Le voilà enfin,
DiagHelp version v1.4 -
http://www.malekal.com
excute le 14.12.2007 à 22:53:14.43
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\Windows\prefetch\CONIME.EXE-9781FD5F.pf -->14.12.2007 22:51:52
C:\Windows\prefetch\CMD.EXE-4A81B364.pf -->14.12.2007 22:51:52
C:\Windows\prefetch\CHCP.COM-61043047.pf -->14.12.2007 22:51:48
C:\Windows\prefetch\DLLHOST.EXE-5E46FA0D.pf -->14.12.2007 22:51:43
C:\Windows\prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf -->14.12.2007 22:35:29
C:\Windows\prefetch\TASKENG.EXE-48D4E289.pf -->14.12.2007 22:35:29
C:\Windows\prefetch\WERMGR.EXE-0F2AC88C.pf -->14.12.2007 22:33:19
C:\Windows\prefetch\PBCARNOT.EXE-21B8D0CA.pf -->14.12.2007 22:30:00
C:\Windows\prefetch\MCDCHECK.EXE-8DDBD8B7.pf -->14.12.2007 22:30:00
C:\Windows\prefetch\MOBSYNC.EXE-C5E2284F.pf -->14.12.2007 22:28:36
C:\Windows\System32\drivers\srvnet.sys -->14.12.2007 01:21:55
C:\Windows\System32\drivers\srv2.sys -->14.12.2007 01:21:55
C:\Windows\System32\drivers\mrxsmb20.sys -->14.12.2007 01:21:55
C:\Windows\System32\drivers\mrxsmb.sys -->14.12.2007 01:21:55
C:\Windows\System32\drivers\SYMEVENT.SYS -->13.12.2007 18:09:30
C:\Windows\System32\drivers\SYMEVENT.INF -->13.12.2007 18:09:30
C:\Windows\System32\drivers\SYMEVENT.CAT -->13.12.2007 18:09:30
C:\Windows\System32\PerfStringBackup.INI -->14.12.2007 22:25:32
C:\Windows\System32\perfh00C.dat -->14.12.2007 22:25:32
C:\Windows\System32\perfh009.dat -->14.12.2007 22:25:32
C:\Windows\System32\perfc00C.dat -->14.12.2007 22:25:32
C:\Windows\System32\perfc009.dat -->14.12.2007 22:25:32
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -->14.12.2007 22:20:26
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -->14.12.2007 22:20:26
C:\Windows\System32\quartz.dll -->14.12.2007 01:23:47
C:\Windows\System32\WMASF.DLL -->14.12.2007 01:23:31
C:\Windows\System32\LAPRXY.DLL -->14.12.2007 01:23:31
C:\Windows\System32\asferror.dll -->14.12.2007 01:23:31
C:\Windows\System32\ieui.dll -->14.12.2007 01:22:42
C:\Windows\System32\ieframe.dll -->14.12.2007 01:22:41
C:\Windows\System32\mshtmled.dll -->14.12.2007 01:22:39
C:\Windows\System32\mshtml.dll -->14.12.2007 01:22:39
C:\Windows\System32\mshtml.tlb -->14.12.2007 01:22:38
C:\Windows\System32\wininet.dll -->14.12.2007 01:22:36
C:\Windows\System32\jsproxy.dll -->14.12.2007 01:22:36
C:\Windows\System32\advpack.dll -->14.12.2007 01:22:36
C:\Windows\System32\urlmon.dll -->14.12.2007 01:22:35
C:\Windows\System32\ieapfltr.dll -->14.12.2007 01:22:35
C:\Windows\System32\dxtrans.dll -->14.12.2007 01:22:34
C:\Windows\System32\dxtmsft.dll -->14.12.2007 01:22:34
C:\Windows\System32\mstime.dll -->14.12.2007 01:22:33
C:\Windows\System32\icardie.dll -->14.12.2007 01:22:33
C:\Windows\WindowsUpdate.log -->14.12.2007 22:24:06
C:\Windows\bootstat.dat -->14.12.2007 22:20:15
C:\Windows\ntbtlog.txt -->14.12.2007 21:28:38
C:\Windows\WORDPAD.INI -->13.12.2007 22:23:39
C:\Windows\PFRO.log -->10.12.2007 17:42:58
C:\Windows\wininit.ini -->09.12.2007 19:54:17
C:\Windows\setupact.log -->09.12.2007 18:11:56
C:\Windows\setuperr.log -->09.12.2007 18:07:15
C:\Windows\explorer.exe -->20.11.2007 22:33:16
