lenteur windows

bonjour je suis sous xp, et depuis peu l´ordinateur est tres long a demarrer, et l´uc sous windows est utilisé non pas a 100 pour cent mais monte tres vite juste, par exemple, ar l´ouverte d´un dossier a 50 pour cent! Ceci ralentit donc jeu et application. Avant l´ordinateur tournais comme un charme!
voici la config:
core 2 duo E6750
2gb ddr ram
8800 gtx
alim 500 watts fortron
J´ai essayer spybot, avast mais rien y fait!
aider moi! merci d´avance. On m'avait dit sur un autre forum que cela venait de la ligne svehost que j'ai fixé et voici le rapport hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16:34, on 23/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~2\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~2\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Blocking access to the document address by AliveProxy - C:\Program Files\AiS AliveProxy Server\aisBlockDocument.html
O8 - Extra context menu item: Blocking access to the image address by AliveProxy - C:\Program Files\AiS AliveProxy Server\aisBlockImage.html
O8 - Extra context menu item: Blocking access to the link address by AliveProxy - C:\Program Files\AiS AliveProxy Server\aisBlockLink.html
O8 - Extra context menu item: Cut proxy addresses from selected text by AliveProxy - C:\Program Files\AiS AliveProxy Server\aisCutProxyFromSelectedTåxt.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/re [...] oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 8125924531
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 10128 bytes

Silvous plait cela deviens vraiment ingerable sous windows !

toujours personne? Desolé d'insister mais j'ais besoin d'aide

voici combo fix:
ComboFix 07-11-19.3 - Propriétaire 2007-11-28 18:46:26.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1149 [GMT 1:00]
Running from: D:\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-10-28 to 2007-11-28 ))))))))))))))))))))))))))))))))))))
.

2007-11-26 00:21 <REP> d-------- C:\Program Files\Mozilla Firefox 3 Beta 1
2007-11-24 17:33 <REP> d-------- C:\WINDOWS\system32\xlive
2007-11-23 22:37 <REP> d-------- C:\VundoFix Backups
2007-11-23 20:03 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Grisoft
2007-11-23 18:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-23 18:46 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-23 18:45 <REP> d-------- C:\Program Files\SpywareBlaster
2007-11-23 18:45 <REP> d-------- C:\Program Files\FileASSASSIN
2007-11-23 18:16 <REP> d-------- C:\WINDOWS\ERUNT
2007-11-22 23:17 <REP> d-------- C:\Program Files\Uniblue
2007-11-22 23:17 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Uniblue
2007-11-22 23:05 <REP> d-------- C:\Program Files\Trend Micro
2007-11-22 22:43 <REP> d-------- C:\Program Files\Yahoo!
2007-11-22 22:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-11-22 22:42 <REP> d-------- C:\Program Files\CCleaner
2007-11-21 16:24 <REP> d-------- C:\Program Files\DVD Decrypter
2007-11-17 13:16 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\DivX
2007-11-11 15:08 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\.BitTornado
2007-11-10 17:15 <REP> d-------- C:\Program Files\iTunes
2007-11-10 16:09 <REP> d-------- C:\temp
2007-11-10 16:07 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Media Center Programs
2007-11-06 21:23 262,254 --a------ C:\WINDOWS\system32\VM31bPrp.Ax
2007-11-06 21:23 61,440 --a------ C:\WINDOWS\system32\VM31bSTI.dll
2007-11-02 12:46 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Sierra Entertainment
2007-11-01 19:29 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\My Games
2007-11-01 19:06 <REP> d-------- C:\Program Files\WinISO
2007-10-31 21:58 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\River Past G5
2007-10-31 21:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\River Past G5
2007-10-31 17:21 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2007-10-31 17:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-10-30 23:54 <REP> d-------- C:\Program Files\Pcsx2
2007-10-30 12:37 <REP> d-------- C:\Program Files\RivaTuner v2.05
2007-10-28 11:09 <REP> d-------- C:\Program Files\ATITool

