FORUMS  Forum d'informatique Forum jeux vidéos Forum loisirs  PROCESSUS WINDOWS  Processus Systèmes Processus Applicatifs Autres Processus Divers Processus  TELECHARGER  Logiciels Fichiers dll Pilotes  CONTACT  Gsiteg(à)gmail.com Renplacer (à) par @ Entrez les termes que vous recherchez. Web Gsiteg.com Envoyer un formulaire de recherche

FAQ   Rechercher   S'enregistrer   Profil   Se connecter pour vérifier ses messages privés   Connexion  Mon PC se plante régulièrement- Ecran figé - WGATRAY.EXE Aller à la page 1, 2  Suivante          GsiteG Index du Forum -> Systèmes d'exploitations (Windows, Linux...) Auteur Message tguffroy Inscrit le: 29 Avr 2008 Messages: 16 Posté le: Mar Avr 29, 2008 8:12 pm    Sujet du message: Mon PC se plante régulièrement- Ecran figé - WGATRAY.EXE Bonjour, Mon PC se plante régulièrement- Ecran figé - WGATRAY.EXE à rencontré un pb. J'ai fait un scan Hijackthis (voir ci-dessous). Quelqu'un peut-il m'aider ? (je "craque un peu!) Merci. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:09:54, on 29/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\BenQ\QMusic2\QMAgent.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\HP\KBD\KBD.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\System32\hphmon05.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Pack Securite\Common\FSM32.EXE C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA PREMIER\ECB-PREM.exe C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Pack Securite\Common\FSMA32.EXE C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Pack Securite\Common\FSMB32.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Pack Securite\Common\FCH32.EXE C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Pack Securite\Common\FAMEH32.EXE C:\Program Files\Pack Securite\FSPC\fspc.exe C:\Program Files\Pack Securite\FSGUI\fsguidll.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Pack Securite\FSAUA\program\fsus.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://edit.europe.yahoo.com/config/mail?.intl=fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr9.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file) O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [QMusic] "C:\Program Files\BenQ\QMusic2\QMAgent.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [eCarteBleue-PREM] "C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA PREMIER\ECB-PREM.exe" /dontopenmycards O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [Anniversaires] C:\Program Files\Anniversaires\Rappel.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-224939875-1886397580-1940914231-1003\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User '?') O4 - HKUS\S-1-5-21-224939875-1886397580-1940914231-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?') O4 - HKUS\S-1-5-21-224939875-1886397580-1940914231-1003\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" (User '?') O4 - HKUS\S-1-5-21-224939875-1886397580-1940914231-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-224939875-1886397580-1940914231-1003\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe (User '?') O4 - HKUS\S-1-5-21-224939875-1886397580-1940914231-1003\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" (User '?') O4 - HKUS\S-1-5-21-224939875-1886397580-1940914231-1003\..\Run: [Anniversaires] C:\Program Files\Anniversaires\Rappel.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User '?') O4 - HKUS\S-1-5-18\..\RunOnce: [SRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User '?') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [SRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'Default user') O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm024 O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Program Files\Titan Poker\casino.exe O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/cab/prod/DD_v4.CAB O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://webgames.d.tmsrv.com/c=3c427df37808409268f770b83fe1b1e7/aff=t_25oa_frca_wg/p/release/playfirst/wg_trijinx/trijinx/TriJinx.1.0.0.55.cab O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.1.74.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab O16 - DPF: {A9FD89D6-C839-11D3-B0FE-0050044B8FE9} (OBInstallRunner Control) - http://www.opinionbar.com/download/resources/OBInstallCabinet.CAB O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Pack Securite\FSAUA\program\fsaua.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 19194 bytes arba .. Inscrit le: 27 Jan 2008 Messages: 528 Posté le: Mer Avr 30, 2008 10:06 am    Sujet du message: - : Mon PC se plante régulièrement- Ecran figé - WGATRAY.EXE salut tguffroy! tu parais avoir deux antivirus résidents avast et fsecure, est-ce le cas? Dans un premier temps: telecharge sur ton bureau : -btfix : (pour plus tard car plusieurs infection BT) http://www.infos-du-net.com/telecharger/BTFix,0301-10960.html -smitfraudfix : http://siri.urz.free.fr/Fix/SmitfraudFix.exe 1)double click sur smitfraudfix.exe choisi l'option 1 et edite un rapport. 2)diaghelp : http://www.malekal.com/DiagHelp/DiagHelp.php suis le tuto de malekal et édite le rapport 3)poste les rapports diaghelp et smitfraudfix dans ta prochaine réponse. tguffroy Inscrit le: 29 Avr 2008 Messages: 16 Posté le: Mer Avr 30, 2008 11:44 am    Sujet du message: - : Mon PC se plante régulièrement- Ecran figé - WGATRAY.EXE Bonjour ! D'abord merci pour ton attention à mon cas ! Oui pour AVAST. Non pour fsecure - je n'en suis pas conscient en tout cas. (sauf si cela provient de Norton que j'avais avant et desinstallé). Je vais suivre tes conseils et actions demandées (mais je pars pour qq jours - la suite la semaine prochaine !). Merci. A+ tguffroy Inscrit le: 29 Avr 2008 Messages: 16 Posté le: Dim Mai 04, 2008 5:15 pm    Sujet du message: De retour... j'ai suivi les instructions Bonjour, de retour ce jour, j'ai suivi les instructions : Rapports Smitfraud et Diaghelp : Merci. Diaghelp : A noter que pendant l'execution de l'option , 1 j'ai eu le message suivant : "Sous-système MS-DOS 16 bits - C:\Windows\system32\cmd.exe - c:\PROGRA~1\Symantec\S32EVNT1.DLL; L'install d'un pilote périférique à échoué. Fermer pour mettre fin l'appli.". J'ai fait "fermer" mais cela a bouclé, j'ai fait ensuite "ignorer" et cela a continué. Ensuite, il a demandé à envoyer un fichier "upload_moi_Ordinateur.tar.gz" sous c: J'ai essayé sans succès. A chaque fois message "Le fichier choisi est invalide"... Ensuite, le scan s'est bloqué... pas de rapport. J'ai alors recommencé. Mêmes résultats... J'ai ensuite lancé l'option 2 - Pas de pbs : FPort v2.0 - TCP/IP Process to Port Mapper Copyright 2000 by Foundstone, Inc. http://www.foundstone.com Pid Process Port Proto Path 2332 -> 1036 TCP 1004 -> 135 TCP 1256 AppleMobileDeviceService-> 27015 TCP C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 4 System -> 139 TCP 4 System -> 445 TCP 3384 ashWebSv -> 12080 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3384 ashWebSv -> 1690 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3384 ashWebSv -> 1694 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3384 ashWebSv -> 1698 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3384 ashWebSv -> 1702 TCP C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 1972 btdna -> 59891 TCP C:\Program Files\DNA\btdna.exe 3096 fspc -> 59591 TCP C:\Program Files\Pack Securite\FSPC\fspc.exe 576 iTunesHelper -> 1027 TCP C:\Program Files\iTunes\iTunesHelper.exe 1788 iexplore -> 1682 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1683 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1684 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1691 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1692 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1693 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1695 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1696 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1697 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1699 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1700 TCP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1701 TCP C:\Program Files\Internet Explorer\iexplore.exe 2332 -> 1065 UDP 1004 -> 445 UDP 4 System -> 500 UDP 1972 btdna -> 1025 UDP C:\Program Files\DNA\btdna.exe 576 iTunesHelper -> 1058 UDP C:\Program Files\iTunes\iTunesHelper.exe 1788 iexplore -> 1028 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 123 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 137 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 138 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1438 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1523 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1624 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 1900 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 4500 UDP C:\Program Files\Internet Explorer\iexplore.exe 1788 iexplore -> 59891 UDP C:\Program Files\Internet Explorer\iexplore.exe PsList 1.26 - Process Information Lister Copyright (C) 1999-2004 Mark Russinovich Sysinternals - www.sysinternals.com Process information for MAMANOUCHE: Name Pid Pri Thd Hnd VM WS Priv Idle 0 0 1 0 0 16 0 System 4 8 60 816 1904 224 0 smss 592 11 3 21 3828 372 164 csrss 660 13 13 772 27936 4632 1772 winlogon 688 13 21 482 53332 3912 6168 services 732 9 15 312 22648 4500 1792 ati2evxx 912 8 4 58 19140 2308 548 svchost 928 8 17 198 61080 4712 3052 svchost 1004 8 11 340 39564 4612 2016 svchost 1100 8 64 1492 201160 29916 19328 wuauclt 3688 8 3 210 38792 5020 2300 svchost 1140 8 5 106 32000 3316 2364 AppleMobileDeviceService 1256 8 3 64 18148 2372 1752 svchost 1440 8 5 78 31252 3680 1396 svchost 1556 8 12 188 38808 4580 1804 aswUpdSv 1632 8 3 27 16880 228 460 ashServ 1716 13 28 258 126112 19324 20076 FSMA32 1956 8 11 84 28032 500 928 FSMB32 2156 8 22 131 34316 752 772 FCH32 2568 8 4 43 22532 688 1788 FAMEH32 2728 8 10 118 28384 420 1228 fspc 3096 8 35 662 113540 5744 22624 spoolsv 2028 8 11 114 41848 4620 3044 alg 2332 8 5 97 34108 3712 1244 svchost 2612 8 6 126 36460 4216 2392 ULCDRSvr 2844 8 2 21 8180 880 228 ashWebSv 3384 8 18 142 93900 31416 14916 fsaua 3724 6 3 82 30828 4260 2060 iPodService 4068 8 11 124 36356 3940 2428 lsass 744 9 20 375 42876 1064 3976 ati2evxx 1340 8 3 59 18676 2296 508 AcroRd32 628 8 8 273 130800 29228 22640 explorer 1584 8 19 806 135212 28652 25512 winampa 312 8 1 28 26212 2400 688 Monitor 396 8 1 42 29660 3328 1100 shwicon2k 412 4 1 44 30628 2684 652 SearchSettings 420 8 5 147 53288 6720 3236 QTTask 436 8 2 48 27916 2460 636 QMAgent 444 8 1 29 29028 1880 780 NvMixerTray 540 8 2 110 34416 3928 2188 WkUFind 548 8 1 12 7524 912 256 WkUFind 4024 8 1 179 55684 8576 2392 kbd 568 13 14 239 74416 6836 3584 iTunesHelper 576 8 11 309 224236 12384 9192 hpsysdrv 584 8 1 25 20188 1884 480 hphmon05 636 8 3 48 30992 3300 876 hpwuSchd2 668 8 1 71 32220 4172 1032 FSM32 872 8 7 90 46992 864 4340 fsguidll 3140 8 11 114 50828 8604 4968 ECB-PREM 876 8 1 60 30500 3352 824 HpqCmon 944 8 1 68 33580 3936 1080 CalCheck 960 8 1 39 30240 3116 860 ashDisp 1040 8 9 112 48976 3024 3792 apdproxy 1072 8 6 129 43992 4660 1280 atiptaxx 1092 8 2 97 37312 4428 2784 jusched 1128 8 1 33 28652 2368 700 msmsgs 1400 8 2 185 51688 2348 1388 ctfmon 1524 8 1 69 30152 3420 856 btdna 1972 8 7 216 47244 8700 4496 dslmon 2452 8 1 51 33812 4376 1460 hpqtra08 2484 8 2 93 37488 4164 1032 cmd 2624 8 1 20 14012 1656 1504 pslist 2460 13 2 87 17908 1820 836 iexplore 3924 8 28 945 238980 33440 55908 iexplore 1788 8 31 973 210304 62196 42400 fsus 2212 8 4 53 31516 3672 1332 ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1584 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x44080000 0xd0000 7.00.6000.16640 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16640 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x44160000 0x127000 7.00.6000.16640 C:\WINDOWS\system32\urlmon.dll 0x44360000 0x5cd000 7.00.6000.16640 C:\WINDOWS\system32\ieframe.