C:\Windows\msxml4-KB941833-enu.LOG -->28.10.2007 02:04:24
C:\Windows\DPINST.LOG -->27.10.2007 11:07:50
C:\Windows\WindowsShell.Manifest -->04.09.2007 19:00:20
C:\Windows\msxml4-KB936181-enu.LOG -->17.08.2007 02:02:26
C:\Windows\uninstdl.bat -->03.06.2007 23:25:36
C:\Windows\MF_C425.lfa -->31.05.2007 20:21:57
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals -
http://www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1896
Command line: C:\Windows\Explorer.EXE
Base Size Version Path
0x00880000 0x2cd000 6.00.6000.16549 C:\Windows\Explorer.EXE
0x76f70000 0x11e000 6.00.6000.16386 C:\Windows\system32\ntdll.dll
0x76820000 0xd8000 6.00.6000.16386 C:\Windows\system32\kernel32.dll
0x76eb0000 0xbf000 6.00.6000.16386 C:\Windows\system32\ADVAPI32.dll
0x76bc0000 0xc3000 6.00.6000.16525 C:\Windows\system32\RPCRT4.dll
0x76d60000 0x4b000 6.00.6000.16386 C:\Windows\system32\GDI32.dll
0x75af0000 0x9e000 6.00.6000.16438 C:\Windows\system32\USER32.dll
0x75a40000 0xaa000 7.00.6000.16386 C:\Windows\system32\msvcrt.dll
0x76900000 0x55000 6.00.6000.16386 C:\Windows\system32\SHLWAPI.dll
0x75c20000 0xace000 6.00.6000.16513 C:\Windows\system32\SHELL32.dll
0x75870000 0x144000 6.00.6000.16386 C:\Windows\system32\ole32.dll
0x75b90000 0x8c000 6.00.6000.16386 C:\Windows\system32\OLEAUT32.dll
0x72a00000 0x107000 6.00.6000.16386 C:\Windows\system32\SHDOCVW.dll
0x748d0000 0x3f000 6.00.6000.16386 C:\Windows\system32\UxTheme.dll
0x74b80000 0x1a000 6.00.6000.16386 C:\Windows\system32\POWRPROF.dll
0x731c0000 0xc000 6.00.6000.16386 C:\Windows\system32\dwmapi.dll
0x74080000 0x1aa000 5.02.6000.16386 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll
0x751e0000 0x39000 6.00.6000.16509 C:\Windows\system32\slc.dll
0x73ea0000 0xb7000 6.00.6000.16386 C:\Windows\system32\PROPSYS.dll
0x728b0000 0x145000 6.00.6000.16386 C:\Windows\system32\BROWSEUI.dll
0x770c0000 0x1e000 6.00.6000.16386 C:\Windows\system32\IMM32.dll
0x76c90000 0xc7000 6.00.6000.16386 C:\Windows\system32\MSCTF.dll
0x748a0000 0x30000 6.00.6000.16386 C:\Windows\system32\DUser.dll
0x770a0000 0x9000 6.00.6000.16386 C:\Windows\system32\LPK.DLL
0x76e30000 0x7d000 1.626.6000.16386 C:\Windows\system32\USP10.dll
0x745d0000 0x194000 6.10.6000.16386 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
0x73600000 0xb2000 6.00.6000.16493 C:\Windows\system32\WindowsCodecs.dll
0x714c0000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x756c0000 0x14000 6.00.6000.16386 C:\Windows\system32\Secur32.dll
0x77110000 0x84000 2001.12.6930.16386 C:\Windows\system32\CLBCatQ.DLL
0x74c50000 0x38000 6.00.6000.16386 C:\Windows\system32\rsaenh.dll
0x722b0000 0xb2000 6.00.6000.16549 C:\Windows\system32\timedate.cpl
0x73d60000 0x14000 3.05.2284.0000 C:\Windows\system32\ATL.DLL
0x75380000 0x6a000 6.00.6000.16386 C:\Windows\system32\NETAPI32.dll
0x77090000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x74270000 0x38000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll
0x72080000 0x53000 6.00.6000.16386 C:\Windows\system32\actxprxy.dll
0x756e0000 0x1e000 6.00.6000.16386 C:\Windows\system32\USERENV.dll