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-28 07:38 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\IGN_DLM
2007-11-26 19:52 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Hamachi
2007-11-26 13:34 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-26 13:34 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-11-26 11:53 --------- d-----w C:\Program Files\dl_Cats
2007-11-25 20:24 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Skype
2007-11-25 18:40 --------- d-----w C:\Program Files\Steam
2007-11-24 16:35 413,696 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2007-11-24 16:35 110,592 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2007-11-23 20:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-23 17:36 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-11-23 17:36 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-11-23 17:00 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-22 21:46 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-11-18 20:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2
2007-11-18 11:36 22,328 ----a-w C:\Documents and Settings\Propriétaire\Application Data\PnkBstrK.sys
2007-11-18 11:35 669,184 ----a-w C:\WINDOWS\system32\pbsvc.exe
2007-11-18 11:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-17 11:45 --------- d-----w C:\Program Files\DivX
2007-11-12 07:03 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2007-11-12 05:51 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2007-11-12 05:51 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
2007-11-12 05:51 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll
2007-11-12 05:51 757,760 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-11-12 05:51 7,433,504 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-11-12 05:51 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2007-11-12 05:51 6,537,216 ----a-w C:\WINDOWS\system32\nvdisps.dll
2007-11-12 05:51 5,770,880 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2007-11-12 05:51 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-11-12 05:51 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-11-12 05:51 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-11-12 05:51 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-11-12 05:51 385,024 ----a-w C:\WINDOWS\system32\nvapi.dll
2007-11-12 05:51 356,352 ----a-w C:\WINDOWS\system32\nvudisp.exe
2007-11-12 05:51 35,328 ----a-w C:\WINDOWS\system32\nvcodins.dll
2007-11-12 05:51 35,328 ----a-w C:\WINDOWS\system32\nvcod.dll
2007-11-12 05:51 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
2007-11-12 05:51 3,698,688 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2007-11-12 05:51 3,407,872 ----a-w C:\WINDOWS\system32\nvgames.dll
2007-11-12 05:51 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
2007-11-12 05:51 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2007-11-12 05:51 2,486,272 ----a-w C:\WINDOWS\system32\nvwss.dll
2007-11-12 05:51 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2007-11-12 05:51 155,716 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2007-11-12 05:51 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe
2007-11-12 05:51 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2007-11-12 05:51 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe
2007-11-12 05:51 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll
2007-11-12 05:51 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2007-11-12 05:51 1,212,416 ----a-w C:\WINDOWS\system32\nvmobls.dll
2007-11-12 05:51 1,089,536 ----a-w C:\WINDOWS\system32\nvcuda.dll
2007-11-12 05:51 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll
2007-11-11 14:08 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\.BitTornado
2007-11-10 16:15 --------- d-----w C:\Program Files\iPod
2007-11-10 16:14 --------- d-----w C:\Program Files\QuickTime
2007-11-10 14:55 --------- d-----w C:\Program Files\THQ
2007-11-10 14:54 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\InstallShield Installation Information
2007-11-10 10:57 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-11-07 12:40 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\dvdcss
2007-11-03 17:01 --------- d-----w C:\Program Files\Bridge Construction Set Demo
2007-11-01 21:08 --------- d-----w C:\Program Files\Windows Live Safety Center
2007-11-01 19:51 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-10-31 13:09 30,464 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
2007-10-28 09:55 --------- d-----w C:\Program Files\NVIDIA Corporation
2007-10-27 17:50 --------- d-----w C:\Program Files\DAEMON Tools Pro
2007-10-27 15:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-10-27 14:27 --------- d-----w C:\Program Files\DAEMON Tools ro
2007-10-27 12:57 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools Pro
2007-10-27 10:25 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2007-10-27 10:25 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2007-10-26 21:49 --------- d-----w C:\Program Files\CabExtract
2007-10-26 21:45 1 ----a-w C:\Documents and Settings\Propriétaire\SI.bin
2007-10-26 21:45 1 ----a-w C:\Documents and Settings\Propriétaire\SI.bin
2007-10-26 19:48 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Bioshock
2007-10-26 11:18 --------- d-----w C:\Program Files\Download Manager
2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-10-25 16:24 815,480 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-10-25 16:17 5,611,520 ----a-w C:\WINDOWS\system32\nvdispsr.dll
2007-10-25 16:17 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
2007-10-25 16:17 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
2007-10-25 16:17 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
2007-10-25 16:17 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
2007-10-25 16:17 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
2007-10-25 16:17 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll
2007-10-25 16:17 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll
2007-10-25 16:17 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
2007-10-25 16:17 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
2007-10-25 16:17 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
2007-10-25 16:17 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
2007-10-25 16:17 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
2007-10-25 16:17 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
2007-10-25 16:17 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
2007-10-25 16:17 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
2007-10-25 16:17 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
2007-10-25 16:17 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
2007-10-25 16:17 3,715,072 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-24_23.18.09.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-25 09:42:20 10,134 ----a-r C:\WINDOWS\Installer\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\ARPPRODUCTICON.exe
+ 2007-11-27 17:07:13 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_61c.dat
+ 2007-11-27 17:06:54 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_738.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"H/PC Connection Agent"="C:\PROGRA~1\MICROS~2\wcescomm.exe" [2006-06-26 20:45]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-09-20 14:35]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-04-04 14:20]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00]
"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 04:12 C:\WINDOWS\RTHDCPL.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 17:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2007-11-12 06:51 C:\WINDOWS\system32\nwiz.exe]
"DLCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll" [2006-10-20 16:50]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Antiwpa]
antiwpa.dll 2005-09-18 01:32 5376 C:\WINDOWS\system32\antiwpa.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-23 16:44:16 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2007-11-24 15:17:12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-28 18:49:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-28 18:50:41
C:\ComboFix2.txt ... 2007-11-24 23:19
.
--- E O F ---

Re


Pas de signe d'infection dans ces rapports.


$$ Télécharge et installe EasyCleaner de Toni Helenius
http://personal.inet.fi/business/toniarts/ecleane.htm
Utilises les fonctions Inutiles et Registre. Supprimes ce qu'il trouve.
Ne pas toucher à la fonction doublons.


$$ Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
--- Ajouter la Barre d'Outils Yahoo! CCleaner

Clique sur Options, Avancé et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Ne touche pas aux autres réglages.

Lance le nettoyage.


$$ Relance un scan HijackThis et coche les lignes ci-dessous :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


$$ Fais une défragmentation
http://www.coupdepoucepc.com/modul [...] toryid=218

Donc mis a jour:
j'ai tout fait mais malheureusement cela n'as rien changer le pc est toujours deux fois plus long au demarrage et tres lent par la suite!

le voila:
DiagHelp version v1.4 - http://www.malekal.com
excute le 29/11/2007 à 19:47:47,26


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->29/11/2007 19:47:43
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->29/11/2007 19:47:39
C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->29/11/2007 19:47:24
C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->29/11/2007 19:47:09
C:\WINDOWS\prefetch\EXPLORER.EXE-082F38A9.pf -->29/11/2007 19:47:09
C:\WINDOWS\prefetch\Layout.ini -->29/11/2007 19:38:00
C:\WINDOWS\prefetch\WUAUCLT.EXE-399A8E72.pf -->29/11/2007 19:18:49
C:\WINDOWS\prefetch\VLC.EXE-2E8E9D94.pf -->29/11/2007 19:04:30
C:\WINDOWS\prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->29/11/2007 19:02:52
C:\WINDOWS\prefetch\HAMACHI.EXE-261AC091.pf -->29/11/2007 18:20:04

C:\WINDOWS\System32\drivers\PnkBstrK.sys -->26/11/2007 14:34:17
C:\WINDOWS\System32\drivers\NSDriver.sys -->23/11/2007 18:36:58
C:\WINDOWS\System32\drivers\AWRTRD.sys -->23/11/2007 18:36:57
C:\WINDOWS\System32\drivers\nv4_mini.sys -->12/11/2007 06:51:00
C:\WINDOWS\System32\drivers\hamachi.sys -->01/11/2007 20:51:04
C:\WINDOWS\System32\drivers\usbaapl.sys -->31/10/2007 14:09:14
C:\WINDOWS\System32\drivers\lirsgt.sys -->27/10/2007 11:25:55

C:\WINDOWS\System32\wpa.dbl -->29/11/2007 17:46:41
C:\WINDOWS\System32\PnkBstrB.exe -->26/11/2007 14:34:10
C:\WINDOWS\System32\wrap_oal.dll -->24/11/2007 17:35:11
C:\WINDOWS\System32\OpenAL32.dll -->24/11/2007 17:35:10
C:\WINDOWS\System32\keys.txt -->23/11/2007 18:12:15
C:\WINDOWS\System32\bitcometres.dll -->18/11/2007 22:46:35
C:\WINDOWS\System32\pbsvc.exe -->18/11/2007 12:35:59
C:\WINDOWS\System32\nvapps.xml -->13/11/2007 21:10:42
C:\WINDOWS\System32\NVUNINST.EXE -->12/11/2007 08:03:34
C:\WINDOWS\System32\nwiz.exe -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvwss.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvwimg.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvwdmcpl.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvwddi.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvvitvs.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvudisp.exe -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvtuicpl.cpl -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvsvc32.exe -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvshell.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvoglnt.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvnt4cpl.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvmobls.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvmctray.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvmccss.dll -->12/11/2007 06:51:00
C:\WINDOWS\System32\nvmccsrs.dll -->12/11/2007 06:51:00

