voici le rapport DigHelp bonne lecture ^^ :
DiagHelp version v1.4 -
http://www.malekal.com
excute le 15/12/2007 à 20:02:31.13
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->15/12/2007 20:02:29
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->15/12/2007 20:02:28
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->15/12/2007 20:01:51
C:\WINDOWS\prefetch\AVGUARD.EXE-05F5152D.pf -->15/12/2007 19:55:36
C:\WINDOWS\prefetch\AVCENTER.EXE-05983540.pf -->15/12/2007 19:53:01
C:\WINDOWS\prefetch\AVSCAN.EXE-0A98540D.pf -->15/12/2007 19:42:00
C:\WINDOWS\prefetch\GUARDGUI.EXE-2C1384C2.pf -->15/12/2007 19:35:41
C:\WINDOWS\prefetch\AUPD.EXE-365E85DA.pf -->15/12/2007 19:35:22
C:\WINDOWS\prefetch\FIREFOX.EXE-06188867.pf -->15/12/2007 19:34:54
C:\WINDOWS\prefetch\NOTEPAD.EXE-2F2D61E1.pf -->15/12/2007 19:34:38
C:\WINDOWS\System32\drivers\avipbb.sys -->06/11/2007 23:22:52
C:\WINDOWS\System32\drivers\avgntdd.sys -->09/08/2007 13:04:11
C:\WINDOWS\System32\drivers\avgntmgr.sys -->18/07/2007 14:22:19
C:\WINDOWS\System32\drivers\ssmdrv.sys -->01/03/2007 10:34:36
C:\WINDOWS\System32\drivers\GEARAspiWDM.sys -->19/09/2006 14:44:04
C:\WINDOWS\System32\drivers\ZDPSp50a64.sys -->18/01/2006 14:09:40
C:\WINDOWS\System32\drivers\ZDPSp50.sys -->18/01/2006 14:09:40
C:\WINDOWS\System32\Status.MPF -->15/12/2007 19:35:48
C:\WINDOWS\System32\dcads-remove.exe -->15/12/2007 19:35:43
C:\WINDOWS\System32\superiorads-uninst.exe -->15/12/2007 19:23:22
C:\WINDOWS\System32\wpa.dbl -->14/12/2007 17:40:37
C:\WINDOWS\System32\FNTCACHE.DAT -->25/11/2007 10:25:00
C:\WINDOWS\System32\QuickTimeVR.qtx -->14/11/2007 23:43:22
C:\WINDOWS\System32\QuickTime.qts -->14/11/2007 23:43:22
C:\WINDOWS\System32\perfh00C.dat -->14/11/2007 18:16:13
C:\WINDOWS\System32\perfh009.dat -->14/11/2007 18:16:13
C:\WINDOWS\System32\perfc00C.dat -->14/11/2007 18:16:13
C:\WINDOWS\System32\perfc009.dat -->14/11/2007 18:16:13
C:\WINDOWS\System32\PerfStringBackup.INI -->14/11/2007 17:45:40
C:\WINDOWS\System32\CONFIG.NT -->08/11/2007 20:14:49
C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->24/10/2007 18:06:31
C:\WINDOWS\System32\WhoisCL.exe -->17/10/2007 18:23:24
C:\WINDOWS\System32\javaws.exe -->24/09/2007 22:31:42
C:\WINDOWS\System32\javacpl.cpl -->24/09/2007 22:31:42
C:\WINDOWS\System32\javaw.exe -->24/09/2007 21:30:30
C:\WINDOWS\System32\java.exe -->24/09/2007 21:30:28
C:\WINDOWS\System32\msinet.OCX -->20/07/2007 08:05:38
C:\WINDOWS\System32\CmdLineExt03.dll -->22/02/2007 17:24:34
C:\WINDOWS\System32\nscompat.tlb -->09/02/2007 23:07:49
C:\WINDOWS\System32\amcompat.tlb -->09/02/2007 23:07:49
C:\WINDOWS\System32\CmdLineExt.dll -->29/01/2007 20:23:44
C:\WINDOWS\System32\sirenacm.dll -->19/01/2007 12:53:04
C:\WINDOWS\0.log -->15/12/2007 10:25:10
C:\WINDOWS\wiadebug.log -->15/12/2007 10:24:54
C:\WINDOWS\wiaservc.log -->15/12/2007 10:24:38
C:\WINDOWS\bootstat.dat -->15/12/2007 10:22:46
C:\WINDOWS\SchedLgU.Txt -->14/12/2007 22:52:23
C:\WINDOWS\wmsetup.log -->04/12/2007 19:07:42
C:\WINDOWS\setupapi.log -->01/12/2007 19:50:38