0x720e0000 0x2b000 6.00.6000.16386 C:\Windows\system32\msutb.dll
0x74d10000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x73f60000 0x16000 6.00.6000.16386 C:\Windows\System32\shacct.dll
0x75610000 0x11000 6.00.6000.16386 C:\Windows\System32\SAMLIB.dll
0x75660000 0x2c000 6.00.6000.16386 C:\Windows\system32\apphelp.dll
0x71f90000 0x38000 6.00.6000.16386 C:\Windows\System32\msshsq.dll
0x71df0000 0xc5000 6.00.6000.16386 C:\Windows\System32\NaturalLanguage6.dll
0x75220000 0xf1000 6.00.6000.16425 C:\Windows\System32\CRYPT32.dll
0x75360000 0x12000 6.00.6000.16386 C:\Windows\System32\MSASN1.dll
0x718d0000 0x28c000 6.00.6000.16386 C:\Windows\System32\NLSData000c.dll
0x707f0000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x743e0000 0x1e7000 6.00.6000.16513 C:\Windows\system32\authui.dll
0x74b70000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x723e0000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x70e20000 0x5cd000 7.00.6000.16575 C:\Windows\system32\ieframe.dll
0x75820000 0x45000 7.00.6000.16386 C:\Windows\system32\iertutil.dll
0x766f0000 0x127000 7.00.6000.16575 C:\Windows\system32\urlmon.dll
0x72110000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x74f30000 0x8000 6.00.6000.16386 C:\Windows\system32\VERSION.dll
0x716c0000 0x204000 4.00.6000.16386 C:\Windows\system32\msi.dll
0x74ba0000 0x21000 6.00.6000.16386 C:\Windows\system32\NTMARTA.DLL
0x759f0000 0x49000 6.00.6000.16386 C:\Windows\system32\WLDAP32.dll
0x770e0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WS2_32.dll
0x770b0000 0x6000 6.00.6000.16386 C:\Windows\system32\NSI.dll
0x71690000 0x30000 6.00.6000.16386 C:\Windows\system32\MLANG.dll
0x76af0000 0xcf000 7.00.6000.16575 C:\Windows\system32\WININET.dll
0x771a0000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x742b0000 0x33000 6.00.6000.16386 C:\Windows\system32\WINMM.dll
0x715b0000 0x4a000 6.00.6000.16386 C:\Windows\system32\ntshrui.dll
0x73e50000 0x30000 6.00.6000.16386 C:\Windows\system32\wdmaud.drv
0x73e90000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x74790000 0x7000 6.00.6000.16386 C:\Windows\system32\AVRT.dll
0x74870000 0x27000 6.00.6000.16386 C:\Windows\system32\MMDevAPI.DLL
0x71db0000 0xa000 6.00.6000.16386 C:\Windows\system32\cscapi.dll
0x76960000 0x188000 6.00.6000.16386 C:\Windows\system32\SETUPAPI.dll
0x749d0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WINTRUST.dll
0x759c0000 0x29000 6.00.6000.16470 C:\Windows\system32\imagehlp.dll
0x73d00000 0x21000 6.00.6000.16386 C:\Windows\System32\audioses.dll
0x73bd0000 0x66000 6.00.6000.16386 C:\Windows\System32\audioeng.dll
0x73d50000 0x9000 6.00.6000.16386 C:\Windows\system32\msacm32.drv
0x73d30000 0x15000 6.00.6000.16386 C:\Windows\system32\MSACM32.dll
0x71b60000 0x9000 6.00.6000.16386 C:\Windows\system32\ExplorerFrame.dll
0x73cf0000 0x7000 6.00.6000.16386 C:\Windows\system32\midimap.dll
0x70580000 0x92000 6.00.6000.16386 C:\Windows\system32\stobject.dll
0x704c0000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x74aa0000 0x9000 6.00.6000.16553 C:\Windows\system32\WTSAPI32.dll
0x74c20000 0x24000 6.00.6000.16386 C:\Windows\system32\WINSTA.dll
