Sujet Précédent Sujet Suivant

Uc a 100% all time by virus

Fermé
santa - 30 déc. 2009 à 17:03
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 - 3 janv. 2010 à 10:24
Bonjour,
désolé de vous déranger mais j'ai un problème avec mon deuxième pc je ne peux pas aller sur tout les site internet avec puis le uc est a 100% des que j'allume a cause d'un processus appeler bifyma.exe il bouff tout le uc je peux rien faires avec le pc j'aimerai avoir de l'aide de votre par merci de votre compréhension.
A voir également:

46 réponses

Précédent
Réponse 21 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
31 déc. 2009 à 23:21
j ai eteint le pc je les pas encor testé jattend ta reponse pour le test
0
Réponse 22 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
1 janv. 2010 à 09:05
le lien que tu m'as envoyer me dit forbidden
0
Réponse 23 / 46
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
1 janv. 2010 à 10:00
essaye avec ce lien

https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/


ensuite telecharge hijackthis https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/

ne le lance pas, tu relance RSIt et poste le rapport
0
Réponse 24 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
1 janv. 2010 à 20:44
donc voilà je te poste les 2 rapports voila celui de malwarebytes

Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3469
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

02/01/2010 15:33:22
mbam-log-2010-01-02 (15-33-22).txt

Type de recherche: Examen complet (C:\|D:\|H:\|J:\|)
Eléments examinés: 203718
Temps écoulé: 1 hour(s), 4 minute(s), 47 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\LEO0WTUNO7 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\forceclassiccontrolpanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
D:\PRISON BREAK\MSNLoader.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.




et voila celui de hjti




Logfile of random's system information tool 1.06 (written by random/random)
Run by Jean michel at 2010-01-02 15:37:24
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 894 MB (5%) free of 17 GB
Total RAM: 1022 MB (70% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll [2009-01-16 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-21 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-02 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-06 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-21 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"koodit"=C:\WINDOWS\system32\bifyma.exe [2009-12-28 176128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1826816]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-21 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2009-01-20 2523960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

C:\Documents and Settings\Jean michel\Menu Démarrer\Programmes\Démarrage
Y'z ToolBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-08-25 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"D:\Warcraft III\Warcraft III.exe"="D:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\WINDOWS\system32\quickset.exe"="C:\WINDOWS\system32\quickset.exe:*:Enabled:UPnP Firewall"

======List of files/folders created in the last 1 months======

2103-01-01 07:27:41 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2103-01-01 07:10:24 ----A---- C:\WINDOWS\CMISETUP.INI
2103-01-01 07:10:20 ----A---- C:\WINDOWS\CMCDPLAY.INI
2103-01-01 07:10:01 ----A---- C:\WINDOWS\CMIUninstall.exe
2103-01-01 07:10:00 ----A---- C:\WINDOWS\CMIRmDriver.dll
2103-01-01 06:01:59 ----A---- C:\WINDOWS\system32\nvumctl.exe
2103-01-01 06:01:20 ----A---- C:\WINDOWS\system32\nvuide.exe
2103-01-01 05:58:04 ----D---- C:\Program Files\NVIDIA Corporation
2103-01-01 05:58:04 ----D---- C:\Program Files\Fichiers communs\NVIDIA Shared
2103-01-01 05:56:38 ----A---- C:\WINDOWS\system32\nvumpu.exe
2103-01-01 05:56:34 ----A---- C:\WINDOWS\system32\nvuaudio.exe
2103-01-01 05:51:38 ----D---- C:\NVIDIA
2103-01-01 05:19:37 ----D---- C:\WINDOWS\NV18441672.TMP
2103-01-01 05:01:42 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem.txt
2010-01-02 13:00:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-01 14:24:49 ----D---- C:\WINDOWS\temp
2010-01-01 14:24:47 ----A---- C:\ComboFix.txt
2010-01-01 13:53:40 ----A---- C:\WINDOWS\PEV.exe
2010-01-01 13:53:40 ----A---- C:\WINDOWS\MBR.exe
2010-01-01 13:53:39 ----A---- C:\WINDOWS\sed.exe
2010-01-01 13:53:39 ----A---- C:\WINDOWS\grep.exe
2010-01-01 13:46:50 ----AD---- C:\Qoobox
2009-12-31 15:33:35 ----RAD---- C:\autorun.inf
2009-12-31 14:15:28 ----A---- C:\UsbFix.txt
2009-12-31 13:59:10 ----D---- C:\UsbFix
2009-12-31 12:24:52 ----D---- C:\Program Files\trend micro
2009-12-31 12:24:51 ----D---- C:\rsit
2009-12-31 11:53:43 ----A---- C:\SDFix.exe
2009-12-31 01:47:00 ----A---- C:\WINDOWS\system32\kycoroucoo.exe
2009-12-31 01:24:21 ----D---- C:\VundoFix Backups
2009-12-31 01:24:21 ----A---- C:\VundoFix.txt
2009-12-29 15:21:16 ----D---- C:\Program Files\Prevx
2009-12-29 15:20:48 ----D---- C:\Documents and Settings\All Users\Application Data\PrevxCSI
2009-12-28 13:26:51 ----A---- C:\WINDOWS\system32\bifyma.exe
2009-12-28 12:29:58 ----D---- C:\Program Files\GTA BioHazard Alert REMAKE
2009-12-26 18:55:22 ----D---- C:\spoolerlogs
2009-12-26 09:20:14 ----D---- C:\WINDOWS\San Andreas Mod Installer
2009-12-26 09:20:13 ----D---- C:\Program Files\San Andreas Mod Installer
2009-12-26 06:42:00 ----A---- C:\WINDOWS\system32\YoItzVlad.tmp
2009-12-24 17:07:43 ----D---- C:\Documents and Settings\Jean michel\Application Data\PhotoFiltre Studio X
2009-12-24 17:07:37 ----D---- C:\Program Files\PhotoFiltre Studio X
2009-12-09 23:45:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 23:45:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 23:43:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 23:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 23:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-09 19:52:11 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-12-07 19:51:54 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan

======List of files/folders modified in the last 1 months======

2103-01-01 20:08:03 ----A---- C:\WINDOWS\DUMP4287.tmp
2103-01-01 05:21:53 ----D---- C:\WINDOWS\nview
2010-01-02 15:35:23 ----D---- C:\WINDOWS\system32\drivers
2010-01-02 13:00:48 ----AD---- C:\Program Files
2010-01-02 02:28:54 ----D---- C:\Documents and Settings\Jean michel\Application Data\vlc
2010-01-02 01:03:15 ----D---- C:\WINDOWS
2010-01-01 14:23:31 ----SD---- C:\WINDOWS\Tasks
2010-01-01 14:22:45 ----D---- C:\WINDOWS\erdnt
2010-01-01 14:22:39 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-01 14:16:51 ----A---- C:\WINDOWS\system.ini
2010-01-01 14:14:14 ----D---- C:\WINDOWS\system32\config
2010-01-01 14:13:28 ----D---- C:\WINDOWS\system32
2010-01-01 14:10:55 ----D---- C:\WINDOWS\AppPatch
2010-01-01 14:10:54 ----D---- C:\Program Files\Fichiers communs
2010-01-01 08:47:33 ----D---- C:\Program Files\Mozilla Firefox
2009-12-31 12:12:47 ----N---- C:\WINDOWS\system32\svchost.exe
2009-12-31 00:29:37 ----SHD---- C:\WINDOWS\Installer
2009-12-31 00:29:15 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-12-31 00:29:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-31 00:17:40 ----A---- C:\rapport.txt
2009-12-31 00:13:32 ----A---- C:\WINDOWS\system32\tmp.txt
2009-12-30 21:26:34 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-30 07:12:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-29 19:03:29 ----D---- C:\WINDOWS\inf
2009-12-29 18:55:25 ----D---- C:\WINDOWS\WinSxS
2009-12-29 15:20:47 ----A---- C:\WINDOWS\WININIT.INI
2009-12-29 14:00:47 ----D---- C:\WINDOWS\Minidump
2009-12-27 17:29:52 ----D---- C:\WINDOWS\network diagnostic
2009-12-24 17:07:45 ----D---- C:\Documents and Settings\Jean michel\Application Data\Identities
2009-12-23 10:18:43 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-23 04:11:06 ----D---- C:\Downloads
2009-12-22 21:46:09 ----D---- C:\WINDOWS\system32\Restore
2009-12-14 18:16:16 ----D---- C:\WINDOWS\Debug
2009-12-10 07:02:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 23:44:56 ----D---- C:\Program Files\Internet Explorer
2009-12-09 23:44:43 ----D---- C:\WINDOWS\ie8updates
2009-12-09 23:44:37 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-09 23:44:34 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-12-09 23:43:28 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-28 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-28 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
S1 44d4d993;44d4d993; C:\WINDOWS\System32\drivers\44d4d993.sys []
S2 pxrts;pxrts; C:\WINDOWS\System32\drivers\pxrts.sys []
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-25 787456]
S3 catchme;catchme; \??\C:\santa00\catchme.sys []
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys []
S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-05-23 42496]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-07-10 25280]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 npkcrypt;npkcrypt; \??\D:\hamster\Gravity\RO\npkcrypt.sys []
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 pxkbf;pxkbf; C:\WINDOWS\System32\drivers\pxkbf.sys []
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\JEANMI~1\LOCALS~1\Temp\mc21.tmp []
S4 Vax347b;Vax347b; C:\WINDOWS\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2009-12-31 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-12-31 14336]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-08-25 389120]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-08-25 516096]
S2 cmosqavs7;Asset Management Daemon; C:\WINDOWS\system32\kycoroucoo.exe [2009-12-28 176128]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2009-01-21 382976]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-07 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-09 208896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2009-12-31 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-30 132096]