C:\WINDOWS\DPINST.LOG -->20/11/2007 14:34:10
C:\WINDOWS\mozver.dat -->04/11/2007 10:42:46
C:\WINDOWS\nsreg.dat -->01/11/2007 22:46:54
C:\WINDOWS\win.ini -->01/11/2007 22:05:24
C:\WINDOWS\WindowsUpdate.log -->01/11/2007 20:34:57
C:\WINDOWS\tsoc.log -->13/08/2007 10:32:43
C:\WINDOWS\Q321178.log -->13/08/2007 10:32:43
C:\WINDOWS\ntdtcsetup.log -->13/08/2007 10:32:43
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals -
http://www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1432
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x01000000 0xf8000 6.00.2600.0000 C:\WINDOWS\Explorer.EXE
0x77be0000 0x53000 7.00.2600.0000 C:\WINDOWS\system32\msvcrt.dll
0x77290000 0x64000 6.00.2750.0167 C:\WINDOWS\system32\SHLWAPI.dll
0x77390000 0x802000 6.00.2600.0000 C:\WINDOWS\system32\SHELL32.dll
0x770e0000 0x8b000 3.50.5014.0000 C:\WINDOWS\system32\OLEAUT32.dll
0x71500000 0xfd000 6.00.2737.1600 C:\WINDOWS\System32\BROWSEUI.dll
0x71700000 0x148000 6.00.2750.0167 C:\WINDOWS\System32\SHDOCVW.dll
0x5b090000 0x34000 6.00.2600.0000 C:\WINDOWS\System32\UxTheme.dll
0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
0x77300000 0x8b000 5.82.2600.0000 C:\WINDOWS\system32\comctl32.dll
0x7c620000 0x81000 2001.12.4414.0053 C:\WINDOWS\System32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0042 C:\WINDOWS\System32\COMRes.dll
0x5b950000 0x71000 6.00.2600.0000 C:\WINDOWS\System32\themeui.dll
0x746e0000 0x8f000 6.00.2600.0000 C:\WINDOWS\System32\MLANG.dll
0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\System32\ATL.DLL
0x74aa0000 0x43000 6.00.2600.0000 C:\WINDOWS\System32\webcheck.dll
0x74a60000 0x9000 6.00.2600.0000 C:\WINDOWS\System32\BatMeter.dll
0x74a40000 0x7000 6.00.2600.0000 C:\WINDOWS\System32\POWRPROF.dll
0x76250000 0x8a000 5.131.2600.1123 C:\WINDOWS\system32\CRYPT32.dll
0x10000000 0x8000 9.40.0000.0000 C:\PROGRA~1\MOUSEW~1\SYSTEM\LgMousHk.dll
0x016a0000 0x2c6000 3.01.4000.2435 C:\WINDOWS\System32\msi.dll
0x00850000 0x17000 9.05.0000.1098 C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
0x723a0000 0x13000 6.00.2600.0000 C:\WINDOWS\System32\browselc.dll
0x63000000 0x96000 6.00.2737.0800 C:\WINDOWS\system32\WININET.dll
0x1a400000 0x7b000 6.00.2745.2300 C:\WINDOWS\system32\urlmon.dll
0x1f7b0000 0x31000 3.520.7713.0000 C:\WINDOWS\System32\ODBC32.dll
0x76340000 0x46000 6.00.2600.0000 C:\WINDOWS\system32\comdlg32.dll
0x1f850000 0x18000 3.520.7713.0000 C:\WINDOWS\System32\odbcint.dll
0x1c000000 0x24000 4.00.0005.0004 C:\Program Files\Ahead\InCD\incdshx.dll
0x011c0000 0x32000 3.00.0000.1132 C:\WINDOWS\System32\igfxpph.dll
0x00b30000 0x1d000 3.00.0000.1132 C:\WINDOWS\System32\hccutils.DLL
0x00f20000 0x21000 3.00.0000.1132 C:\WINDOWS\System32\igfxdev.dll
0x01200000 0x8f000 3.00.0000.1132 C:\WINDOWS\System32\igfxres.dll
0x01290000 0x45000 3.00.0000.1132 C:\WINDOWS\System32\igfxsrvc.dll
0x02340000 0x11000 5.00.0001.1200 C:\WINDOWS\System32\btncopy.dll
0x72380000 0x19000 6.00.2600.0000 C:\WINDOWS\System32\mydocs.dll
