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WOW
WWAYM - NWSynth V1.3
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 10BE-1EE5
Répertoire de C:\Program Files
2010-03-15 17:43 <REP> .
2010-03-15 17:43 <REP> ..
2009-05-23 13:04 <REP> 7-Zip
2009-07-27 17:48 <REP> AAMS
2009-10-25 22:45 <REP> AAS
2009-08-11 20:19 <REP> Access.Virus.Magic.Synth.Soundset
2008-07-14 10:44 <REP> Adobe
2009-12-11 16:36 <REP> AGEIA Technologies
2009-07-26 01:45 <REP> AKAI professional M.I. Corp
2009-11-16 21:46 <REP> Antares Audio Technologies
2009-10-27 14:42 <REP> AnyToISO
2008-05-23 10:38 <REP> Apple Software Update
2009-10-27 14:06 <REP> Arturia
2009-03-21 22:10 <REP> ASIO4ALL v2
2008-02-12 21:30 <REP> ASUS
2008-01-16 08:53 <REP> Attansic
2010-03-04 13:15 <REP> Audacity 1.3 Beta (Unicode)
2008-01-19 23:20 <REP> Audio Ease
2008-01-18 19:18 <REP> AVIcodec
2010-02-04 06:57 <REP> BBE Sound
2008-01-17 15:47 <REP> BillP Studios
2009-12-25 21:15 <REP> Brainworx Music
2009-12-16 13:41 <REP> Cakewalk
2010-01-09 20:16 <REP> CCleaner
2008-01-17 18:19 <REP> Common Files
2008-11-29 17:26 <REP> Comodo
2008-01-16 08:30 <REP> ComPlus Applications
2008-07-18 06:06 <REP> CyberLink
2010-02-17 12:32 <REP> D16 Group
2010-01-30 01:00 <REP> D16 Group(2)
2001-12-31 22:53 <REP> DAEMON Tools
2009-12-31 23:48 <REP> Devine Machine
2010-03-04 13:07 <REP> Diablo II
2008-01-22 13:01 <REP> DIFX
2008-08-17 11:42 <REP> DivX
2009-12-11 16:29 <REP> Dragon Age
2009-05-29 15:46 <REP> DVD Shrink
2010-03-04 13:16 <REP> EA Sports
2009-09-08 12:27 <REP> Eastside UK
2008-02-09 14:40 <REP> EDIROL
2009-05-24 14:01 <REP> Electronic Arts
2009-01-18 17:00 <REP> Elevayta Creativity Tools
2010-01-28 01:51 <REP> Elysia
2010-01-30 13:07 <REP> EMI
2009-06-04 14:54 <REP> energy XT
2010-03-04 13:09 <REP> EzGenerator3
2009-01-18 16:57 <REP> FabFilter
2008-05-30 20:47 <REP> Fatsondo
2008-06-22 00:03 <REP> FAW
2010-03-08 22:37 <REP> Fichiers communs
2008-10-03 19:09 <REP> Firaxis Games
2009-12-25 21:19 <REP> Flux
2008-12-13 16:54 <REP> FriendBlasterPro
2009-09-28 21:30 <REP> FXpansion
2010-02-13 22:10 <REP> GeoVid
2010-01-28 03:25 <REP> GForce
2010-03-04 13:31 <REP> Google
2008-08-11 19:34 <REP> Hunting Unlimited 2009
2008-12-13 16:53 <REP> iCall
2010-01-17 02:30 <REP> Image-Line
2008-01-16 08:44 <REP> Intel
2009-09-27 15:11 <REP> InterLok
2008-11-29 18:25 <REP> Internet Explorer
2010-02-13 21:59 <REP> IVCsoft
2008-01-16 11:55 <REP> iZotope
2008-07-24 12:25 <REP> Java
2009-10-27 14:13 <REP> KeyToSound
2010-01-08 03:13 <REP> K-Lite Codec Pack
2010-02-18 13:52 <REP> KORG
2010-03-15 07:31 <REP> List_Kill'em
2010-02-16 18:56 <REP> Loomer
2009-08-28 19:55 <REP> LucasArts
2009-12-03 00:32 <REP> LUXONIX
2010-03-05 17:27 <REP> Malwarebytes' Anti-Malware
2009-05-31 17:35 <REP> M-Audio
2008-08-13 07:59 <REP> Messenger
2009-12-29 19:01 <REP> Microsoft
2008-01-16 08:33 <REP> microsoft frontpage
2008-01-16 08:41 <REP> Microsoft Office
2008-01-16 08:41 <REP> Microsoft.NET
2010-03-04 13:22 <REP> MOTU
2008-05-25 13:35 <REP> Movie Maker
2010-02-21 22:41 <REP> Mozilla Firefox
2008-04-01 07:40 <REP> MSBuild
2009-12-29 18:53 <REP> MSN
2008-01-16 08:29 <REP> MSN Gaming Zone
2008-04-01 07:38 <REP> MSXML 6.0
2010-01-17 02:28 <REP> Native Instruments
2008-01-16 08:03 <REP> Nero
2008-08-24 23:49 <REP> NetMeeting
2008-06-23 17:47 <REP> Nomad Factory
2009-12-02 11:18 <REP> NovaLogic
