Analyse Hijack...
Résolu
Kiriko
Messages postés
6
Statut
Membre
-
Darckiller Messages postés 835 Date d'inscription Statut Membre Dernière intervention -
Darckiller Messages postés 835 Date d'inscription Statut Membre Dernière intervention -
Bonjour !!! Avant tout, Merci à quiconque voudra bien se pencher sur mon problème.
Voilà, mon ordinateur (400 Mhz, Windows 2000, 640Mo de ram) n'est pas opérationnel pendanr de longues minutes après le démarrage. L'UC est à 100% et semble être accaparé par Outpost Firewall pendant cette periode (% UC et non pas mémoire).
Voici des rapports HijackThis, DiagHelp et Blacklight :
J'ai précédemment appliqué Navipromo, BFU, et ATF Cleaner
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:32:36, on 31/08/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Trend Micro\HijackThis\check.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - Global Startup: Raccourci vers Connexion au réseau local.lnk = ?
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - (no file)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN
--
End of file - 2187 bytes
icon_confused.gif
DiagHelp version v1.1.2 - http://www.malekal.com
excute le ven. 31/08/2007 à 1:35:17,26
Liste des derniers fichies modifies/crees dans windir\system32
C:\WINDOWS\System32/drivers\amon.sys -->13/08/2007 04:47:33
C:\WINDOWS\System32/drivers\nod32drv.sys -->13/08/2007 04:47:31
C:\WINDOWS\System32/drivers\cdr4_2k.sys -->11/08/2007 16:47:45
C:\WINDOWS\System32/drivers\DefragFs.sys -->13/03/2007 12:18:22
C:\WINDOWS\System32/drivers\PalmUSBD.sys -->04/11/2006 03:11:06
C:\WINDOWS\System32/drivers\nwrdr.sys -->01/09/2006 06:57:48
C:\WINDOWS\System32/drivers\fltmgr.sys -->22/08/2006 12:48:40
C:\WINDOWS\System32\OODBS.lor -->31/08/2007 00:40:13
C:\WINDOWS\System32\nvapps.xml -->29/08/2007 10:33:58
C:\WINDOWS\System32\Perflib_Perfdata_2c0.dat -->20/08/2007 12:51:47
C:\WINDOWS\System32\Perflib_Perfdata_29c.dat -->18/08/2007 22:28:20
C:\WINDOWS\System32\Perflib_Perfdata_2ac.dat -->18/08/2007 11:40:07
C:\WINDOWS\System32\Perflib_Perfdata_2a0.dat -->17/08/2007 05:44:47
C:\WINDOWS\System32\Perflib_Perfdata_294.dat -->15/08/2007 11:18:14
C:\WINDOWS\System32\Perflib_Perfdata_288.dat -->14/08/2007 12:26:53
C:\WINDOWS\System32\Perflib_Perfdata_2a4.dat -->14/08/2007 09:42:40
C:\WINDOWS\System32\Perflib_Perfdata_278.dat -->14/08/2007 00:44:46
C:\WINDOWS\System32\Perflib_Perfdata_280.dat -->13/08/2007 20:07:00
C:\WINDOWS\System32\Perflib_Perfdata_290.dat -->13/08/2007 11:32:12
C:\WINDOWS\System32\Perflib_Perfdata_284.dat -->13/08/2007 10:58:35
C:\WINDOWS\System32\Perflib_Perfdata_298.dat -->13/08/2007 10:33:27
C:\WINDOWS\System32\imon.dll -->13/08/2007 04:47:36
C:\WINDOWS\System32\Perflib_Perfdata_274.dat -->13/08/2007 03:49:52
C:\WINDOWS\System32\Perflib_Perfdata_270.dat -->13/08/2007 03:19:04
C:\WINDOWS\System32\Perflib_Perfdata_26c.dat -->13/08/2007 02:53:46
C:\WINDOWS\System32\Perflib_Perfdata_25c.dat -->12/08/2007 20:08:30
C:\WINDOWS\System32\Perflib_Perfdata_28c.dat -->12/08/2007 17:55:16
C:\WINDOWS\System32\BASSMOD.dll -->12/08/2007 10:55:19
C:\WINDOWS\System32\pwdremover.dat -->11/08/2007 12:39:29
C:\WINDOWS\System32\MRT.exe -->03/08/2007 06:34:10
C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06
C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52
C:\WINDOWS\transp.gif -->31/08/2007 00:42:20
C:\WINDOWS\WindowsUpdate.log -->31/08/2007 00:35:38
C:\WINDOWS\IEPatchUninstall.log -->31/08/2007 00:34:53
C:\WINDOWS\Sti_Trace.log -->31/08/2007 00:31:35
C:\WINDOWS\ntbtlog.txt -->31/08/2007 00:24:18
C:\WINDOWS\SchedLgU.Txt -->31/08/2007 00:19:22
C:\WINDOWS\ODBC.INI -->29/08/2007 11:52:00
C:\WINDOWS\NeroDigital.ini -->29/08/2007 02:27:09
C:\WINDOWS\system.ini -->28/08/2007 00:53:58
C:\WINDOWS\verypdf.ini -->11/08/2007 12:40:27
C:\WINDOWS\gswin32.ini -->11/08/2007 12:12:46
C:\WINDOWS\winDecrypt.INI -->08/08/2007 13:06:31
C:\WINDOWS\win.ini -->26/07/2007 17:09:24
C:\WINDOWS\winamp.ini -->09/07/2007 02:43:22
C:\WINDOWS\hpothb07.dat -->24/06/2007 18:24:59
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\WINDOWS\system
06/04/1999 16:45 38 672 MAPISRVR.EXE
11/07/1997 12:37 11 856 MVTHKSVR.EXE
14/08/2002 16:03 4 672 WOWPOST.EXE
3 fichier(s) 55 200 octets
0 Rép(s) 5 926 201 856 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\WINDOWS\system32
19/06/2003 21:05 5 392 CSRSS.EXE
1 fichier(s) 5 392 octets
0 Rép(s) 5 926 201 344 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\WINDOWS\Downloaded Program Files
04/09/2006 15:36 <DIR> .
04/09/2006 15:36 <DIR> ..
24/10/2001 18:52 237 actsetup.inf
15/06/2004 05:13 226 cc.inf
14/10/2002 02:56 65 desktop.ini
14/10/1997 18:52 697 DirectAnimation Java Classes.osd
26/08/2003 08:12 1 096 iuctl.inf
03/06/2005 04:49 752 jinstall-1_5_0_04.inf
20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd
29/06/2005 17:17 227 opuc.inf
09/10/2003 10:32 144 QTPlugin.inf
17/04/2000 23:22 2 203 SG726ACM.inf
27/08/2005 14:30 5 065 swflash.inf
24/09/1998 17:24 111 616 tdserver.ocx
02/11/2005 19:01 1 777 xscan.inf
02/11/2005 19:07 435 712 xscan53.ocx
07/11/2004 15:29 1 206 yinst.inf
07/11/2004 15:29 173 168 yinsthelper.dll
16 fichier(s) 735 353 octets
Total des fichiers listés :
16 fichier(s) 735 353 octets
2 Rép(s) 5 926 200 832 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\rcu~x.exe"="%windir%\\system32\\rcu~x.exe:*:Enabled:@xpsp2res.dll,-22019"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
Rechercher adresses sensibles dans le fichier HOSTS...
REGEDIT4
[taskmgr.exe]
catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-31 01:51:27
Windows 5.0.2195 Service Pack 4 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG08.00.00.01WORKSTATION"="C57B6608B035F2BED645A9A06045C33BC6B5B30A4874FEBC9E127BECC74CFEBC9E127BECC74
CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E66
7A2D97226D213B555BA7FD869164D67949DB7CE019D40AA5C32611429638C80AB536BA79020513F6
C47652CAEC2A499C72A3005CDE6A45F5A90429E3D7896BEAF9517229CBD35483A6CEEC47BF95E031
D0A55A04E187D0C43D9839C28EC59CE470409EB548423BEB0C6C7142B7DD932F459C589D07E86405
564C25BA62BB4338687A86BA83D538FA6EFC8B6041BD01F0B02E5381087921B538B10CA08633A575
109D5279F7B370DC905BB6FDF62AE25F2F10BC6DC652E20D12DEEFEB108300665FA5ECE528F716B1
8A45C232DA993808E1A01F3990F15B5BC2BD6AD1ACF116F504F89326E95D9456674DE5DEC0955D59
87086A23D3FB9AACF6FB5B5CF360DA8F37D0F4634E6FB96DB1D68CAB6DE7B299C6ECFD9D2F141AA1
F616815717A84A908021DA379241742F34C14BDB4CA42E67B1282C47A6B054A0EF047F0B3A0104F9
7DCD38729329E0D80316E2CA5B39BDBEBDBBAB167B09281579016105F6E785A8190C8533DB93A9FA
281F92FDA42AA3CF3538514E00C2C2B88B793DE4FEFBC6DF725838AC925468853F4AC85BA62C81DF
1806983428CC608045FEEECF5740F1281A78357732652B8DEC87111C046827996F1D93979030B39F
E864CEED58D57B579A5388572AF2006E43E25D679E317AF653AC3940C8558C88332C2BB08942FA68
EB3860894FAA82957981B0208F17D81396C851A8F703F1F6FE5E050B823649BC369C8F0BB0417BF0
021185FA1705B163DA472EDAFDE050EF4AEA34B2719FA2A6F62CAFBDC0A4ACA7BA4D6E2131F8F77F
2FE52DD2BB52447181A81F22A19A8D13C3ECD84819157B036F3841F38822914AE1EDE575798C8E33
4B9E02C270BD7F02AA1088AC5E2843BF6E2445084E46D3F1AA6476C1974555EF7269D851C1927CC0
AB2A0B4DC8B4E95D44BABD4FD53D4ADB043AE556CF45F16E2F9892C1933690D049E35CB0A596252B
A0A442C3F1E0C7A44A1ACECE10DAF4E4B5267F6410C25BD121357BBA7E1A668E8FC0DFE765BF225F
8724CB19B73452F5C536FDACE1B955104450C16227CB1AE730C7795E4E21F0E48EB8CC651A2CF431
222CDF68C1CA79A7BECCB8FFC46CD64C19E69DDE1D3D77D7EC760F2CC57B67AC0EAA188DA0D7ED27
0C48480CA9F7C299021BC69578D1A1D3DC3ADA0EE1591A70BDA01F42FB17095AC8C96E6362BF0056
D84C06F4436977A77A0505F2CA12F82EB267143119009E2CF08D6E27C52905F3E3D36493A373389F
62598E108051127320371209CF506204C000E39EE4079063AC3D374DEBC0620D81AC700A1916C947
FABEE5A02EFDA96E7BEFAD3F2E5F9A9EC95C393EDB75D780E4F16"
"OOCC06.00.00.01WSSV"="E87BD718E944754098BD09DD37761FDA9A801AF974169A340D8405B2239A8FBBFB84729C6CD
0B5754CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127
BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6A0AC4980AC79335D575E7D6A3B9808A2D97226D
213B555696692ED8ED21CA98CB4363691059BB210B7D1266EF2950F5DE0F45B83FCF7C6EF84DF661
3E55F5DA067C90D1EC928B38728AFCC45EB02B1657238B644D89F532802A796F4CA6EEA747961E96
6EB624C4805772D885FD137254ED2ECD721D91BD0456336AFAE61A628AC5D4A98061E28728A1427B
273AFBC5C4DD9622BA94BD2EE60ECCFC2B2767A9E74827BE2A7CF066CA754F048446BF514FDC1513
23CBBC247210743326B8EE380F5FBA3FBD012B6DE8269914DDEF62B942167C763131747668454428
661AC733B8E56B81BF82222B6F2E967CA48EA37EB2C0A26B85E6C4F9A3DDFD24A93FA4F7CCD0387F
D89E14124865123CFF600086DC7CDA4314270E0F7B213D08DF046AF3BF6572E6560D7A21F7C7DC76
ED516A2AED3B8CA4FD77A93557E406B645F80E12E810D2394CE2E695D4930B03A43B09E89DF38771
AAA0893CDEE9AA465B8BC485098C0AB541DB14B5F161108CE9275A49CB1195B1BB936A1C0083C54A
BC835D7E31C746572035491E3BF29D0C88BB0F6C94411FD627ACA90507E1F23D8D0C699EC208D3FB
FB0AC9C7056E8DE4AE8506737C236B702D3AE4A64BD26129086F0A9B1EA55FC8F4575DCCE1F20DA7
8D866DCCE9184379023EACA286514F27892D93B3FF8F936BB598A590C9086417D7E2C533F435AFD2
9B632220BC592EBBD11CA9367F90BD721F66FACF8D8376307727B5A7BA37C61E9D3D5F43F66ACF78
F14AF89BCD07F209E99C983AB592FE6463ED294B7AE120CF5B150F93D0253E722A01A8D9616B0A39
9B562237B24D143F062D4B96F97A57A737DBB00BF875B5BABAF3E1F1313DB4AFB30A8DE8704E444C
1504994DFC2A77F0D56596545187C4B69AE7553904921CE3164AD222FF4938D746F9A848C49EBC07
2508A9E918C53821B7DBCD334EB08432A1F27EB19A5EB91CC9AD7FC3AF8A738D4F35A342B6C609E0
3F1B45EE662F809DB22EFCC2EFCDE1A0F22B30673D477336B3DF2435E788993E9542244534840D83
E24056D1B92C5C384C706B986905BD2F01BA47AB82314A61AE26F696A6C11BECE4F08065033D800F
BC348470616B60EA4F163A00F112E73E4CD2749DFD3009A0E414065055F379247BE99F34804CF2FC
79BC78BF61F696A1D3AFAEE2C33869E000D166EAFCAE214BA5ABE9466AA53D1A2E10C27CC5BB74A9
A41C17D0C7A02542D379897905EC2F231291C953F8F4F69FD859076AF86F32E397071297EC4B3982
33AF969A6B721ED07303E75F36D383CAA3B5A8B0298D87E584729"
scanning hidden files ...