0x023f0000 0x8e000 6.00.2715.0400 C:\WINDOWS\System32\shdoclc.dll
0x02050000 0x11000 7.00.0000.0010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL
0x02480000 0x56000 7.10.3052.0004 C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll
0x025e0000 0x2d000 C:\Program Files\WinRAR\rarext.dll
0x012e0000 0x1a000 C:\WINDOWS\System32\CmdLineExt03.dll
0x71ca0000 0x1b000 6.00.2600.0000 C:\WINDOWS\System32\ACTXPRXY.DLL
0x732d0000 0x52000 6.00.2600.0101 C:\WINDOWS\System32\zipfldr.dll
0x027c0000 0x7000 6.05.0001.0900 C:\WINDOWS\System32\msdmo.dll
0x02fd0000 0x12e000 5.00.0001.1200 C:\WINDOWS\System32\btneighborhood.dll
0x02d40000 0xd0000 5.00.0001.1200 C:\WINDOWS\System32\wbtapi.dll
0x73d20000 0xf2000 6.00.8665.0000 C:\WINDOWS\System32\MFC42.DLL
0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
0x020f0000 0xb000 5.00.0001.1200 C:\WINDOWS\System32\btwpimif.dll
0x02100000 0x20000 5.00.0001.1200 C:\WINDOWS\System32\btosif.dll
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\System32\MFC42LOC.DLL
0x03100000 0x305000 5.00.0001.1200 C:\WINDOWS\System32\btrez.dll
0x02620000 0x10000 2.00.0039.0000 C:\WINDOWS\System32\CSH.dll
0x02690000 0x1c000 5.00.0001.1200 C:\WINDOWS\System32\BtXpPanel.Dll
0x5f140000 0x1a000 5.00.5014.0000 C:\WINDOWS\System32\OLEPRO32.DLL
0x00b00000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x76be0000 0x2b000 5.131.2600.0000 C:\WINDOWS\System32\WINTRUST.dll
0x0ffd0000 0x22000 5.01.2518.0000 C:\WINDOWS\System32\rsaenh.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals -
http://www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 624
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x6f000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x53000 7.00.2600.0000 C:\WINDOWS\system32\msvcrt.dll
0x76250000 0x8a000 5.131.2600.1123 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2b000 5.131.2600.0000 C:\WINDOWS\system32\WINTRUST.dll
0x77390000 0x802000 6.00.2600.0000 C:\WINDOWS\system32\SHELL32.dll
0x77290000 0x64000 6.00.2750.0167 C:\WINDOWS\system32\SHLWAPI.dll
0x77300000 0x8b000 5.82.2600.0000 C:\WINDOWS\system32\COMCTL32.dll
0x1f7b0000 0x31000 3.520.7713.0000 C:\WINDOWS\system32\ODBC32.dll
0x76340000 0x46000 6.00.2600.0000 C:\WINDOWS\system32\comdlg32.dll
0x008f0000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
0x1f850000 0x18000 3.520.7713.0000 C:\WINDOWS\system32\odbcint.dll
0x76b70000 0x1f000 6.00.2600.0000 C:\WINDOWS\system32\SHSVCS.dll
0x5b090000 0x34000 6.00.2600.0000 C:\WINDOWS\system32\uxtheme.dll
0x0ffd0000 0x22000 5.01.2518.0000 C:\WINDOWS\System32\rsaenh.dll
0x77000000 0xd4000 2001.12.4414.0042 C:\WINDOWS\system32\COMRes.dll
0x770e0000 0x8b000 3.50.5014.0000 C:\WINDOWS\system32\OLEAUT32.dll
0x7c620000 0x81000 2001.12.4414.0053 C:\WINDOWS\system32\CLBCATQ.DLL
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\WINDOWS\system32
28/08/2001 11:00 4 096 csrss.exe
1 fichier(s) 4 096 octets
0 Rép(s) 7 590 113 280 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\WINDOWS\Downloaded Program Files
30/10/2007 20:27 <REP> .