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16640 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x03750000 0x10000 C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll 0x03760000 0xb000 C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll 0x03770000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x10000000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x02ef0000 0x38000 2.00.0000.0003 C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL 0x03260000 0x29000 11.00.0000.0716 c:\Program Files\Microsoft Money\System\mnyside.dll 0x02d40000 0x11000 11.00.0000.0716 c:\Program Files\Microsoft Money\System\misstub.dll 0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL 0x64000000 0x30000 2005.01.0001.0004 C:\PROGRA~1\Yahoo!\Common\ymmapi2005010104.dll 0x03570000 0x29000 C:\Program Files\WinRAR\rarext.dll 0x64f00000 0x12000 4.08.1169.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll 0x03700000 0x12000 7.00.0000.0000 C:\Program Files\Sonic RecordNow!\shlext.dll 0x7c000000 0x54000 7.00.9466.0000 C:\Program Files\Sonic RecordNow!\MSVCR70.dll 0x04a20000 0x27e000 5.02.5721.5145 C:\WINDOWS\system32\wpdshext.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x037f0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x07160000 0x46000 5.02.5721.5145 C:\WINDOWS\system32\Audiodev.dll 0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\WMVCore.DLL 0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL 0x41f00000 0x7000 1.01.0000.3917 C:\WINDOWS\system32\asfsipc.dll 0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL 0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL 0x365a0000 0x16000 10.00.6313.0000 C:\PROGRA~1\MICROS~4\Office10\MCPS.DLL 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 688 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x18000 6.14.0010.4109 C:\WINDOWS\system32\Ati2evxx.dll 0x01260000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ iexplore.exe pid: 3924 Command line: "C:\Program Files\Internet Explorer\iexplore.exe" Base Size Version Path 0x00400000 0x9b000 7.00.6000.16640 C:\Program Files\Internet Explorer\iexplore.exe 0x44160000 0x127000 7.00.6000.16640 C:\WINDOWS\system32\urlmon.dll 0x43e00000 0x45000 7.00.6000.16640 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x44360000 0x5cd000 7.00.6000.16640 C:\WINDOWS\system32\IEFRAME.dll 0x5dff0000 0x2f000 7.00.5730.0011 C:\WINDOWS\system32\IEUI.dll 0x47060000 0x21000 1.00.1018.0000 C:\WINDOWS\system32\xmllite.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x32520000 0x12000 10.00.2609.0000 C:\Program Files\Microsoft Office\Office10\msohev.dll 0x61930000 0x4a000 7.00.5730.0011 C:\Program Files\Internet Explorer\ieproxy.dll 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x44080000 0xd0000 7.00.6000.16640 C:\WINDOWS\system32\WININET.dll 0x01460000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x62900000 0x6d000 2006.10.0026.0001 C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll 0x10000000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x025b0000 0x38000 2.00.0000.0003 C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL 0x02630000 0xb8000 2.02.0000.0074 C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL 0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x02800000 0x1c3000 1.00.0001.0143 C:\Program Files\Skype\toolbars\Shared\SPhoneParser.dll 0x02c20000 0x29000 11.00.0000.0716 c:\Program Files\Microsoft Money\System\mnyside.dll 0x02c50000 0x11000 11.00.0000.0716 c:\Program Files\Microsoft Money\System\misstub.dll 0x035f0000 0x124000 5.01.0014.0002 C:\Program Files\Winamp Toolbar\winamptb.dll 0x40000000 0x3b000 5.02.0001.4781 C:\Program Files\Winamp Toolbar\xprt5.dll 0x03720000 0x15000 2.02.0001.0003 C:\WINDOWS\system32\BhoECart.dll 0x03750000 0x22000 3.00.0000.0006 C:\WINDOWS\system32\FFECart.dll 0x037a0000 0x7d000 3.00.0000.0006 C:\WINDOWS\system32\FFCore.dll 0x6d7c0000 0x7b000 6.00.0050.0013 C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll 0x472b0000 0x87000 3.01.0000.0146 C:\Program Files\Windows Live Toolbar\msntb.dll 0x748f0000 0x113000 8.90.1101.0000 C:\WINDOWS\system32\msxml3.dll 0x04150000 0x7000 3.01.0000.0146 C:\Program Files\Windows Live Toolbar\fr-fr\mtbres.dll.mui 0x04160000 0xa000 3.01.0000.0146 C:\Program Files\Windows Live Toolbar\mtbres.dll 0x042a0000 0x11f000 1.01.0000.0004 C:\Program Files\Search Settings\kb126\SearchSettings.dll 0x34000000 0x33000 2.00.0240.0000 C:\Program Files\Pack Securite\FSPS\program\FSLSP.DLL 0x04510000 0x15000 6.60.12296.14989 c:\program files\pack securite\scanner-interface\fsgkiapi.dll 0x65200000 0x14000 2005.12.0016.0001 C:\Program Files\Yahoo!\Companion\Installs\cpn1\pubmod.dll 0x65000000 0x35000 2006.01.0024.0001 C:\Program Files\Yahoo!\Companion\Installs\cpn1\ypubc.dll 0x05300000 0x12000 2006.04.0026.0001 C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTMsgr.dll 0x44a40000 0x374000 7.00.6000.16640 C:\WINDOWS\system32\mshtml.dll 0x02b90000 0x29000 3.10.0349.0000 C:\WINDOWS\system32\msls31.dll 0x449d0000 0x60000 7.00.6000.16461 C:\WINDOWS\system32\ieapfltr.dll 0x63380000 0x78000 5.07.0000.5730 C:\WINDOWS\System32\jscript.dll 0x44000000 0x77000 7.00.6000.16640 C:\WINDOWS\system32\mshtmled.dll 0x1b000000 0xc000 7.00.5730.0011 C:\WINDOWS\system32\ImgUtil.dll 0x42f90000 0xe000 7.00.6000.16640 C:\WINDOWS\system32\pngfilt.dll 0x30000000 0x3ae000 9.00.0115.0000 C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx 0x73300000 0x65000 5.07.0000.5730 C:\WINDOWS\System32\vbscript.dll 0x69200000 0xd000 10.01.0000.0011 C:\WINDOWS\system32\Macromed\Director\SwDir.dll 0x0a970000 0x90000 10.01.0000.0011 C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll 0x0ab10000 0x46000 7.00.0009.