-----------------EOF-----------------
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 46
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
1 janv. 2010 à 21:02
salut

clic ici https://www.virustotal.com/gui/

clic sur parcourir en milieu de page
dans la nouvelle fenetre copie colle ceci dedans

C:\WINDOWS\system32\kycoroucoo.exe

puis clic sur ouvrir
ensuite clic sur envoyer, un rapport va s'etablir
si on te dit le fichier a deja ete analyser clic sur reanalyser
copie colle l'integralité du rapport ici

tu fait de meme pour les 2 fichier ci dessous :

C:\WINDOWS\system32\bifyma.exe
C:\WINDOWS\CMIUninstall.exe
0
Réponse 26 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
1 janv. 2010 à 21:24
je peux dejà te dire ce c'est eux qui font le uc monté a 100%
0
Réponse 27 / 46
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
1 janv. 2010 à 21:28
non c'est pas ce que je te demande

tu dois clic sur le lien est faire analyser les 3 fichier mit en suivant la procedure indiqué

tu as donc 3 rapports a me poster
0
Réponse 28 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
1 janv. 2010 à 21:50
pour le kycoroucoo

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.43 2010.01.01 -
AhnLab-V3 5.0.0.2 2010.01.01 -
AntiVir 7.9.1.122 2009.12.31 TR/Crypt.XPACK.Gen
Antiy-AVL 2.0.3.7 2009.12.31 Trojan/Win32.Agent.gen
Authentium 5.2.0.5 2009.12.31 -
Avast 4.8.1351.0 2009.12.31 -
AVG 8.5.0.430 2010.01.01 -
BitDefender 7.2 2010.01.01 -
CAT-QuickHeal 10.00 2009.12.31 -
ClamAV 0.94.1 2010.01.01 -
Comodo 3442 2010.01.01 -
DrWeb 5.0.1.12222 2010.01.01 -
eSafe 7.0.17.0 2009.12.31 -
eTrust-Vet 35.1.7210 2010.01.01 -
F-Prot 4.5.1.85 2009.12.31 -
F-Secure 9.0.15370.0 2010.01.01 -
Fortinet 4.0.14.0 2010.01.01 -
GData 19 2010.01.01 -
Ikarus T3.1.1.79.0 2009.12.31 -
Jiangmin 13.0.900 2010.01.01 Backdoor/Agent.csky
K7AntiVirus 7.10.935 2009.12.31 -
Kaspersky 7.0.0.125 2010.01.01 -
McAfee 5848 2009.12.31 -
McAfee+Artemis 5848 2009.12.31 -
McAfee-GW-Edition 6.8.5 2010.01.01 Trojan.Crypt.XPACK.Gen
Microsoft 1.5302 2010.01.01 -
NOD32 4736 2010.01.01 -
Norman 6.04.03 2009.12.31 -
nProtect 2009.1.8.0 2009.12.31 -
Panda 10.0.2.2 2010.01.01 -
PCTools 7.0.3.5 2010.01.01 -
Prevx 3.0 2010.01.01 Medium Risk Malware
Rising 22.28.03.04 2009.12.31 -
Sophos 4.49.0 2010.01.01 -
Sunbelt 3.2.1858.2 2010.01.01 -
TheHacker 6.5.0.3.124 2010.01.01 -
TrendMicro 9.120.0.1004 2010.01.01 -
VBA32 3.12.12.1 2009.12.31 -
ViRobot 2009.12.31.2118 2009.12.31 -
VirusBuster 5.0.21.0 2010.01.01 -
Information additionnelle
File size: 176128 bytes
MD5...: a381c2d9ecf41f811a60b3995a31fc91
SHA1..: e19f2f44ba6913067e3688837c8a32fe07755b3c
SHA256: d09b074de3d5008efc2ef1238c3bb7989787cb8144a88dc5f72167584bbe242e
ssdeep: 3072:sxnTk+55am1phHuurTZFdF4Yyo5rYlUAkRFVHFbBgT7KJ5mxXj/gFHcvYHI
+E4:sp5amrhHpdF45qEW9FbWa7mxX0igHI+
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2673
timedatestamp.....: 0x4b2d756e (Sun Dec 20 00:53:02 2009)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x47c2 0x4800 6.79 e5691b84f67b278609885fedc1f9aa9d
.rdata 0x6000 0xc40 0xe00 4.98 767154aa0425e5c283c52e255c6959a1
.data 0x7000 0x188e4 0x18200 7.97 9c34606319439ec7a5c9bff83733ce2b
.rsrc0 0x20000 0xd217 0xd400 7.12 4234029efbf1694646e1bf0428117cea

( 3 imports )
> KERNEL32.dll: LoadLibraryA, SetFileApisToANSI, VirtualProtectEx, GetProcAddress, HeapReAlloc, VirtualAlloc, GetStartupInfoA, VerifyVersionInfoA, GetThreadSelectorEntry, GlobalAlloc, GetOEMCP, GetACP, GetStringTypeW, InterlockedDecrement, InterlockedIncrement, GetModuleHandleA, GetCommandLineA, GetVersion, ExitProcess, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, WideCharToMultiByte, MultiByteToWideChar, LCMapStringA, LCMapStringW, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetCurrentThreadId, TlsSetValue, TlsAlloc, SetLastError, TlsGetValue, GetLastError, HeapDestroy, HeapCreate, VirtualFree, HeapFree, RtlUnwind, WriteFile, HeapAlloc, GetCPInfo, GetStringTypeA
> USER32.dll: DialogBoxIndirectParamA, MessageBoxIndirectW, DrawTextW, CreateWindowStationA, CheckRadioButton
> GDI32.dll: GetKerningPairsA, OffsetClipRgn, OffsetViewportOrgEx, CreateHalftonePalette

( 0 exports )
RDS...: NSRL Reference Data Set
-
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=75FE56F300E0B0D9B01F028EAA5618006D5991D3' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=75FE56F300E0B0D9B01F028EAA5618006D5991D3</a>
packers (Antiy-AVL): Armadillo 1.71



pour le bifyma



Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.43 2010.01.01 -
AhnLab-V3 5.0.0.2 2010.01.01 -
AntiVir 7.9.1.122 2009.12.31 TR/Crypt.XPACK.Gen
Antiy-AVL 2.0.3.7 2009.12.31 Trojan/Win32.Agent.gen
Authentium 5.2.0.5 2009.12.31 -
Avast 4.8.1351.0 2009.12.31 -
AVG 8.5.0.430 2010.01.01 -
BitDefender 7.2 2010.01.01 -
CAT-QuickHeal 10.00 2009.12.31 -
ClamAV 0.94.1 2010.01.01 -
Comodo 3442 2010.01.01 -
DrWeb 5.0.1.12222 2010.01.01 -
eSafe 7.0.17.0 2009.12.31 -
eTrust-Vet 35.1.7210 2010.01.01 -
F-Prot 4.5.1.85 2009.12.31 -
F-Secure 9.0.15370.0 2010.01.01 -
Fortinet 4.0.14.0 2010.01.01 -
GData 19 2010.01.01 -
Ikarus T3.1.1.79.0 2009.12.31 -
Jiangmin 13.0.900 2010.01.01 Backdoor/Agent.csky
K7AntiVirus 7.10.935 2009.12.31 -
Kaspersky 7.0.0.125 2010.01.01 -
McAfee 5848 2009.12.31 -
McAfee+Artemis 5848 2009.12.31 -
McAfee-GW-Edition 6.8.5 2010.01.01 Trojan.Crypt.XPACK.Gen
Microsoft 1.5302 2010.01.01 -
NOD32 4736 2010.01.01 -
Norman 6.04.03 2009.12.31 -
nProtect 2009.1.8.0 2009.12.31 -
Panda 10.0.2.2 2010.01.01 -
PCTools 7.0.3.5 2010.01.01 -
Prevx 3.0 2010.01.01 Medium Risk Malware
Rising 22.28.03.04 2009.12.31 -
Sophos 4.49.0 2010.01.01 -
Sunbelt 3.2.1858.2 2010.01.01 -
TheHacker 6.5.0.3.124 2010.01.01 -
TrendMicro 9.120.0.1004 2010.01.01 -
VBA32 3.12.12.1 2009.12.31 -
ViRobot 2009.12.31.2118 2009.12.31 -
VirusBuster 5.0.21.0 2010.01.01 -
Information additionnelle
File size: 176128 bytes
MD5...: a381c2d9ecf41f811a60b3995a31fc91
SHA1..: e19f2f44ba6913067e3688837c8a32fe07755b3c
SHA256: d09b074de3d5008efc2ef1238c3bb7989787cb8144a88dc5f72167584bbe242e
ssdeep: 3072:sxnTk+55am1phHuurTZFdF4Yyo5rYlUAkRFVHFbBgT7KJ5mxXj/gFHcvYHI
+E4:sp5amrhHpdF45qEW9FbWa7mxX0igHI+
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2673
timedatestamp.....: 0x4b2d756e (Sun Dec 20 00:53:02 2009)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x47c2 0x4800 6.79 e5691b84f67b278609885fedc1f9aa9d
.rdata 0x6000 0xc40 0xe00 4.98 767154aa0425e5c283c52e255c6959a1
.data 0x7000 0x188e4 0x18200 7.97 9c34606319439ec7a5c9bff83733ce2b
.rsrc0 0x20000 0xd217 0xd400 7.12 4234029efbf1694646e1bf0428117cea