30/10/2007 20:27 <REP> ..
07/09/2004 12:27 65 desktop.ini
13/04/2007 02:14 382 344 GAME_UNO1.dll
17/01/2007 15:44 316 GAME_UNO1.INF
22/02/2007 23:41 304 544 MessengerStatsPAClient.dll
20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd
16/11/2006 12:35 63 056 MusicManagerUnInstaller.exe
09/11/2006 14:36 5 019 swflash.inf
30/06/2003 22:41 1 689 WMV9VCM.inf
8 fichier(s) 758 195 octets
Total des fichiers listés :
8 fichier(s) 758 195 octets
2 Rép(s) 7 590 113 280 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-12-15 20:03:58
Windows 5.1.2600 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (
http://www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
152 - FTRTSVC.exe
176 - incdsrv.exe
220 - slserv.exe
412 - svchost.exe
424 - ComComp.exe
600 - csrss.exe
624 - winlogon.exe
668 - services.exe
680 - lsass.exe
832 - svchost.exe
860 - svchost.exe
972 - svchost.exe
988 - svchost.exe
1100 - LEXPPS.EXE
1108 - spoolsv.exe
1140 - LVPrcSrv.exe
1324 - firefox.exe
1364 - iPodService.exe
1432 - explorer.exe
1516 - hkcmd.exe
1532 - EM_EXEC.EXE
1540 - MpfTray.exe
1600 - LVCOMSX.EXE
1620 - avgnt.exe
1644 - Watch.exe
1652 - iTunesHelper.ex
1736 - MpfAgent.exe
1760 - BTTray.exe
1952 - cmd.exe
2004 - ALERTM~1.EXE
2252 - avguard.exe
2600 - Inactivity.exe
3108 - avscan.exe
3188 - PollingModule.e
3192 - Toaster.exe
3444 - GestionnaireInt
3484 - usnsvc.exe
Total number of processes = 38
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (
http://www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D0000 - \WINDOWS\system32\ntoskrnl.exe
806B5000 - \WINDOWS\system32\hal.dll
FCA21000 - \WINDOWS\system32\KDCOM.DLL
FC931000 - \WINDOWS\system32\BOOTVID.dll
FC4D4000 - ACPI.sys
FCA23000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS
FC521000 - pci.sys
FC531000 - isapnp.sys
FCA25000 - intelide.sys
FC7A1000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
FC541000 - MountMgr.sys
FC4B5000 - ftdisk.sys
FC7A9000 - PartMgr.sys
FC551000 - VolSnap.sys
FC49F000 - atapi.sys
FC561000 - disk.sys
FC571000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
FC48D000 - sr.sys
FC581000 - avgntmgr.sys
FC479000 - KSecDD.sys
FC3F6000 - Ntfs.sys
FC3CE000 - NDIS.sys
FC3B4000 - Mup.sys
FC621000 - \SystemRoot\System32\DRIVERS\p3.sys
FBCF9000 - \SystemRoot\System32\DRIVERS\i81xnt5.sys
FC631000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
FC641000 - \SystemRoot\System32\DRIVERS\i8042prt.sys
FC651000 - \SystemRoot\System32\DRIVERS\L8042Pr2.sys
FC661000 - \SystemRoot\System32\DRIVERS\LMouFlt2.sys
FC7F9000 - \SystemRoot\System32\DRIVERS\mouclass.sys
FCA3D000 - \SystemRoot\System32\DRIVERS\LKbdFlt2.sys
FC801000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
FC809000 - \SystemRoot\System32\DRIVERS\fdc.sys
FC671000 - \SystemRoot\System32\DRIVERS\serial.sys
FC9BD000 - \SystemRoot\System32\DRIVERS\serenum.sys
FBCE6000 - \SystemRoot\System32\DRIVERS\parport.sys
FC9C1000 - \SystemRoot\System32\DRIVERS\gameenum.sys
FCBAD000 - \SystemRoot\system32\drivers\msmpu401.sys
FBCC5000 - \SystemRoot\system32\drivers\portcls.sys
FC6A1000 - \SystemRoot\system32\drivers\drmk.sys
FBCA5000 - \SystemRoot\system32\drivers\ks.sys
FC6B1000 - \SystemRoot\System32\Drivers\Imapi.SYS
FC6C1000 - \SystemRoot\System32\DRIVERS\cdrom.sys
FC6D1000 - \SystemRoot\System32\DRIVERS\redbook.sys