scan completed successfully
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitInListHead and KiWaitOutListHead
8 - System
148 - SMSS.EXE
176 - CSRSS.EXE
196 - WINLOGON.EXE
224 - SERVICES.EXE
236 - LSASS.EXE
408 - svchost.exe
444 - LEXBCES.EXE
472 - spoolsv.exe
504 - svchost.exe
572 - nod32krn.exe
592 - outpost.exe
612 - mstask.exe
632 - tcpsvcs.exe
640 - check.exe
668 - SNMP.EXE
712 - WinMgmt.exe
808 - svchost.exe
852 - msdtc.exe
908 - explorer.exe
1192 - nod32kui.exe
1232 - TASKMGR.EXE
1284 - CMD.EXE
1316 - fsbl.exe
1320 - firefox.exe
Total number of processes = 25
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
80400000 - \WINDOWS\System32\ntoskrnl.exe
80001000 - \WINDOWS\System32\hal.dll
EB810000 - \WINDOWS\System32\BOOTVID.dll
EB400000 - pci.sys
EB410000 - isapnp.sys
EB900000 - intelide.sys
EB680000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
EB688000 - MountMgr.sys
BFFE3000 - ftdisk.sys
EB902000 - Diskperf.sys
EB9C8000 - \WINDOWS\System32\Drivers\WMILIB.SYS
EB904000 - dmload.sys
BFFC1000 - dmio.sys
EB814000 - PartMgr.sys
BFFB0000 - precsim.sys
BFF9D000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
BFF87000 - atapi.sys
EB818000 - aha154x.sys
EB690000 - disk.sys
EB420000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
BFF65000 - fltmgr.sys
EB698000 - PxHelp20.sys
BFF53000 - KSecDD.sys
BFF40000 - DefragFS.sys
BFEC2000 - Ntfs.sys
BFE98000 - NDIS.sys
BFE82000 - Mup.sys
BFD87000 - btkrnl.sys
EB6A0000 - agp440.sys
BFD47000 - \SystemRoot\system32\DRIVERS\ks.sys
EB450000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
EB874000 - \SystemRoot\system32\DRIVERS\PMJ151NM.sys
EB9CF000 - \SystemRoot\System32\DRIVERS\audstub.sys
EB460000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
EB880000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
BFD30000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
EB890000 - \SystemRoot\System32\DRIVERS\TDI.SYS
EB470000 - \SystemRoot\System32\DRIVERS\raspptp.sys
EB6C8000 - \SystemRoot\System32\DRIVERS\ptilink.sys
EB6D8000 - \SystemRoot\System32\DRIVERS\raspti.sys
EB480000 - \SystemRoot\system32\DRIVERS\btwdndis.sys
EB89C000 - \SystemRoot\System32\DRIVERS\NtApm.sys
EB4A0000 - \SystemRoot\System32\DRIVERS\parallel.sys
EB4B0000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
BFAC6000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
BFAA1000 - \SystemRoot\system32\drivers\portcls.sys
EB700000 - \SystemRoot\system32\drivers\cm8330sb.sys
EB718000 - \SystemRoot\system32\drivers\cm8330.sys
EB728000 - \SystemRoot\System32\DRIVERS\cdrom.sys
EB730000 - \SystemRoot\System32\Drivers\incdrm.SYS
EB738000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
EB758000 - \SystemRoot\System32\DRIVERS\USBD.SYS
EB740000 - \SystemRoot\System32\DRIVERS\uhcd.sys
EB768000 - \SystemRoot\System32\DRIVERS\openhci.sys
BFA57000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
EB780000 - \SystemRoot\System32\DRIVERS\usbehci.sys
EB790000 - \SystemRoot\System32\DRIVERS\RTL8139.SYS
EB7A0000 - \SystemRoot\system32\DRIVERS\btport.sys
EB9EA000 - \SystemRoot\System32\DRIVERS\swenum.sys
BFA2C000 - \SystemRoot\System32\DRIVERS\update.sys
EB4C0000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
EB7B8000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
EB7C8000 - \SystemRoot\System32\DRIVERS\parport.sys
EB4D0000 - \SystemRoot\System32\DRIVERS\serial.sys
EB8B8000 - \SystemRoot\System32\DRIVERS\serenum.sys
EB7E0000 - \SystemRoot\System32\DRIVERS\fdc.sys
EB7F0000 - \SystemRoot\System32\DRIVERS\mouclass.sys
EB4E0000 - \SystemRoot\System32\Drivers\NDProxy.SYS
EB800000 - \SystemRoot\System32\Drivers\EFS.SYS
EB500000 - \SystemRoot\System32\DRIVERS\usbhub.sys
EB510000 - \SystemRoot\System32\DRIVERS\usbhub20.sys
EB520000 - \SystemRoot\System32\Drivers\AFS2K.SYS
EB530000 - \SystemRoot\System32\Drivers\Cdr4_2K.SYS
EB6E8000 - \SystemRoot\System32\Drivers\Cdralw2k.SYS
EB90E000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
EBA02000 - \SystemRoot\System32\Drivers\Null.SYS
EBA04000 - \SystemRoot\System32\Drivers\Beep.SYS
EB6F8000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
EB8E8000 - \SystemRoot\System32\drivers\vga.sys
EBA0A000 - \SystemRoot\System32\Drivers\mnmdd.SYS
EB918000 - \??\C:\WINDOWS\system32\Drivers\InCDFatRec.sys
EB8EC000 - \SystemRoot\System32\Drivers\InCDrec.SYS
BE9F3000 - \SystemRoot\System32\Drivers\InCDfs.SYS
EB710000 - \SystemRoot\System32\Drivers\Msfs.SYS
EB540000 - \SystemRoot\System32\Drivers\Npfs.SYS
EB91E000 - \SystemRoot\System32\DRIVERS\rasacd.sys
BE904000 - \SystemRoot\System32\DRIVERS\tcpip.sys
EB550000 - \SystemRoot\System32\DRIVERS\msgpc.sys
EB760000 - \SystemRoot\System32\DRIVERS\wanarp.sys
BE8AF000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS
EB560000 - \SystemRoot\System32\DRIVERS\ipfltdrv.sys
BE884000 - \SystemRoot\System32\DRIVERS\netbt.sys
EB570000 - \SystemRoot\System32\DRIVERS\netbios.sys
BE821000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS
BE7F7000 - \SystemRoot\System32\DRIVERS\rdbss.sys
EB926000 - \SystemRoot\system32\drivers\nod32drv.sys
BE77F000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
A0000000 - \??\C:\WINDOWS\system32\win32k.sys
BD5C5000 - \SystemRoot\System32\nv4_disp.dll
BD3B1000 - \SystemRoot\System32\drivers\ws2ifsl.sys
BD265000 - \SystemRoot\System32\drivers\afd.sys
EB9B4000 - \SystemRoot\System32\Drivers\ParVdm.SYS
BD122000 - \SystemRoot\system32\drivers\amon.sys
BD2B9000 - \SystemRoot\System32\Drivers\Aspi32.SYS
EB6B8000 - \??\C:\WINDOWS\system32\drivers\btserial.sys
BD0E8000 - \SystemRoot\system32\drivers\wdmaud.sys
BD0B6000 - \??\C:\WINDOWS\system32\drivers\btslbcsp.sys
BD30D000 - \SystemRoot\system32\drivers\sysaudio.sys
EBB57000 - \SystemRoot\System32\Drivers\cdenable.sys
BD1ED000 - \SystemRoot\System32\Drivers\Fips.SYS
EB960000 - \??\C:\WINDOWS\system32\PfModNT.sys
BD016000 - \SystemRoot\System32\Drivers\Cdfs.SYS
BC223000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL
BC21F000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL
EB778000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL
BC213000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL
BC20B000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL
BC203000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL
EB982000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL
BCBBF000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL
EB98A000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL
EB990000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL
BCA4B000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL
BCA3F000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL
EB7B0000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL
BCB73000 - \??\C:\DOCUME~1\DAVID~1.GAB\Temp\F-Secure\BlackLight\fsbldrv.sys
EBAC1000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 127
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\Program Files
31/08/2007 00:00 <DIR> .
31/08/2007 00:00 <DIR> ..
19/04/2006 12:11 <DIR> 3B Software
14/08/2005 05:36 <DIR> ABC
22/11/2001 13:05 <DIR> Accessoires
16/08/2001 21:21 <DIR> ACD Systems
11/05/2001 11:39 53 248 ACMonitor_X73.exe
27/07/2001 06:58 47 ACMonitor_X73.ini
11/07/2007 20:59 <DIR> Active+
04/12/2001 06:18 <DIR> Adaptec
04/11/2006 04:26 <DIR> Adobe
09/07/2007 02:28 <DIR> adslTV
14/08/2007 12:13 <DIR> Agnitum
09/05/2006 12:32 <DIR> Ahead
23/02/2003 16:05 <DIR> AIPTEK
09/08/2006 13:01 <DIR> AnswersThatWork
20/08/2006 16:23 <DIR> ArbeDarts
17/12/2001 14:55 <DIR> Archive Web
05/01/2007 01:53 <DIR> audiograbber
15/09/2005 17:29 <DIR> Avanquest update
14/08/2007 12:06 <DIR> AxelTime
22/11/2006 17:18 <DIR> Azureus
15/09/2005 12:28 <DIR> Bluetooth Software
30/08/2006 15:35 <DIR> CartaGoGo
13/08/2005 14:53 <DIR> CCleaner
02/08/2004 21:10 <DIR> CDRWIN5
26/06/2005 04:09 <DIR> Clickmania_demo
20/06/2007 01:21 <DIR> Common Files
24/10/2005 01:04 <DIR> Creative
26/11/2006 23:53 <DIR> DirectVobSub
16/08/2001 20:22 <DIR> DirectX
18/11/2006 02:56 <DIR> DivX
21/08/2007 07:21 <DIR> Documents To Go
12/08/2005 14:37 <DIR> DXBall2
14/08/2007 12:06 <DIR> ESET
07/12/2001 16:19 <DIR> EuroTool
01/03/2007 22:29 <DIR> FairUse Wizard 2
14/08/2007 12:13 <DIR> Fichiers communs
05/01/2007 01:51 <DIR> Free Audio Pack
01/03/2007 03:03 <DIR> Free Audio Pack2
16/09/2006 00:47 <DIR> fun4palm
09/08/2007 12:58 <DIR> Ghostgum
09/08/2007 13:25 <DIR> ghostscript-8.60
03/07/2007 12:57 <DIR> Google
25/11/2006 03:04 <DIR> Grisoft
09/08/2007 14:15 <DIR> gs
24/04/2001 04:22 1 437 gtx73.ini
27/08/2004 13:03 <DIR> Happy Note
01/05/2007 01:33 <DIR> Hewlett-Packard
01/05/2007 01:32 <DIR> HP
25/06/2006 00:49 <DIR> Illustrate
01/06/2005 01:20 <DIR> Image 2 ASCII Art
20/06/2007 01:21 <DIR> Internet Explorer
12/08/2005 14:39 <DIR> iPuissance 4D
10/07/2006 13:37 <DIR> Java
25/11/2006 17:25 <DIR> jv16 PowerTools
30/05/2006 20:48 <DIR> KC Softwares
28/02/2007 01:19 <DIR> Kikoo
18/11/2006 03:05 <DIR> K-Lite Codec Pack
04/04/2006 18:44 <DIR> Lavasoft
17/07/2005 12:14 <DIR> Lavasoft RegHance
12/08/2007 10:47 <DIR> LIUtilities
08/05/2001 16:36 114 688 lxarscan.dll
18/11/2006 02:57 <DIR> Matroska Pack
27/01/2006 22:43 <DIR> Mes Jeux Installés
23/04/2003 17:28 <DIR> MGI
19/07/2007 10:37 <DIR> Microsoft CAPICOM 2.1.0.2
17/12/2001 14:42 <DIR> Microsoft FrontPage
19/09/2005 15:49 <DIR> Microsoft Games
27/05/2006 00:03 <DIR> Microsoft Money
17/12/2001 14:43 <DIR> Microsoft Office
30/05/2004 22:27 <DIR> Microsoft Référence
04/12/2001 02:10 <DIR> Microsoft Script Debugger
16/08/2001 20:35 <DIR> Microsoft Visual Studio
16/08/2001 21:29 <DIR> Mjuice Media Player
26/09/2005 17:57 <DIR> Mobile Master
15/09/2005 17:28 <DIR> Mobile Media Studio
16/09/2005 02:06 <DIR> MOBILedit!