( 3 imports )
> KERNEL32.dll: LoadLibraryA, SetFileApisToANSI, VirtualProtectEx, GetProcAddress, HeapReAlloc, VirtualAlloc, GetStartupInfoA, VerifyVersionInfoA, GetThreadSelectorEntry, GlobalAlloc, GetOEMCP, GetACP, GetStringTypeW, InterlockedDecrement, InterlockedIncrement, GetModuleHandleA, GetCommandLineA, GetVersion, ExitProcess, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, WideCharToMultiByte, MultiByteToWideChar, LCMapStringA, LCMapStringW, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetCurrentThreadId, TlsSetValue, TlsAlloc, SetLastError, TlsGetValue, GetLastError, HeapDestroy, HeapCreate, VirtualFree, HeapFree, RtlUnwind, WriteFile, HeapAlloc, GetCPInfo, GetStringTypeA
> USER32.dll: DialogBoxIndirectParamA, MessageBoxIndirectW, DrawTextW, CreateWindowStationA, CheckRadioButton
> GDI32.dll: GetKerningPairsA, OffsetClipRgn, OffsetViewportOrgEx, CreateHalftonePalette

( 0 exports )
RDS...: NSRL Reference Data Set
-
packers (Antiy-AVL): Armadillo 1.71
pdfid.: -
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=75FE56F300E0B0D9B01F028EAA5618006D5991D3' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=75FE56F300E0B0D9B01F028EAA5618006D5991D3</a>



et pour le CMIUninstall




Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.43 2010.01.01 -
AhnLab-V3 5.0.0.2 2010.01.01 -
AntiVir 7.9.1.122 2009.12.31 -
Antiy-AVL 2.0.3.7 2009.12.31 -
Authentium 5.2.0.5 2009.12.31 -
Avast 4.8.1351.0 2009.12.31 -
AVG 8.5.0.430 2010.01.01 -
BitDefender 7.2 2010.01.01 -
CAT-QuickHeal 10.00 2009.12.31 -
ClamAV 0.94.1 2010.01.01 -
Comodo 3442 2010.01.01 -
DrWeb 5.0.1.12222 2010.01.01 -
eSafe 7.0.17.0 2009.12.31 -
eTrust-Vet 35.1.7210 2010.01.01 -
F-Prot 4.5.1.85 2009.12.31 -
F-Secure 9.0.15370.0 2010.01.01 -
Fortinet 4.0.14.0 2010.01.01 -
GData 19 2010.01.01 -
Ikarus T3.1.1.79.0 2009.12.31 -
Jiangmin 13.0.900 2010.01.01 -
K7AntiVirus 7.10.935 2009.12.31 -
Kaspersky 7.0.0.125 2010.01.01 -
McAfee 5848 2009.12.31 -
McAfee+Artemis 5848 2009.12.31 -
McAfee-GW-Edition 6.8.5 2010.01.01 Heuristic.BehavesLike.Win32.Virus.I
Microsoft 1.5302 2010.01.01 -
NOD32 4736 2010.01.01 -
Norman 6.04.03 2009.12.31 -
nProtect 2009.1.8.0 2009.12.31 -
Panda 10.0.2.2 2010.01.01 -
PCTools 7.0.3.5 2010.01.01 -
Prevx 3.0 2010.01.01 -
Rising 22.28.03.04 2009.12.31 -
Sophos 4.49.0 2010.01.01 -
Sunbelt 3.2.1858.2 2010.01.01 -
TheHacker 6.5.0.3.124 2010.01.01 -
TrendMicro 9.120.0.1004 2010.01.01 -
VBA32 3.12.12.1 2009.12.31 -
ViRobot 2009.12.31.2118 2009.12.31 -
VirusBuster 5.0.21.0 2010.01.01 -
Information additionnelle
File size: 266240 bytes
MD5...: 68e083b423bedf8c5c2a6e6eb4b736d1
SHA1..: c594fa4548253668c4a3aa9d14ff404cde37bdcc
SHA256: edb81fe74990719cfa809d6cb52c72d73569fc4903bc28d6b06fe46cd87c2ea7
ssdeep: 3072:ZRJtqDEl0WIgj9cCedN4RtFg0VO8ofgSMPwfThB4hKG07PdQ8laVyTeLzCV
guoZ+:5tqDEl0Xg+1kttVkfgTPwfTfd4kSCRs
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xf47e
timedatestamp.....: 0x3f2f4d5b (Tue Aug 05 06:23:23 2003)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x29f17 0x2a000 6.62 bd23747954b3fed00c25adf2701a8908
.rdata 0x2b000 0x98ea 0xa000 4.61 f2b39e0808c163edaad4cd2219cba3fe
.data 0x35000 0x8fe8 0x5000 2.90 c4e360ccaac7d951ac9f9976582f1bad
.rsrc 0x3e000 0x6f98 0x7000 3.98 53d47db85172c106545e44339c275b7c

( 14 imports )
> WINMM.dll: mixerGetDevCapsA, mixerGetNumDevs, CloseDriver, OpenDriver, SendDriverMessage
> SETUPAPI.dll: SetupFindNextLine, SetupCloseInfFile, SetupFindFirstLineA, SetupOpenInfFileA, SetupGetStringFieldA
> KERNEL32.dll: LockFile, SetEndOfFile, GetTickCount, GetFileSize, UnlockFile, GetVolumeInformationA, GetFullPathNameA, GetFileTime, RtlUnwind, GetStartupInfoA, GetCommandLineA, ExitProcess, RaiseException, TerminateProcess, HeapFree, GetTimeZoneInformation, HeapReAlloc, HeapSize, SetFilePointer, FlushFileBuffers, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GlobalHandle, HeapAlloc, HeapCreate, VirtualFree, SetUnhandledExceptionFilter, WriteFile, GetStringTypeW, VirtualAlloc, IsBadWritePtr, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, ReadFile, CreateFileA, DuplicateHandle, SetErrorMode, GetOEMCP, GetCPInfo, GetThreadLocale, SizeofResource, GetProcessVersion, GetCurrentDirectoryA, GlobalFlags, TlsGetValue, LocalReAlloc, TlsSetValue, LCMapStringW, LCMapStringA, GlobalReAlloc, lstrcmpiA, lstrcatA, GetModuleFileNameA, GetPrivateProfileSectionA, MoveFileExA, WritePrivateProfileStringA, GetShortPathNameA, GetSystemDirectoryA, GetWindowsDirectoryA, Sleep, GetVersion, RemoveDirectoryA, SetFileAttributesA, GetCurrentProcess, GetLastError, CloseHandle, DeleteFileA, GetFileAttributesA, GetProfileStringA, TlsFree, FileTimeToLocalFileTime, TlsAlloc, LocalAlloc, LeaveCriticalSection, FileTimeToSystemTime, EnterCriticalSection, MulDiv, DeleteCriticalSection, InitializeCriticalSection, GlobalFindAtomA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFree, GetModuleHandleA, GlobalUnlock, LoadResource, LockResource, FindResourceA, GlobalDeleteAtom, GlobalLock, GlobalAlloc, FormatMessageA, GetCurrentThread, GetCurrentThreadId, FindFirstFileA, LocalFree, FindNextFileA, lstrcpynA, SetLastError, FindClose, InterlockedDecrement, WideCharToMultiByte, GetDriveTypeA, InterlockedIncrement, GetVersionExA, FreeLibrary, LoadLibraryA, GetProcAddress, lstrcpyA, MultiByteToWideChar, lstrlenA, GetEnvironmentVariableA, lstrcmpA, HeapDestroy, GetACP, GetStringTypeA
> USER32.dll: MessageBeep, GetNextDlgGroupItem, CharUpperA, InflateRect, RegisterClipboardFormatA, PostThreadMessageA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ReleaseDC, GetDC, ClientToScreen, UpdateWindow, MapWindowPoints, GetSysColor, AdjustWindowRectEx, ScreenToClient, CopyRect, IsChild, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, CharNextA, CopyAcceleratorTableA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, RegisterWindowMessageA, OffsetRect, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetDesktopWindow, GetWindowTextLengthA, GetWindowTextA, SetWindowTextA, IsDialogMessageA, SendDlgItemMessageA, MapDialogRect, SetWindowPos, GetWindow, SetWindowContextHelpId, LoadStringA, EndDialog, SetActiveWindow, IsWindow, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, SetCursor, GetSysColorBrush, PtInRect, GetClassNameA, CallWindowProcA, GetPropA, PostQuitMessage, wsprintfA, EnableWindow, SetRect, GetWindowRect, InvalidateRect, GetSystemMenu, AppendMenuA, GetSystemMetrics, GetClientRect, DrawIcon, LoadIconA, PostMessageA, MessageBoxA, ExitWindowsEx, FindWindowA, IsIconic, ShowWindow, SetForegroundWindow, SendMessageA, LoadCursorA, DestroyMenu, SetFocus, GetDlgCtrlID, SetWindowLongA, MoveWindow, GetTopWindow, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, DefDlgProcA, IsWindowUnicode
> GDI32.dll: GetObjectA, SetBkColor, SetTextColor, DeleteDC, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, GetClipBox, DeleteObject, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, RectVisible, TextOutA, PtVisible, Escape, ExtTextOutA, GetTextColor, DPtoLP, LPtoDP, GetBkColor, GetMapMode, PatBlt, IntersectClipRect, ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, CreateBitmap
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter
> ADVAPI32.dll: RegQueryValueExA, RegEnumKeyExA, AdjustTokenPrivileges, RegSetValueExA, RegDeleteKeyA, LookupPrivilegeValueA, OpenProcessToken, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegDeleteValueA
> SHELL32.dll: ShellExecuteA
> COMCTL32.dll: -
> oledlg.dll: -
> ole32.dll: CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CoTaskMemAlloc, CoRegisterMessageFilter, CoCreateInstance, CoFreeUnusedLibraries, CoUninitialize, CLSIDFromProgID, OleUninitialize, OleInitialize, CoInitialize, OleIsCurrentClipboard, OleFlushClipboard, CoRevokeClassObject, CoTaskMemFree, CLSIDFromString
> OLEPRO32.DLL: -
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....:
copyright....: Copyright (C) 2001
product......: GeneralUninstall Application
description..: GeneralUninstall MFC Application
original name: GeneralUninstall.EXE
internal name: GeneralUninstall
file version.: 2, 0, 0, 9
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
0
Réponse 29 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
1 janv. 2010 à 22:42
aufaite merci de t occuper de mon cas et en passant bonne année 2010 ^^
0
Réponse 30 / 46
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
2 janv. 2010 à 10:40
ok on est d'accord tout est donc infectieux....