2009-11-24 01:21 <REP> NuGen Audio
2010-01-11 17:39 <REP> NVIDIA Corporation
2008-01-16 08:29 <REP> Online Services
2008-09-04 16:43 <REP> OpenAL
2009-11-16 21:49 <REP> Outlook Express
2009-03-21 22:07 <REP> Outsim
2009-12-20 14:15 <REP> Paradox Interactive
2010-03-04 13:25 <REP> Pcsx2
2008-06-23 23:44 <REP> Pianoteq 2.2
2009-12-29 19:58 <REP> PiLfIuS
2008-06-23 13:18 <REP> PowerISO
2010-02-23 22:21 <REP> Pro Audio DSP
2008-01-16 00:58 <REP> Propellerhead
2010-02-16 13:50 <REP> PSPaudioware
2010-02-23 15:03 <REP> QuickTime
2009-05-08 01:41 <REP> Realtek
2008-04-01 07:40 <REP> Reference Assemblies
2008-06-20 06:22 <REP> ReFX JunoX2
2010-02-24 13:42 <REP> Replay Media Catcher
2010-01-10 19:48 <REP> rFactor
2009-05-08 06:45 <REP> rgcaudio software
2008-07-10 17:52 <REP> Rob.Papen.Signatur.Sound.Set
2009-12-21 14:17 <REP> SEGA
2008-01-16 08:32 <REP> Services en ligne
2010-01-10 01:10 <REP> Singular Inversions
2009-12-30 12:57 <REP> SKYLIFE
2010-02-10 00:44 <REP> Softube
2009-10-02 01:52 <REP> Sonicism Digital Audio Solutions
2009-10-16 01:19 <REP> SONiVOX
2009-12-25 21:27 <REP> Sonnox
2008-01-16 16:40 <REP> Sony
2008-01-16 16:18 <REP> Sony Setup
2010-01-30 13:18 <REP> SoundPerformanceLab
2010-02-10 09:30 <REP> SoundToys
2008-10-05 16:17 <REP> Sports Interactive
2010-02-18 07:30 <REP> Steinberg
2010-02-16 18:53 <REP> StudioDevil
2009-10-29 22:46 <REP> Sugar Bytes
2010-03-15 17:43 <REP> Syncrosoft
2010-02-12 12:27 <REP> TC Electronic
2009-06-04 14:28 <REP> TcWo
Salut Martel80
Connais-tu la provenance de ses dossiers :
C:\WINDOWS\System32\Datei9 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei8 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei7 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei6 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei5 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei4 -->2010-03-15 18:35:44.....
Télécharge OTM (de Old_Timer) sur le bureau :
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
Double-clique sur OTM.exe sur le bureau
- Copie le texte qui se trouve en gras ci-dessous et colle le dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved
:files
c:\Documents and Settings\HelpAssistant\Local Settings\temp\A~NSISu_.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\B~NSISu_.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\C~NSISu_.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\EASOUNInstaller.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\eauninstall.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\GLB1A2B.EXE
c:\Documents and Settings\HelpAssistant\Local Settings\temp\Tiger Woods PGA TOUR 08_uninst.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\F.tmp
c:\Documents and Settings\HelpAssistant\Local Settings\temp\~nsu.tmp
:commands
[purity]
[emptytemp]
[reboot]
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTM
Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.
Poste le rapport de OTMoveIt qui se trouve dans C:\_OTM\MovedFiles.
@++ :)
Connais-tu la provenance de ses dossiers :
C:\WINDOWS\System32\Datei9 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei8 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei7 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei6 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei5 -->2010-03-15 18:35:44
C:\WINDOWS\System32\Datei4 -->2010-03-15 18:35:44.....