14/08/2007 12:07 <DIR> Mozilla Firefox
17/08/2007 04:00 <DIR> Mozilla Thunderbird
04/04/2006 14:02 <DIR> MSN Messenger
07/10/2006 17:11 <DIR> MyDiscover
01/03/2007 02:47 <DIR> NCH Swift Sound
17/08/2005 03:03 <DIR> NetAbalone
19/02/2007 15:41 <DIR> NETGEAR
17/07/2005 13:03 <DIR> NetMeeting
29/08/2006 11:44 <DIR> Objective Tarot
06/03/2003 20:41 <DIR> OfficeUpdate
27/03/2006 18:28 <DIR> OfficeUpdate11
27/07/2006 18:31 <DIR> OO Software
06/07/2001 02:46 8 116 OSLO3071b2.USB
12/06/2001 15:28 8 154 OsloD3069.usb
14/08/2007 12:07 <DIR> Outlook Express
14/08/2007 12:07 <DIR> palmOne
26/09/2005 04:57 <DIR> Paprikari
16/06/2007 12:19 <DIR> PartitionMagic 8.0
08/08/2007 12:56 <DIR> PDF Password Remover v2.1
11/08/2007 12:46 <DIR> PDF Password Remover v3.0
09/08/2007 13:01 <DIR> PDFCreator
16/08/2001 20:09 <DIR> PLUS!
05/09/2006 14:06 <DIR> PointSoft
06/03/2005 23:45 <DIR> Power Defrag
27/08/2006 12:04 <DIR> Power-Tarot
30/08/2007 23:24 <DIR> ppoker
15/08/2005 00:20 <DIR> Program Files
02/06/2006 03:25 <DIR> PronoLoto Expert
16/08/2001 20:37 <DIR> Publication Web
18/11/2006 02:58 <DIR> QuickTime
27/02/2007 16:55 <DIR> Random Software
17/04/2007 12:21 <DIR> Raxco
18/11/2006 03:00 <DIR> RealPlayer
09/03/2005 15:09 <DIR> RealVNC
25/09/2005 07:31 <DIR> ReflexiveArcade
15/06/2007 16:15 <DIR> RegClean
27/02/2007 23:59 <DIR> Registry Repair 2006
15/06/2007 16:15 <DIR> RegSupreme
18/06/2007 20:25 <DIR> Safer Networking
07/10/2006 16:46 <DIR> SAGEM
07/06/2005 12:34 <DIR> SCIIArt
27/07/2005 14:13 <DIR> Serials 2000
30/08/2007 23:44 <DIR> Serials 2000 7.1 Plus
22/11/2001 13:21 <DIR> Services en ligne
02/06/2006 12:34 <DIR> SiSoftware
14/01/2005 01:16 <DIR> Skype
12/07/2006 13:58 <DIR> SLD Codec Pack
16/08/2001 20:32 <DIR> Snapshot Viewer
14/08/2005 19:29 <DIR> Sokoban
14/08/2005 19:28 <DIR> SolidDocuments
14/08/2007 12:07 <DIR> Spybot - Search & Destroy
19/06/2006 14:03 <DIR> Sudoku
03/05/2004 01:02 <DIR> Support Tools
25/11/2006 14:55 <DIR> Symantec
28/02/2003 13:30 <DIR> Systran
13/02/2003 16:46 <DIR> TCADWIN
30/08/2007 18:30 <DIR> Trend Micro
31/08/2007 00:18 <DIR> TuneUp Utilities 2007
17/07/2005 12:59 <DIR> Uninstall Information
23/07/2006 02:55 <DIR> uTorrent
29/08/2007 11:07 <DIR> VideoLAN
01/01/1998 01:52 <DIR> Vilma
27/02/2007 16:42 <DIR> VirtualCloneDrive
07/01/2005 17:29 <DIR> Webroot
05/09/2006 12:52 <DIR> Webtarot
13/02/2007 02:59 <DIR> Webteh
27/02/2007 18:05 <DIR> Western Digital Technologies
30/05/2004 21:04 <DIR> Windows Journal Viewer
25/06/2006 00:54 <DIR> Windows Media Components
01/03/2007 02:58 <DIR> Windows Media Player
29/01/2004 13:35 <DIR> Windows NT
12/04/2006 12:27 <DIR> WinHTTrack
14/08/2007 12:07 <DIR> WinRAR
10/02/2003 00:43 <DIR> WinRoute Pro
14/08/2007 12:07 <DIR> WinZip
03/07/2006 19:05 <DIR> WinZip10pro
08/05/2006 12:29 <DIR> WMV9_VCM
03/09/2006 04:38 <DIR> wormsarm
22/02/2001 23:54 768 x73_lut.dat
18/05/2004 16:34 <DIR> Xanadu
16/08/2001 21:44 <DIR> Xara
02/10/2005 15:37 <DIR> X-Setup
30/08/2007 23:46 <DIR> X-Setup Pro
30/08/2007 23:47 <DIR> X-Setup6.3
18/11/2006 02:56 <DIR> XviD
30/08/2007 23:49 <DIR> Yahoo!
30/08/2006 20:07 <DIR> YAYG
17/11/2006 18:42 <DIR> Zoom Player
7 fichier(s) 186 458 octets
159 Rép(s) 5 925 482 496 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\Program Files\fichiers communs
14/08/2007 12:13 <DIR> .
14/08/2007 12:13 <DIR> ..
08/05/2006 12:38 <DIR> Adaptec Shared
14/08/2005 20:15 <DIR> Adobe
06/06/2005 00:04 <DIR> Adobe Systems Shared
14/08/2007 12:13 <DIR> Agnitum Shared
08/05/2006 16:44 <DIR> Ahead
14/09/2006 23:39 <DIR> DataViz
05/12/2001 16:33 <DIR> Designer
09/08/2006 13:01 <DIR> eSellerate
09/08/2007 12:57 <DIR> GTK
26/04/2004 19:53 <DIR> Hewlett-Packard
01/05/2007 01:32 <DIR> HP
15/09/2005 17:27 <DIR> InstallShield
25/08/2005 15:52 <DIR> Java
11/08/2006 11:16 <DIR> LightScribe
12/08/2007 13:25 <DIR> Microsoft Shared
26/04/2004 19:51 <DIR> MSSoap
13/07/2006 19:09 <DIR> ODBC
07/03/2006 21:33 <DIR> PC SOFT
17/04/2007 12:21 <DIR> Raxco
18/11/2006 03:00 <DIR> Real
26/09/2005 05:12 <DIR> SC Test Branding 1 Shared
10/12/2006 12:02 <DIR> SERVICES
18/12/2006 14:27 <DIR> SYSTEM
17/08/2007 00:59 <DIR> Wise Installation Wizard
0 fichier(s) 0 octets
26 Rép(s) 5 925 481 984 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
29/01/2004 13:31 <DIR> .
29/01/2004 13:31 <DIR> ..
01/03/2002 00:03 561 209 MSONSEXT.DLL
03/06/1999 20:09 122 937 MSOWS409.DLL
08/04/1999 21:49 127 032 MSOWS40C.dll
18/03/1999 06:37 593 977 RAGENT.DLL
4 fichier(s) 1 405 155 octets
2 Rép(s) 5 925 480 448 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\Program Files\common files
20/06/2007 01:21 <DIR> .
20/06/2007 01:21 <DIR> ..
20/06/2007 01:21 <DIR> System
0 fichier(s) 0 octets
3 Rép(s) 5 925 479 936 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\
12/05/2007 18:22 68 096 diff.exe
12/05/2007 18:22 103 424 grep.exe
2 fichier(s) 171 520 octets
0 Rép(s) 5 925 479 424 octets libres
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
c:\Documents and Settings\David\Mes documents\David\20060407_sagem_usb_drivers_setup.exe
c:\Documents and Settings\David\Mes documents\David\GoogleEarthSetup.exe
c:\Documents and Settings\David\Mes documents\David\mpas_7_15.exe
c:\Documents and Settings\David\Mes documents\David\yetisports3.exe
c:\Documents and Settings\David\Mes documents\David\Download\Ad-Reghance\regh.exe
c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\BtserverSpylite.exe
c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\instmsia.exe
c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\instmsiw.exe
c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\setup.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-aiff.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-mp3PRO-decoder.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-musepack.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-ogg.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wma.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav2.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav8.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav9.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-OggVorbis-CLI.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\db-wmfdist-wma9.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-Mp3-MP3PRO-Encoder-CLI.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-r9.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-WMA8-Encoder-CLI.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\Combined-Community-Codec-Pack-2006-07-28.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\klmcodec160.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\Matroska_Pack_Full_v1.1.2.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\MPSetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\regcln41.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\RegSupreme_setup.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\WM9Codecs.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\wmv9VCMsetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\zp_french451.exe
c:\Documents and Settings\David\Mes documents\David\Download\Drivers Clef\Win98Drv1130_8.2.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\_ISDEL.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\aballs.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Abalone.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\abalone2.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\abalone3.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\arbedarts.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CaromV302.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CAVALCAD.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CHGLINE.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\colorbreak2.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\cueclub_ns.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\dartssetupdemo.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\DDDPoolSetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\FOURMI.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\hexagon.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install_super_othello3d.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install_super_puissance4.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ipuissance4d-6.0b11-install.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\iPuissance4D-v5.03.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ISOLA.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\KickShotPoolSetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\LABYRINTHE2.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\MENUX.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\MOUSEON.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\NAFRPART.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ot_271.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\OTHELLO.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\P4.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\PBudYSetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\SETUP.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Sokoban.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\TIR.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\AuGrandBazar\tarot\_ISDEL.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\AuGrandBazar\tarot\SETUP.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\_ISDEL.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\_SETUP.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\INST32I.EXe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\SETUP.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\P4\P4.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Stack\STACK.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\Yeti1_dc_free.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports1.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports2.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports3.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports4.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports5.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports6.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports7.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports8.exe
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\LINEAR8.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\MODEM.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\PHONE.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\PHONX.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\SYS_ID.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\TTS.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\TTS_E.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Nero\LS_HSI.EXE
c:\Documents and Settings\David\Mes documents\David\Download\palm\documentstogopro7006-fr.exe
c:\Documents and Settings\David\Mes documents\David\Download\palm\Nouveau dossier\install.exe
c:\Documents and Settings\David\Mes documents\David\Download\tarot\install.exe
c:\Documents and Settings\David\Mes documents\David\Download\video\kickshotpool.exe
c:\Documents and Settings\David\Mes documents\David\Download\video\mj_40en.exe
c:\Documents and Settings\David\Mes documents\David\IDAPI\BDECFG.EXE
c:\Documents and Settings\David\Mes documents\David\OD 91\planning\PLANNING.EXE
c:\Documents and Settings\David\Mes documents\David\palm2\AdobeReader305-PalmOS_fra.exe
c:\Documents and Settings\David\Mes documents\David\palm2\setup.exe
c:\Documents and Settings\David\Mes documents\David\poker\poker2003.exe
c:\Documents and Settings\David\Mes documents\David\Registry Repair\install.exe
c:\Documents and Settings\David\Mes documents\David\Registry Repair\Registry Repair 2006.exe
c:\Documents and Settings\David\Mes documents\David\Seu\loto_dem\DISK1\_ISDEL.EXE
c:\Documents and Settings\David\Mes documents\David\Seu\loto_dem\DISK1\SETUP.EXE
c:\Documents and Settings\David\Mes documents\David\Sudoku\AUTORUN.EXE
c:\Documents and Settings\David\Mes documents\David\Sudoku\NAVIGMA.EXE
c:\Documents and Settings\David\Mes documents\David\Sudoku\setup\Setup.exe
c:\Documents and Settings\David\Mes documents\David\Sudoku\setup\Dx90c\DirectX9\dxsetup.exe
c:\Documents and Settings\David\Mes documents\David\Tarot2\Install.EXE
c:\Documents and Settings\David\Mes documents\David\Tarot2\PointSoft.exe
c:\Documents and Settings\David\Mes documents\David\Vacances 2005\avg70t_271a363.exe
c:\Documents and Settings\David\Mes documents\David\Vacances 2005\netsetup.exe
c:\Documents and Settings\David\Mes documents\David\Vacances 2005\David\SP16825.exe
c:\Documents and Settings\David\Mes documents\David\Vacances 2005\David\SP21117.exe
c:\Documents and Settings\David\Mes documents\Downloads\Codecs for all films 2003.exe
c:\Documents and Settings\David\Mes documents\Downloads\serials 2000\s2k-v7.1.PasswordFix.exe
c:\Documents and Settings\David\Mes documents\Serials2k\s2k-v7.1.PasswordFix.exe
c:\Documents and Settings\David\Mes documents\Serials2k\ser2k70.exe
c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{8C92D38B-C1DE-490A-B6D1-AAAA8E17DCE2}\Icon8C92D38B.exe
c:\Documents and Settings\David.GABRIEL\Bureau\ATF-Cleaner.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\catchme.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\diff.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\dumphive.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\FilesInfoCmd.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\find2.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\Fport.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\grep.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\HJTInstall.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\KProcCheck.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\LFiles.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\LISTDLLS.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\pslist.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\streams.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\swreg.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (2)\ATF-Cleaner.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)920i32.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\61.77_win2kxp_international.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\dMC-r12.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_FreeConverter.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_KRAC_EN(2).exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_KRAC_EN.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\FreePCvcR_v0.6.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\cr-cpa60.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\defrag.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\vnc-4_1-x86_win32.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\wrar330fr.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\40comupd.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\install.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\setup.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\spybotsd14.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair\FairUseCommander.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair2\FairUse4WM.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair2\FairUseCommander.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HpAiOScrubber_v2038.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HpCartridgeCompatibilityWin2KXP_v2.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HPPSE1.12.0.46FRA.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\rw2_021_w02_fra.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\autorun.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\Setup.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\utility\Setup.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\runalyz.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_advcheck.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_includes.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_tools.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd14.exe