C:\WINDOWS\WindowsUpdate.log -->29/11/2007 19:18:39
C:\WINDOWS\0.log -->29/11/2007 17:47:14
C:\WINDOWS\wiadebug.log -->29/11/2007 17:47:13
C:\WINDOWS\wiaservc.log -->29/11/2007 17:47:12
C:\WINDOWS\QTFont.qfn -->29/11/2007 17:46:57
C:\WINDOWS\bootstat.dat -->29/11/2007 17:46:39
C:\WINDOWS\SchedLgU.Txt -->29/11/2007 17:42:19
C:\WINDOWS\DirectX.log -->29/11/2007 17:05:43
C:\WINDOWS\setupapi.log -->29/11/2007 17:05:40
C:\WINDOWS\DIFx.log -->29/11/2007 17:04:49
C:\WINDOWS\wmsetup.log -->29/11/2007 14:14:54
C:\WINDOWS\NeroDigital.ini -->29/11/2007 14:14:02
C:\WINDOWS\QTFont.for -->10/11/2007 17:15:56
C:\WINDOWS\game.ini -->10/11/2007 11:52:58
C:\WINDOWS\catchme.exe -->08/11/2007 16:59:01

winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Unsigned
ndis.sys
Verified: Signed
null.sys
Verified: Signed


ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 200
Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path
0x44080000 0xcf000 7.00.6000.16544 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16544 C:\WINDOWS\system32\iertutil.dll
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cb000 7.00.6000.16544 C:\WINDOWS\system32\ieframe.dll
0x44160000 0x124000 7.00.6000.16544 C:\WINDOWS\system32\urlmon.dll
0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll
0x442b0000 0x3c000 7.00.6000.16544 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x10000000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
0x62350000 0x53000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.3\program\shlxthdl.dll
0x60400000 0x18000 2.00.0500.0000 C:\Program Files\OpenOffice.org 2.3\program\uwinapi.dll
0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\OpenOffice.org 2.3\program\MSVCR71.dll
0x61e70000 0x8e000 4.05.2003.0120 C:\Program Files\OpenOffice.org 2.3\program\stlport_vc7145.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\OpenOffice.org 2.3\program\MSVCP71.dll
0x020f0000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
0x01210000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x02610000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x00de0000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
0x021f0000 0x7e000 1.01.0007.0004 D:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
0x6d7c0000 0x79000 6.00.0030.0005 C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
0x02970000 0x2d000 C:\Program Files\WinRAR\rarext.dll
0x023f0000 0x9000 1.00.0000.0001 C:\PROGRA~1\FILEAS~1\FILEAS~1.DLL
0x02400000 0x9000 2.00.0000.0004 C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll
0x029a0000 0x1d000 4.10.0218.0000 C:\Program Files\DAEMON Tools Pro\imgshl32.dll
0x031e0000 0xd3000 4.10.0000.0000 C:\Program Files\DAEMON Tools Pro\dtpro.dll
0x032c0000 0x9a000 4.10.0218.0000 C:\Program Files\DAEMON Tools Pro\DTProHlp.dll
0x03360000 0x1a000 C:\Program Files\DAEMON Tools Pro\cryptapi.dll
0x7c420000 0x87000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll
0x03380000 0x77000 4.10.0218.0000 C:\Program Files\DAEMON Tools Pro\DTProRes.dll
0x782e0000 0x10f000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL
0x5d360000 0xf000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80FRA.DLL
0x035b0000 0x6000 1.01.0003.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\bw5mount.dll
0x035d0000 0x7000 1.00.0000.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\bwtmount.dll
0x035f0000 0x5000 1.10.0000.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\ccdmount.dll
0x03610000 0x5000 1.02.0000.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\cuemount.dll
0x03630000 0x6000 1.03.0000.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\iszmount.dll
0x03650000 0xa000 1.24.0000.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\mdsmount.dll
0x03670000 0x6000 1.12.0000.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\nrgmount.dll
0x03690000 0x5000 1.01.0000.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\pdimount.dll
0x036b0000 0x4000 1.00.0000.0000 C:\Program Files\DAEMON Tools Pro\Plugins\Images\pfcmount.dll
0x036c0000 0x31000 1.00.0000.0012 C:\Program Files\DAEMON Tools Pro\pfctoc.dll
0x03730000 0x202000 3.01.0001.0000 C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
0x781d0000 0x10f000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL
0x74da0000 0x6c000 5.30.0023.1228 C:\WINDOWS\system32\RICHED20.dll
0x03a00000 0x489000 1.01.0000.0207 C:\Program Files\Fichiers communs\Nero\Shared\NL3\AdvrCntr3.dll
0x03fb0000 0x2a000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll
0x03ff0000 0x13000 4.55.0000.0000 C:\Program Files\7-Zip\7-zip.dll
0x04210000 0x3e000 3.01.0000.0000 C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll
0x64f00000 0x12000 4.07.1074.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll
0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL
0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll
0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL
0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 780
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x05000000 0x1500 3.04.0006.0000 C:\WINDOWS\system32\antiwpa.dll
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL


Le volume dans le lecteur C s'appelle stockage
Le numéro de série du volume est 481E-A961

Répertoire de C:\WINDOWS\system32

05/08/2004 13:00 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 10 303 963 136 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle stockage
Le numéro de série du volume est 481E-A961

Répertoire de C:\WINDOWS\Downloaded Program Files

23/11/2007 22:12 <REP> .
23/11/2007 22:12 <REP> ..
07/12/2004 15:07 32 bdcore.dll
01/03/2005 13:08 118 784 bdupd.dll
25/08/2007 17:14 65 desktop.ini
30/06/2006 05:00 29 616 dwusplay.dll
30/06/2006 05:00 201 648 dwusplay.exe
23/03/2007 11:17 1 292 erma.inf
11/07/2006 09:41 345 656 ewidoOnlineScan.dll
01/03/2005 13:08 53 248 ipsupd.dll
10/09/2006 21:40 484 272 isusweb.dll
09/03/2005 14:42 6 742 lang.ini
07/12/2004 15:07 32 libfn.dll
18/02/2005 15:22 126 live.ini
01/06/2006 01:57 1 331 oscan8.inf
01/06/2006 01:54 471 040 oscan8.ocx
31/05/2006 03:15 10 oscan81.ocx_x
09/03/2005 14:43 6 828 scanoptions.tsi
30/07/2007 18:24 293 wuweb.inf
17 fichier(s) 1 721 015 octets

Total des fichiers listés :
17 fichier(s) 1 721 015 octets
2 Rép(s) 10 303 963 136 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..