fait sa et cette après midi je te prepare un script de suppression

Télécharge ZHPDiag
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
• Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
• Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
• Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette

• Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
http://www.cijoint.fr/
0
Réponse 31 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
2 janv. 2010 à 18:52
voila monsieur


http://www.cijoint.fr/cjlink.php?file=cj201001/cijjZPQytD.txt
0
Réponse 32 / 46
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
2 janv. 2010 à 18:59
Fait analyser ce fichier sur virus total comme fait precedamment

C:\WINDOWS\System32\drivers\44d4d993.sys

et poste un nouveau RSIt en l'envoyant par cijoint stp
0
Réponse 33 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
2 janv. 2010 à 19:48
bon le dossiers que tu m'a donner a analyser n'existe pas du moin le 44d4d993.sys

et voila le log.txt
http://www.cijoint.fr/cjlink.php?file=cj201001/cij3yL43al.txt
0
Réponse 34 / 46
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
2 janv. 2010 à 20:01
SUPPRIME tes cracks et keygen etc... si tu en as

tu es au courant que tu as plus de place sur ton dique dur ?

utilise CCleaner https://www.malekal.com/tutoriel-ccleaner/
va dans option/avancé et decoche la 1er ligne et nettoie plusieurs fois dans les onglets nettoyeur et registre jusqu' atrouver 0erreur



branche tes clefs USB, dd externe etc.. pour faire les manip après :

Crée un fichier avec le bloc-note, clic droit sur le bureau et choisit nouveau/document texte
tu NOMME le fichier CFscript
copie colle le contenu ci-dessous a l'interieur du fichier texte (blocnote) :


killall::

file::
C:\WINDOWS\system32\bifyma.exe
C:\DOCUME~1\JEANMI~1\LOCALS~1\Temp\herss.exe
C:\Documents and Settings\Jean michel\guefae.exe
C:\WINDOWS\system32\kycoroucoo.exe
F:\MhRih.Exe
C:\WINDOWS\CMISETUP.INI
C:\WINDOWS\CMCDPLAY.INI
C:\WINDOWS\CMIUninstall.exe
C:\xs6kpr0.exe
C:\SDFix.exe
C:\WINDOWS\system32\YoItzVlad.tmp
C:\WINDOWS\DUMP4287.tmp
C:\WINDOWS\system32\tmp.txt
F:\xs6kpr0.exe
I:\xs6kpr0.exe
C:\WINDOWS\System32\drivers\44d4d993.sys

registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"koodit"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cdoosoft"=-
"guefae"=-

driver::
44d4d993
pxrts
npkcrypt
pxkbf
dwshd
mchInjDrv
cmosqavs7


Sauvegarde bien le fichier avec le nom suivant : CFScript.txt
Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe (que tu a renommer)
tu reste clic dessus le fichier Cfscript et tu le depose sur l'icone de combofix renommé

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

=======

puis lance USbfix qui est sur ton bureau et choisit l'option desisnatllation et retelecharge la derniere versions

https://www.ionos.fr/?affiliate_id=77097
# Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau
# choisi l'option 2 ( Suppression )
# Ton bureau disparaîtra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
# ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 35 / 46
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
2 janv. 2010 à 20:11
et installe un parefeu sinon on va s'en sortir par contre faut etre vigilant a ce que tu accepte ou non

il faut bloquer les malware et accepter les bon programme


installe celui ci https://www.malekal.com/tutorial-online-armor-free/

donc après avoir fait :

le CFscript + USBfix + installation du parefeu et posté les rapports


tu repasse un bon coup de CCleaner plusieurs fois et poste un nouveau RSIT
0
Réponse 36 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
2 janv. 2010 à 21:01
ComboFix 10-01-01.05 - Jean michel 03/01/2010 15:37:26.4.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.584 [GMT 1:00]
Lancé depuis: c:\documents and settings\Jean michel\Bureau\santa00.exe
Commutateurs utilisés :: c:\documents and settings\Jean michel\Bureau\CFscript.txt

FILE ::
"c:\docume~1\JEANMI~1\LOCALS~1\Temp\herss.exe"
"c:\documents and settings\Jean michel\guefae.exe"
"C:\SDFix.exe"
"c:\windows\CMCDPLAY.INI"
"c:\windows\CMISETUP.INI"
"c:\windows\CMIUninstall.exe"
"c:\windows\DUMP4287.tmp"
"c:\windows\system32\bifyma.exe"
"c:\windows\System32\drivers\44d4d993.sys"
"c:\windows\system32\kycoroucoo.exe"
"c:\windows\system32\tmp.txt"
"c:\windows\system32\YoItzVlad.tmp"
"C:\xs6kpr0.exe"
"F:\MhRih.Exe"
"F:\xs6kpr0.exe"
"I:\xs6kpr0.exe"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\JEANMI~1\LOCALS~1\Temp\cvasds0.dll
c:\documents and settings\Jean michel\guefae.exe
c:\documents and settings\Jean michel\Local Settings\temp\cvasds0.dll
C:\SDFix.exe
c:\windows\CMCDPLAY.INI
c:\windows\CMISETUP.INI
c:\windows\CMIUninstall.exe
c:\windows\DUMP4287.tmp
c:\windows\system32\bifyma.exe
c:\windows\system32\kycoroucoo.exe
c:\windows\system32\tmp.txt
c:\windows\system32\YoItzVlad.tmp
J:\xs6kpr0.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CMOSQAVS7
-------\Legacy_MCHINJDRV
-------\Legacy_NPKCRYPT
-------\Legacy_PXKBF
-------\Legacy_PXRTS
-------\Service_44d4d993
-------\Service_AVPsys
-------\Service_cmosqavs7
-------\Service_dwshd
-------\Service_mchInjDrv
-------\Service_npkcrypt
-------\Service_pxkbf
-------\Service_pxrts


((((((((((((((((((((((((((((( Fichiers créés du 2009-12-03 au 2010-01-03 ))))))))))))))))))))))))))))))))))))
.

2103-01-01 06:27 . 2009-01-27 04:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2103-01-01 06:10 . 2002-10-18 19:56 28672 ----a-w- c:\windows\CMIRmDriver.dll
2103-01-01 05:01 . 2004-06-24 22:57 172032 ----a-w- c:\windows\system32\nvumctl.exe
2103-01-01 05:01 . 2004-06-18 18:57 172032 ----a-w- c:\windows\system32\nvuide.exe
2103-01-01 04:58 . 2103-01-01 04:58 -------- d-----w- c:\program files\NVIDIA Corporation
2103-01-01 04:58 . 2103-01-01 04:58 -------- d-----w- c:\program files\Fichiers communs\NVIDIA Shared
2103-01-01 04:56 . 2004-05-20 14:11 172032 ----a-w- c:\windows\system32\nvumpu.exe
2103-01-01 04:56 . 2004-05-20 14:11 172032 ----a-w- c:\windows\system32\nvuaudio.exe
2103-01-01 04:51 . 2103-01-01 04:51 -------- d-----w- C:\NVIDIA
2103-01-01 04:19 . 2103-01-01 04:21 -------- d-----w- c:\windows\NV18441672.TMP
2103-01-01 04:11 . 2001-08-23 20:15 3328 ----a-w- c:\windows\system32\drivers\pciide.sys
2103-01-01 04:07 . 2001-08-18 00:46 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2103-01-01 04:07 . 2008-04-14 00:46 61696 ----a-w- c:\windows\system32\drivers\ohci1394.sys
2103-01-01 04:07 . 2008-04-14 00:46 53376 ----a-w- c:\windows\system32\drivers\1394bus.sys
2103-01-01 04:06 . 2004-08-04 01:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2010-01-03 14:23 . 2010-01-03 14:23 182 ----a-w- C:\cc_20100103_152342.reg
2010-01-03 14:23 . 2010-01-03 14:23 33512 ----a-w- C:\cc_20100103_152319.reg
2010-01-03 12:42 . 2010-01-03 12:43 -------- d-----w- c:\program files\ZHPDiag
2010-01-02 12:00 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-02 12:00 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 12:00 . 2010-01-02 12:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-31 15:18 . 2009-12-31 15:45 -------- d-----w- c:\documents and settings\Jean michel\DoctorWeb
2009-12-31 12:59 . 2009-12-31 14:42 -------- d-----w- C:\UsbFix
2009-12-31 11:24 . 2010-01-03 13:42 -------- d-----w- c:\program files\trend micro
2009-12-31 11:24 . 2009-12-31 11:25 -------- d-----w- C:\rsit
2009-12-31 00:24 . 2009-12-31 00:24 -------- d-----w- C:\VundoFix Backups
2009-12-30 08:36 . 2009-12-30 08:36 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing
2009-12-30 06:12 . 2009-12-30 06:12 212224 -c--a-w- c:\windows\system32\dllcache\ndis.sys
2009-12-29 22:48 . 2009-12-29 22:48 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-12-29 14:21 . 2009-12-29 14:21 -------- d-----w- c:\program files\Prevx
2009-12-29 14:20 . 2009-12-29 14:42 -------- d-----w- c:\documents and settings\All Users\Application Data\PrevxCSI
2009-12-29 13:02 . 2009-12-29 13:02 292074 ----a-w- C:\cc_20091229_1402.reg
2009-12-28 11:29 . 2009-12-28 11:34 -------- d-----w- c:\program files\GTA BioHazard Alert REMAKE
2009-12-26 17:55 . 2009-12-26 17:55 -------- d-----w- C:\spoolerlogs
2009-12-26 08:20 . 2009-12-26 08:20 -------- d-----w- c:\windows\San Andreas Mod Installer
2009-12-26 08:20 . 2009-12-26 08:20 -------- d-----w- c:\program files\San Andreas Mod Installer
2009-12-24 16:07 . 2009-12-24 16:53 -------- d-----w- c:\documents and settings\Jean michel\Application Data\PhotoFiltre Studio X
2009-12-24 16:07 . 2009-12-24 16:07 -------- d-----w- c:\program files\PhotoFiltre Studio X
2009-12-09 18:52 . 2009-12-09 18:52 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-12-07 18:51 . 2009-12-07 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-03 14:45 . 2007-06-18 20:32 -------- d-----w- c:\program files\SuperCopier2
2010-01-03 14:21 . 2008-10-04 16:36 -------- d-----w- c:\program files\CCleaner
2010-01-02 01:28 . 2009-10-15 01:46 -------- d-----w- c:\documents and settings\Jean michel\Application Data\vlc
2009-12-31 11:12 . 2004-08-03 23:55 14336 ------w- c:\windows\system32\svchost.exe
2009-12-30 23:29 . 2008-06-05 00:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-12-30 06:12 . 2004-08-03 22:14 182656 ------w- c:\windows\system32\drivers\ndis.sys
2009-12-23 09:18 . 2007-06-18 20:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-10 12:23 . 2007-06-19 21:34 10 ----a-w- c:\windows\popcinfo.dat
2009-12-10 06:02 . 2001-08-28 12:00 86274 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-10 06:02 . 2001-08-28 12:00 514630 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-09 22:44 . 2007-08-28 19:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-29 23:26 . 2009-04-12 13:58 -------- d-----w- c:\documents and settings\Jean michel\Application Data\dvdcss
2009-11-12 19:03 . 2007-07-06 10:35 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-29 07:42 . 2006-05-23 09:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-22 18:53 . 2007-07-06 10:35 89824 ----a-w- c:\documents and settings\Jean michel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-21 05:39 . 2004-08-03 23:54 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2004-08-03 23:54 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-03-25 11:10 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2006-04-14 13:07 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2004-08-03 23:54 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2004-08-03 23:54 150528 ----a-w- c:\windows\system32\rastls.dll
2007-06-18 19:35 . 2009-04-18 21:34 637 ----a-w- c:\program files\Windows Messenger.lnk
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2006-03-25 . 88E085A02AE1E4D4AE2B143D1325F383 . 360448 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