c:\Documents and Settings\David.GABRIEL\Local Settings\Application Data\WMFMetadataReader\FairUseCommander.exe_Url_kfahvpvokiuzmtgubcipixk4amkg1udf
c:\Documents and Settings\David.GABRIEL\Local Settings\Application Data\WMFMetadataReader\FairUseCommander.exe_Url_sjmhc2jh3qy0jlrfqe2jy1peeb15ux1q
c:\Documents and Settings\David.GABRIEL\Local Settings\Temp\15767.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\drivers.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Bluetooth\fma-0.1.0.35-setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\directx_9c_oct05sdk_redist.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\BVA\OD 91\planning\PLANNING.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\OD 91\planning\PLANNING.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETI1_DC_FREE.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS1.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS2.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS5.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\sagem\20060407_sagem_usb_drivers_setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\IDAPI\BDECFG.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\David\20060407_sagem_usb_drivers_setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\David\GoogleEarthSetup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\David\mpas_7_15.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\David\yetisports3.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ATF-Cleaner(2).exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ATF-Cleaner.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\avg75iswt_431a836.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\CAPICOM-KB931906-v2102(2).exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\CAPICOM-KB931906-v2102.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ccsetup140.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Codecs for all films 2003.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Freeplayer-Win32-20050905.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\fsbl.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gs854w32.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gsv48w32(2).exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gsv48w32.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gtk+-2.10.13-setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\HiJackThis_v2.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\installer-15767-33-PerfectDisk-8-0-54-2000-XP-French.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\LSPFix.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\nentfrst.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OutpostProInstallFr.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OutpostProInstallPackage.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\PDFCreator-0_9_3_GPLGhostscript.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\powerdefrag.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\pwdremover.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\SBPCI_WebDrvsV5_12_01.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Service+Setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\setup-adsltv.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\spybotsd14.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\StepByStepInteractiveTraining-KB923723-x86-FRA.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\updatecdr4_53_71.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\vlc-0.8.6c-win32.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\win_easybox_4.0(2).exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\win_easybox_4.0.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB925902-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB927891-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB930178-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB931784-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB932168-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935839-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935840-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935843-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935966-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\WindowsXP-KB823980-x86-FRA.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\EasyBox\win_easybox_4.0.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\BSPlayer Pro.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\vsfilter.2.37_nt.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\vsfilter.2.37_nt.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\BSPlayer Pro 2.10\BSPlayer Pro.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Nouveau dossier\dotheshit.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Nouveau dossier\OutpostSecuritySuiteProInstall.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\The.Ultimate.Troubleshooter.v3.20-RES-crk\troubleshooter.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\The.Ultimate.Troubleshooter.v3.20-RES-crk\UltimateTroubleshooter.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\WinZip 10.0.6699 Pro (full)\winzip100.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Zone Alarm Pro 6.1.744.001\Zone Alarm Pro Key Generator.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Zone Alarm Pro 6.1.744.001\ZoneAlarm Pro 6.1.744.001.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Registre\regexp.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Serials2k\s2k-v7.1.PasswordFix.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Serials2k\ser2k70.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\testdisk-6.5\win\photorec_win.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\testdisk-6.5\win\testdisk_win.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Tune\TU2007TrialFR.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\win\photorec_win.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\win\testdisk_win.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\ARPPRODUCTICON.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\serial2k.exe_AA64977EBEC84BDD81E8775F9F2FA2FF.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\uninst_s2k.exe_AA64977EBEC84BDD81E8775F9F2FA2FF.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\ARPPRODUCTICON.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1_45BA714564B04B5DBDC240E20FCDC6DC.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut3.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut5.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6_45BA714564B04B5DBDC240E20FCDC6DC.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\PalmDesktopShortcut.exe
c:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\VFHXLSK5\PD80ENp_x86[1].exe
c:\Documents and Settings\Gabriel\Mes documents\Downloads\wintasksprofessional.EXE
c:\Documents and Settings\Gabriel\Mes documents\Downloads\OutpostSecuritySuitePRO2007\dotheshit.exe
c:\Documents and Settings\Gabriel\Mes documents\Downloads\OutpostSecuritySuitePRO2007\OutpostSecuritySuiteProInstall.exe
c:\Documents and Settings\Gabriel\Mes documents\Downloads\PDF.Password.Remover.v3.0.WinALL-CHiCNCREAM\pwdremover.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\ARPPRODUCTICON.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe
c:\Documents and Settings\Papa\Bureau\Freeplayer-Win32-20050905.exe
c:\Documents and Settings\Papa\Bureau\Google_Earth_BZXE.exe
c:\Documents and Settings\Papa\Bureau\vlc-0.8.6c-win32.exe
c:\Documents and Settings\Papa\Local Settings\Temp\waunst_.exe
c:\Documents and Settings\Papa\Mes documents\aaw-lang-pack.exe
c:\Documents and Settings\Papa\Mes documents\ad aware w6181.exe
c:\Documents and Settings\Papa\Mes documents\emprunt.exe
c:\Documents and Settings\Papa\Mes documents\GoogleEarth-0762.exe
c:\Documents and Settings\Papa\Mes documents\OODefrag8ProfessionalEnu.exe
c:\Documents and Settings\Papa\Mes documents\powerdefrag.exe
c:\Documents and Settings\Papa\Mes documents\spyswp3_anshare356.exe
c:\Documents and Settings\Papa\Mes documents\download\Windows-KB890830-V1.22.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Setup.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe DNG Converter\Adobe DNG Converter.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\instmsia.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\instmsiw.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\setup.exe
c:\Documents and Settings\Papa\Mes documents\Secours Free\ispare.exe
c:\Documents and Settings\Papa\Mes documents\telechargement\setup_file_recover_trial.exe
c:\Program Files\Documents To Go\DocsToGo.exe
c:\Program Files\Documents To Go\HandheldInstall.exe
c:\Program Files\Documents To Go\OfficeAddinInstaller.exe
c:\Program Files\Documents To Go\OfficeAddinUninstaller.exe
c:\Program Files\Documents To Go\ptgxlat.exe
c:\Program Files\Documents To Go\ZipUtil.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\Setup.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\50comupd.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\InstMsiA.Exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\InstMsiW.Exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\msaardk.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\msxml3sp1.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\solidconverterpdf\setup.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\solidconverterpdf\solidconvertersetuppdf.exe
c:\WINDOWS\Installer\{EB807EB6-5179-48B7-98D4-7B4934A57A81}\DocumentsToGo.exe
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll
c:\Documents and Settings\David.GABRIEL\Application Data\Mozilla\Firefox\Profiles\frffk686.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\FFHook.dll
c:\Documents and Settings\David.GABRIEL\Application Data\Mozilla\Firefox\Profiles\frffk686.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\McAPFilt.dll
c:\Documents and Settings\David.GABRIEL\Application Data\TaoUSign\jsec.dll
c:\Documents and Settings\Davide\Application Data\Creative\Media Databas
Voilà, mon ordinateur (400 Mhz, Windows 2000, 640Mo de ram) n'est pas opérationnel pendanr de longues minutes après le démarrage. L'UC est à 100% et semble être accaparé par Outpost Firewall pendant cette periode (% UC et non pas mémoire).
Voici des rapports HijackThis, DiagHelp et Blacklight :
J'ai précédemment appliqué Navipromo, BFU, et ATF Cleaner
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:32:36, on 31/08/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Trend Micro\HijackThis\check.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - Global Startup: Raccourci vers Connexion au réseau local.lnk = ?
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - (no file)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: PMJ151 AutoLaunch Service (PMJ151LA) - Matsushita Electric Industrial Co. ,Ltd, - C:\WINDOWS\PMJ151LA.BIN
--
End of file - 2187 bytes
icon_confused.gif
DiagHelp version v1.1.2 - http://www.malekal.com
excute le ven. 31/08/2007 à 1:35:17,26
Liste des derniers fichies modifies/crees dans windir\system32
C:\WINDOWS\System32/drivers\amon.sys -->13/08/2007 04:47:33
C:\WINDOWS\System32/drivers\nod32drv.sys -->13/08/2007 04:47:31
C:\WINDOWS\System32/drivers\cdr4_2k.sys -->11/08/2007 16:47:45
C:\WINDOWS\System32/drivers\DefragFs.sys -->13/03/2007 12:18:22
C:\WINDOWS\System32/drivers\PalmUSBD.sys -->04/11/2006 03:11:06
C:\WINDOWS\System32/drivers\nwrdr.sys -->01/09/2006 06:57:48
C:\WINDOWS\System32/drivers\fltmgr.sys -->22/08/2006 12:48:40
C:\WINDOWS\System32\OODBS.lor -->31/08/2007 00:40:13
C:\WINDOWS\System32\nvapps.xml -->29/08/2007 10:33:58
C:\WINDOWS\System32\Perflib_Perfdata_2c0.dat -->20/08/2007 12:51:47
C:\WINDOWS\System32\Perflib_Perfdata_29c.dat -->18/08/2007 22:28:20
C:\WINDOWS\System32\Perflib_Perfdata_2ac.dat -->18/08/2007 11:40:07
C:\WINDOWS\System32\Perflib_Perfdata_2a0.dat -->17/08/2007 05:44:47
C:\WINDOWS\System32\Perflib_Perfdata_294.dat -->15/08/2007 11:18:14
C:\WINDOWS\System32\Perflib_Perfdata_288.dat -->14/08/2007 12:26:53
C:\WINDOWS\System32\Perflib_Perfdata_2a4.dat -->14/08/2007 09:42:40
C:\WINDOWS\System32\Perflib_Perfdata_278.dat -->14/08/2007 00:44:46
C:\WINDOWS\System32\Perflib_Perfdata_280.dat -->13/08/2007 20:07:00
C:\WINDOWS\System32\Perflib_Perfdata_290.dat -->13/08/2007 11:32:12
C:\WINDOWS\System32\Perflib_Perfdata_284.dat -->13/08/2007 10:58:35
C:\WINDOWS\System32\Perflib_Perfdata_298.dat -->13/08/2007 10:33:27
C:\WINDOWS\System32\imon.dll -->13/08/2007 04:47:36
C:\WINDOWS\System32\Perflib_Perfdata_274.dat -->13/08/2007 03:49:52
C:\WINDOWS\System32\Perflib_Perfdata_270.dat -->13/08/2007 03:19:04
C:\WINDOWS\System32\Perflib_Perfdata_26c.dat -->13/08/2007 02:53:46
C:\WINDOWS\System32\Perflib_Perfdata_25c.dat -->12/08/2007 20:08:30
C:\WINDOWS\System32\Perflib_Perfdata_28c.dat -->12/08/2007 17:55:16
C:\WINDOWS\System32\BASSMOD.dll -->12/08/2007 10:55:19
C:\WINDOWS\System32\pwdremover.dat -->11/08/2007 12:39:29
C:\WINDOWS\System32\MRT.exe -->03/08/2007 06:34:10
C:\WINDOWS\System32\wuaucpl.cpl.mui -->30/07/2007 19:20:06
C:\WINDOWS\System32\wuapi.dll.mui -->30/07/2007 19:19:52
C:\WINDOWS\transp.gif -->31/08/2007 00:42:20
C:\WINDOWS\WindowsUpdate.log -->31/08/2007 00:35:38
C:\WINDOWS\IEPatchUninstall.log -->31/08/2007 00:34:53
C:\WINDOWS\Sti_Trace.log -->31/08/2007 00:31:35
C:\WINDOWS\ntbtlog.txt -->31/08/2007 00:24:18
C:\WINDOWS\SchedLgU.Txt -->31/08/2007 00:19:22
C:\WINDOWS\ODBC.INI -->29/08/2007 11:52:00
C:\WINDOWS\NeroDigital.ini -->29/08/2007 02:27:09
C:\WINDOWS\system.ini -->28/08/2007 00:53:58
C:\WINDOWS\verypdf.ini -->11/08/2007 12:40:27
C:\WINDOWS\gswin32.ini -->11/08/2007 12:12:46
C:\WINDOWS\winDecrypt.INI -->08/08/2007 13:06:31
C:\WINDOWS\win.ini -->26/07/2007 17:09:24
C:\WINDOWS\winamp.ini -->09/07/2007 02:43:22
C:\WINDOWS\hpothb07.dat -->24/06/2007 18:24:59
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\WINDOWS\system
06/04/1999 16:45 38 672 MAPISRVR.EXE
11/07/1997 12:37 11 856 MVTHKSVR.EXE
14/08/2002 16:03 4 672 WOWPOST.EXE
3 fichier(s) 55 200 octets
0 Rép(s) 5 926 201 856 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\WINDOWS\system32
19/06/2003 21:05 5 392 CSRSS.EXE
1 fichier(s) 5 392 octets
0 Rép(s) 5 926 201 344 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\WINDOWS\Downloaded Program Files
04/09/2006 15:36 <DIR> .