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOWS\system32\MSVCP71.dll 0x0abd0000 0x6000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.FRA 0x66700000 0x91000 7.02.0000.0240 C:\Program Files\QuickTime\QTPlugin.ocx 0x63430000 0x2c000 6.00.0009.2568 C:\WINDOWS\system32\rmoc3260.dll 0x60a20000 0x48000 6.00.0000.0000 C:\WINDOWS\system32\PNCRT.dll 0x12950000 0xa64000 11.00.5721.5230 C:\WINDOWS\system32\wmp.dll 0x13740000 0x7ea000 11.00.5721.5145 C:\WINDOWS\system32\wmploc.dll ------------------------------------------------------------------------------ iexplore.exe pid: 1788 Command line: "C:\Program Files\Internet Explorer\iexplore.exe" http://upload.malekal.com Base Size Version Path 0x00400000 0x9b000 7.00.6000.16640 C:\Program Files\Internet Explorer\iexplore.exe 0x44160000 0x127000 7.00.6000.16640 C:\WINDOWS\system32\urlmon.dll 0x43e00000 0x45000 7.00.6000.16640 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x44360000 0x5cd000 7.00.6000.16640 C:\WINDOWS\system32\IEFRAME.dll 0x5dff0000 0x2f000 7.00.5730.0011 C:\WINDOWS\system32\IEUI.dll 0x47060000 0x21000 1.00.1018.0000 C:\WINDOWS\system32\xmllite.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x32520000 0x12000 10.00.2609.0000 C:\Program Files\Microsoft Office\Office10\msohev.dll 0x61930000 0x4a000 7.00.5730.0011 C:\Program Files\Internet Explorer\ieproxy.dll 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x44080000 0xd0000 7.00.6000.16640 C:\WINDOWS\system32\WININET.dll 0x018b0000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x62900000 0x6d000 2006.10.0026.0001 C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll 0x10000000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x025b0000 0x38000 2.00.0000.0003 C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL 0x02630000 0xb8000 2.02.0000.0074 C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL 0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x02800000 0x1c3000 1.00.0001.0143 C:\Program Files\Skype\toolbars\Shared\SPhoneParser.dll 0x02b10000 0x29000 11.00.0000.0716 c:\Program Files\Microsoft Money\System\mnyside.dll 0x02b40000 0x11000 11.00.0000.0716 c:\Program Files\Microsoft Money\System\misstub.dll 0x035b0000 0x124000 5.01.0014.0002 C:\Program Files\Winamp Toolbar\winamptb.dll 0x40000000 0x3b000 5.02.0001.4781 C:\Program Files\Winamp Toolbar\xprt5.dll 0x02bd0000 0x15000 2.02.0001.0003 C:\WINDOWS\system32\BhoECart.dll 0x02c00000 0x22000 3.00.0000.0006 C:\WINDOWS\system32\FFECart.dll 0x036e0000 0x7d000 3.00.0000.0006 C:\WINDOWS\system32\FFCore.dll 0x6d7c0000 0x7b000 6.00.0050.0013 C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll 0x472b0000 0x87000 3.01.0000.0146 C:\Program Files\Windows Live Toolbar\msntb.dll 0x748f0000 0x113000 8.90.1101.0000 C:\WINDOWS\system32\msxml3.dll 0x04050000 0x7000 3.01.0000.0146 C:\Program Files\Windows Live Toolbar\fr-fr\mtbres.dll.mui 0x04060000 0xa000 3.01.0000.0146 C:\Program Files\Windows Live Toolbar\mtbres.dll 0x041a0000 0x11f000 1.01.0000.0004 C:\Program Files\Search Settings\kb126\SearchSettings.dll 0x34000000 0x33000 2.00.0240.0000 C:\Program Files\Pack Securite\FSPS\program\FSLSP.DLL 0x04510000 0x15000 6.60.12296.14989 c:\program files\pack securite\scanner-interface\fsgkiapi.dll 0x65200000 0x14000 2005.12.0016.0001 C:\Program Files\Yahoo!\Companion\Installs\cpn1\pubmod.dll 0x65000000 0x35000 2006.01.0024.0001 C:\Program Files\Yahoo!\Companion\Installs\cpn1\ypubc.dll 0x05420000 0x12000 2006.04.0026.0001 C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTMsgr.dll 0x44a40000 0x374000 7.00.6000.16640 C:\WINDOWS\system32\mshtml.dll 0x05740000 0x29000 3.10.0349.0000 C:\WINDOWS\system32\msls31.dll 0x449d0000 0x60000 7.00.6000.16461 C:\WINDOWS\system32\ieapfltr.dll 0x44000000 0x77000 7.00.6000.16640 C:\WINDOWS\system32\mshtmled.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x06160000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x04730000 0x10000 C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll 0x04740000 0xb000 C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll 0x63380000 0x78000 5.07.0000.5730 C:\WINDOWS\System32\jscript.dll 0x73300000 0x65000 5.07.0000.5730 C:\WINDOWS\System32\vbscript.dll 0x30000000 0x3ae000 9.00.0115.0000 C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx 0x09120000 0x6000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.FRA 0x63430000 0x2c000 6.00.0009.2568 C:\WINDOWS\system32\rmoc3260.dll 0x60a20000 0x48000 6.00.0000.0000 C:\WINDOWS\system32\PNCRT.dll 0x1b000000 0xc000 7.00.5730.0011 C:\WINDOWS\system32\ImgUtil.dll 0x42f90000 0xe000 7.00.6000.16640 C:\WINDOWS\system32\pngfilt.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ services.exe pid: 732 Command line: C:\WINDOWS\system32\services.exe Base Size Version Path 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est 5449-80DD Répertoire de C:\Program Files 29/04/2008 22:08 <REP> . 29/04/2008 22:08 <REP> .. 12/01/2008 17:06 <REP> AC3Filter 12/09/2004 20:24 <REP> ACE Mega CoDecS Pack 24/11/2007 18:29 <REP> Activision 16/07/2006 21:52 <REP> Adobe 03/02/2008 16:57 <REP> Alwil Software 24/02/2006 00:40 <REP> Anniversaires 29/09/2007 15:46 <REP> Apple Software Update 09/12/2003 22:25 <REP> ArcSoft 27/03/2004 19:42 <REP> Arturia 25/11/2007 19:24 <REP> Atari 06/04/2008 14:48 <REP> ATI Technologies 24/02/2006 00:30 <REP> ATnotes 01/01/2008 22:00 <REP> AviSynth 2.5 05/12/2004 23:51 <REP> AVSociety 29/01/2004 19:09 <REP> Barbie(TM) 05/12/2007 10:41 <REP> Belote Expert 11/12/2004 22:40 <REP> BenQ 25/12/2007 19:46 <REP> BitTorrent 26/11/2007 21:52 <REP> Black Sheep Studio 09/06/2007 17:53 <REP> Cegetel 25/12/2007 16:19 <REP> Common Files 01/01/2003 15:47 <REP> ComPlus Applications 13/01/2006 23:31 <REP> DC C500 29/11/2005 21:25 <REP> Deep Silver 11/11/2007 21:38 <REP> directx 05/01/2005 23:28 <REP> Disney Interactive 12/01/2008 17:02 <REP> DivX 21/03/2008 09:52 <REP> DNA 06/04/2008 13:18 <REP> Driver Cleaner Pro 31/03/2007 23:50 <REP> DVD Shrink 27/09/2006 22:22 <REP> e-Carte Bleue 06/07/2007 20:41 <REP> EA GAMES 31/07/2004 18:22 <REP> Easy Internet signup 