[-] 2008-04-14 . 917C64008889003E6EA19CF0793CBD72 . 551424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 917C64008889003E6EA19CF0793CBD72 . 551424 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\winlogon.exe
[7] 2004-08-03 . D2DE785AEAB0BB8CA4C14A8A199DBE4E . 506368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2008-04-14 . 69CFEA52FA0BB0BBAF9E3F6C23795041 . 724992 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 69CFEA52FA0BB0BBAF9E3F6C23795041 . 724992 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . c:\windows\VistaMizer\old\comctl32.dll
[-] 2006-08-25 . 5BBCD65CFD7610F36BCA96B72BBAED4B . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-05-14 . 98F95B6CE5E75A16DFCAA5CC12BBF996 . 1188352 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll

[-] 2008-04-14 . BCF949EAAF139D587E2A2CE5162342A3 . 1556480 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . BCF949EAAF139D587E2A2CE5162342A3 . 1556480 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . 318626D9D5CC4ECD0EC3BA5F261CBF3D . 1886208 . . [6.00.2900.5512] . . c:\windows\VistaMizer\old\explorer.exe
[-] 2007-06-13 . F6A1FB157CD2242D2574EA9EC5AF473D . 1885696 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2006-05-23 . 59B42A5463729CA1C5F4C3AD3C4712D6 . 3125248 . . [6.00.2900.2649] . . c:\windows\$NtUninstallKB938828$\explorer.exe

[-] 2008-04-14 . 6F88A39FD32BF0BE9D0BC0FD4090E9EB . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 6F88A39FD32BF0BE9D0BC0FD4090E9EB . 25088 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\ctfmon.exe
[7] 2004-08-03 . 5584247B568C2E53934873F4B655FE6A . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1826816]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-21 68856]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="c:\program files\UberIcon\UberIcon Manager.exe" [2005-08-12 180224]

c:\documents and settings\Jean michel\Menu D‚marrer\Programmes\D‚marrage\
Y'z ToolBar.lnk - c:\windows\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe [2002-9-29 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
2009-01-20 06:37 2523960 ----a-w- c:\program files\BitComet\BitComet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 21:40 155648 ----a-w- c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"d:\\Warcraft III\\Warcraft III.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10810:TCP"= 10810:TCP:BitComet 10810 TCP
"10810:UDP"= 10810:UDP:BitComet 10810 UDP
"15064:TCP"= 15064:TCP:BitComet 15064 TCP
"15064:UDP"= 15064:UDP:BitComet 15064 UDP
"17905:TCP"= 17905:TCP:BitComet 17905 TCP
"17905:UDP"= 17905:UDP:BitComet 17905 UDP
"23977:TCP"= 23977:TCP:BitComet 23977 TCP
"23977:UDP"= 23977:UDP:BitComet 23977 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 0 (0x0)
"AllowInboundTimestampRequest"= 0 (0x0)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)

R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [12/02/2008 19:10 5248]
S0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys --> c:\windows\system32\drivers\pxscan.sys [?]
S4 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [12/02/2008 19:10 159616]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - MCHINJDRV
*Deregistered* - mchInjDrv
.
Contenu du dossier 'Tâches planifiées'

2009-10-22 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 02:18]
.
.
------- Examen supplémentaire -------
.
IE: E&xporter vers Microsoft Excel - d:\office~1\Office12\EXCEL.EXE/3000
IE: Tout télécharger avec BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Télécharger avec BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Télécharger toutes les vidéos avec BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\Jean michel\Application Data\Mozilla\Firefox\Profiles\nbbtnp7l.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-koodit - c:\windows\system32\bifyma.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 15:47
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\controlset002\Services\mchInjDrv]
"ImagePath"="\??\c:\docume~1\JEANMI~1\LOCALS~1\Temp\mc23.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1844237615-854245398-682003330-1004\Software\SecuROM\License information*]
"datasecu"=hex:c0,d4,cf,07,1d,aa,26,54,3d,e9,96,6f,a5,82,6f,74,3d,de,76,0a,42,
20,50,5f,94,71,6d,fe,2b,17,d7,46,d1,ff,58,9c,53,a0,79,af,b4,a1,73,b7,f8,3e,\
"rkeysecu"=hex:f2,23,a2,5a,47,38,6d,25,aa,03,71,2a,a4,37,a4,5c
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(652)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\COMRes.dll

- - - - - - - > 'lsass.exe'(740)
c:\windows\system32\SETUPAPI.dll

- - - - - - - > 'explorer.exe'(3948)
c:\windows\system32\SHDOCVW.dll
c:\program files\SuperCopier2\SC2Hook.dll
c:\windows\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
.
**************************************************************************
.
Heure de fin: 2010-01-03 15:55:17 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-03 14:55
ComboFix2.txt 2010-01-01 13:24

Avant-CF: 891 236 352 octets libres
Après-CF: 877 166 592 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

- - End Of File - - 873FD9E5181940259F8A68C7C03F0B0E
0
Réponse 37 / 46
plopus Messages postés 5962 Date d'inscription jeudi 1 janvier 2009 Statut Contributeur sécurité Dernière intervention 11 mars 2012 293
2 janv. 2010 à 21:13
ok passe USBfix et installe le parefeu car tu as sans cesse de nouvelle qui viennent

ensuite tu feras une mise ajour avec malwarebyte et tu referas un scan rapide et poste le rapport
repasse un coup de ccleaner

et poste un nouveau RSIT

dorenavant quand tu as pas besoin d'internet et pendant les scans tu debranche le cable d'internet ou la wifi c'est trés important et redemarre le moins possible ton PC pour pas relancer sans cesse l'infection

a demain
0
Réponse 38 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
2 janv. 2010 à 21:20
############################## | UsbFix V6.069 |

User : Jean michel (Administrateurs) # FBF77501F85C476
Update on 01/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 16:04:50 | 03/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Celeron(R) CPU 2.53GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 16,6 Go (808,22 Mo free) [soutien] # NTFS
D:\ -> Disque fixe local # 57,92 Go (11,89 Go free) # NTFS
E:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque fixe local # 71,88 Go (10,84 Go free) # NTFS
J:\ -> Disque fixe local # 111,79 Go (30,54 Go free) [L] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 468
C:\WINDOWS\system32\csrss.exe 580
C:\WINDOWS\system32\winlogon.exe 648
C:\WINDOWS\system32\services.exe 716
C:\WINDOWS\system32\lsass.exe 736
C:\WINDOWS\system32\svchost.exe 972
C:\WINDOWS\system32\svchost.exe 1024
C:\WINDOWS\System32\svchost.exe 1100
C:\WINDOWS\system32\svchost.exe 1132
C:\WINDOWS\system32\svchost.exe 1292
C:\WINDOWS\system32\spoolsv.exe 1400
C:\WINDOWS\Explorer.EXE 512
C:\WINDOWS\System32\svchost.exe 1768
C:\Program Files\Java\jre6\bin\jqs.exe 1792
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1904
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe 1648
C:\WINDOWS\system32\svchost.exe 128
C:\WINDOWS\system32\wuauclt.exe 1092
C:\WINDOWS\system32\wbem\wmiprvse.exe 356
C:\WINDOWS\System32\alg.exe 372