04/09/2006 15:36 <DIR> ..
24/10/2001 18:52 237 actsetup.inf
15/06/2004 05:13 226 cc.inf
14/10/2002 02:56 65 desktop.ini
14/10/1997 18:52 697 DirectAnimation Java Classes.osd
26/08/2003 08:12 1 096 iuctl.inf
03/06/2005 04:49 752 jinstall-1_5_0_04.inf
20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd
29/06/2005 17:17 227 opuc.inf
09/10/2003 10:32 144 QTPlugin.inf
17/04/2000 23:22 2 203 SG726ACM.inf
27/08/2005 14:30 5 065 swflash.inf
24/09/1998 17:24 111 616 tdserver.ocx
02/11/2005 19:01 1 777 xscan.inf
02/11/2005 19:07 435 712 xscan53.ocx
07/11/2004 15:29 1 206 yinst.inf
07/11/2004 15:29 173 168 yinsthelper.dll
16 fichier(s) 735 353 octets
Total des fichiers listés :
16 fichier(s) 735 353 octets
2 Rép(s) 5 926 200 832 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\rcu~x.exe"="%windir%\\system32\\rcu~x.exe:*:Enabled:@xpsp2res.dll,-22019"
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
Rechercher adresses sensibles dans le fichier HOSTS...
REGEDIT4
[taskmgr.exe]
catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-31 01:51:27
Windows 5.0.2195 Service Pack 4 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG08.00.00.01WORKSTATION"="C57B6608B035F2BED645A9A06045C33BC6B5B30A4874FEBC9E127BECC74CFEBC9E127BECC74
CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E66
7A2D97226D213B555BA7FD869164D67949DB7CE019D40AA5C32611429638C80AB536BA79020513F6
C47652CAEC2A499C72A3005CDE6A45F5A90429E3D7896BEAF9517229CBD35483A6CEEC47BF95E031
D0A55A04E187D0C43D9839C28EC59CE470409EB548423BEB0C6C7142B7DD932F459C589D07E86405
564C25BA62BB4338687A86BA83D538FA6EFC8B6041BD01F0B02E5381087921B538B10CA08633A575
109D5279F7B370DC905BB6FDF62AE25F2F10BC6DC652E20D12DEEFEB108300665FA5ECE528F716B1
8A45C232DA993808E1A01F3990F15B5BC2BD6AD1ACF116F504F89326E95D9456674DE5DEC0955D59
87086A23D3FB9AACF6FB5B5CF360DA8F37D0F4634E6FB96DB1D68CAB6DE7B299C6ECFD9D2F141AA1
F616815717A84A908021DA379241742F34C14BDB4CA42E67B1282C47A6B054A0EF047F0B3A0104F9
7DCD38729329E0D80316E2CA5B39BDBEBDBBAB167B09281579016105F6E785A8190C8533DB93A9FA
281F92FDA42AA3CF3538514E00C2C2B88B793DE4FEFBC6DF725838AC925468853F4AC85BA62C81DF
1806983428CC608045FEEECF5740F1281A78357732652B8DEC87111C046827996F1D93979030B39F
E864CEED58D57B579A5388572AF2006E43E25D679E317AF653AC3940C8558C88332C2BB08942FA68
EB3860894FAA82957981B0208F17D81396C851A8F703F1F6FE5E050B823649BC369C8F0BB0417BF0
021185FA1705B163DA472EDAFDE050EF4AEA34B2719FA2A6F62CAFBDC0A4ACA7BA4D6E2131F8F77F
2FE52DD2BB52447181A81F22A19A8D13C3ECD84819157B036F3841F38822914AE1EDE575798C8E33
4B9E02C270BD7F02AA1088AC5E2843BF6E2445084E46D3F1AA6476C1974555EF7269D851C1927CC0
AB2A0B4DC8B4E95D44BABD4FD53D4ADB043AE556CF45F16E2F9892C1933690D049E35CB0A596252B
A0A442C3F1E0C7A44A1ACECE10DAF4E4B5267F6410C25BD121357BBA7E1A668E8FC0DFE765BF225F
8724CB19B73452F5C536FDACE1B955104450C16227CB1AE730C7795E4E21F0E48EB8CC651A2CF431
222CDF68C1CA79A7BECCB8FFC46CD64C19E69DDE1D3D77D7EC760F2CC57B67AC0EAA188DA0D7ED27
0C48480CA9F7C299021BC69578D1A1D3DC3ADA0EE1591A70BDA01F42FB17095AC8C96E6362BF0056
D84C06F4436977A77A0505F2CA12F82EB267143119009E2CF08D6E27C52905F3E3D36493A373389F
62598E108051127320371209CF506204C000E39EE4079063AC3D374DEBC0620D81AC700A1916C947
FABEE5A02EFDA96E7BEFAD3F2E5F9A9EC95C393EDB75D780E4F16"
"OOCC06.00.00.01WSSV"="E87BD718E944754098BD09DD37761FDA9A801AF974169A340D8405B2239A8FBBFB84729C6CD
0B5754CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127
BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6A0AC4980AC79335D575E7D6A3B9808A2D97226D
213B555696692ED8ED21CA98CB4363691059BB210B7D1266EF2950F5DE0F45B83FCF7C6EF84DF661
3E55F5DA067C90D1EC928B38728AFCC45EB02B1657238B644D89F532802A796F4CA6EEA747961E96
6EB624C4805772D885FD137254ED2ECD721D91BD0456336AFAE61A628AC5D4A98061E28728A1427B
273AFBC5C4DD9622BA94BD2EE60ECCFC2B2767A9E74827BE2A7CF066CA754F048446BF514FDC1513
23CBBC247210743326B8EE380F5FBA3FBD012B6DE8269914DDEF62B942167C763131747668454428
661AC733B8E56B81BF82222B6F2E967CA48EA37EB2C0A26B85E6C4F9A3DDFD24A93FA4F7CCD0387F
D89E14124865123CFF600086DC7CDA4314270E0F7B213D08DF046AF3BF6572E6560D7A21F7C7DC76
ED516A2AED3B8CA4FD77A93557E406B645F80E12E810D2394CE2E695D4930B03A43B09E89DF38771
AAA0893CDEE9AA465B8BC485098C0AB541DB14B5F161108CE9275A49CB1195B1BB936A1C0083C54A
BC835D7E31C746572035491E3BF29D0C88BB0F6C94411FD627ACA90507E1F23D8D0C699EC208D3FB
FB0AC9C7056E8DE4AE8506737C236B702D3AE4A64BD26129086F0A9B1EA55FC8F4575DCCE1F20DA7
8D866DCCE9184379023EACA286514F27892D93B3FF8F936BB598A590C9086417D7E2C533F435AFD2
9B632220BC592EBBD11CA9367F90BD721F66FACF8D8376307727B5A7BA37C61E9D3D5F43F66ACF78
F14AF89BCD07F209E99C983AB592FE6463ED294B7AE120CF5B150F93D0253E722A01A8D9616B0A39
9B562237B24D143F062D4B96F97A57A737DBB00BF875B5BABAF3E1F1313DB4AFB30A8DE8704E444C
1504994DFC2A77F0D56596545187C4B69AE7553904921CE3164AD222FF4938D746F9A848C49EBC07
2508A9E918C53821B7DBCD334EB08432A1F27EB19A5EB91CC9AD7FC3AF8A738D4F35A342B6C609E0
3F1B45EE662F809DB22EFCC2EFCDE1A0F22B30673D477336B3DF2435E788993E9542244534840D83
E24056D1B92C5C384C706B986905BD2F01BA47AB82314A61AE26F696A6C11BECE4F08065033D800F
BC348470616B60EA4F163A00F112E73E4CD2749DFD3009A0E414065055F379247BE99F34804CF2FC
79BC78BF61F696A1D3AFAEE2C33869E000D166EAFCAE214BA5ABE9466AA53D1A2E10C27CC5BB74A9
A41C17D0C7A02542D379897905EC2F231291C953F8F4F69FD859076AF86F32E397071297EC4B3982
33AF969A6B721ED07303E75F36D383CAA3B5A8B0298D87E584729"
scanning hidden files ...
scan completed successfully
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitInListHead and KiWaitOutListHead
8 - System
148 - SMSS.EXE
176 - CSRSS.EXE
196 - WINLOGON.EXE
224 - SERVICES.EXE
236 - LSASS.EXE
408 - svchost.exe
444 - LEXBCES.EXE
472 - spoolsv.exe
504 - svchost.exe
572 - nod32krn.exe
592 - outpost.exe
612 - mstask.exe
632 - tcpsvcs.exe
640 - check.exe
668 - SNMP.EXE
712 - WinMgmt.exe
808 - svchost.exe
852 - msdtc.exe
908 - explorer.exe
1192 - nod32kui.exe
1232 - TASKMGR.EXE
1284 - CMD.EXE
1316 - fsbl.exe
1320 - firefox.exe
Total number of processes = 25
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
80400000 - \WINDOWS\System32\ntoskrnl.exe
80001000 - \WINDOWS\System32\hal.dll
EB810000 - \WINDOWS\System32\BOOTVID.dll
EB400000 - pci.sys
EB410000 - isapnp.sys
EB900000 - intelide.sys
EB680000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
EB688000 - MountMgr.sys
BFFE3000 - ftdisk.sys
EB902000 - Diskperf.sys
EB9C8000 - \WINDOWS\System32\Drivers\WMILIB.SYS
EB904000 - dmload.sys
BFFC1000 - dmio.sys
EB814000 - PartMgr.sys
BFFB0000 - precsim.sys
BFF9D000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
BFF87000 - atapi.sys
EB818000 - aha154x.sys
EB690000 - disk.sys
EB420000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
BFF65000 - fltmgr.sys
EB698000 - PxHelp20.sys
BFF53000 - KSecDD.sys
BFF40000 - DefragFS.sys
BFEC2000 - Ntfs.sys
BFE98000 - NDIS.sys
BFE82000 - Mup.sys
BFD87000 - btkrnl.sys
EB6A0000 - agp440.sys
BFD47000 - \SystemRoot\system32\DRIVERS\ks.sys
EB450000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
EB874000 - \SystemRoot\system32\DRIVERS\PMJ151NM.sys
EB9CF000 - \SystemRoot\System32\DRIVERS\audstub.sys
EB460000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
EB880000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
BFD30000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
EB890000 - \SystemRoot\System32\DRIVERS\TDI.SYS
EB470000 - \SystemRoot\System32\DRIVERS\raspptp.sys
EB6C8000 - \SystemRoot\System32\DRIVERS\ptilink.sys
EB6D8000 - \SystemRoot\System32\DRIVERS\raspti.sys
EB480000 - \SystemRoot\system32\DRIVERS\btwdndis.sys
EB89C000 - \SystemRoot\System32\DRIVERS\NtApm.sys
EB4A0000 - \SystemRoot\System32\DRIVERS\parallel.sys
EB4B0000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
BFAC6000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
BFAA1000 - \SystemRoot\system32\drivers\portcls.sys
EB700000 - \SystemRoot\system32\drivers\cm8330sb.sys
EB718000 - \SystemRoot\system32\drivers\cm8330.sys
EB728000 - \SystemRoot\System32\DRIVERS\cdrom.sys
EB730000 - \SystemRoot\System32\Drivers\incdrm.SYS
EB738000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
EB758000 - \SystemRoot\System32\DRIVERS\USBD.SYS
EB740000 - \SystemRoot\System32\DRIVERS\uhcd.sys
EB768000 - \SystemRoot\System32\DRIVERS\openhci.sys
BFA57000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
EB780000 - \SystemRoot\System32\DRIVERS\usbehci.sys
EB790000 - \SystemRoot\System32\DRIVERS\RTL8139.SYS
EB7A0000 - \SystemRoot\system32\DRIVERS\btport.sys
EB9EA000 - \SystemRoot\System32\DRIVERS\swenum.sys
BFA2C000 - \SystemRoot\System32\DRIVERS\update.sys
EB4C0000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
EB7B8000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
EB7C8000 - \SystemRoot\System32\DRIVERS\parport.sys
EB4D0000 - \SystemRoot\System32\DRIVERS\serial.sys
EB8B8000 - \SystemRoot\System32\DRIVERS\serenum.sys
EB7E0000 - \SystemRoot\System32\DRIVERS\fdc.sys
EB7F0000 - \SystemRoot\System32\DRIVERS\mouclass.sys
EB4E0000 - \SystemRoot\System32\Drivers\NDProxy.SYS
EB800000 - \SystemRoot\System32\Drivers\EFS.SYS
EB500000 - \SystemRoot\System32\DRIVERS\usbhub.sys
EB510000 - \SystemRoot\System32\DRIVERS\usbhub20.sys
EB520000 - \SystemRoot\System32\Drivers\AFS2K.SYS