Télécharge OTM (de Old_Timer) sur le bureau :
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
Double-clique sur OTM.exe sur le bureau
- Copie le texte qui se trouve en gras ci-dessous et colle le dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved
:files
c:\Documents and Settings\HelpAssistant\Local Settings\temp\A~NSISu_.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\B~NSISu_.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\C~NSISu_.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\EASOUNInstaller.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\eauninstall.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\GLB1A2B.EXE
c:\Documents and Settings\HelpAssistant\Local Settings\temp\Tiger Woods PGA TOUR 08_uninst.exe
c:\Documents and Settings\HelpAssistant\Local Settings\temp\F.tmp
c:\Documents and Settings\HelpAssistant\Local Settings\temp\~nsu.tmp
:commands
[purity]
[emptytemp]
[reboot]
- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTM
Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.
Poste le rapport de OTMoveIt qui se trouve dans C:\_OTM\MovedFiles.
@++ :)
All processes killed
========== FILES ==========
c:\Documents and Settings\HelpAssistant\Local Settings\temp\A~NSISu_.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\B~NSISu_.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\C~NSISu_.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\EASOUNInstaller.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\eauninstall.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\GLB1A2B.EXE moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\Tiger Woods PGA TOUR 08_uninst.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\F.tmp folder moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\~nsu.tmp folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: HelpAssistant
->Temp folder emptied: 4870732 bytes
->Temporary Internet Files folder emptied: 39416861 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 15260327 bytes
->Flash cache emptied: 8171 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 114822 bytes
->Flash cache emptied: 405 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: pc
->Temp folder emptied: 9823556 bytes
->Temporary Internet Files folder emptied: 993007900 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40164158 bytes
->Flash cache emptied: 1965735 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 31138038 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1290008316 bytes
Total Files Cleaned = 2 313,00 mb
OTM by OldTimer - Version 3.1.10.1 log created on 03182010_203837
Files moved on Reboot...
C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\3EUHBK2P\affich-16878351-gros-virus-qui-gele-mon-ordinateur[1].htm moved successfully.
C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
Registry entries deleted on Reboot...
========== FILES ==========
c:\Documents and Settings\HelpAssistant\Local Settings\temp\A~NSISu_.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\B~NSISu_.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\C~NSISu_.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\EASOUNInstaller.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\eauninstall.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\GLB1A2B.EXE moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\Tiger Woods PGA TOUR 08_uninst.exe moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\F.tmp folder moved successfully.
c:\Documents and Settings\HelpAssistant\Local Settings\temp\~nsu.tmp folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: HelpAssistant
->Temp folder emptied: 4870732 bytes
->Temporary Internet Files folder emptied: 39416861 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 15260327 bytes
->Flash cache emptied: 8171 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 114822 bytes
->Flash cache emptied: 405 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: pc
->Temp folder emptied: 9823556 bytes
->Temporary Internet Files folder emptied: 993007900 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40164158 bytes
->Flash cache emptied: 1965735 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 31138038 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1290008316 bytes
Total Files Cleaned = 2 313,00 mb
OTM by OldTimer - Version 3.1.10.1 log created on 03182010_203837
Files moved on Reboot...
C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\Content.IE5\3EUHBK2P\affich-16878351-gros-virus-qui-gele-mon-ordinateur[1].htm moved successfully.
C:\Documents and Settings\pc\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
Registry entries deleted on Reboot...
Salut Martel80
Télécharge SystemLook sur ton Bureau :
http://jpshortstuff.247fixes.com/SystemLook.exe
- Double-clique sur SystemLook.exe pour le lancer.
- Copie le contenu en gras ci-dessous et colle-le dans la zone texte de SystemLook :
:dir
C:\WINDOWS\System32\Datei9 /s
C:\WINDOWS\System32\Datei8 /s
- Clique sur le bouton Look pour démarrer l'examen.
- A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
@++ :)
Télécharge SystemLook sur ton Bureau :
http://jpshortstuff.247fixes.com/SystemLook.exe
- Double-clique sur SystemLook.exe pour le lancer.
- Copie le contenu en gras ci-dessous et colle-le dans la zone texte de SystemLook :
:dir
C:\WINDOWS\System32\Datei9 /s
C:\WINDOWS\System32\Datei8 /s
- Clique sur le bouton Look pour démarrer l'examen.