12/02/2006 13:20 <REP> Elaborate Bytes 10/11/2007 18:01 <REP> Electronic Arts 01/12/2007 20:21 <REP> Elektrogames 30/09/2004 21:07 <REP> EZFace 11/05/2005 23:29 <REP> fdjeux 01/01/2008 22:00 <REP> ffdshow 31/03/2008 22:31 <REP> Fichiers communs 04/12/2005 00:36 <REP> Firaxis Games 10/09/2005 16:46 <REP> Fizzual 08/12/2005 00:37 <REP> Free Audio Pack 29/03/2008 19:11 <REP> Free Easy Burner 18/04/2004 19:00 <REP> FunWebProducts 08/04/2006 15:06 <REP> GameSpy Arcade 23/08/2007 20:22 <REP> Google 12/01/2008 17:04 <REP> Haali 16/05/2005 22:31 <REP> Hewlett-Packard 30/03/2008 14:31 <REP> Holdem Indicator 30/03/2008 13:51 <REP> HP 04/12/2005 22:12 <REP> HT Burn DVD 3.2 Shareware 08/04/2006 15:08 <REP> IGN 12/12/2004 00:16 <REP> Illustrate 13/01/2006 23:19 <REP> Intel 02/08/2004 18:28 <REP> InterActual 13/04/2008 14:08 <REP> Internet Explorer 09/12/2003 22:26 <REP> InterVideo 29/09/2007 15:52 <REP> iPod 29/09/2007 15:52 <REP> iTunes 13/04/2008 22:23 <REP> Java 01/01/2003 18:00 <REP> Java Web Start 05/03/2005 22:06 <REP> JeffProd 12/11/2006 12:31 <REP> Jeux de cartes 23/07/2006 19:53 <REP> JoWooD 08/02/2005 23:17 <REP> Messenger 08/04/2006 14:57 <REP> Microids 09/05/2007 20:30 <REP> Microsoft CAPICOM 2.1.0.2 09/12/2003 23:41 <REP> Microsoft Encarta 01/01/2003 15:51 <REP> microsoft frontpage 18/09/2005 20:44 <REP> Microsoft Games 01/01/2003 17:16 <REP> Microsoft Money 25/01/2004 11:18 <REP> Microsoft Office 07/02/2004 18:32 <REP> Microsoft Picture It! 7 01/01/2003 17:16 <REP> Microsoft Works 01/01/2003 17:12 <REP> Microsoft Works Suite 2003 11/11/2007 19:41 <REP> Microsoft.NET 01/12/2007 20:18 <REP> Mindscape 29/07/2006 16:03 <REP> Monte Cristo 06/01/2008 17:47 <REP> Morgan 30/09/2004 07:32 <REP> Movie Maker 01/01/2003 15:46 <REP> MSN 01/01/2003 15:46 <REP> MSN Gaming Zone 11/03/2006 23:51 <REP> MSN Messenger 20/12/2003 13:32 <REP> MSXML 4.0 09/12/2003 22:23 <REP> Multimedia Card Reader 17/04/2004 18:20 <REP> MyWebSearch 18/11/2004 23:12 <REP> Native Instruments 06/01/2008 17:47 <REP> neodivx2006 30/09/2004 07:29 <REP> NetMeeting 09/06/2007 16:51 <REP> Neuf 23/06/2007 13:35 <REP> neuf telecom 26/09/2006 22:00 <REP> NVIDIA Corporation 12/01/2008 17:05 <REP> On2 Technologies 06/09/2007 21:01 <REP> OpinionBar 13/06/2007 14:56 <REP> Outlook Express 17/05/2007 12:52 <REP> PacificPoker 13/02/2008 13:08 <REP> Pack Securite 09/02/2008 20:04 <REP> PartyGaming 13/12/2003 18:51 <REP> Pinnacle 03/02/2007 21:07 <REP> Playlogic 29/04/2008 23:37 <REP> Poker Indicator 08/11/2006 03:16 <REP> Poker Tracker V2 09/02/2008 20:02 <REP> PokerStars 14/03/2008 22:37 <REP> Pokerwize 19/12/2003 21:54 <REP> PowerPoint Viewer 12/02/2006 13:58 <REP> project dogwaffle 01/09/2007 19:10 <REP> QuickTime 16/02/2008 19:35 <REP> QuickTime Alternative 05/12/2004 23:49 <REP> R4 19/09/2004 10:26 <REP> Real 16/02/2008 19:35 <REP> Real Alternative 23/08/2005 20:45 <REP> ReflexiveArcade 12/01/2008 16:59 <REP> Ripp-It Codec Pack 12/01/2008 16:58 <REP> Ripp-it_AM 12/11/2006 12:15 <REP> Sabrina 20/03/2005 20:45 <REP> SAGEM 09/02/2008 17:22 <REP> Samsung 16/03/2008 21:26 <REP> Search Settings 08/04/2006 14:51 <REP> Sega 01/10/2004 22:21 <REP> SereneScreen 01/01/2003 18:04 <REP> Services en ligne 10/04/2006 22:50 <REP> Shadowgrounds French Demo 01/04/2006 15:42 <REP> Sierra 01/07/2007 14:02 <REP> Sierra Online 03/03/2007 18:04 <REP> Skype 29/01/2006 13:31 <REP> SlySoft 04/03/2006 21:32 <REP> Sonic 04/03/2006 21:32 <REP> Sonic RecordNow! 25/12/2007 17:07 <REP> Sony 25/12/2007 17:06 <REP> Sony Setup 28/10/2004 20:22 <REP> Strategy First 12/12/2004 01:44 <REP> SureThing 11/02/2007 20:31 <REP> SymNetDrv 13/01/2007 18:17 <REP> Telltale Games 25/11/2007 19:25 <REP> The Adventure Company 10/12/2007 22:35 <REP> THQ 13/04/2008 22:11 <REP> Titan Poker 21/05/2005 19:21 <REP> TLKGAMES 20/04/2006 17:20 <REP> Tomb Raider - Legend 29/04/2008 22:08 <REP> Trend Micro 01/12/2007 20:10 <REP> Ubisoft 13/01/2006 23:29 <REP> Ulead Systems 18/05/2004 21:18 <REP> Ultralingua 05/07/2004 21:03 <REP> Uninstall Information 22/10/2004 22:31 <REP> Virtual Mechanics 12/11/2006 14:19 <REP> VPHoldem 03/02/2008 16:56 <REP> Wanadoo 16/03/2008 20:20 <REP> Winamp 16/03/2008 20:20 <REP> Winamp Toolbar 06/01/2008 17:47 <REP> WinASPI 01/12/2007 17:42 <REP> Windows Live Favorites 01/12/2007 17:43 <REP> Windows Live Toolbar 13/01/2006 23:13 <REP> Windows Media Components 29/09/2007 16:11 <REP> Windows Media Connect 2 25/12/2007 16:33 <REP> Windows Media Player 30/09/2004 07:29 <REP> Windows NT 22/02/2004 14:23 <REP> WinRAR 02/10/2004 19:25 <REP> WinZip 06/01/2008 17:46 <REP> x264 01/01/2003 15:51 <REP> xerox 25/01/2004 11:17 <REP> XLView 06/01/2008 17:46 <REP> XviD 01/05/2006 18:30 <REP> Yahoo! 0 fichier(s) 0 octets 166 Rép(s) 30 464 958 464 octets libres C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.4.3.1\iTunesSetupAdmin.exe C:\Documents and Settings\All Users\Symantec Temporary Files\NIS071020FR.exe C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\6P8RJKLV\iTunesSetupAdmin[1].exe C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\PQ0ATCVW\iTunesSetupAdmin[1].exe C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\PQ0ATCVW\iTunesSetupAdmin[2].exe C:\Documents and Settings\Propriétaire\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\AtiCimUn.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\open_htm.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\sp26433.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Install.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Source\AtiCimUn.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Source\CheckVer.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Source\issetup.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Source\Setup.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Source\BIN\EnumDev.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Source\CPanel\Setup.