EB530000 - \SystemRoot\System32\Drivers\Cdr4_2K.SYS
EB6E8000 - \SystemRoot\System32\Drivers\Cdralw2k.SYS
EB90E000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
EBA02000 - \SystemRoot\System32\Drivers\Null.SYS
EBA04000 - \SystemRoot\System32\Drivers\Beep.SYS
EB6F8000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
EB8E8000 - \SystemRoot\System32\drivers\vga.sys
EBA0A000 - \SystemRoot\System32\Drivers\mnmdd.SYS
EB918000 - \??\C:\WINDOWS\system32\Drivers\InCDFatRec.sys
EB8EC000 - \SystemRoot\System32\Drivers\InCDrec.SYS
BE9F3000 - \SystemRoot\System32\Drivers\InCDfs.SYS
EB710000 - \SystemRoot\System32\Drivers\Msfs.SYS
EB540000 - \SystemRoot\System32\Drivers\Npfs.SYS
EB91E000 - \SystemRoot\System32\DRIVERS\rasacd.sys
BE904000 - \SystemRoot\System32\DRIVERS\tcpip.sys
EB550000 - \SystemRoot\System32\DRIVERS\msgpc.sys
EB760000 - \SystemRoot\System32\DRIVERS\wanarp.sys
BE8AF000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FILTNT.SYS
EB560000 - \SystemRoot\System32\DRIVERS\ipfltdrv.sys
BE884000 - \SystemRoot\System32\DRIVERS\netbt.sys
EB570000 - \SystemRoot\System32\DRIVERS\netbios.sys
BE821000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\Sandbox.SYS
BE7F7000 - \SystemRoot\System32\DRIVERS\rdbss.sys
EB926000 - \SystemRoot\system32\drivers\nod32drv.sys
BE77F000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
A0000000 - \??\C:\WINDOWS\system32\win32k.sys
BD5C5000 - \SystemRoot\System32\nv4_disp.dll
BD3B1000 - \SystemRoot\System32\drivers\ws2ifsl.sys
BD265000 - \SystemRoot\System32\drivers\afd.sys
EB9B4000 - \SystemRoot\System32\Drivers\ParVdm.SYS
BD122000 - \SystemRoot\system32\drivers\amon.sys
BD2B9000 - \SystemRoot\System32\Drivers\Aspi32.SYS
EB6B8000 - \??\C:\WINDOWS\system32\drivers\btserial.sys
BD0E8000 - \SystemRoot\system32\drivers\wdmaud.sys
BD0B6000 - \??\C:\WINDOWS\system32\drivers\btslbcsp.sys
BD30D000 - \SystemRoot\system32\drivers\sysaudio.sys
EBB57000 - \SystemRoot\System32\Drivers\cdenable.sys
BD1ED000 - \SystemRoot\System32\Drivers\Fips.SYS
EB960000 - \??\C:\WINDOWS\system32\PfModNT.sys
BD016000 - \SystemRoot\System32\Drivers\Cdfs.SYS
BC223000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\SECRET.DLL
BC21F000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTMLFILT.DLL
EB778000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ADBLOCK.DLL
BC213000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\DNSCACHE.DLL
BC20B000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\POP3FILT.DLL
BC203000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\MAILFILT.DLL
EB982000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\CONTENT.DLL
BCBBF000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\FTPFILT.DLL
EB98A000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\IMAPFILT.DLL
EB990000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\NNTPFILT.DLL
BCA4B000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\PROTECT.DLL
BCA3F000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\HTTPFILT.DLL
EB7B0000 - \??\C:\Program Files\Agnitum\Outpost Firewall\kernel\ARP.DLL
BCB73000 - \??\C:\DOCUME~1\DAVID~1.GAB\Temp\F-Secure\BlackLight\fsbldrv.sys
EBAC1000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 127
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\Program Files
31/08/2007 00:00 <DIR> .
31/08/2007 00:00 <DIR> ..
19/04/2006 12:11 <DIR> 3B Software
14/08/2005 05:36 <DIR> ABC
22/11/2001 13:05 <DIR> Accessoires
16/08/2001 21:21 <DIR> ACD Systems
11/05/2001 11:39 53 248 ACMonitor_X73.exe
27/07/2001 06:58 47 ACMonitor_X73.ini
11/07/2007 20:59 <DIR> Active+
04/12/2001 06:18 <DIR> Adaptec
04/11/2006 04:26 <DIR> Adobe
09/07/2007 02:28 <DIR> adslTV
14/08/2007 12:13 <DIR> Agnitum
09/05/2006 12:32 <DIR> Ahead
23/02/2003 16:05 <DIR> AIPTEK
09/08/2006 13:01 <DIR> AnswersThatWork
20/08/2006 16:23 <DIR> ArbeDarts
17/12/2001 14:55 <DIR> Archive Web
05/01/2007 01:53 <DIR> audiograbber
15/09/2005 17:29 <DIR> Avanquest update
14/08/2007 12:06 <DIR> AxelTime
22/11/2006 17:18 <DIR> Azureus
15/09/2005 12:28 <DIR> Bluetooth Software
30/08/2006 15:35 <DIR> CartaGoGo
13/08/2005 14:53 <DIR> CCleaner
02/08/2004 21:10 <DIR> CDRWIN5
26/06/2005 04:09 <DIR> Clickmania_demo
20/06/2007 01:21 <DIR> Common Files
24/10/2005 01:04 <DIR> Creative
26/11/2006 23:53 <DIR> DirectVobSub
16/08/2001 20:22 <DIR> DirectX
18/11/2006 02:56 <DIR> DivX
21/08/2007 07:21 <DIR> Documents To Go
12/08/2005 14:37 <DIR> DXBall2
14/08/2007 12:06 <DIR> ESET
07/12/2001 16:19 <DIR> EuroTool
01/03/2007 22:29 <DIR> FairUse Wizard 2
14/08/2007 12:13 <DIR> Fichiers communs
05/01/2007 01:51 <DIR> Free Audio Pack
01/03/2007 03:03 <DIR> Free Audio Pack2
16/09/2006 00:47 <DIR> fun4palm
09/08/2007 12:58 <DIR> Ghostgum
09/08/2007 13:25 <DIR> ghostscript-8.60
03/07/2007 12:57 <DIR> Google
25/11/2006 03:04 <DIR> Grisoft
09/08/2007 14:15 <DIR> gs
24/04/2001 04:22 1 437 gtx73.ini
27/08/2004 13:03 <DIR> Happy Note
01/05/2007 01:33 <DIR> Hewlett-Packard
01/05/2007 01:32 <DIR> HP
25/06/2006 00:49 <DIR> Illustrate
01/06/2005 01:20 <DIR> Image 2 ASCII Art
20/06/2007 01:21 <DIR> Internet Explorer
12/08/2005 14:39 <DIR> iPuissance 4D
10/07/2006 13:37 <DIR> Java
25/11/2006 17:25 <DIR> jv16 PowerTools
30/05/2006 20:48 <DIR> KC Softwares
28/02/2007 01:19 <DIR> Kikoo
18/11/2006 03:05 <DIR> K-Lite Codec Pack
04/04/2006 18:44 <DIR> Lavasoft
17/07/2005 12:14 <DIR> Lavasoft RegHance
12/08/2007 10:47 <DIR> LIUtilities
08/05/2001 16:36 114 688 lxarscan.dll
18/11/2006 02:57 <DIR> Matroska Pack
27/01/2006 22:43 <DIR> Mes Jeux Installés
23/04/2003 17:28 <DIR> MGI
19/07/2007 10:37 <DIR> Microsoft CAPICOM 2.1.0.2
17/12/2001 14:42 <DIR> Microsoft FrontPage
19/09/2005 15:49 <DIR> Microsoft Games
27/05/2006 00:03 <DIR> Microsoft Money
17/12/2001 14:43 <DIR> Microsoft Office
30/05/2004 22:27 <DIR> Microsoft Référence
04/12/2001 02:10 <DIR> Microsoft Script Debugger
16/08/2001 20:35 <DIR> Microsoft Visual Studio
16/08/2001 21:29 <DIR> Mjuice Media Player
26/09/2005 17:57 <DIR> Mobile Master
15/09/2005 17:28 <DIR> Mobile Media Studio
16/09/2005 02:06 <DIR> MOBILedit!
14/08/2007 12:07 <DIR> Mozilla Firefox
17/08/2007 04:00 <DIR> Mozilla Thunderbird
04/04/2006 14:02 <DIR> MSN Messenger
07/10/2006 17:11 <DIR> MyDiscover
01/03/2007 02:47 <DIR> NCH Swift Sound
17/08/2005 03:03 <DIR> NetAbalone
19/02/2007 15:41 <DIR> NETGEAR
17/07/2005 13:03 <DIR> NetMeeting
29/08/2006 11:44 <DIR> Objective Tarot
06/03/2003 20:41 <DIR> OfficeUpdate
27/03/2006 18:28 <DIR> OfficeUpdate11
27/07/2006 18:31 <DIR> OO Software
06/07/2001 02:46 8 116 OSLO3071b2.USB
12/06/2001 15:28 8 154 OsloD3069.usb
14/08/2007 12:07 <DIR> Outlook Express
14/08/2007 12:07 <DIR> palmOne
26/09/2005 04:57 <DIR> Paprikari
16/06/2007 12:19 <DIR> PartitionMagic 8.0
08/08/2007 12:56 <DIR> PDF Password Remover v2.1
11/08/2007 12:46 <DIR> PDF Password Remover v3.0
09/08/2007 13:01 <DIR> PDFCreator
16/08/2001 20:09 <DIR> PLUS!
05/09/2006 14:06 <DIR> PointSoft
06/03/2005 23:45 <DIR> Power Defrag
27/08/2006 12:04 <DIR> Power-Tarot
30/08/2007 23:24 <DIR> ppoker
15/08/2005 00:20 <DIR> Program Files
02/06/2006 03:25 <DIR> PronoLoto Expert
16/08/2001 20:37 <DIR> Publication Web
18/11/2006 02:58 <DIR> QuickTime
27/02/2007 16:55 <DIR> Random Software
17/04/2007 12:21 <DIR> Raxco
18/11/2006 03:00 <DIR> RealPlayer
09/03/2005 15:09 <DIR> RealVNC
25/09/2005 07:31 <DIR> ReflexiveArcade
15/06/2007 16:15 <DIR> RegClean
27/02/2007 23:59 <DIR> Registry Repair 2006
15/06/2007 16:15 <DIR> RegSupreme
18/06/2007 20:25 <DIR> Safer Networking
07/10/2006 16:46 <DIR> SAGEM
07/06/2005 12:34 <DIR> SCIIArt
27/07/2005 14:13 <DIR> Serials 2000
30/08/2007 23:44 <DIR> Serials 2000 7.1 Plus
22/11/2001 13:21 <DIR> Services en ligne
02/06/2006 12:34 <DIR> SiSoftware
14/01/2005 01:16 <DIR> Skype
12/07/2006 13:58 <DIR> SLD Codec Pack
16/08/2001 20:32 <DIR> Snapshot Viewer
14/08/2005 19:29 <DIR> Sokoban
14/08/2005 19:28 <DIR> SolidDocuments
14/08/2007 12:07 <DIR> Spybot - Search & Destroy
19/06/2006 14:03 <DIR> Sudoku
03/05/2004 01:02 <DIR> Support Tools
25/11/2006 14:55 <DIR> Symantec
28/02/2003 13:30 <DIR> Systran
13/02/2003 16:46 <DIR> TCADWIN
30/08/2007 18:30 <DIR> Trend Micro
31/08/2007 00:18 <DIR> TuneUp Utilities 2007
17/07/2005 12:59 <DIR> Uninstall Information
23/07/2006 02:55 <DIR> uTorrent
29/08/2007 11:07 <DIR> VideoLAN
01/01/1998 01:52 <DIR> Vilma
27/02/2007 16:42 <DIR> VirtualCloneDrive
07/01/2005 17:29 <DIR> Webroot
05/09/2006 12:52 <DIR> Webtarot
13/02/2007 02:59 <DIR> Webteh
27/02/2007 18:05 <DIR> Western Digital Technologies
30/05/2004 21:04 <DIR> Windows Journal Viewer
25/06/2006 00:54 <DIR> Windows Media Components
01/03/2007 02:58 <DIR> Windows Media Player
29/01/2004 13:35 <DIR> Windows NT
12/04/2006 12:27 <DIR> WinHTTrack
14/08/2007 12:07 <DIR> WinRAR
10/02/2003 00:43 <DIR> WinRoute Pro
14/08/2007 12:07 <DIR> WinZip
03/07/2006 19:05 <DIR> WinZip10pro
08/05/2006 12:29 <DIR> WMV9_VCM
03/09/2006 04:38 <DIR> wormsarm
22/02/2001 23:54 768 x73_lut.dat
18/05/2004 16:34 <DIR> Xanadu
16/08/2001 21:44 <DIR> Xara
02/10/2005 15:37 <DIR> X-Setup
30/08/2007 23:46 <DIR> X-Setup Pro
30/08/2007 23:47 <DIR> X-Setup6.3
18/11/2006 02:56 <DIR> XviD
30/08/2007 23:49 <DIR> Yahoo!