FC811000 - \SystemRoot\System32\DRIVERS\InCDPass.sys
FC819000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
FC821000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
FBC86000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
FBC6E000 - \SystemRoot\system32\drivers\ac97intc.sys
FBC41000 - \SystemRoot\System32\DRIVERS\slntamr.sys
FC9C9000 - \SystemRoot\System32\DRIVERS\SlWdmSup.sys
FBC2C000 - \SystemRoot\System32\DRIVERS\Mtlmnt5.sys
FC829000 - \SystemRoot\System32\Drivers\Modem.SYS
FBB5F000 - \SystemRoot\System32\DRIVERS\btkrnl.sys
FCBB8000 - \SystemRoot\System32\DRIVERS\audstub.sys
FC751000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
FC9DD000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
FBB49000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
FC761000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
FC771000 - \SystemRoot\System32\DRIVERS\raspptp.sys
FC9E1000 - \SystemRoot\System32\DRIVERS\TDI.SYS
FBA98000 - \SystemRoot\System32\DRIVERS\psched.sys
FC781000 - \SystemRoot\System32\DRIVERS\msgpc.sys
FC831000 - \SystemRoot\System32\DRIVERS\ptilink.sys
FC839000 - \SystemRoot\System32\DRIVERS\raspti.sys
FC841000 - \SystemRoot\System32\DRIVERS\wanatw4.sys
FC791000 - \SystemRoot\System32\DRIVERS\termdd.sys
FCBD0000 - \SystemRoot\System32\DRIVERS\swenum.sys
FB7D6000 - \SystemRoot\System32\DRIVERS\update.sys
FC5B1000 - \SystemRoot\System32\Drivers\NDProxy.SYS
FC871000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
FC611000 - \SystemRoot\System32\DRIVERS\usbhub.sys
FCA63000 - \SystemRoot\System32\DRIVERS\USBD.SYS
FC879000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
F7603000 - \SystemRoot\System32\DRIVERS\WlanBZXP.sys
FC6E1000 - \SystemRoot\system32\drivers\lvusbsta.sys
F72D9000 - \SystemRoot\System32\DRIVERS\LV302AV.SYS
FC6F1000 - \SystemRoot\System32\DRIVERS\STREAM.SYS
FCA6D000 - \SystemRoot\System32\DRIVERS\lv302af.sys
FC701000 - \SystemRoot\system32\drivers\usbaudio.sys
F70C6000 - \??\C:\WINDOWS\system32\drivers\Lvckap.sys
FC741000 - \SystemRoot\SYSTEM32\DRIVERS\avgntdd.sys
FCA81000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
FCC2D000 - \SystemRoot\System32\Drivers\Null.SYS
FCA83000 - \SystemRoot\System32\Drivers\Beep.SYS
FC8A1000 - \SystemRoot\System32\drivers\vga.sys
FCA85000 - \SystemRoot\System32\Drivers\mnmdd.SYS
FCA87000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
FCA89000 - \SystemRoot\System32\Drivers\InCDrec.SYS
F7069000 - \SystemRoot\System32\Drivers\InCDfs.SYS
FC8A9000 - \SystemRoot\System32\Drivers\Msfs.SYS
FC8B1000 - \SystemRoot\System32\Drivers\Npfs.SYS
FB7CE000 - \SystemRoot\System32\DRIVERS\rasacd.sys
FBB39000 - \SystemRoot\System32\DRIVERS\ipsec.sys
F7019000 - \SystemRoot\System32\DRIVERS\tcpip.sys
FBB29000 - \SystemRoot\System32\Drivers\MpFirewall.sys
F6FF4000 - \SystemRoot\System32\DRIVERS\netbt.sys
FBB19000 - \SystemRoot\System32\DRIVERS\netbios.sys
FC8B9000 - \SystemRoot\System32\DRIVERS\ssmdrv.sys
F6FCC000 - \SystemRoot\System32\DRIVERS\rdbss.sys
F6F6C000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
FBB09000 - \SystemRoot\System32\Drivers\Fips.SYS
FBAF9000 - \SystemRoot\System32\DRIVERS\avipbb.sys
FBAC9000 - \SystemRoot\System32\DRIVERS\wanarp.sys
FBAB9000 - \SystemRoot\System32\Drivers\Cdfs.SYS
F6E4B000 - \SystemRoot\System32\Drivers\dump_atapi.sys