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Source\Driver\Setup.exe C:\Documents and Settings\Propriétaire\Local Settings\Temp\pft27.tmp\Source\eHomeW\Setup.exe C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\COKTEL\Désinstalleur Coktel.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\3drt_pinball_share.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\coolpooldemo8.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\wjchess.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\awale\awale.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\Belote\bexpert.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\Breakout\breakout.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\Champion ship rally\champion_sheep_rally_demo_jouable_2_anglais_20158.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\Chicken little\chickenlittle.demo\Chick.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\Chicken little\chickenlittle.demo\Launcher.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\NeedForSpeedUnder\NFSU2_Demo_Install\AutoRun.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\NeedForSpeedUnder\NFSU2_Demo_Install\eauninstall.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\NeedForSpeedUnder\NFSU2_Demo_Install\setup.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\NeedForSpeedUnder\NFSU_Demo_Install\AutoRun.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\NeedForSpeedUnder\NFSU_Demo_Install\eauninstall.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\NeedForSpeedUnder\NFSU_Demo_Install\setup.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\news\similibridge130.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Jeux\Sorm\sorm_sp_demo.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Screensavers\AquariumV11(serial JOYIT22YITJOYITJoppg).exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Anniversaires.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\atnsetup.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\cdex_151.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\cp_neuf_v1.2.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\dBpowerAMP-codec-mp4-aac-decode.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\DeepBurner1.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\dMC-r11.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Dogwaffle_Install_1_2_free.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\hfxpack0-extrafx.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\HJTInstall.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\HoldemIndicatorSetup.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\htburndvd32sharefr.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\imsdwarfv2.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\langpack.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\msgr75fr.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\nvu-0.41-win32-installer-full.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\OOo_2.3.1_Win32Intel_install_fr.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\phedinst.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\ppview97.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\PPVIEWER.EXE C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\pslite12.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\pxEngine507.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\RealOnePlayerV2GOLD_fr.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\setup.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Setup_FreeBurner.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Setup_FreeConverter.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Setup_ISOpen.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\SetupAnyDVD5511.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\SetupCloneDVD2Slysoft.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\sonic_ver.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\SP26391.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\sp26454.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Studio8_10_4c.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\ulef_win.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winzip90.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\WM9Codecs.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\wrar32b2fr.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\xlViewer.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\XVid_v21.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\zd3.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Avast\setupfre.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\blade\BladeEnc.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\lame\lame.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Neodivx\install_neodivx2006.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\catchme.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\diff.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\dumphive.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\FilesInfoCmd.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\find2.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\Fport.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\grep.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\gzip.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\KProcCheck.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\LFiles.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\LISTDLLS.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\md5sums.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\pslist.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\sigcheck.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\streams.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\swreg.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\DiagHelp\tar.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\404Fix.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\dumphive.