################## | Elements infectieux |

Supprimé ! C:\Documents and Settings\Jean michel\guefae.exe
Supprimé ! C:\Documents and Settings\Jean michel\guefae.scr
Supprimé ! C:\Recycler\S-1-5-21-1844237615-854245398-682003330-1004
Supprimé ! D:\Recycler\S-1-5-21-1844237615-854245398-682003330-1004
Supprimé ! H:\Recycler\S-1-5-21-1844237615-854245398-682003330-1004
Supprimé ! J:\log.txt
Supprimé ! J:\Documents.lnk
Supprimé ! J:\Music.lnk
Supprimé ! J:\New Folder.lnk
Supprimé ! J:\Passwords.lnk
Supprimé ! J:\Pictures.lnk
Supprimé ! J:\Video.lnk
Supprimé ! J:\guefae.exe
Supprimé ! J:\guefae.scr
Supprimé ! J:\$Recycle.Bin\S-1-5-21-2108588957-2531473859-619125344-1000
Non supprimé ! J:\Recycler\S-1-5-21-1844237615-854245398-682003330-1004
Non supprimé ! J:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665

################## | Registre |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |


################## | Listing des fichiers présent |

[23/01/2009 22:40|--a------|2] C:\-870137585
[26/01/2009 23:12|--a------|2899] C:\AD-REPORT-CLEAN-26.01.2009.LOG
[26/01/2009 23:01|--a------|2889] C:\AD-REPORT-SCAN-26.01.2009.LOG
[18/06/2007 20:39|--a------|0] C:\AUTOEXEC.BAT
[08/04/2009 02:30|--a------|212] C:\Boot.bak
[03/01/2010 15:35|-rahs----|282] C:\boot.ini
[23/12/2009 10:07|---------|7668] C:\bootex.log
[28/08/2001 13:00|-rahs----|4952] C:\Bootfont.bin
[28/01/2009 06:13|--a------|112372] C:\cc_20090128_0012.reg
[28/02/2009 08:00|--a------|113438] C:\cc_20090228_0200.reg2.reg
[25/04/2009 19:11|--a------|74072] C:\cc_20090228_0200.reg3.reg
[29/12/2009 14:02|--a------|292074] C:\cc_20091229_1402.reg
[03/01/2010 15:23|--a------|33512] C:\cc_20100103_152319.reg
[03/01/2010 15:23|--a------|182] C:\cc_20100103_152342.reg
[03/08/2004 23:00|--a------|263488] C:\cmldr
[24/08/2008 02:39|--a------|74] C:\CMLoader.log
[03/01/2010 15:55|--a------|19631] C:\ComboFix.txt
[18/06/2007 20:39|--a------|0] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[18/03/2008 11:28|--a------|519] C:\hpfr3420.xml
[18/03/2008 11:28|--a------|8102] C:\hpfr3425.log
[18/06/2007 20:39|-rahs----|0] C:\IO.SYS
[18/06/2007 20:39|-rahs----|0] C:\MSDOS.SYS
[01/02/2008 06:50|--a------|8] C:\newversion.txt
[03/08/2004 22:38|-rahs----|47564] C:\NTDETECT.COM
[16/09/2008 23:41|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[20/09/2007 18:19|--a------|17408] C:\psapi.dll
[31/12/2009 00:17|--a------|2515] C:\rapport.txt
[25/11/2007 10:04|--a------|90] C:\Setup.log
[18/12/2007 20:48|--a------|1116] C:\sysinfo.txt
[28/01/2009 06:02|--a------|1036] C:\TCleaner.txt
[03/01/2010 16:12|--a------|4639] C:\UsbFix.txt
[15/04/2007 11:57|---hs----|25214] C:\vista.ico
[31/12/2009 01:48|--a------|237] C:\VundoFix.txt
[25/07/2007 20:21|--a------|5809533] D:\01L_exclu.mp3
[17/11/2005 06:38|--a------|733825024] D:\12_jours_de_terreur.DVDRiP.avi
[23/01/2007 08:35|--a------|733882368] D:\16.Blocs.DVDRip.FR.DivX.6.By.Nasty.(2006).VERSION.FR.NON.CANADIENNE.avi
[03/02/2006 13:58|--a------|697745408] D:\187.Code.Meurtre.[DVD-RIP-Fr_Divx.Codec.5Pro_Mp3.128Kbps_By.Fugitif].teste.www.divxovore.com.avi
[05/07/2008 20:09|--a------|124642] D:\2005_resultatsbac2004.pdf
[16/08/2007 23:15|--a------|42714134] D:\50 cent ft justin timberlake and timbaland-ayo technology.avi
[16/08/2007 15:39|--a------|1246069] D:\56 D‚pi Nou Ni Condom 1.m4a
[19/10/2008 19:13|--a------|7577916] D:\==KayRa==.mp3
[14/05/2009 20:22|---hs----|2723] D:\AlbumArtSmall.jpg
[30/08/2008 16:41|---hs----|13587] D:\AlbumArt_{18535EC4-0CAC-4435-AD25-6A6337D34B94}_Large.jpg
[30/08/2008 16:41|---hs----|2813] D:\AlbumArt_{18535EC4-0CAC-4435-AD25-6A6337D34B94}_Small.jpg
[10/05/2009 16:51|---hs----|8470] D:\AlbumArt_{618B3E3C-F913-4715-ABA4-49F49CDFAAEE}_Large.jpg
[10/05/2009 16:51|---hs----|2353] D:\AlbumArt_{618B3E3C-F913-4715-ABA4-49F49CDFAAEE}_Small.jpg
[30/08/2008 16:41|---hs----|12172] D:\AlbumArt_{824406EE-C450-4F83-B18D-0373DD604D00}_Large.jpg
[30/08/2008 16:41|---hs----|2821] D:\AlbumArt_{824406EE-C450-4F83-B18D-0373DD604D00}_Small.jpg
[14/05/2009 20:22|---hs----|10085] D:\AlbumArt_{8BF8CC30-0921-413E-B4B1-A70D523D9D95}_Large.jpg
[14/05/2009 20:22|---hs----|2723] D:\AlbumArt_{8BF8CC30-0921-413E-B4B1-A70D523D9D95}_Small.jpg
[21/06/2007 04:10|--a------|734113792] D:\BANDITS(BruceWillis)DVDRIP.FRENCH.avi
[28/07/2008 20:38|--a------|4702208] D:\Battlefield_riddim.mp3
[31/03/2007 08:11|--a------|31680512] D:\Beyonce_ft_Shakira_-_Beautiful_Liar (video).avi
[31/10/2008 03:07|--a------|731693056] D:\Bienvenue au cottage.avi
[01/08/2007 22:35|--a------|4862464] D:\BitComet 0.91 [Par Ratiatum.com].exe
[06/03/2009 00:22|--a------|101218105] D:\BitDefender.Total.Security.2009.rar
[16/01/2002 23:36|--a------|578646] D:\chasse.exe
[16/08/2007 22:08|--a------|8452096] D:\ciara ft 50 cent - cant leave em alone (official video).mpg
[22/12/2009 17:43|--a------|469281] D:\cleo3.exe
[14/06/2008 18:06|--a------|819211] D:\Config.tpc
[09/12/2005 18:44|--a------|705761414] D:\CounterStrike Source LAN Edition V2.0.exe
[17/07/2004 21:29|--a------|706805760] D:\crime partners.avi
[12/06/2005 00:46|--a------|106496] D:\D3D9.dll
[27/07/2007 21:46|--a------|3722540] D:\daly clash dawa.mp3
[?|?|?] D:\DaYzeL & KaYrA-Me' KaW KOnPrEnD(PisLPrOd)ø.mp3
[01/02/2008 06:48|--a------|489984] D:\dbghelp.dll
[12/05/2009 01:39|--a------|4148511] D:\desh-la_vie-plc.mp3
[14/05/2009 20:22|---hs----|395] D:\desktop.ini
[02/06/2008 20:47|--a------|3948394] D:\DjWhat!!!-Remix.mp3
[02/06/2008 18:50|--a------|2172932] D:\douche.mpg
[15/01/2009 03:52|--a------|101752880] D:\DRV-CDB-fra.exe
[06/07/2007 12:58|--a------|315624] D:\dxwebsetup.exe
[12/08/2007 04:05|--a------|54575740] D:\Emblem_of_Red_Reshuffle.exe
[25/07/2007 01:11|--a------|66297860] D:\eminem ft nate dogg - shake that.mpg
[02/06/2008 21:05|--a------|2365565] D:\EXTRACT smacky((the one action)).MP3...MP3
[17/07/2007 11:48|--a------|88516596] D:\fabolous_ft_ne-yo_-_make_me_better__ramvideos_.mpg
[14/05/2009 20:22|---hs----|10085] D:\Folder.jpg
[02/06/2008 20:46|--a------|3127135] D:\full_399e0dda3482c650dd146974fe19528c.mp3
[04/08/2005 18:20|--a------|494422] D:\Gardien.exe
[28/12/2005 14:14|--a------|200452096] D:\H - Saison 3 - 01 - Une histoire de garderie.avi
[10/10/2009 13:31|--a------|14745600] D:\H - Saison 3 - 02 - Une histoire de paternit‚.avi
[18/12/2008 05:47|--a------|727017472] D:\Hancock.avi
[30/08/2008 16:51|--a------|4651136] D:\hustle and flow soundtrack - hustle and flow - whoop that trick.mp3
[02/06/2008 20:45|--a------|4379552] D:\Ibo Simon - si mwen t‚ ni lagent.mp3
[21/01/2009 06:16|--a------|1943672] D:\installer_Ares_Regular_2_1_1_3035.exe
[17/11/2007 17:45|--a------|5312814] D:\Jenone Feat Kerozen - D Mashines Lyrikal (Secteur D Recordz@Hotmail).mp3
[30/08/2008 16:51|--a------|5628575] D:\Jos‚ REBUS - Marie Christine.mp3
[12/03/2009 00:47|--a------|1929447] D:\kaporal maiky ft dc.strategik.mp3
[14/09/2008 14:42|--a------|3296588] D:\KayRa%20-%20Remise%20Au%20Point%20%5b%5bOKINAWA%20MUSIC%5d%20(www.kalottlyrikal.net)[1].mp3