Liste des fichiers en exception sur le pare-feu XP SP2

"D:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"="D:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe:*:Enabled:Unreal Tournament 3"


Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"



exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001



Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-29 19:48:14
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:59,bc,20,9d,4d,fc,14,67,71,61,c5,16,fa,4f,2d,46,f0,3e,90,f9,9a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:59,bc,20,9d,4d,fc,14,67,71,61,c5,16,fa,4f,2d,46,f0,3e,90,f9,9a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:59,bc,20,9d,4d,fc,14,67,71,61,c5,16,fa,4f,2d,46,f0,3e,90,f9,9a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:59,bc,20,9d,4d,fc,14,67,71,61,c5,16,fa,4f,2d,46,f0,3e,90,f9,9a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:59,bc,20,9d,4d,fc,14,67,71,61,c5,16,fa,4f,2d,46,f0,3e,90,f9,9a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:59,bc,20,9d,4d,fc,14,67,71,61,c5,16,fa,4f,2d,46,f0,3e,90,f9,9a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:59,bc,20,9d,4d,fc,14,67,71,61,c5,16,fa,4f,2d,46,f0,3e,90,f9,9a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex1,93,77,14,ad,b5,5f,e5,37,47,e9,c6,21,c0,00,e7,6f,62,d6,d4,5c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:59,bc,20,9d,4d,fc,14,67,71,61,c5,16,fa,4f,2d,46,f0,3e,90,f9,9a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:45,2d,cc,fb,54,81,00,89,02,66,c5,9f,f8,9b,05,cf,5f,1f,4e,e0,f5,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:a4,80,7f,81,88,02,4b,b5,d7,41,3b,e6,0f,a3,36,a8,92,4e,c6,79,f1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:c0,b6,ec,74,cd,5e,65,96,3d,7c,22,8a,53,40,66,c7,ce,2e,f0,de,ca,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:78,2a,2c,8c,3c,c7,16,ff,8f,7f,a3,83,dc,bb,33,0d,a8,d2,8e,af,5d,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:4f,b1,72,d0,1b,ee,fa,c9,35,e6,3c,5b,af,14,9f,9c,0e,03,c9,bf,03,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:cc,cd,6a,fe,5a,1d,8e,8f,86,21,a4,cb,d8,18,0d,8a,60,33,cd,e7,75,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000001
"hdf12"=hex:eb,d8,9a,10,3e,62,9a,66,37,b9,d6,12,57,2e,25,22,26,3f,fb,e0,8d,..
"p0"="C:\Program Files\DAEMON Tools Pro\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,21,82,b1,54,b4,48,d5,b5,81,ea,50,dc,3f,b9,f9,bc,a7,..
"hdf12"=hex:ad,60,ea,a1,a5,84,59,18,61,10,a5,b1,b5,ef,ba,9f,0f,5f,82,88,9c,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:79,c7,09,53,76,22,42,92,ba,cd,a7,2b,1c,90,72,54,d5,ad,04,76,b1,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1]
"hdf12"=hex:c5,aa,a6,15,48,74,66,9c,53,e7,96,f2,9c,b6,67,1e,8b,d6,46,54,7e,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
"a0"=hex:20,01,00,00,db,f5,b6,54,10,59,b9,54,d7,fe,27,2a,bc,4b,9e,e3,ce,..
"hdf12"=hexe,35,46,09,25,06,b9,20,eb,ca,b9,ac,52,51,c7,c5,e9,b6,45,f3,d8,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
"hdf12"=hex:1c,48,67,e9,89,ec,7e,f3,10,3b,48,dc,56,89,83,07,a1,74,5e,9f,e3,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1]
"hdf12"=hex:01,99,09,bb,e3,36,8c,ac,cf,53,a0,e0,30,7c,8b,fd,da,c0,19,dd,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:fb,7e,93,98,42,7c,94,19,d7,35,02,1b,2a,3b,f0,3d,54,bb,a0,4f,c1,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:92,a9,5f,d9,ec,8f,93,93,27,3e,f6,c1,18,9d,76,30,de,ac,da,7d,a6,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:91,c5,f1,6a,dc,26,85,a6,8b,ff,c5,e3,73,9d,9a,db,bb,cd,05,4f,01,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:91,c5,f1,6a,dc,26,85,a6,8b,ff,c5,e3,73,9d,9a,db,bb,cd,05,4f,01,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:39,e2,ed,1d,a5,0a,83,55,fd,7e,c5,4f,7d,ef,a2,10,15,4a,f1,64,c0,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000001
"hdf12"=hex:eb,d8,9a,10,3e,62,9a,66,37,b9,d6,12,57,2e,25,22,26,3f,fb,e0,8d,..
"p0"="C:\Program Files\DAEMON Tools Pro\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,21,82,b1,54,b4,48,d5,b5,81,ea,50,dc,3f,b9,f9,bc,a7,..
"hdf12"=hex:ad,60,ea,a1,a5,84,59,18,61,10,a5,b1,b5,ef,ba,9f,0f,5f,82,88,9c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:79,c7,09,53,76,22,42,92,ba,cd,a7,2b,1c,90,72,54,d5,ad,04,76,b1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1]
"hdf12"=hex:c5,aa,a6,15,48,74,66,9c,53,e7,96,f2,9c,b6,67,1e,8b,d6,46,54,7e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
"a0"=hex:20,01,00,00,db,f5,b6,54,10,59,b9,54,d7,fe,27,2a,bc,4b,9e,e3,ce,..
"hdf12"=hexe,35,46,09,25,06,b9,20,eb,ca,b9,ac,52,51,c7,c5,e9,b6,45,f3,d8,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
"hdf12"=hex:1c,48,67,e9,89,ec,7e,f3,10,3b,48,dc,56,89,83,07,a1,74,5e,9f,e3,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq1]
"hdf12"=hex:01,99,09,bb,e3,36,8c,ac,cf,53,a0,e0,30,7c,8b,fd,da,c0,19,dd,d2,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:fb,7e,93,98,42,7c,94,19,d7,35,02,1b,2a,3b,f0,3d,54,bb,a0,4f,c1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,29,7f,0c,a4,e6,24,87,ea,c9,32,6e,e8,97,57,51,c8,1f,..
"khjeh"=hex:92,a9,5f,d9,ec,8f,93,93,27,3e,f6,c1,18,9d,76,30,de,ac,da,7d,a6,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:91,c5,f1,6a,dc,26,85,a6,8b,ff,c5,e3,73,9d,9a,db,bb,cd,05,4f,01,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:91,c5,f1,6a,dc,26,85,a6,8b,ff,c5,e3,73,9d,9a,db,bb,cd,05,4f,01,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:39,e2,ed,1d,a5,0a,83,55,fd,7e,c5,4f,7d,ef,a2,10,15,4a,f1,64,c0,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex1,aa,c6,c1,3c,b5,de,84,0a,70,51,a9,bf,4c,8d,6c,e1,24,67,41,1a,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0


KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
200 - explorer.exe
276 - iPodService.exe
520 - AppleMobileDevi
540 - guard.exe
628 - dlcgcoms.exe
756 - csrss.exe
780 - winlogon.exe
824 - services.exe
836 - lsass.exe
1008 - svchost.exe
1056 - svchost.exe
1104 - ashDisp.exe
1112 - RTHDCPL.exe
1228 - iTunesHelper.ex
1252 - svchost.exe
1276 - rundll32.exe
1288 - svchost.exe
1352 - svchost.exe
1404 - wcescomm.exe
1408 - PnkBstrA.exe
1412 - avgas.exe
1444 - msmsgs.exe
1524 - ctfmon.exe
1544 - nTuneService.ex
1568 - nvsvc32.exe
1692 - rapimgr.exe
1732 - aawservice.exe
1736 - svchost.exe
1876 - ashServ.exe
2300 - ashMaiSv.exe
2396 - ashWebSv.exe
2740 - wscntfy.exe
2764 - alg.exe
3608 - wmiapsrv.exe
3656 - svchost.exe
3748 - firefox.exe
5084 - cmd.exe

Total number of processes = 38
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E2000 - \WINDOWS\system32\hal.dll
BA5A8000 - \WINDOWS\system32\KDCOM.DLL
BA4B8000 - \WINDOWS\system32\BOOTVID.dll
B9EBD000 - sptd.sys
BA5AA000 - \WINDOWS\System32\Drivers\WMILIB.SYS
B9EA5000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS
B9E76000 - ACPI.sys
B9E65000 - pci.sys
BA0A8000 - isapnp.sys
BA670000 - pciide.sys
BA328000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
BA0B8000 - MountMgr.sys
B9E46000 - ftdisk.sys
BA330000 - PartMgr.sys
BA0C8000 - VolSnap.sys
B9E2E000 - atapi.sys
BA0D8000 - disk.sys
BA0E8000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
B9E0E000 - fltMgr.sys
B9DFC000 - sr.sys
BA0F8000 - PxHelp20.sys
B9DE5000 - KSecDD.sys
B9DD2000 - WudfPf.sys
B9D45000 - Ntfs.sys
B9D18000 - NDIS.sys
B9CFD000 - Mup.sys
BA1D8000 - \SystemRoot\system32\DRIVERS\ATITool.sys
B98EA000 - \SystemRoot\System32\Drivers\ainyt7x0.SYS
BA1E8000 - \SystemRoot\system32\DRIVERS\intelppm.sys
B91D3000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys
B91BF000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
BA3E8000 - \SystemRoot\system32\DRIVERS\fdc.sys
BA3F0000 - \SystemRoot\system32\DRIVERS\usbohci.sys
B919C000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
BA3F8000 - \SystemRoot\system32\DRIVERS\usbehci.sys
B9177000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
B9BE3000 - \SystemRoot\system32\DRIVERS\nvnetbus.sys
B912C000 - \SystemRoot\system32\DRIVERS\NVNRM.SYS
B90F5000 - \SystemRoot\system32\DRIVERS\NVSNPU.SYS
B908E000 - \SystemRoot\System32\Drivers\a464r499.SYS
BA6F2000 - \SystemRoot\system32\DRIVERS\audstub.sys
BA1F8000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
B9CAD000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
B9077000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
BA208000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
BA218000 - \SystemRoot\system32\DRIVERS\raspptp.sys
BA460000 - \SystemRoot\system32\DRIVERS\TDI.SYS
B9066000 - \SystemRoot\system32\DRIVERS\psched.sys
BA228000 - \SystemRoot\system32\DRIVERS\msgpc.sys
BA480000 - \SystemRoot\system32\DRIVERS\ptilink.sys
BA470000 - \SystemRoot\system32\DRIVERS\raspti.sys
BA420000 - \SystemRoot\system32\DRIVERS\hamachi.sys
BA238000 - \SystemRoot\system32\DRIVERS\termdd.sys
BA428000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
BA490000 - \SystemRoot\system32\DRIVERS\mouclass.sys
BA608000 - \SystemRoot\system32\DRIVERS\swenum.sys
B9043000 - \SystemRoot\system32\DRIVERS\ks.sys
B8FEA000 - \SystemRoot\system32\DRIVERS\update.sys
B9CA1000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
BA248000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BA3A8000 - \SystemRoot\system32\DRIVERS\flpydisk.sys
B9982000 - \SystemRoot\system32\DRIVERS\cdrom.sys
B9972000 - \SystemRoot\system32\DRIVERS\redbook.sys
BA3B8000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
B9952000 - \SystemRoot\system32\DRIVERS\usbhub.sys
BA614000 - \SystemRoot\system32\DRIVERS\USBD.SYS
BA288000 - \SystemRoot\system32\DRIVERS\NVENETFD.sys
B64C8000 - \SystemRoot\system32\drivers\RtkHDAud.sys
B64A6000 - \SystemRoot\system32\drivers\portcls.sys
BA2F8000 - \SystemRoot\system32\drivers\drmk.sys
BA626000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
BA753000 - \SystemRoot\System32\Drivers\Null.SYS
BA628000 - \SystemRoot\System32\Drivers\Beep.SYS
BA754000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys
BA400000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
BA408000 - \SystemRoot\System32\drivers\vga.sys
BA62C000 - \SystemRoot\System32\Drivers\mnmdd.SYS
BA62E000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BA438000 - \SystemRoot\System32\Drivers\Msfs.SYS
BA430000 - \SystemRoot\System32\Drivers\Npfs.SYS
B9BDB000 - \SystemRoot\system32\DRIVERS\rasacd.sys
B3956000 - \SystemRoot\system32\DRIVERS\ipsec.sys
B38FE000 - \SystemRoot\system32\DRIVERS\tcpip.sys
BA2A8000 - \SystemRoot\System32\Drivers\aswTdi.SYS
B38B5000 - \SystemRoot\system32\DRIVERS\ipnat.sys
B388D000 - \SystemRoot\system32\DRIVERS\netbt.sys
BA2B8000 - \SystemRoot\system32\DRIVERS\wanarp.sys
B386B000 - \SystemRoot\System32\drivers\afd.sys
BA168000 - \SystemRoot\system32\DRIVERS\netbios.sys
B36F8000 - \SystemRoot\system32\DRIVERS\rdbss.sys
B3689000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
BA178000 - \SystemRoot\System32\Drivers\Fips.SYS
BA440000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
B9C91000 - \SystemRoot\system32\DRIVERS\hidusb.sys
BA188000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
B9CB5000 - \SystemRoot\system32\DRIVERS\usbscan.sys
BA448000 - \SystemRoot\system32\DRIVERS\usbprint.sys
B693F000 - \SystemRoot\system32\DRIVERS\mouhid.sys
B5710000 - \SystemRoot\system32\DRIVERS\kbdhid.sys
BA713000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
B3639000 - \SystemRoot\System32\Drivers\Aavmker4.SYS
A9E36000 - \SystemRoot\System32\Drivers\Cdfs.SYS
A8B5B000 - \SystemRoot\System32\Drivers\dump_atapi.sys
BA61C000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
AA712000 - \SystemRoot\System32\drivers\Dxapi.sys
A9785000 - \SystemRoot\System32\watchdog.sys
BF000000 - \SystemRoot\System32\drivers\dxg.sys
B0D6C000 - \SystemRoot\System32\drivers\dxgthk.sys
BF012000 - \SystemRoot\System32\nv4_disp.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
A87F9000 - \SystemRoot\system32\DRIVERS\nwlnkipx.sys
B00B9000 - \SystemRoot\system32\DRIVERS\nwlnknb.sys
B2846000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
AECEC000 - \SystemRoot\system32\DRIVERS\nwlnkspx.sys
A87E3000 - \SystemRoot\System32\Drivers\aswMon2.SYS
A86B6000 - \SystemRoot\system32\drivers\wdmaud.sys
AB33C000 - \SystemRoot\system32\drivers\sysaudio.sys
A7A23000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
A79B8000 - \SystemRoot\system32\DRIVERS\atksgt.sys
AD5BB000 - \SystemRoot\system32\DRIVERS\lirsgt.sys
A793E000 - \SystemRoot\system32\DRIVERS\srv.sys
A7826000 - \SystemRoot\system32\DRIVERS\secdrv.sys
B3651000 - \??\D:\Program Files\GameTap\bin\Release\X4HSX32.Sys
AD9A9000 - \??\C:\WINDOWS\nvoclock.sys
A764A000 - \SystemRoot\System32\Drivers\aswRdr.SYS
A74ED000 - \SystemRoot\System32\Drivers\HTTP.sys
A537F000 - \SystemRoot\system32\drivers\kmixer.sys
BA73C000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