FCA8D000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \??\C:\WINDOWS\system32\win32k.sys
F7706000 - \??\C:\WINDOWS\system32\watchdog.sys
BFF80000 - \SystemRoot\System32\drivers\dxg.sys
FCC75000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9B8000 - \SystemRoot\System32\i81xdnt5.dll
F6CCB000 - \SystemRoot\System32\drivers\afd.sys
F6A20000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
F69BC000 - \SystemRoot\system32\drivers\wdmaud.sys
F6AAB000 - \SystemRoot\system32\drivers\sysaudio.sys
FCAC7000 - \SystemRoot\System32\Drivers\ParVdm.SYS
FC869000 - \??\C:\WINDOWS\System32\drivers\btserial.sys
F66C5000 - \SystemRoot\System32\DRIVERS\secdrv.sys
F656A000 - \SystemRoot\System32\DRIVERS\srv.sys
FC889000 - \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys
FC899000 - \SystemRoot\System32\Drivers\ZDPSp50.sys
F5F7C000 - \SystemRoot\system32\drivers\kmixer.sys
F5E68000 - \SystemRoot\System32\Drivers\Fastfat.SYS
F6CAB000 - \??\C:\WINDOWS\System32\PCANDIS5.SYS
FCC41000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 126
Liste des programmes installes
ABBYY FineReader 5.0 Sprint
Adobe Flash Player 9 ActiveX
Adobe Shockwave Player
Ahead InCD
Ahead NeroMediaPlayer
Ahead NeroVision Express
AOL France
Apple Software Update
Audacity 1.2.6
Avira AntiVir PersonalEdition Classic
Barre d'outils MSN
Browser Optimizer Dcads
Browser Optimizer Superiorads
CDex extraction audio
Correctif Windows XP - Article Base de Connaissances 834707
Correctif Windows XP - KB823559
Correctif Windows XP - KB828741
Correctif Windows XP - KB835732
Correctif Windows XP - KB842773
Dcads Games Collection
EA.com Update
ESD U10039_00 V2
Free Ipod Video Converter V 2.4
Gestionnaire Internet
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
iTunes
J2SE Runtime Environment 5.0 Update 9
Java(TM) 6 Update 3
Le Maître de l'Olympe - Zeus.
Lecteur Windows Media 10
Lexmark X1100 Series
LimeWire PRO 4.12.3
livebox
McAfee Personal Firewall Plus
MediaBar
MFCDLL Shared Library - Retail Version
Micrografx Picture Publisher 7
Microsoft (R) C Runtime Library
Microsoft (R) C++ Runtime Library
Microsoft .NET Framework (French) v1.0.3705
Microsoft .NET Framework (French) v1.0.3705
Microsoft Office 2000 Premium
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (2.0.0.11)
MSXML 3.0
MSXML4 Parser
Nero - Burning Rom
Package du correctif Windows XP [voir Q329115 pour plus de détails]
Programme de gestion Camera de Logitech®
QuickTime
Réussir ses CV et Lettres de Motivation
Sagem Wi-Fi 11g USB adapter (driver)
Sagem Wi-Fi 11g USB adapter (utility)
TextBridge Classic
VideoLAN VLC media player 0.8.6d
Viewpoint Media Player (Remove Only)
WarBreeds
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows XP Hotfix (SP1) [See Q321178 for more information]
Windows XP Hotfix (SP1) [See Q329048 for more information]
Windows XP Hotfix (SP1) [See Q329390 for more information]
Windows XP Hotfix (SP1) [See Q329441 for more information]
Windows XP Hotfix (SP1) [See Q329834 for more information]
Windows XP Hotfix (SP1) Q329170
Windows XP Hotfix (SP1) Q810577
Windows XP Hotfix (SP1) Q810833
Windows XP Hotfix (SP1) Q815021
Windows XP Hotfix (SP1) Q817606
WinRAR archiver
XRELAIS 3.1 ( Evaluation )
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\Program Files
15/12/2007 19:22 <REP> .