[24/08/2008 15:35|--a------|4578439] D:\Kayra-Nwel[MaaD Reco.mp3
[05/07/2008 16:02|--a------|4543323] D:\Kayra_ Jeness An Nou_[MzW StuDiO].mp3
[09/07/2008 02:49|--a------|3209462] D:\Keros-n_Bag an moin.mp3
[02/06/2008 21:05|--a------|9830400] D:\K‚n‚dy - mon oasis.mp3
[10/04/2002 15:41|--a------|728219648] D:\La prison de verre.avi
[22/12/2008 15:29|--a------|734734336] D:\La Ville fant“me(drame).avi
[17/01/2002 03:48|--a------|705138688] D:\Le baiser mortel du dragon.avi
[04/12/2008 23:08|--a------|734017536] D:\Les Rebelles de la Foret II.avi
[02/06/2008 21:14|--a------|5329301] D:\Lil Scrappy - 20 - Oh Yeah (Work) feat Sean Paul &.mp3
[02/10/2009 09:15|--a------|469243760] D:\llmqnmtvyorv.avi
[02/08/2007 19:52|--a------|86727032] D:\ll_cool_j_ft_jennifer_lopez-control_myself_music_video_by_jlo[1] net_178.mpg
[04/11/2008 22:42|--a------|4685367] D:\Moomin's-Toutouni [promo an pach mixtape].mp3
[04/11/2008 22:36|--a------|2907013] D:\Moomins-A Pa Trip AwBlock-Ent Recordz.mp3
[12/07/2008 00:50|--a------|10255] D:\movie_torrents.php
[28/02/2009 20:56|--a------|4595791] D:\MsgPlusLive-4.80.356[www.wikikou.fr]-306.zip
[12/07/2007 21:37|--a------|862] D:\My Shared Folder.lnk
[31/08/2008 00:30|--a------|6184471] D:\Naya - Si Mwen T‚ Sav (Subtil' ).mp3
[05/07/2008 20:21|--a------|373706] D:\ni0616.pdf
[12/03/2008 17:30|--a------|55] D:\Nouveau Document texte.txt
[17/07/2007 04:33|--a------|5375511] D:\Oliver N'Goma - Icol‚.mp3
[02/06/2008 20:45|--a------|2648491] D:\Oliver ngoma - adia.wma
[16/04/2006 18:12|--a------|71872516] D:\Olivia Feat. 50 Cent - Best Friend (Remix).mpg
[21/10/2007 19:45|--a------|3425869] D:\Our Feelings [6mik Recordz].mp3
[12/07/2008 00:50|--a------|9433] D:\photos_torrents.php
[10/03/2008 22:36|--a------|249] D:\prepatch.log
[14/05/2009 20:23|--a------|5361926] D:\R. Kelly - Thoia Thoing.mp3
[03/08/2007 01:31|--a------|730759168] D:\Redemption.2007.FRENCH.DVDRIP.REPACK.1CD.XViD-COBRA.by.SYR.avi
[02/04/2005 02:18|--a------|730251264] D:\Redemption.avi
[08/07/2007 03:41|--a------|77762560] D:\Rihanna - Shut Up and Drive.avi
[20/07/2007 10:41|--a------|48097504] D:\rihanna - sos.mpeg
[02/08/2007 22:56|--a------|60844644] D:\rihanna - we ride [solly4life].mpg
[03/05/2009 01:49|--a------|8856536] D:\rld-acrr.7z
[25/07/2007 20:38|--a------|5379011] D:\Sean Kingston - Beautiful Girls [jr].mp3
[16/08/2009 14:18|--a------|734261248] D:\Seuls.Two.eric et ramzy.french.comedie..avi
[18/12/2009 11:27|--a------|368] D:\Seuls.Two.eric et ramzy.french.comedie..avi.lnk
[02/06/2008 21:05|--a------|1367424] D:\SharKman - MaMa [ B.N.L. PRO.mp3
[08/04/2009 03:53|--a------|3991811] D:\SharKman_-_DanceHall S‚ life an mwen_[Leising Prod].mp3
[02/06/2008 21:05|--a------|2536510] D:\SMACKY_The Real Man.MP3
[17/08/2007 15:49|--a------|86377814] D:\snoop_dogg_ft_e-40__mc_eiht__goldie_loc__daz_and_kurupt_-_candy__xvid___.avi
[28/10/2009 22:32|--a------|5995819] D:\soulja boy ft gucci mane and shawty lo-gucci bandana dirty222.mp3
[26/09/2008 13:39|--a------|3983341] D:\T.I. - Whatever You Like.mp3
[14/07/2007 00:27|--a------|736724596] D:\The contractor sur sousse.avi
[22/05/2006 16:17|--a------|734531408] D:\The Detonator.FRENCH.DVDRiP.XviD-Tds.avi
[20/09/2008 05:37|--a------|734142464] D:\The.Forbidden.Kingdom.FRENCH.DVDRiP.XviD-ULTRASON.caline012.LiCoKInE.TeaM.[emule-island.com].avi
[15/10/2009 03:45|--a------|23764260] D:\turn my swag on - soulja boy tell 'em.avi
[15/06/2005 19:05|--a------|63354564] D:\Usher feat. Alicia Keys - My Boo [Kobra].mpg
[02/04/2009 23:05|--a------|16320472] D:\vlc-0.9.8a-win32.exe
[06/09/2008 23:01|--a------|4394739] D:\VnR Mc- TrOp PaWoL (øFLD ReKoRdZø).mp3
[16/12/2009 20:18|--a------|0] D:\Volt, star malgr‚ lui .FRENCH.DVDRip.R5.MD.Xvid-PaGlop.avi
[21/07/2008 21:08|--a------|3403402] D:\WeSKaY FeaT DnS - I CoMe To [HARDCORE MIXTAPE]OKINAWA MUSIC2oo8©.mp3
[30/03/2008 20:05|--a------|2402832] D:\WLinstaller.exe
[09/07/2007 02:50|--a------|2553984] D:\Wole A Yo.mp3
[31/08/2008 00:04|--a------|1278985] D:\xD.mp3
[20/04/2008 22:39|--a------|1416655] D:\YouTube Downloader - by punjab.rar
[09/02/2008 20:15|--a------|3376640] D:\_[Spinal Feat Smacky]_Fo zanmie_{Fake friendz}_2k7.mp3
[01/08/2008 21:26|--a------|7954915] D:\ˆtre avec toi_Shine ft. Slow Block-Ent Record' Z.mp3
[29/07/2008 16:51|--a------|5525] H:\$hadow en mode pos‚.jpg
[01/08/2008 07:03|--a------|6862] H:\$hadow en mode r‚el (1).jpg
[29/07/2008 16:51|--a------|6084] H:\$hadow en mode r‚el.jpg
[21/12/2008 23:15|--a------|177261] H:\038.jpg
[21/12/2008 23:15|--a------|253465] H:\042.jpg
[17/12/2008 04:07|--a------|72753] H:\0x82hfyx.jpg
[31/12/2008 21:04|--a------|89009] H:\1024-by-768-552857-20080418101920.jpg
[21/12/2008 23:17|--a------|307095] H:\103.jpg
[17/12/2008 04:06|--a------|17844] H:\1042550808.jpg
[17/12/2008 04:10|--a------|191366] H:\1055_itachi_sasuke.jpg
[21/12/2008 23:17|--a------|282213] H:\109.jpg
[28/02/2009 03:34|--a------|120742] H:\11494210.jpg
[05/11/2008 03:01|--a------|85774] H:\1189528911182px7.jpg
[17/12/2008 03:46|--a------|34653] H:\1193754540_1191454408_min.png
[31/12/2008 21:13|--a------|2734181] H:\1194541193_HalibelSketchHeadShot.png
[01/01/2009 00:38|--a------|1440905] H:\1195877886_NelFullRelease.png
[17/12/2008 03:59|--a------|16128] H:\1203105658_grimmjow003-jpg-400.jpg
[17/12/2008 04:26|--a------|89511] H:\1218648173_itachi-1.jpg
[17/12/2008 04:19|--a------|42005] H:\128836835_small.jpg
[21/12/2008 23:18|--a------|286742] H:\137.jpg
[17/12/2008 04:21|--a------|61510] H:\150206_C8BCQ4GRULSQ4D1PLD4BHW167WRWEK_card_captor_sakura._H173708_L.jpg
[21/12/2008 23:19|--a------|144255] H:\158.jpg
[17/12/2008 04:13|--a------|32627] H:\1666534188_small.jpg
[18/12/2008 11:38|--a------|77344] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_04_2_H205930_L.jpg
[18/12/2008 11:28|--a------|26575] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_116858131_small_H183412_L.jpg
[18/12/2008 11:48|--a------|26817] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_121605_ceb4u8rva2almvmihxs2nuus4uuz2g_108609_itb4thmmcda_H133322_L.jpg
[18/12/2008 11:29|--a------|34752] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_12857_276969551_mec_et_fille_manga_h162428_l_H140631_L.jpg
[18/12/2008 11:33|--a------|40503] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_138249_utwem64835ft1cxgxjyoewv25a2y8o_ange_noit_h020944__H215122_L.jpg
[18/12/2008 11:47|--a------|46138] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_157016_5cbgqzcl24yvm6j3kyk67lj4xr1tih_ange14_h223035_l_H123648_L.jpg
[18/12/2008 11:46|--a------|64975] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_157016_5cbgqzcl24yvm6j3kyk67lj4xr1tih_ange_deffenseur_h2_H123521_L.jpg
[18/12/2008 11:47|--a------|19559] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_157016_5cbgqzcl24yvm6j3kyk67lj4xr1tih_contraire1_h024846_H123809_L.jpg
[18/12/2008 11:34|--a------|31011] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_157016_5cbgqzcl24yvm6j3kyk67lj4xr1tih_fille4_h225952_l_H204624_L.jpg