Total number of drivers = 130

Liste des programmes installes

7-Zip 4.55 beta
ABC (remove only)
Acoustica MP3 CD Burner
Ad-Aware 2007
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.1 - Français
Advanced RAR Password Recovery (remove only)
AGEIA PhysX v7.09.13
Analyseur et SDK MSXML 4.0 SP2
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
ATITool Overclocking Utility
avast! Antivirus
AVG Anti-Spyware 7.5
BioShock
BitComet 0.93
Bridge Construction Set Demo 1.36
Bullet Candy Demo
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
Cascades demo by NVIDIA (remove only)
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
ccc-utility
CCleaner (remove only)
Command & Conquer™ The First Decade Patch 1.02
Company of Heroes
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
Company of Heroes - FAKEMSI
ConvertXtoDVD 2.2.3.258
Correctif pour Lecteur Windows Media 11 (KB939683)
Correctif pour Windows XP (KB914440)
Correctif pour Windows XP (KB935448)
Correctif Windows XP - KB873339
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB888302
Correctif Windows XP - KB890859
Correctif Windows XP - KB891781
CryEngine(R)2 Sandbox(TM)2
CryEngine(R)2 Sandbox(TM)2
Crysis(R)
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Download Manager 2.3.6
DVD Decrypter (Remove Only)
EasyCleaner
Enemy Territory - QUAKE Wars(TM) 1.1 Patch
EVEREST Home Edition v2.20
FileASSASSIN
FLV Downloader 1.01
Fraps
Freez FLV to AVI/MPEG/WMV Converter
GameSpy Comrade
GameTap
GetBot
GPGNet
Half-Life 2: Episode One
Half-Life 2: Lost Coast
Hamachi 1.0.2.3
HD Tune 2.54
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
iPod for Windows 2006-06-28
iPod for Windows 2006-06-28
iTunes
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Kane and Lynch: Dead Men
Lecteur Windows Media 11
MD5 Checksum Verifier 2.5
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 Language Pack - FRA
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0 French Language Pack
Microsoft ActiveSync 4.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901190)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB917344)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918118)
Mise à jour de sécurité pour Windows XP (KB918439)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour de sécurité pour Windows XP (KB921503)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923689)
Mise à jour de sécurité pour Windows XP (KB923789)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924496)
Mise à jour de sécurité pour Windows XP (KB924667)
Mise à jour de sécurité pour Windows XP (KB925902)
Mise à jour de sécurité pour Windows XP (KB926255)
Mise à jour de sécurité pour Windows XP (KB926436)
Mise à jour de sécurité pour Windows XP (KB927779)
Mise à jour de sécurité pour Windows XP (KB927802)
Mise à jour de sécurité pour Windows XP (KB928255)
Mise à jour de sécurité pour Windows XP (KB928843)
Mise à jour de sécurité pour Windows XP (KB929123)
Mise à jour de sécurité pour Windows XP (KB930178)
Mise à jour de sécurité pour Windows XP (KB931261)
Mise à jour de sécurité pour Windows XP (KB931784)
Mise à jour de sécurité pour Windows XP (KB932168)
Mise à jour de sécurité pour Windows XP (KB933729)
Mise à jour de sécurité pour Windows XP (KB935839)
Mise à jour de sécurité pour Windows XP (KB935840)
Mise à jour de sécurité pour Windows XP (KB936021)
Mise à jour de sécurité pour Windows XP (KB937143)
Mise à jour de sécurité pour Windows XP (KB938127)
Mise à jour de sécurité pour Windows XP (KB938829)
Mise à jour de sécurité pour Windows XP (KB941202)
Mise à jour de sécurité pour Windows XP (KB943460)
Mise à jour pour Windows XP (KB894391)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB904942)
Mise à jour pour Windows XP (KB908531)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour pour Windows XP (KB916595)
Mise à jour pour Windows XP (KB920872)
Mise à jour pour Windows XP (KB922582)
Mise à jour pour Windows XP (KB925720)
Mise à jour pour Windows XP (KB927891)
Mise à jour pour Windows XP (KB930916)
Mise à jour pour Windows XP (KB933360)
Mise à jour pour Windows XP (KB936357)
Mise à jour pour Windows XP (KB938828)
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
Mozilla Firefox (2.0.0.9)
Mozilla Firefox (3.0b1)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Nero 8 Demo
neroxml
Nullsoft Install System
NVIDIA Drivers
NVIDIA nTune
NVIDIA nTune
OCCT Perestroika 1.0.1
OpenAL
OpenOffice.org 2.3
Pcsx2 0.9.2 Watermoose
Peggle Deluxe 1.0
Peggle Extreme
Pontifex II
Portal
PunkBuster Services
QuickTime
Race - The WTCC Game
Rapidshare Unlimited 2.0
RAR Password Cracker 4.12
Realtek High Definition Audio Driver
RivaTuner v2.05
Security Update pour Microsoft .NET Framework 2.0 (KB928365)
Shockwave
Sid Meier's Civilization 4
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Warlords
Skins
Skype™ 3.5
Smoke demo by NVIDIA (remove only)
SpywareBlaster v3.5.1
Stardock Central
Steam
SUPER © Version 2007.bld.23 (July 4, 2007)
TBS WMP Plug-in
TBS WMP Plug-in
The Typing of The Dead US
The Witcher
Thrillville™ Le Parc en Folie™ Demo
Thrillville™ Le Parc en Folie™ Demo
touchFree 0.6
TuneUp Utilities 2007
Uniblue RegistryBooster 2
Unreal Tournament 3
Unreal Tournament 3 Demo
VastPark Creator 0.9 Beta1
VCRedistSetup
WebFldrs XP
Windows Communication Foundation
Windows Communication Foundation Language Pack - FRA
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows Presentation Foundation Language Pack (FRA)
Windows Workflow Foundation
Windows Workflow Foundation FR Language Pack
WinISO 5.3
WinSCP 4.0.4
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Yahoo! Install Manager