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\exit.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\GenericRenosFix.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\HostsChk.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\IEDFix.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\Process.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\Reboot.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\restart.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\SmiUpdate.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\SrchSTS.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\swreg.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\swsc.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\swxcacls.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\UIFix.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\unzip.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\VACFix.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\VCCLSID.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix\WS2Fix.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Ripp-it\MAJ_Ri4m_v503b.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Ripp-it\Pack_PSP_Ri4m_setup_1a.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Ripp-it\SetupRiamCodecPack_4.2.6.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\tuxpaint\TuxPaint-0.9.14\TuxPaint.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\tuxpaint\TuxPaint-0.9.14\tuxpaint-config.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\AVSocietyTV_V4CD1.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\End_Of_Billenium.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\geiss_423.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\R4_1v10b.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\The_Presets_v6.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\ToNiC_FaTTeST_aVS_PaCK.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\Tonic_v4_-_My_4D_Life_in_Sofia.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\Tripex3.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\VISBOT_-_Watch_out_for_this_Logo.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\winamp507_pro.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\winamp\winamp509_pro.exe C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Wintab\SETUP.EXE C:\Documents and Settings\Propriétaire\Mes documents\Downloads TGU\Utilitaires\Wintab\WINTAB.EXE C:\Documents and Settings\Propriétaire\NeoDivX Suite\Settings\VirtualDubMod\AuxSetup.exe C:\Documents and Settings\Propriétaire\NeoDivX Suite\Settings\VirtualDubMod\VirtualDubMod.exe ===========>>>>>>>> SMITFRAUDFIX SmitFraudFix v2.319 Rapport fait à 18:27:54.65, 04/05/2008 Executé à partir de C:\Documents and Settings\Propri‚taire\Mes documents\Downloads TGU\Utilitaires\Repair\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "LoadAppInit_DLLs"=dword:00000001 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin tguffroy Inscrit le: 29 Avr 2008 Messages: 16 Posté le: Dim Mai 04, 2008 5:35 pm    Sujet du message: Rapport Diaghelp ! Bonjour, finalement cela ressemble plutot à un manque de patience ! Ci-joint le rapport (finalement généré par l'option 1 de Diaghelp) : Merci. (je vais réessayer d'envoyer le fichier) DiagHelp version v1.4 - http://www.malekal.com excute le 04/05/2008 à 19:08:00.42 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\NOTEPAD.EXE-2F2D61E1.pf -->04/05/2008 19:05:11 C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->04/05/2008 19:04:57 C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->04/05/2008 19:03:03 C:\WINDOWS\prefetch\IEXPLORE.EXE-2D97EBE6.pf -->04/05/2008 18:46:24 C:\WINDOWS\prefetch\FIND.EXE-0EEAD1A7.pf -->04/05/2008 18:43:32 C:\WINDOWS\prefetch\CSCRIPT.EXE-0A13A05C.pf -->04/05/2008 18:28:45 C:\WINDOWS\prefetch\SWREG.EXE-2F422DA7.pf -->04/05/2008 18:28:43 C:\WINDOWS\prefetch\VACFIX.EXE-25BDAB01.pf -->04/05/2008 18:28:42 C:\WINDOWS\prefetch\SRCHSTS.EXE-038BDBE0.pf -->04/05/2008 18:28:42 C:\WINDOWS\prefetch\404FIX.EXE-1FDFB47B.pf -->04/05/2008 18:28:42 C:\WINDOWS\System32\drivers\aswFsBlk.sys -->29/03/2008 19:35:49 C:\WINDOWS\System32\drivers\aswmon2.sys -->29/03/2008 19:35:21 C:\WINDOWS\System32\drivers\aswSP.sys -->29/03/2008 19:31:34 C:\WINDOWS\System32\drivers\aswRdr.sys -->29/03/2008 19:29:08 C:\WINDOWS\System32\drivers\aswTdi.sys -->29/03/2008 19:27:33 C:\WINDOWS\System32\drivers\aavmker4.sys -->29/03/2008 19:26:52 C:\WINDOWS\System32\drivers\aswmon.sys -->17/01/2008 17:34:01 C:\WINDOWS\System32\tmp.txt -->04/05/2008 18:27:58 C:\WINDOWS\System32\tmp.reg -->04/05/2008 18:27:58 C:\WINDOWS\System32\wpa.dbl -->04/05/2008 18:17:29 C:\WINDOWS\System32\PerfStringBackup.INI -->29/04/2008 00:00:57 C:\WINDOWS\System32\perfh00C.dat -->29/04/2008 00:00:57 C:\WINDOWS\System32\perfh009.dat -->29/04/2008 00:00:57 C:\WINDOWS\System32\perfc00C.dat -->29/04/2008 00:00:57 C:\WINDOWS\System32\perfc009.dat -->29/04/2008 00:00:57 C:\WINDOWS\System32\IEDFix.exe -->28/04/2008 08:03:06 C:\WINDOWS\System32\404Fix.exe -->28/04/2008 08:03:06 C:\WINDOWS\System32\VACFix.exe -->24/04/2008 08:10:33 C:\WINDOWS\System32\jupdate-1.6.0_05-b13.log -->13/04/2008 22:23:53 C:\WINDOWS\System32\FNTCACHE.DAT -->13/04/2008 21:35:59 C:\WINDOWS\System32\CONFIG.NT -->05/04/2008 11:49:25 C:\WINDOWS\System32\aswBoot.exe -->29/03/2008 19:45:49 C:\WINDOWS\System32\AvastSS.scr -->29/03/2008 19:23:22 C:\WINDOWS\System32\win32k.sys -->20/03/2008 10:09:22 C:\WINDOWS\System32\XAudio2_0.dll -->05/03/2008 16:03:54 C:\WINDOWS\System32\xactengine3_0.dll -->05/03/2008 16:03:20 C:\WINDOWS\System32\X3DAudio1_3.dll -->05/03/2008 16:00:06 C:\WINDOWS\System32\D3DX9_37.dll -->05/03/2008 15:56:58 C:\WINDOWS\System32\D3DCompiler_37.dll -->05/03/2008 15:56:58 C:\WINDOWS\System32\mshtml.dll -->01/03/2008 18:28:10 C:\WINDOWS\System32\wininet.dll -->01/03/2008 14:58:11 C:\WINDOWS\System32\webcheck.dll -->01/03/2008 