0x73ab0000 0x45000 2001.12.6930.16386 C:\Windows\system32\es.dll
0x70df0000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x70620000 0x21000 6.00.6000.16386 C:\Windows\ehome\ehSSO.dll
0x73ce0000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL
0x6fd10000 0x30b000 6.00.6000.16386 C:\Windows\System32\netshell.dll
0x75130000 0x19000 6.00.6000.16386 C:\Windows\System32\IPHLPAPI.DLL
0x750f0000 0x35000 6.00.6000.16512 C:\Windows\System32\dhcpcsvc.DLL
0x75630000 0x2b000 6.00.6000.16386 C:\Windows\System32\DNSAPI.dll
0x750e0000 0x7000 6.00.6000.16386 C:\Windows\System32\WINNSI.DLL
0x750c0000 0x20000 6.00.6000.16512 C:\Windows\System32\dhcpcsvc6.DLL
0x73e10000 0xf000 6.00.6000.16386 C:\Windows\System32\nlaapi.dll
0x700f0000 0x1bf000 6.00.6000.16386 C:\Windows\system32\pnidui.dll
0x74800000 0x17000 6.00.6000.16386 C:\Windows\system32\QUtil.dll
0x75150000 0x3e000 6.00.6000.16386 C:\Windows\system32\wevtapi.dll
0x73210000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x74ab0000 0x63000 6.00.6000.16501 C:\Windows\system32\FirewallAPI.dll
0x6ecb0000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x749c0000 0xe000 6.00.6000.16551 C:\Windows\system32\Wlanapi.dll
0x73480000 0x2d000 6.00.6000.16386 C:\Windows\system32\OneX.DLL
0x735b0000 0xd000 6.00.6000.16386 C:\Windows\system32\eappprxy.dll
0x73250000 0x28000 6.00.6000.16386 C:\Windows\system32\eappcfg.dll
0x74ff0000 0x44000 6.00.6000.16386 C:\Windows\system32\bcrypt.dll
0x6ed60000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x6e5f0000 0x23000 6.00.6000.16386 C:\Windows\system32\wpdshserviceobj.dll
0x72da0000 0x5f000 6.00.6000.16386 C:\Windows\system32\WINHTTP.dll
0x6e360000 0x40000 6.00.6000.16386 C:\Windows\System32\srchadmin.dll
0x6e320000 0x3c000 7.00.6000.16386 C:\Windows\system32\webcheck.dll
0x6e950000 0x21c000 6.00.6000.16386 C:\Windows\System32\SyncCenter.dll
0x6ecc0000 0xb000 6.00.6000.16386 C:\Windows\system32\mssprxy.dll
0x6e5b0000 0x39000 6.00.6000.16386 C:\Windows\system32\wscntfy.dll
0x6ed80000 0xb000 6.00.6000.16386 C:\Windows\system32\WSCAPI.dll
0x6e260000 0x51000 6.00.6000.16386 C:\Windows\system32\imapi2.dll
0x6ed30000 0x2b000 6.00.6000.16386 C:\Windows\system32\PortableDeviceTypes.dll
0x6f140000 0x46000 6.00.6000.16386 C:\Windows\system32\PortableDeviceApi.dll
0x755a0000 0x5f000 6.00.6000.16386 C:\Windows\system32\SXS.DLL
0x6c2b0000 0xf9000 6.00.6000.16386 C:\Windows\system32\bthprops.cpl
0x75320000 0x14000 6.00.6000.16386 C:\Windows\system32\MPR.dll
0x6e620000 0x2c000 6.00.6000.16386 C:\Windows\System32\QAgent.dll
0x72cb0000 0x8a000 6.00.6000.16386 C:\Windows\System32\fwpuclnt.dll
0x6fb30000 0xb000 6.00.6000.16386 C:\Windows\system32\wbem\wbemprox.dll
0x6f930000 0x59000 6.00.6000.16553 C:\Windows\system32\wbem\wbemcomn.dll
0x6f3d0000 0x10000 6.00.6000.16386 C:\Windows\system32\wbem\wbemsvc.dll
0x6ef90000 0x99000 6.00.6000.16386 C:\Windows\system32\wbem\fastprox.dll
0x75340000 0x18000 6.00.6000.16386 C:\Windows\system32\NTDSAPI.dll
0x74840000 0x22000 1.01.1002.0000 C:\Windows\system32\xmllite.dll
0x6beb0000 0x12000 6.00.6000.16386 C:\Windows\system32\thumbcache.dll