Le volume dans le lecteur C s'appelle stockage
Le numéro de série du volume est 481E-A961

Répertoire de C:\Program Files

28/11/2007 19:18 <REP> .
28/11/2007 19:18 <REP> ..
06/09/2007 20:08 <REP> 7-Zip
27/09/2007 19:57 <REP> ABC
27/09/2007 21:27 <REP> Acoustica MP3 CD Burner
09/09/2007 10:36 <REP> Adobe
06/10/2007 21:03 <REP> adslTV
12/10/2007 18:05 <REP> AGEIA Technologies
30/09/2007 19:24 <REP> Ahead
26/08/2007 11:40 <REP> Alwil Software
10/09/2007 20:37 <REP> Apple Software Update
31/10/2007 19:59 <REP> ATITool
25/09/2007 21:16 <REP> AviSynth 2.5
27/09/2007 20:02 <REP> BitComet
03/11/2007 18:01 <REP> Bridge Construction Set Demo
26/10/2007 22:49 <REP> CabExtract
22/11/2007 22:43 <REP> CCleaner
30/09/2007 01:37 <REP> Common Files
25/08/2007 17:12 <REP> ComPlus Applications
29/08/2007 21:11 <REP> DAEMON Tools
27/10/2007 18:50 <REP> DAEMON Tools Pro
27/10/2007 15:27 <REP> DAEMON Tools ro
28/09/2007 16:22 <REP> Disney
17/11/2007 12:45 <REP> DivX
26/11/2007 12:53 <REP> dl_Cats
07/09/2007 17:42 <REP> DMV
28/11/2007 19:11 <REP> Download Manager
21/11/2007 16:24 <REP> DVD Decrypter
05/10/2007 18:17 <REP> ElcomSoft
28/09/2007 17:37 <REP> Electronic Arts
25/09/2007 21:16 <REP> eRightSoft
31/10/2007 21:58 <REP> Fichiers communs
23/11/2007 18:45 <REP> FileASSASSIN
24/09/2007 19:23 <REP> FLV Downloader 1.01
11/09/2007 17:29 <REP> GameSpy
23/11/2007 18:45 <REP> Grisoft
26/08/2007 21:34 <REP> Hamachi
01/01/2007 02:45 <REP> HD Tune
10/10/2007 02:00 <REP> Internet Explorer
10/11/2007 17:15 <REP> iPod
10/11/2007 17:15 <REP> iTunes
17/10/2007 22:14 <REP> Java
12/10/2007 15:30 <REP> Kreeda
27/08/2007 13:17 <REP> Lavalys
29/09/2007 12:35 <REP> Lavasoft
30/08/2007 23:26 <REP> Lionhead Studios
02/10/2007 17:36 <REP> MD5 Checksum Verifier
30/09/2007 01:54 <REP> Messenger
20/09/2007 21:30 <REP> Microsoft ActiveSync
25/08/2007 17:16 <REP> microsoft frontpage
30/09/2007 10:59 <REP> Movie Maker
28/11/2007 19:11 <REP> Mozilla Firefox
29/11/2007 17:48 <REP> Mozilla Firefox 3 Beta 1
20/10/2007 12:03 <REP> MSBuild
25/08/2007 17:11 <REP> MSN
25/08/2007 17:11 <REP> MSN Gaming Zone
26/08/2007 17:08 <REP> MSN Messenger
02/09/2007 18:49 <REP> MSXML 4.0
26/08/2007 13:46 <REP> MSXML 6.0
08/10/2007 20:41 <REP> Nero
30/09/2007 10:59 <REP> NetMeeting
30/09/2007 09:46 <REP> Netropa
30/09/2007 10:29 <REP> NSIS
28/10/2007 10:55 <REP> NVIDIA Corporation
29/08/2007 19:59 <REP> OCCT
25/08/2007 17:11 <REP> Online Services
28/09/2007 21:00 <REP> OpenAL
20/10/2007 18:54 <REP> OpenOffice.org 2.3
30/09/2007 10:58 <REP> Outlook Express
30/10/2007 23:54 <REP> Pcsx2
30/09/2007 16:27 <REP> Pontifex II
16/09/2007 19:50 <REP> PopCap Games
10/11/2007 17:14 <REP> QuickTime
26/08/2007 11:18 <REP> Realtek
26/08/2007 13:32 <REP> Reference Assemblies
30/10/2007 12:37 <REP> RivaTuner v2.05
18/10/2007 16:48 <REP> SEGA
25/08/2007 17:14 <REP> Services en ligne
24/09/2007 19:56 <REP> Smallvideosoft
02/10/2007 17:20 <REP> Sony
23/11/2007 18:45 <REP> SpywareBlaster
29/08/2007 23:07 <REP> Stardock
25/11/2007 19:40 <REP> Steam
10/11/2007 15:55 <REP> THQ
28/11/2007 19:07 <REP> ToniArts
28/11/2007 19:11 <REP> touchFree
22/11/2007 23:05 <REP> Trend Micro
22/11/2007 22:46 <REP> TuneUp Utilities 2007
22/11/2007 23:17 <REP> Uniblue
19/10/2007 16:43 <REP> VastPark
30/09/2007 20:11 <REP> VSO
01/11/2007 22:08 <REP> Windows Live Safety Center
15/09/2007 11:36 <REP> Windows Media Connect 2
30/09/2007 11:00 <REP> Windows Media Player
30/09/2007 10:43 <REP> Windows NT
01/11/2007 19:06 <REP> WinISO
26/08/2007 11:56 <REP> WinRAR
20/10/2007 17:02 <REP> WinSCP
25/08/2007 17:16 <REP> xerox
28/11/2007 19:18 <REP> Yahoo!
0 fichier(s) 0 octets
100 Rép(s) 10 270 302 208 octets libres
Le volume dans le lecteur C s'appelle stockage
Le numéro de série du volume est 481E-A961