30/08/2006 20:07 <DIR> YAYG
17/11/2006 18:42 <DIR> Zoom Player
7 fichier(s) 186 458 octets
159 Rép(s) 5 925 482 496 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\Program Files\fichiers communs
14/08/2007 12:13 <DIR> .
14/08/2007 12:13 <DIR> ..
08/05/2006 12:38 <DIR> Adaptec Shared
14/08/2005 20:15 <DIR> Adobe
06/06/2005 00:04 <DIR> Adobe Systems Shared
14/08/2007 12:13 <DIR> Agnitum Shared
08/05/2006 16:44 <DIR> Ahead
14/09/2006 23:39 <DIR> DataViz
05/12/2001 16:33 <DIR> Designer
09/08/2006 13:01 <DIR> eSellerate
09/08/2007 12:57 <DIR> GTK
26/04/2004 19:53 <DIR> Hewlett-Packard
01/05/2007 01:32 <DIR> HP
15/09/2005 17:27 <DIR> InstallShield
25/08/2005 15:52 <DIR> Java
11/08/2006 11:16 <DIR> LightScribe
12/08/2007 13:25 <DIR> Microsoft Shared
26/04/2004 19:51 <DIR> MSSoap
13/07/2006 19:09 <DIR> ODBC
07/03/2006 21:33 <DIR> PC SOFT
17/04/2007 12:21 <DIR> Raxco
18/11/2006 03:00 <DIR> Real
26/09/2005 05:12 <DIR> SC Test Branding 1 Shared
10/12/2006 12:02 <DIR> SERVICES
18/12/2006 14:27 <DIR> SYSTEM
17/08/2007 00:59 <DIR> Wise Installation Wizard
0 fichier(s) 0 octets
26 Rép(s) 5 925 481 984 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
29/01/2004 13:31 <DIR> .
29/01/2004 13:31 <DIR> ..
01/03/2002 00:03 561 209 MSONSEXT.DLL
03/06/1999 20:09 122 937 MSOWS409.DLL
08/04/1999 21:49 127 032 MSOWS40C.dll
18/03/1999 06:37 593 977 RAGENT.DLL
4 fichier(s) 1 405 155 octets
2 Rép(s) 5 925 480 448 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\Program Files\common files
20/06/2007 01:21 <DIR> .
20/06/2007 01:21 <DIR> ..
20/06/2007 01:21 <DIR> System
0 fichier(s) 0 octets
3 Rép(s) 5 925 479 936 octets libres
Le volume dans le lecteur C s'appelle Disque local
Le numéro de série du volume est 545F-803A
Répertoire de C:\
12/05/2007 18:22 68 096 diff.exe
12/05/2007 18:22 103 424 grep.exe
2 fichier(s) 171 520 octets
0 Rép(s) 5 925 479 424 octets libres
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
c:\Documents and Settings\Dav\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
c:\Documents and Settings\David\Mes documents\David\20060407_sagem_usb_drivers_setup.exe
c:\Documents and Settings\David\Mes documents\David\GoogleEarthSetup.exe
c:\Documents and Settings\David\Mes documents\David\mpas_7_15.exe
c:\Documents and Settings\David\Mes documents\David\yetisports3.exe
c:\Documents and Settings\David\Mes documents\David\Download\Ad-Reghance\regh.exe
c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\BtserverSpylite.exe
c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\instmsia.exe
c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\instmsiw.exe
c:\Documents and Settings\David\Mes documents\David\Download\Bluetooth\setup.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-aiff.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-mp3PRO-decoder.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-musepack.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-ogg.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wma.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav2.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav8.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-codec-wmav9.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dBpowerAMP-OggVorbis-CLI.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\db-wmfdist-wma9.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-Mp3-MP3PRO-Encoder-CLI.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-r9.exe
c:\Documents and Settings\David\Mes documents\David\Download\cod\dMC-WMA8-Encoder-CLI.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\Combined-Community-Codec-Pack-2006-07-28.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\klmcodec160.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\Matroska_Pack_Full_v1.1.2.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\MPSetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\regcln41.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\RegSupreme_setup.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\WM9Codecs.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\wmv9VCMsetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\codecs\zp_french451.exe
c:\Documents and Settings\David\Mes documents\David\Download\Drivers Clef\Win98Drv1130_8.2.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\_ISDEL.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\aballs.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Abalone.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\abalone2.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\abalone3.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\arbedarts.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CaromV302.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CAVALCAD.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\CHGLINE.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\colorbreak2.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\cueclub_ns.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\dartssetupdemo.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\DDDPoolSetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\FOURMI.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\hexagon.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install_super_othello3d.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\install_super_puissance4.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ipuissance4d-6.0b11-install.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\iPuissance4D-v5.03.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ISOLA.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\KickShotPoolSetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\LABYRINTHE2.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\MENUX.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\MOUSEON.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\NAFRPART.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\ot_271.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\OTHELLO.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\P4.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\PBudYSetup.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\SETUP.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Sokoban.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\TIR.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\AuGrandBazar\tarot\_ISDEL.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\AuGrandBazar\tarot\SETUP.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\_ISDEL.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\_SETUP.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\INST32I.EXe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Hexag\SETUP.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\P4\P4.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\Stack\STACK.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\Yeti1_dc_free.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports1.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports2.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports3.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports4.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports5.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports6.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports7.exe
c:\Documents and Settings\David\Mes documents\David\Download\Jeux\yéti\yetisports8.exe
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\LINEAR8.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\MODEM.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\PHONE.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\PHONX.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\SYS_ID.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\TTS.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Mobile\TTS_E.EXE
c:\Documents and Settings\David\Mes documents\David\Download\Nero\LS_HSI.EXE
c:\Documents and Settings\David\Mes documents\David\Download\palm\documentstogopro7006-fr.exe
c:\Documents and Settings\David\Mes documents\David\Download\palm\Nouveau dossier\install.exe
c:\Documents and Settings\David\Mes documents\David\Download\tarot\install.exe
c:\Documents and Settings\David\Mes documents\David\Download\video\kickshotpool.exe
c:\Documents and Settings\David\Mes documents\David\Download\video\mj_40en.exe
c:\Documents and Settings\David\Mes documents\David\IDAPI\BDECFG.EXE
c:\Documents and Settings\David\Mes documents\David\OD 91\planning\PLANNING.EXE
c:\Documents and Settings\David\Mes documents\David\palm2\AdobeReader305-PalmOS_fra.exe
c:\Documents and Settings\David\Mes documents\David\palm2\setup.exe
c:\Documents and Settings\David\Mes documents\David\poker\poker2003.exe
c:\Documents and Settings\David\Mes documents\David\Registry Repair\install.exe
c:\Documents and Settings\David\Mes documents\David\Registry Repair\Registry Repair 2006.exe
c:\Documents and Settings\David\Mes documents\David\Seu\loto_dem\DISK1\_ISDEL.EXE
c:\Documents and Settings\David\Mes documents\David\Seu\loto_dem\DISK1\SETUP.EXE
c:\Documents and Settings\David\Mes documents\David\Sudoku\AUTORUN.EXE
c:\Documents and Settings\David\Mes documents\David\Sudoku\NAVIGMA.EXE
c:\Documents and Settings\David\Mes documents\David\Sudoku\setup\Setup.exe
c:\Documents and Settings\David\Mes documents\David\Sudoku\setup\Dx90c\DirectX9\dxsetup.exe
c:\Documents and Settings\David\Mes documents\David\Tarot2\Install.EXE
c:\Documents and Settings\David\Mes documents\David\Tarot2\PointSoft.exe
c:\Documents and Settings\David\Mes documents\David\Vacances 2005\avg70t_271a363.exe
c:\Documents and Settings\David\Mes documents\David\Vacances 2005\netsetup.exe
c:\Documents and Settings\David\Mes documents\David\Vacances 2005\David\SP16825.exe
c:\Documents and Settings\David\Mes documents\David\Vacances 2005\David\SP21117.exe
c:\Documents and Settings\David\Mes documents\Downloads\Codecs for all films 2003.exe
c:\Documents and Settings\David\Mes documents\Downloads\serials 2000\s2k-v7.1.PasswordFix.exe
c:\Documents and Settings\David\Mes documents\Serials2k\s2k-v7.1.PasswordFix.exe
c:\Documents and Settings\David\Mes documents\Serials2k\ser2k70.exe
c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
c:\Documents and Settings\David.GABRIEL\Application Data\Microsoft\Installer\{8C92D38B-C1DE-490A-B6D1-AAAA8E17DCE2}\Icon8C92D38B.exe
c:\Documents and Settings\David.GABRIEL\Bureau\ATF-Cleaner.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\catchme.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\diff.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\dumphive.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\FilesInfoCmd.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\find2.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\Fport.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\grep.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\HJTInstall.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\KProcCheck.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\LFiles.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\LISTDLLS.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\pslist.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\streams.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier\swreg.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (2)\ATF-Cleaner.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)920i32.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\61.77_win2kxp_international.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\dMC-r12.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_FreeConverter.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_KRAC_EN(2).exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Setup_KRAC_EN.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\FreePCvcR_v0.6.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\cr-cpa60.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\defrag.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\vnc-4_1-x86_win32.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\wrar330fr.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\40comupd.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\install.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\setup.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\A classer\Nouveau dossier\antivir\spybotsd14.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair\FairUseCommander.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair2\FairUse4WM.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\fair2\FairUseCommander.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HpAiOScrubber_v2038.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HpCartridgeCompatibilityWin2KXP_v2.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\HPPSE1.12.0.46FRA.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\HP\rw2_021_w02_fra.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\autorun.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\Setup.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Ma111\MA111SW\utility\Setup.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\runalyz.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_advcheck.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_includes.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd_tools.exe
c:\Documents and Settings\David.GABRIEL\Bureau\Nouveau dossier (3)\Spy\spybotsd14.exe
c:\Documents and Settings\David.GABRIEL\Local Settings\Application Data\WMFMetadataReader\FairUseCommander.exe_Url_kfahvpvokiuzmtgubcipixk4amkg1udf
c:\Documents and Settings\David.GABRIEL\Local Settings\Application Data\WMFMetadataReader\FairUseCommander.exe_Url_sjmhc2jh3qy0jlrfqe2jy1peeb15ux1q
c:\Documents and Settings\David.GABRIEL\Local Settings\Temp\15767.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\drivers.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Bluetooth\fma-0.1.0.35-setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\directx_9c_oct05sdk_redist.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\BVA\OD 91\planning\PLANNING.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\OD 91\planning\PLANNING.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETI1_DC_FREE.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS1.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS2.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\Nouveau dossier\yeti\YETISPORTS5.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\Charlotte\sagem\20060407_sagem_usb_drivers_setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Clef Usb\IDAPI\BDECFG.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\David\20060407_sagem_usb_drivers_setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\David\GoogleEarthSetup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\David\mpas_7_15.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\David\yetisports3.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ATF-Cleaner(2).exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ATF-Cleaner.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\avg75iswt_431a836.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\CAPICOM-KB931906-v2102(2).exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\CAPICOM-KB931906-v2102.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\ccsetup140.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Codecs for all films 2003.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Freeplayer-Win32-20050905.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\fsbl.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gs854w32.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gsv48w32(2).exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gsv48w32.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\gtk+-2.10.13-setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\HiJackThis_v2.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\installer-15767-33-PerfectDisk-8-0-54-2000-XP-French.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\LSPFix.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\nentfrst.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OutpostProInstallFr.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\OutpostProInstallPackage.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\PDFCreator-0_9_3_GPLGhostscript.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\powerdefrag.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\pwdremover.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\SBPCI_WebDrvsV5_12_01.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Service+Setup.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\setup-adsltv.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\spybotsd14.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\StepByStepInteractiveTraining-KB923723-x86-FRA.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\updatecdr4_53_71.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\vlc-0.8.6c-win32.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\win_easybox_4.0(2).exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\win_easybox_4.0.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB925902-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB927891-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB930178-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB931784-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB932168-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935839-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935840-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935843-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Windows2000-KB935966-x86-FRA.EXE