0x6c200000 0x6000 6.00.6000.16386 C:\Windows\system32\dciman32.dll
0x74770000 0x14000 6.00.6000.16386 C:\Windows\system32\Cabinet.dll
0x69740000 0x26e000 6.00.6000.16386 C:\Windows\system32\wpdshext.dll
0x6ba10000 0x60000 6.00.6000.16386 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
0x10000000 0x10000 8.00.0000.0456 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
0x6e8b0000 0x9b000 8.00.50727.0312 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll
0x05740000 0xd5000 1.04.0000.0000 C:\PROGRA~1\SPYBOT~1\SDHelper.dll
0x74820000 0x18000 6.00.6000.16386 C:\Windows\system32\olepro32.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals -
http://www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 684
Command line: winlogon.exe
Base Size Version Path
0x00280000 0x4e000 6.00.6000.16386 C:\Windows\system32\winlogon.exe
0x76f70000 0x11e000 6.00.6000.16386 C:\Windows\system32\ntdll.dll
0x76820000 0xd8000 6.00.6000.16386 C:\Windows\system32\kernel32.dll
0x76eb0000 0xbf000 6.00.6000.16386 C:\Windows\system32\ADVAPI32.dll
0x76bc0000 0xc3000 6.00.6000.16525 C:\Windows\system32\RPCRT4.dll
0x75af0000 0x9e000 6.00.6000.16438 C:\Windows\system32\USER32.dll
0x76d60000 0x4b000 6.00.6000.16386 C:\Windows\system32\GDI32.dll
0x75a40000 0xaa000 7.00.6000.16386 C:\Windows\system32\msvcrt.dll
0x756c0000 0x14000 6.00.6000.16386 C:\Windows\system32\Secur32.dll
0x74c20000 0x24000 6.00.6000.16386 C:\Windows\system32\WINSTA.dll
0x77090000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x756e0000 0x1e000 6.00.6000.16386 C:\Windows\system32\USERENV.dll
0x770c0000 0x1e000 6.00.6000.16386 C:\Windows\system32\IMM32.DLL
0x76c90000 0xc7000 6.00.6000.16386 C:\Windows\system32\MSCTF.dll
0x770a0000 0x9000 6.00.6000.16386 C:\Windows\system32\LPK.DLL
0x76e30000 0x7d000 1.626.6000.16386 C:\Windows\system32\USP10.dll
0x75660000 0x2c000 6.00.6000.16386 C:\Windows\system32\apphelp.dll
0x74ba0000 0x21000 6.00.6000.16386 C:\Windows\system32\NTMARTA.DLL
0x759f0000 0x49000 6.00.6000.16386 C:\Windows\system32\WLDAP32.dll
0x770e0000 0x2d000 6.00.6000.16386 C:\Windows\system32\WS2_32.dll
0x770b0000 0x6000 6.00.6000.16386 C:\Windows\system32\NSI.dll
0x75610000 0x11000 6.00.6000.16386 C:\Windows\system32\SAMLIB.dll
0x75870000 0x144000 6.00.6000.16386 C:\Windows\system32\ole32.dll
0x73b50000 0x3e000 6.00.6000.16386 C:\Windows\system32\SHSVCS.dll
0x748d0000 0x3f000 6.00.6000.16386 C:\Windows\system32\uxtheme.dll
0x74c50000 0x38000 6.00.6000.16386 C:\Windows\system32\rsaenh.dll
0x73600000 0xb2000 6.00.6000.16493 C:\Windows\system32\WindowsCodecs.dll
0x75380000 0x6a000 6.00.6000.16386 C:\Windows\system32\NETAPI32.dll
0x751e0000 0x39000 6.00.6000.16509 C:\Windows\system32\slc.dll
0x75320000 0x14000 6.00.6000.16386 C:\Windows\system32\MPR.dll
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 5647-6D97
Répertoire de C:\Windows\system32
02.11.2006 10:45 7'680 csrss.exe
1 fichier(s) 7'680 octets
0 Rép(s) 45'817'090'048 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 5647-6D97
Répertoire de C:\Windows\Downloaded Program Files
20.07.2007 00:48 <REP> .