14:58:11 C:\WINDOWS\WindowsUpdate.log -->04/05/2008 18:25:27 C:\WINDOWS\0.log -->04/05/2008 18:17:00 C:\WINDOWS\FSSTM.LOG -->04/05/2008 18:16:52 C:\WINDOWS\wiadebug.log -->04/05/2008 18:16:42 C:\WINDOWS\wiaservc.log -->04/05/2008 18:16:39 C:\WINDOWS\QTFont.qfn -->04/05/2008 18:16:30 C:\WINDOWS\bootstat.dat -->04/05/2008 18:16:16 C:\WINDOWS\SchedLgU.Txt -->30/04/2008 00:07:05 C:\WINDOWS\tsoc.log -->13/04/2008 14:08:33 C:\WINDOWS\setupapi.log -->13/04/2008 14:08:33 C:\WINDOWS\ocmsn.log -->13/04/2008 14:08:33 C:\WINDOWS\ocgen.log -->13/04/2008 14:08:33 C:\WINDOWS\ntdtcsetup.log -->13/04/2008 14:08:33 C:\WINDOWS\msgsocm.log -->13/04/2008 14:08:33 C:\WINDOWS\KB948881.log -->13/04/2008 14:08:33 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1584 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x44080000 0xd0000 7.00.6000.16640 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x43e00000 0x45000 7.00.6000.16640 C:\WINDOWS\system32\iertutil.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x44160000 0x127000 7.00.6000.16640 C:\WINDOWS\system32\urlmon.dll 0x44360000 0x5cd000 7.00.6000.16640 C:\WINDOWS\system32\ieframe.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x442b0000 0x3c000 7.00.6000.16640 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x03750000 0x10000 C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll 0x03760000 0xb000 C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll 0x03770000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x10000000 0xd000 7.00.0009.0050 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x02ef0000 0x38000 2.00.0000.0003 C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL 0x03260000 0x29000 11.00.0000.0716 c:\Program Files\Microsoft Money\System\mnyside.dll 0x02d40000 0x11000 11.00.0000.0716 c:\Program Files\Microsoft Money\System\misstub.dll 0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL 0x64000000 0x30000 2005.01.0001.0004 C:\PROGRA~1\Yahoo!\Common\ymmapi2005010104.dll 0x03570000 0x29000 C:\Program Files\WinRAR\rarext.dll 0x64f00000 0x12000 4.08.1169.0000 C:\Program Files\Alwil Software\Avast4\ashShell.dll 0x03700000 0x12000 7.00.0000.0000 C:\Program Files\Sonic RecordNow!\shlext.dll 0x7c000000 0x54000 7.00.9466.0000 C:\Program Files\Sonic RecordNow!\MSVCR70.dll 0x04a20000 0x27e000 5.02.5721.5145 C:\WINDOWS\system32\wpdshext.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x037f0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x07160000 0x46000 5.02.5721.5145 C:\WINDOWS\system32\Audiodev.dll 0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\WMVCore.DLL 0x11c70000 0x3a000 11.00.5721.5238 C:\WINDOWS\system32\WMASF.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 688 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0x18000 6.14.0010.4109 C:\WINDOWS\system32\Ati2evxx.dll 0x01260000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est 5449-80DD Répertoire de C:\WINDOWS\temp 09/09/2005 16:39 212 992 alcrmv.exe 10/09/2004 11:12 208 896 alcupd.exe 07/09/2004 14:47 57 344 Alcxmntr.exe 25/02/2004 19:00 40 448 ChCfg.exe 21/09/2004 12:13 9 196 032 RTLCPL.exe 05/05/2006 19:22 151 552 Setup.exe 16/09/2004 21:39 69 632 soundman.exe 08/04/2006 21:37 126 976 unzipper.exe 8 fichier(s) 10 063 872 octets 0 Rép(s) 30 464 991 232 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est 5449-80DD Répertoire de C:\WINDOWS\system 08/05/1998 00:04 52 736 hpsysdrv.exe 10/09/1999 13:06 4 672 WOWPOST.EXE 2 fichier(s) 57 408 octets 0 Rép(s) 30 464 991 232 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est 5449-80DD Répertoire de C:\WINDOWS\system32 20/08/2004 01:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 30 464 991 232 octets libres Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est 5449-80DD Répertoire de C:\WINDOWS\system32 03/05/2003 07:19 1 323 008 dmcpl.exe 1 fichier(s) 1 323 008 octets 0 Rép(s) 30 464 991 232 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HP_PAVILION Le numéro de série du volume est 5449-80DD Répertoire de C:\WINDOWS\Downloaded Program Files 30/03/2008 13:51 <REP> . 30/03/2008 13:51 <REP> .. 25/12/2007 19:22 <REP> CONFLICT.1 09/05/2003 13:02 2 373 DD_v4.INF 10/05/2003 09:20 71 128 DD_v4.ocx 01/01/2003 15:48 65 desktop.ini 15/10/1997 09:52 697 DirectAnimation Java Classes.osd 25/07/2002 18:13 24 576 dwusplay.dll 25/07/2002 18:13 196 608 dwusplay.exe 11/04/2007 15:55 1 292 erma.inf 16/03/2004 19:13 365 f3initialsetup1.0.0.8-2.inf 13/01/2005 17:33 9 811 fdjeux.osd 21/06/2004 19:11 294 912 FilePlanetDownloadCtrl.dll 06/10/2005 16:14 337 600 FPDC.dll 20/11/2007 17:04 1 523 536 FP_AX_CAB_INSTALLER.exe 18/10/2007 11:04 341 296 HPDEXAXO.dll 18/10/2007 11:00 217 HPDEXAXO.inf 04/03/2006 21:20 88 136 HPGetDownloadManager.ocx 25/07/2002 18:05 172 032 isusweb.dll 25/08/2003 19:12 1 096 iuctl.inf 15/09/2004 11:20 740 jinstall-1_5_0.inf 15/03/2002 16:18 348 160 kdu_v32r.dll 25/01/2006 13:43 367 LegitCheckControl.inf 30/01/2002 03:00 497 MDM.inf 20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd 08/11/2004 12:13 274 432 OBInstallRunner.OCX 26/09/2006 15:17 206 PIXACODnDUpload.inf 25/09/2006 21:33 1 368 064 PIXACODnDUpload.ocx 05/02/2004 10:45 520 355 RealArcadeRdxIE.dll 24/09/2007 14:10 304 setup.inf 03/06/2005 13:24 395 SnapfishActivia1000.inf 03/06/2005 13:24 286 720 SnapfishActivia1000.ocx 06/12/2006 10:11 224 768 symdlmgr.dll 06/12/2006 10:10 350 symdlmgr.inf 20/04/2006 13:44 24 393 tra2_2_5.rc 12/09/2006 10:51 32 250 tra2_3_0.rc 13/05/2007 18:43 <REP> TriJinx.1.0.0.55 22/11/2005 15:34 118 784 TriJinx.1.0.0.55.dll 22/11/2005 15:34 363 TriJinx.1.0.0.55.inf 08/10/2002 14:34 529 UplApp.inf 04/03/2006 22:59 36 480 w4sgeen9.exe 27/06/2003 18:51 209 489 ycomp5_1_6_0.dll 27/06/2003 19:06 326 ycomp5_1_6_0.inf 08/10/2002 14:37 204 800 yuplapp.dll 08/10/2002 14:36 253 952 ywcupl.dll 41 fichier(s) 6 973 626 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 25/12/2007 19:22 <REP> . 25/12/2007 19:22 &l