Répertoire de C:\Program Files\fichiers communs

31/10/2007 21:58 <REP> .
31/10/2007 21:58 <REP> ..
09/09/2007 10:36 <REP> Adobe
29/08/2007 19:07 <REP> Apple
26/09/2007 21:16 <REP> Blizzard Entertainment
02/09/2007 21:30 <REP> DirectX
02/10/2007 21:59 <REP> InstallShield
29/08/2007 22:38 <REP> Java
20/09/2007 21:30 <REP> Microsoft Shared
25/08/2007 17:13 <REP> MSSoap
08/10/2007 20:43 <REP> Nero
25/08/2007 19:00 <REP> ODBC
25/08/2007 17:13 <REP> Services
31/10/2007 17:21 <REP> Skype
25/08/2007 18:59 <REP> SpeechEngines
29/08/2007 23:07 <REP> Stardock
26/08/2007 13:07 <REP> System
12/10/2007 18:06 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
18 Rép(s) 10 270 310 400 octets libres
Le volume dans le lecteur C s'appelle stockage
Le numéro de série du volume est 481E-A961

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

25/08/2007 17:29 <REP> .
25/08/2007 17:29 <REP> ..
18/05/2001 14:57 561 209 MSONSEXT.DLL
03/06/1999 11:09 122 937 MSOWS409.DLL
07/03/2001 06:00 127 033 MSOWS40c.DLL
3 fichier(s) 811 179 octets
2 Rép(s) 10 270 310 400 octets libres
Le volume dans le lecteur C s'appelle stockage
Le numéro de série du volume est 481E-A961

Répertoire de C:\Program Files\common files

30/09/2007 01:37 <REP> .
30/09/2007 01:37 <REP> ..
30/09/2007 09:46 <REP> InstallShield
30/09/2007 01:31 <REP> Microsoft Shared
30/09/2007 01:19 <REP> MSSoap
30/09/2007 00:58 <REP> ODBC
30/09/2007 01:19 <REP> Services
30/09/2007 00:57 <REP> SpeechEngines
30/09/2007 01:54 <REP> System
0 fichier(s) 0 octets
9 Rép(s) 10 270 310 400 octets libres




Le volume dans le lecteur C s'appelle stockage
Le numéro de série du volume est 481E-A961

Répertoire de C:\

c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe
c:\Documents and Settings\Owner\Desktop\bitcomet_bitcomet_0.93_francais_12987.exe
c:\Documents and Settings\Owner\Desktop\R49908.EXE
c:\Documents and Settings\Propriétaire\Application Data\GetBot\getbot.exe
c:\Documents and Settings\Propriétaire\Application Data\InstallShield Installation Information\{31D95937-B237-405D-920C-A3EF4E482395}\setup.exe
c:\Documents and Settings\Propriétaire\Application Data\InstallShield Installation Information\{3266FEA9-98E9-448B-B235-DAC63D4CE781}\setup.exe
c:\Documents and Settings\Propriétaire\Application Data\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe
c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{7E4B7FD9-4ECE-4298-A910-3160B7918059}\ARPPRODUCTICON.exe
c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{C194D333-B84A-4BB7-B35E-060732D98DC4}\_6FEFF9B68218417F98F549.exe
c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{C194D333-B84A-4BB7-B35E-060732D98DC4}\_A57F1F257079FF2A40AB26.exe
c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{C194D333-B84A-4BB7-B35E-060732D98DC4}\_EA8B51C7A39B7699D01082.exe
c:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{EA0B63C1-E579-43DD-A5F7-0DA5E9092554}\ARPPRODUCTICON.exe
c:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\a9xg63ln.default\FlashGot.exe
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\GameSpy\Comrade\updates\ComradeFull159.exe~
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\GameSpy\Comrade\updates\ComradeFull160.exe~
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\id Software\Enemy Territory - QUAKE Wars Public Beta\pb\PnkBstrB.exe
c:\Documents and Settings\Propriétaire\Local Settings\Temp\{E870ADDC-DAB7-4C88-A5A0-539AAAF5744D}\SetupUT3.exe
c:\Documents and Settings\Propriétaire\Mes documents\My Games\Sid Meier's Civilization 4\Patch\Patch_174.exe
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Nero\DrWeb\Drweb32.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
c:\Documents and Settings\Propriétaire\Application Data\InstallShield Installation Information\{31D95937-B237-405D-920C-A3EF4E482395}\_Setup.dll
c:\Documents and Settings\Propriétaire\Application Data\InstallShield Installation Information\{31D95937-B237-405D-920C-A3EF4E482395}\ISSetup.dll
c:\Documents and Settings\Propriétaire\Application Data\InstallShield Installation Information\{3266FEA9-98E9-448B-B235-DAC63D4CE781}\ISSetup.dll
c:\Documents and Settings\Propriétaire\Application Data\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\ISSetup.dll
c:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\a9xg63ln.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07074039.dll
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\id Software\Enemy Territory - QUAKE Wars Public Beta\base\compiledscriptx86.dll
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\id Software\Enemy Territory - QUAKE Wars Public Beta\base\gamex86.dll
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\id Software\Enemy Territory - QUAKE Wars Public Beta\pb\pbag.dll
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\id Software\Enemy Territory - QUAKE Wars Public Beta\pb\pbcl.dll
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\id Software\Enemy Territory - QUAKE Wars Public Beta\pb\pbsv.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_KILLERCOW.tar.gz a l'adresse http://upload.malekal.com