15/12/2007 19:22 <REP> ..
03/12/2006 18:19 <REP> ABBYY FineReader 5.0 Sprint
03/12/2006 18:18 <REP> ABBYY FineReader 6.0
07/09/2004 20:37 <REP> Ahead
05/11/2007 23:24 <REP> Alwil Software
01/12/2007 12:19 <REP> Apple Software Update
31/03/2007 22:01 <REP> asc
07/11/2007 18:53 <REP> Avira
07/09/2004 12:26 <REP> ComPlus Applications
15/12/2007 19:22 <REP> Dcads Games Collection
05/11/2007 23:57 <REP> DivX
11/09/2004 09:45 <REP> EACOM
13/11/2007 21:43 <REP> Fichiers communs
08/11/2007 19:50 <REP> Google
14/11/2007 18:15 <REP> Internet Explorer
01/12/2007 12:28 <REP> iPod
05/12/2007 15:39 <REP> Ipod Video Converter
01/12/2007 12:28 <REP> iTunes
24/10/2007 18:06 <REP> Java
27/09/2006 10:23 <REP> LHSP
07/09/2004 19:19 <REP> McAfee.com
06/10/2006 12:17 <REP> Micro Application
05/02/2005 11:31 <REP> Micrografx
09/09/2004 14:45 <REP> microsoft frontpage
13/08/2007 10:34 <REP> Microsoft Games
09/09/2004 14:46 <REP> Microsoft Office
09/09/2004 14:49 <REP> Microsoft Visual Studio
07/09/2004 12:36 <REP> MouseWare
07/09/2004 12:27 <REP> Movie Maker
15/12/2007 19:34 <REP> Mozilla Firefox
07/09/2004 12:24 <REP> MSN
15/06/2005 14:01 <REP> MSN Apps
07/09/2004 12:24 <REP> MSN Gaming Zone
20/11/2007 14:33 <REP> MSN Messenger
04/12/2007 22:54 <REP> NCH Software
04/12/2007 22:43 <REP> NCH Swift Sound
08/01/2007 19:55 <REP> NetMeeting
28/07/2007 14:09 <REP> Network Associates
07/09/2004 12:26 <REP> Outlook Express
01/12/2007 12:24 <REP> QuickTime
29/12/2006 21:45 <REP> SAGEM
29/12/2006 21:45 <REP> SAGEM WiFi manager
14/11/2007 18:05 <REP> SDSComposants
29/12/2006 21:41 <REP> Securitoo
07/09/2004 12:25 <REP> Services en ligne
05/02/2005 11:38 <REP> TextBridge Classic
07/09/2004 19:25 <REP> Viewpoint
15/12/2007 20:05 <REP> Wanadoo
13/02/2007 11:17 <REP> WIDCOMM
06/11/2007 17:37 <REP> Windows Media Player
07/09/2004 12:24 <REP> Windows NT
23/02/2007 14:32 <REP> WinRAR
07/09/2004 12:30 <REP> xerox
0 fichier(s) 0 octets
54 Rép(s) 7 590 350 848 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\Program Files\fichiers communs
13/11/2007 21:43 <REP> .
13/11/2007 21:43 <REP> ..
07/09/2007 22:11 <REP> Adobe
09/08/2007 15:51 <REP> Adobe Systems Shared
07/09/2004 20:37 <REP> Ahead
07/09/2004 19:25 <REP> aolshare
26/10/2007 15:42 <REP> BOONTY Shared
09/09/2004 14:49 <REP> Designer
30/12/2006 11:24 <REP> InstallShield
30/12/2006 10:49 <REP> Java
02/01/2007 12:13 <REP> Logitech
20/11/2007 14:33 <REP> Microsoft Shared
07/09/2004 12:26 <REP> MSSoap
07/09/2004 19:14 <REP> Network Associates
30/05/2005 08:28 <REP> NSV
30/05/2005 08:25 <REP> Nullsoft
07/09/2004 12:19 <REP> ODBC
27/01/2007 17:01 <REP> Real
07/09/2004 12:26 <REP> Services
07/09/2004 12:19 <REP> SpeechEngines
09/09/2004 14:48 <REP> System
0 fichier(s) 0 octets
21 Rép(s) 7 590 350 848 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 04F0-DE04
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
07/09/2004 12:35 <REP> .