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\WindowsXP-KB823980-x86-FRA.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\EasyBox\win_easybox_4.0.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\BSPlayer Pro.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\vsfilter.2.37_nt.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\vsfilter.2.37_nt.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Lost_Season03_Episodes_01-06\Sous titre Lost S03 et Prison Break French\BSPlayer Pro 2.10\BSPlayer Pro.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Nouveau dossier\dotheshit.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Nouveau dossier\OutpostSecuritySuiteProInstall.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\The.Ultimate.Troubleshooter.v3.20-RES-crk\troubleshooter.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\The.Ultimate.Troubleshooter.v3.20-RES-crk\UltimateTroubleshooter.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\WinZip 10.0.6699 Pro (full)\winzip100.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Zone Alarm Pro 6.1.744.001\Zone Alarm Pro Key Generator.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Downloads\Zone Alarm Pro 6.1.744.001\ZoneAlarm Pro 6.1.744.001.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Registre\regexp.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Serials2k\s2k-v7.1.PasswordFix.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Serials2k\ser2k70.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\testdisk-6.5\win\photorec_win.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\testdisk-6.5\win\testdisk_win.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\Tune\TU2007TrialFR.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\win\photorec_win.exe
c:\Documents and Settings\David.GABRIEL\Mes documents\win\testdisk_win.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\ARPPRODUCTICON.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\serial2k.exe_AA64977EBEC84BDD81E8775F9F2FA2FF.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{AA64977E-BEC8-4BDD-81E8-775F9F2FA2FF}\uninst_s2k.exe_AA64977EBEC84BDD81E8775F9F2FA2FF.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\ARPPRODUCTICON.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1_45BA714564B04B5DBDC240E20FCDC6DC.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut3.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut5.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6_45BA714564B04B5DBDC240E20FCDC6DC.exe
c:\Documents and Settings\Davide\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\PalmDesktopShortcut.exe
c:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\VFHXLSK5\PD80ENp_x86[1].exe
c:\Documents and Settings\Gabriel\Mes documents\Downloads\wintasksprofessional.EXE
c:\Documents and Settings\Gabriel\Mes documents\Downloads\OutpostSecuritySuitePRO2007\dotheshit.exe
c:\Documents and Settings\Gabriel\Mes documents\Downloads\OutpostSecuritySuitePRO2007\OutpostSecuritySuiteProInstall.exe
c:\Documents and Settings\Gabriel\Mes documents\Downloads\PDF.Password.Remover.v3.0.WinALL-CHiCNCREAM\pwdremover.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\ARPPRODUCTICON.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
c:\Documents and Settings\Papa\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe
c:\Documents and Settings\Papa\Bureau\Freeplayer-Win32-20050905.exe
c:\Documents and Settings\Papa\Bureau\Google_Earth_BZXE.exe
c:\Documents and Settings\Papa\Bureau\vlc-0.8.6c-win32.exe
c:\Documents and Settings\Papa\Local Settings\Temp\waunst_.exe
c:\Documents and Settings\Papa\Mes documents\aaw-lang-pack.exe
c:\Documents and Settings\Papa\Mes documents\ad aware w6181.exe
c:\Documents and Settings\Papa\Mes documents\emprunt.exe
c:\Documents and Settings\Papa\Mes documents\GoogleEarth-0762.exe
c:\Documents and Settings\Papa\Mes documents\OODefrag8ProfessionalEnu.exe
c:\Documents and Settings\Papa\Mes documents\powerdefrag.exe
c:\Documents and Settings\Papa\Mes documents\spyswp3_anshare356.exe
c:\Documents and Settings\Papa\Mes documents\download\Windows-KB890830-V1.22.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Setup.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe DNG Converter\Adobe DNG Converter.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\instmsia.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\instmsiw.exe
c:\Documents and Settings\Papa\Mes documents\Photoshop\Photoshop CS2\Adobe® Photoshop® CS2\setup.exe
c:\Documents and Settings\Papa\Mes documents\Secours Free\ispare.exe
c:\Documents and Settings\Papa\Mes documents\telechargement\setup_file_recover_trial.exe
c:\Program Files\Documents To Go\DocsToGo.exe
c:\Program Files\Documents To Go\HandheldInstall.exe
c:\Program Files\Documents To Go\OfficeAddinInstaller.exe
c:\Program Files\Documents To Go\OfficeAddinUninstaller.exe
c:\Program Files\Documents To Go\ptgxlat.exe
c:\Program Files\Documents To Go\ZipUtil.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\Setup.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\50comupd.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\InstMsiA.Exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\InstMsiW.Exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\msaardk.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\components\msxml3sp1.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\solidconverterpdf\setup.exe
c:\Program Files\SolidDocuments\installer\solidconverterpdf\solidconverterpdf\solidconvertersetuppdf.exe
c:\WINDOWS\Installer\{EB807EB6-5179-48B7-98D4-7B4934A57A81}\DocumentsToGo.exe
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Expsrv.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msado15.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msadox.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msadrh15.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjet40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjetoledb40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjint40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjro.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjter40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Msjtes40.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\Mswstr10.dll
c:\Documents and Settings\David\Application Data\Creative\Media Database\JetFileBackup\vbajet32.dll
c:\Documents and Settings\David.GABRIEL\Application Data\Mozilla\Firefox\Profiles\frffk686.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\FFHook.dll
c:\Documents and Settings\David.GABRIEL\Application Data\Mozilla\Firefox\Profiles\frffk686.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}\components\McAPFilt.dll
c:\Documents and Settings\David.GABRIEL\Application Data\TaoUSign\jsec.dll
c:\Documents and Settings\Davide\Application Data\Creative\Media Databas
A voir également:
- Analyse Hijack...
- Hijack this - Télécharger - Antivirus & Antimalwares
- Échec de l'analyse antivirus. ✓ - Forum Antivirus
- Logiciel analyse image - Télécharger - Photo & Graphisme
- Analyse composant pc - Guide
- Analyse et reparation du lecteur c ✓ - Forum Windows 10
3 réponses
Salut, suis ma démarche:
-Tu désactive tout d'abord la restauration de système Windows sur ton PC: Démarrer -> Pannaeau de configuration (en mode catégorie) -> Performance et maintenance -> Système -> Onglet restauration du système -> coche la case Désactivé la restauration du sytème.
-Tu télécharges Avast!, gratuit, sur le site dans l'onglet sécurité, que tu mets à jours et dont tu actives la protection résidente ( protection en temps réel donc) puis fais un scan avec ton antivirus principal (Avast! donc); Une fois les malwares mis en quarantaine, détruit les purement et simplement (ces fichiers on une tete de mort à coté de leur ligne).
Sauf si tu as déja un antivirus valable et à jour
-Ensuite télécharge Spybot S&D et/ou Ad-aware (ils sont sur le site dans l'onglet sécurité), mets les à jour, puis fais un scan, et supprime les problèmes qui vont s'affichés.
-Ensuite, télécharge et installe CCleaner, un programme gratuit, et pratique, sur le site, qui va faire le ménage après toutes ces manipulations, mets le d'abord à jour (la dernière version beta 2.0.45) puis cherche les erreurs de registres et nettoie les fichiers indésirables ou inutiles avec.
-Ensuite télécharge et installe Spyware blaster, aussi sur le site, un ptit logiciel sympa qui va empecher les script malvaillants et les sites malwares d'attaquer ton disk dur et ton navigateur web.
-Si tu n'as pas de par-feu (fire wall), désative celui de Windows (qui ne protège que dans un sens) et télécharge Zone-Alarm de Zonlabs et installe le, mets le à jour et configure le par défault, il est simple d'utilisation et efficace.
-Pour les saletés de rootkits et les backdoor (portes dérobés), je te conseille de téléchargé F-SECURE Blacklight et PANDA antirootkit, disponible sur le site, gratuits, de les mettre à jour et de faire un scan de ton PC avec chacun d'eux.
-Et n'oublie pas de mettre à jour régulièrement Windows (je sais c'est relous mais nécessaire).
Après dis moi- si tu as toujours des problèmes ou si cela est réglé.
En espérant t'avoir éclairé.
:)
-Tu désactive tout d'abord la restauration de système Windows sur ton PC: Démarrer -> Pannaeau de configuration (en mode catégorie) -> Performance et maintenance -> Système -> Onglet restauration du système -> coche la case Désactivé la restauration du sytème.
-Tu télécharges Avast!, gratuit, sur le site dans l'onglet sécurité, que tu mets à jours et dont tu actives la protection résidente ( protection en temps réel donc) puis fais un scan avec ton antivirus principal (Avast! donc); Une fois les malwares mis en quarantaine, détruit les purement et simplement (ces fichiers on une tete de mort à coté de leur ligne).
Sauf si tu as déja un antivirus valable et à jour
-Ensuite télécharge Spybot S&D et/ou Ad-aware (ils sont sur le site dans l'onglet sécurité), mets les à jour, puis fais un scan, et supprime les problèmes qui vont s'affichés.
-Ensuite, télécharge et installe CCleaner, un programme gratuit, et pratique, sur le site, qui va faire le ménage après toutes ces manipulations, mets le d'abord à jour (la dernière version beta 2.0.45) puis cherche les erreurs de registres et nettoie les fichiers indésirables ou inutiles avec.
-Ensuite télécharge et installe Spyware blaster, aussi sur le site, un ptit logiciel sympa qui va empecher les script malvaillants et les sites malwares d'attaquer ton disk dur et ton navigateur web.
-Si tu n'as pas de par-feu (fire wall), désative celui de Windows (qui ne protège que dans un sens) et télécharge Zone-Alarm de Zonlabs et installe le, mets le à jour et configure le par défault, il est simple d'utilisation et efficace.
-Pour les saletés de rootkits et les backdoor (portes dérobés), je te conseille de téléchargé F-SECURE Blacklight et PANDA antirootkit, disponible sur le site, gratuits, de les mettre à jour et de faire un scan de ton PC avec chacun d'eux.
-Et n'oublie pas de mettre à jour régulièrement Windows (je sais c'est relous mais nécessaire).
Après dis moi- si tu as toujours des problèmes ou si cela est réglé.
En espérant t'avoir éclairé.
:)
Bonjour Darkiller et merci pour ton aide.
Toutefois, je n'ai pas de restauration windows activée
J'utilise nod32 comme antivirus et il n'a rien trouvé
J'utilise déjà Spybot et il n'a rien trouvé
J'utilise déjà CCleaner
J'utilise outpost comme firewall/anti logiciel malveillant et le scan n'a rien trouvé
J'ai fait un Blacklight, voici le rapport :
08/31/07 01:43:41 [Info]: BlackLight Engine 1.0.61 initialized
08/31/07 01:43:41 [Info]: OS: 5.0 build 2195 (Service Pack 4)
08/31/07 01:43:42 [Note]: 7019 4
08/31/07 01:43:42 [Note]: 7005 0
08/31/07 01:44:32 [Note]: 7006 0
08/31/07 01:44:34 [Note]: 7011 908
08/31/07 01:45:35 [Note]: 7026 0
08/31/07 01:47:57 [Note]: 7026 0
08/31/07 01:47:58 [Note]: 7015 1324
08/31/07 01:47:58 [Note]: 7015 87
08/31/07 01:49:56 [Note]: FSRAW library version 1.7.1021
08/31/07 01:50:07 [Info]: Hidden file: c:\:Q30lsldxJoudresxAaaqpcawXc
08/31/07 01:50:07 [Note]: 7002 0
08/31/07 01:50:07 [Note]: 7003 1
08/31/07 02:10:35 [Note]: 7007 0
Je n'y connais rien, mais je pensais que toutes ces précisions apparaissaient dans les rapports.
Merci....
Toutefois, je n'ai pas de restauration windows activée
J'utilise nod32 comme antivirus et il n'a rien trouvé
J'utilise déjà Spybot et il n'a rien trouvé
J'utilise déjà CCleaner
J'utilise outpost comme firewall/anti logiciel malveillant et le scan n'a rien trouvé
J'ai fait un Blacklight, voici le rapport :
08/31/07 01:43:41 [Info]: BlackLight Engine 1.0.61 initialized
08/31/07 01:43:41 [Info]: OS: 5.0 build 2195 (Service Pack 4)
08/31/07 01:43:42 [Note]: 7019 4
08/31/07 01:43:42 [Note]: 7005 0
08/31/07 01:44:32 [Note]: 7006 0
08/31/07 01:44:34 [Note]: 7011 908
08/31/07 01:45:35 [Note]: 7026 0
08/31/07 01:47:57 [Note]: 7026 0
08/31/07 01:47:58 [Note]: 7015 1324
08/31/07 01:47:58 [Note]: 7015 87
08/31/07 01:49:56 [Note]: FSRAW library version 1.7.1021
08/31/07 01:50:07 [Info]: Hidden file: c:\:Q30lsldxJoudresxAaaqpcawXc
08/31/07 01:50:07 [Note]: 7002 0
08/31/07 01:50:07 [Note]: 7003 1
08/31/07 02:10:35 [Note]: 7007 0
Je n'y connais rien, mais je pensais que toutes ces précisions apparaissaient dans les rapports.
Merci....
ok !
Une fois le scan fais, F-secure corrigera automatiquemenet les failles si il en trouve. Télécharge ad-aware, qui est complémentaire avec Spybot et fais un scan, puis corrige les problèmes s'il y en a.
Fais ensuite le scan avec Panda antirootkit aussi.
Une fois le scan fais, F-secure corrigera automatiquemenet les failles si il en trouve. Télécharge ad-aware, qui est complémentaire avec Spybot et fais un scan, puis corrige les problèmes s'il y en a.
Fais ensuite le scan avec Panda antirootkit aussi.