- A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
@++ :)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut Martel80
- Double-clique sur SystemLook.exe pour le lancer.
- Copie le contenu en gras ci-dessous et colle-le dans la zone texte de SystemLook :
:filefind
C:\WINDOWS\System32\Datei9 /md5
- Clique sur le bouton Look pour démarrer l'examen.
- A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
@++ :)
- Double-clique sur SystemLook.exe pour le lancer.
- Copie le contenu en gras ci-dessous et colle-le dans la zone texte de SystemLook :
:filefind
C:\WINDOWS\System32\Datei9 /md5
- Clique sur le bouton Look pour démarrer l'examen.
- A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
@++ :)
Salut Martel80
On va refaire une réparation de Windows XP avec le CD mais différemment :
http://www.informatruc.com/reparer-windows-xp-2
@++ :)
On va refaire une réparation de Windows XP avec le CD mais différemment :
http://www.informatruc.com/reparer-windows-xp-2
@++ :)
Salut Martel80
Peut-être débrancher tes périphériques, imprimante, clé usb, scanner, etc...
@++ :)
Peut-être débrancher tes périphériques, imprimante, clé usb, scanner, etc...
@++ :)
J'ai fait un scan de mes disque avec malwarebytes !!
Voici le resultats :
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3827
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
2010-04-07 10:11:53
mbam-log-2010-04-07 (10-11-53).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 517844
Temps écoulé: 3 hour(s), 8 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Not selected for removal.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\poof (Rootkit.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Mes documents\Torrent Downloads\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Not selected for removal.
Voici le resultats :
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3827
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
2010-04-07 10:11:53
mbam-log-2010-04-07 (10-11-53).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 517844
Temps écoulé: 3 hour(s), 8 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Not selected for removal.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\poof (Rootkit.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Mes documents\Torrent Downloads\Tiger Woods PGA Tour 08 (PC) with Crack + Keygen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\antiwpa.dll (Trojan.I.Stole.Windows) -> Not selected for removal.
Salut,
antiwpa.dll montre que tu utilises une version de XP qui n'est pas authentique (modifié pour ne pas s'activer) Donc sa peux venir de la .
J'ai le même problème viahduaa.sys qui plante windows (écran bleu) avec virtual PC.
Mais XP n'a pas encore été activé (30 jours avant expiration) .Je n'ai pas fait suffisamment de tests pour savoir si sa plante ailleurs, ce n'est pas bon signe.Config carte mère Asrock Quad core 2 gigas de ram kingston .
antiwpa.dll montre que tu utilises une version de XP qui n'est pas authentique (modifié pour ne pas s'activer) Donc sa peux venir de la .
J'ai le même problème viahduaa.sys qui plante windows (écran bleu) avec virtual PC.
Mais XP n'a pas encore été activé (30 jours avant expiration) .Je n'ai pas fait suffisamment de tests pour savoir si sa plante ailleurs, ce n'est pas bon signe.Config carte mère Asrock Quad core 2 gigas de ram kingston .
GetSystemInfo.exe C:\Documents and Settings\pc\Bureau Probablement BACKDOOR.Trojan Quarantaine.
Fport.exe C:\Documents and Settings\pc\Bureau\DiagHelp Program.FPort.20 Quarantaine.
pslist.exe C:\Documents and Settings\pc\Bureau\DiagHelp Program.PsList.126 Quarantaine.
Proc_end.exe C:\Program Files\List_Kill'em Tool.Prockill Irréparable.Quarantaine.
A0210324.dll C:\System Volume Information\_restore{D0AD6FB7-A464-498C-B6DE-1926A0C7069D}\RP240 Trojan.Virtumod.448 Supprimé.
A0232609.exe/data002\{app}\Proc_end.exe C:\System Volume Information\_restore{D0AD6FB7-A464-498C-B6DE-1926A0C7069D}\RP241\A0232609.exe/data002 Tool.Prockill
data002 C:\System Volume Information\_restore{D0AD6FB7-A464-498C-B6DE-1926A0C7069D}\RP241 L'archive contient des éléments infectés
A0232609.exe C:\System Volume Information\_restore{D0AD6FB7-A464-498C-B6DE-1926A0C7069D}\RP241 Conteneur comporte des objets infectés Quarantaine.
A0056453.dll C:\System Volume Information\_restore{D0AD6FB7-A464-498C-B6DE-1926A0C7069D}\RP94 Probablement MULDROP.Trojan Quarantaine.