07/09/2004 12:35 <REP> ..
18/05/2001 16:57 561 209 MSONSEXT.DLL
03/06/1999 13:09 122 937 MSOWS409.DLL
07/03/2001 08:00 127 033 MSOWS40c.DLL
18/03/1999 05:37 593 977 RAGENT.DLL
4 fichier(s) 1 405 156 octets
2 Rép(s) 7 590 350 848 octets libres
c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe
c:\Documents and Settings\Jean-François\Bureau\Jean-françois\esd12version98NTXP2000\_ISDEL.EXE
c:\Documents and Settings\Jean-François\Bureau\Jean-françois\esd12version98NTXP2000\SETUP.EXE
c:\Documents and Settings\Yoann\Application Data\LimeWire\.NetworkShare\LimeWireWin4.14.12.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\Yoann\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\Ad-Aware.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\unregaaw.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\UNWISE.EXE
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\Lang\pllangs.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Ad-Aware SE Personal\Lang\Plugins\Langs\UNWISE.EXE
c:\Documents and Settings\Yoann\Bureau\yoann\divers\audacity\audacity-win-1.2.6.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\audacity\Audacity\audacity.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\audacity\Audacity\unins000.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\cdex\cdex_170b2_enu_nonunicode.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\cdex\CDex_170b2\CDex.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\cdex\CDex_170b2\uninstall.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\Itunes\iTunes75Setup.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\LimeWireWin\Limewire Lime Wire Pro 4.12.3.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\LimeWireWin\LimeWireWin(2).exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\LimeWireWin\LimeWire\LimeWire.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\LimeWireWin\LimeWire\uninstall.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\X-relais\install X-relais\instmsia.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\X-relais\install X-relais\instmsiw.exe
c:\Documents and Settings\Yoann\Bureau\yoann\divers\X-relais\install X-relais\setup.exe
c:\Documents and Settings\Yoann\Bureau\yoann\dossier yoann\Install_Messenger.exe
c:\Documents and Settings\Yoann\Bureau\yoann\flight\CFSCONV.exe
c:\Documents and Settings\Yoann\Bureau\yoann\flight\COMBATFS.EXE
c:\Documents and Settings\Yoann\Bureau\yoann\flight\uninstal.exe
c:\Documents and Settings\Yoann\Bureau\yoann\free ipod converter\Setup_FreeIpodConverter.exe
c:\Documents and Settings\Yoann\Bureau\yoann\VLC\uninstall.exe
c:\Documents and Settings\Yoann\Bureau\yoann\VLC\vlc.exe
c:\Documents and Settings\Yoann\Bureau\yoann\VLC\instal VLC\vlc-0.8.6d-win32.exe
c:\Documents and Settings\Yoann\Local Settings\Application Data\Shareaza\Incomplete\ARSENAL Taste The Power.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\A~NSISu_.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\aupd.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\First15.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\SFUninst.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\The Sims 2_uninst.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\uninst.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\VP6Install.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\nsu35.tmp\adw.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\nsu35.tmp\bann.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\nsu35.tmp\games.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\Répertoire temporaire 1 pour marioforever.zip\MarioForever.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\SLF1CD7.tmp\Fairy_Godmother_Tycoon_Telecharger{259420}.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\SLF5D8F.tmp\Commandos_3_Telecharger(fr_509){32042}.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\SLF5E9D.tmp\Fairy_Godmother_Tycoon_Telecharger{259420}.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\_ISTMP1.DIR\_ISTMP0.DIR\IsUninst.exe
c:\Documents and Settings\Yoann\Local Settings\Temp\~vis0000\rebootnt.exe
c:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_YOANN.tar.gz a l'adresse
http://upload.malekal.com