20.07.2007 00:48 <REP> ..
18.09.2006 22:26 65 desktop.ini
24.04.2007 12:11 365 f3initialsetup1.0.1.0.inf
2 fichier(s) 430 octets
Total des fichiers listés :
2 fichier(s) 430 octets
2 Rép(s) 45'817'090'048 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
exports des policies
REGEDIT4
[System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
[System\UIPI]
[System\UIPI\Clipboard]
[System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-12-14 22:53:40
Windows 6.0.6000 NTFS
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (
http://www.security.org.sg)
Sorry, this version supports only Win2K/XP
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (
http://www.security.org.sg)
Sorry, this version supports only Win2K/XP
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 5647-6D97
Répertoire de C:\Program Files
13.12.2007 23:53 <REP> .
13.12.2007 23:53 <REP> ..
09.12.2007 18:18 <REP> Acronis
07.09.2007 20:27 <REP> Adobe
28.05.2007 15:38 <REP> Apple Software Update
13.12.2007 20:32 <REP> Avira
13.12.2007 18:10 <REP> Common Files
06.02.2007 22:55 <REP> controlskype
19.04.2007 22:11 <REP> Dial-Messenger
12.04.2007 19:22 <REP> eMule
09.04.2007 19:57 <REP> FixMessenger
07.06.2007 22:28 <REP> GigaTribe
09.08.2007 22:18 <REP> Google
06.02.2007 22:57 <REP> HDReg
31.05.2007 20:28 <REP> IncrediMail
06.02.2007 22:50 <REP> Intel
14.12.2007 16:09 <REP> Internet Explorer
28.05.2007 15:40 <REP> iPod
28.05.2007 15:40 <REP> iTunes
02.11.2006 13:37 <REP> Microsoft Games
07.02.2007 07:31 <REP> Movie Maker
02.11.2006 13:37 <REP> MSBuild
02.11.2006 13:37 <REP> MSN
27.10.2007 11:13 <REP> MSN Messenger
11.04.2007 17:26 <REP> MSN Toolbar
15.07.2007 02:01 <REP> MSXML 4.0
12.11.2007 20:32 <REP> Mule Force
06.02.2007 23:05 <REP> Packard Bell
28.05.2007 15:39 <REP> QuickTime
02.11.2006 13:37 <REP> Reference Assemblies
09.12.2007 23:43 <REP> RegSupreme Pro
06.02.2007 22:51 <REP> SigmaTel
06.02.2007 23:05 <REP> Skype
09.12.2007 19:24 <REP> Spybot - Search & Destroy
07.02.2007 07:24 <REP> Synaptics
21.11.2007 03:07 <REP> Windows Calendar
07.02.2007 07:31 <REP> Windows Collaboration
12.04.2007 19:06 <REP> Windows Defender
07.02.2007 07:31 <REP> Windows Journal
20.11.2007 22:31 <REP> Windows Mail
28.10.2007 02:12 <REP> Windows Media Player
31.03.2007 18:21 <REP> Windows NT
07.02.2007 07:31 <REP> Windows Photo Gallery
07.02.2007 07:31 <REP> Windows Sidebar
0 fichier(s) 0 octets
44 Rép(s) 45'807'685'632 octets libres
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 5647-6D97
Répertoire de C:\Program Files\fichiers communs
Le volume dans le lecteur C s'appelle HDD
Le numéro de série du volume est 5647-6D97
Répertoire de C:\Program Files\common files
13.12.2007 18:10 <REP> .
13.12.2007 18:10 <REP> ..
09.12.2007 18:18 <REP> Acronis
07.09.2007 20:27 <REP> Adobe
06.02.2007 22:51 <REP> InstallShield
12.07.2007 15:35 <REP> MAGIX Shared
27.10.2007 11:10 <REP> microsoft shared
02.11.2006 12:18 <REP> Services
02.11.2006 12:18 <REP> SpeechEngines
15.06.2007 16:41 <REP> System
0 fichier(s) 0 octets
10 Rép(s) 45'807'685'632 octets libres
****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_PC-de-challet.tar.gz a l'adresse
http://upload.malekal.com
L'homme absurde est celui qui ne change jamais.