[18/12/2008 11:36|--a------|27546] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_157016_5cbgqzcl24yvm6j3kyk67lj4xr1tih_kiss3_h000447_l_H205041_L.jpg
[18/12/2008 11:36|--a------|33862] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_157016_5cbgqzcl24yvm6j3kyk67lj4xr1tih_kiss7_h000607_l_H204938_L.jpg
[18/12/2008 11:35|--a------|51538] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_157016_5cbgqzcl24yvm6j3kyk67lj4xr1tih_kiss_h000625_l_H204904_L.jpg
[18/12/2008 11:31|--a------|34140] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_53826_897483467_175358_x1qe3aevk7ra5iytcwc3nn7mwhxu5h_02_H211011_L.jpg
[18/12/2008 11:30|--a------|23983] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_53826_897483467_39895_343345284_ange_h110830_l_h201548_l_H210841_L.jpg
[18/12/2008 11:43|--a------|23129] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_53826_897483467_fba2b94d8a36386a9f856d09ecd141c3_h181605_H213544_L.jpg
[18/12/2008 11:31|--a------|23700] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_56886_724723457_167459974_h205148_l_H211047_L.jpg
[18/12/2008 11:32|--a------|27485] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_57783_206840157_100100_g1iw4eh62nqo1jsfe4fmoqfjmcl747_pr_H211242_L.jpg
[18/12/2008 11:31|--a------|22077] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_57783_206840157_53826_897483467_107353_nryikhwrhushvgsbw_H211137_L.jpg
[18/12/2008 11:32|--a------|24963] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_68097_580253242_2957_661994575_manga_bosse_h182559_l_h17_H211605_L.jpg
[18/12/2008 11:44|--a------|26331] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_68289_648231148_163529_s3zfqfutxmwluhy5iuw563r883hzb2_17_H215338_L.jpg
[18/12/2008 11:44|--a------|35375] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_68289_648231148_233547_h192816_l_H215249_L.jpg
[18/12/2008 11:50|--a------|64067] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_85717_5am7cow3wiwrt4dvi63bom1u534azg_hogichaa_h163617_l_H114939_L.jpg
[18/12/2008 11:29|--a------|28494] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_couper_4_H183615_L.jpg
[18/12/2008 11:28|--a------|63768] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_couper_6_H183131_L.jpg
[18/12/2008 11:29|--a------|40291] H:\182560_62NV3X8J47QJU4ZXFB227N36QP5GRB_triste_H183710_L.jpg
[17/12/2008 04:02|--a------|155398] H:\1rd4jyts.jpg
[10/01/2009 22:19|--a------|59846] H:\2138926137_2.gif
[21/12/2008 23:19|--a------|218103] H:\228.jpg
[21/12/2008 23:20|--a------|216400] H:\234.jpg
[21/12/2008 23:20|--a------|183813] H:\235.jpg
[21/12/2008 23:20|--a------|363132] H:\236.jpg
[21/12/2008 23:21|--a------|305581] H:\239.jpg
[21/12/2008 23:21|--a------|153819] H:\240.jpg
[15/10/2008 00:39|--a------|90839] H:\24162257_Yoruichi_and_Halibel___colours_by_blacklusterseph1.jpg
[11/07/2008 01:57|--a------|974] H:\291539131.gif.lnk
[17/12/2008 04:07|--a------|22481] H:\368355187_small.jpg
[10/12/2008 15:38|--a------|34169] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_340756-bldreavuc14xzaonxmhus2gdd7hxrx-180564-awowknq6rfq_H183922_L.jpg
[10/12/2008 15:38|--a------|25944] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_380217-bt54artrjjy1qb1a3em31jf3453r7t-1112757580-small-h_H183923_L.jpg
[10/12/2008 15:38|--a------|35631] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_380217-bt54artrjjy1qb1a3em31jf3453r7t-296192-iy4rjd17y3s_H183923_L.jpg
[10/12/2008 15:36|--a------|23764] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_black-buterfly_H183924_L.jpg
[10/12/2008 15:36|--a------|49950] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_catwoman-lolita_H183927_L.jpg
[10/12/2008 15:34|--a------|45366] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_femme-chat-tte-mimi_H183934_L.jpg
[10/12/2008 15:35|--a------|61285] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_goth-manga-4_H183940_L.jpg
[10/12/2008 15:35|--a------|58979] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_kawai-neko-fillette_H183940_L.jpg
[10/12/2008 15:35|--a------|56211] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_lolita-gothique-neko_H183940_L.jpg
[10/12/2008 15:35|--a------|28571] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_lovely-devil_H183941_L.jpg
[10/12/2008 15:35|--a------|21192] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_lovely-kitten_H183941_L.jpg
[10/12/2008 15:36|--a------|30843] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_rock-manga_H183942_L.jpg
[10/12/2008 15:39|--a------|70370] H:\400020_PQTL7VNJEPHMSI3XMVLSAQ2G6MO26D_trop-belle-xd_H183921_L.jpg
[17/12/2008 02:30|--a------|158547] H:\4272526_render_negima_1024d.png
[17/12/2008 04:19|--a------|20186] H:\455118528_small.jpg
[15/10/2008 00:36|--a------|95218] H:\58592-bleach-halibel.jpg
[15/10/2008 00:38|--a------|158893] H:\65015-bleach-halibel.jpg
[17/12/2008 04:11|--a------|195463] H:\6v8k3122.jpg
[31/12/2008 21:04|--a------|293291] H:\800-by-600-552857-2008041810120.jpg
[17/12/2008 02:31|--a------|111115] H:\85504977_render_yoko_by_adycreations.png
[28/07/2007 02:22|--a------|80420] H:\977986[1].jpg
[10/12/2008 02:44|--a------|27964] H:\999_2.jpg
[19/10/2008 19:13|--a------|7577916] H:\==KayRa==.mp3
[17/12/2008 04:23|--a------|159038] H:\AB3_sakura45.jpg
[17/12/2008 04:02|--a------|134832] H:\Akatsuki_Kakashi_by_gothkakashi.jpg
[04/06/2009 02:37|---hs----|1576] H:\AlbumArtSmall.jpg
[10/12/2008 03:02|--a------|34034] H:\amy.PNG
[23/10/2008 03:13|--a------|0] H:\AUTOEXEC.BAT
[25/07/2008 18:47|--a------|14245] H:\avenant contrat.docx
[06/03/2009 04:58|--a------|62043] H:\bleach.jpg
[06/03/2009 05:03|--a------|295002] H:\bleach2.jpg
[17/12/2008 03:53|--a------|52276] H:\Bleach_grimmjow_by_RAE_by_siguredo.jpg
[06/03/2009 05:02|--a------|96871] H:\BLEACH_Yoruichi_N___Soiphong_by_borammy.jpg
[15/10/2008 00:38|--a------|406620] H:\Bleach__Halibel_by_Takilmar.jpg
[17/12/2008 03:47|--a------|272669] H:\Bleach__the_3rd_Espada_by_Satalex.jpg
[06/03/2009 05:04|--a------|42133] H:\Bleach__Ulquiorra_by_UdonNodu.jpg
[23/10/2008 03:05|---hs----|212] H:\boot.ini
[02/05/2008 23:57|-rahs----|4952] H:\Bootfont.bin
[17/12/2008 02:17|--a------|56687] H:\brune.jpg
[17/12/2008 04:16|--a------|535827] H:\byakugan neji hyuuga wallpaper.jpg
[17/12/2008 04:22|--a------|25862] H:\card_captor_sakura04.jpg
[10/04/2003 04:02|--a------|693647126] H:\Ch!n@ $t©!k!ng Fo©¸?.avi
[23/10/2008 03:13|--a------|0] H:\CONFIG.SYS
[23/02/2009 06:31|--a------|747846] H:\Config.tpc
[17/12/2008 02:33|--a------|120794] H:\dancer.png
[27/07/2008 23:31|--a------|695608914] H:\Death.Note.2.FRENCH.DVDRip.XviD-WawaZ.net.avi
[25/12/2009 01:11|--a------|275] H:\Disque local (D).lnk
[13/04/2009 23:18|--a------|734154752] H:\DragonBall.Evolution.TS.French.MD.DiVX.KiNG.Upload.(Steph53-MININOVA.ORG)..avi
[09/02/2005 21:55|--a------|321914] H:\DSC02533.JPG
[09/02/2005 22:11|--a------|307671] H:\DSC02534.JPG
[09/02/2005 22:11|--a------|322596] H:\DSC02535.JPG
[09/02/2005 22:11|--a------|326265] H:\DSC02536.JPG
[09/02/2005 22:11|--a------|321389] H:\DSC02537.JPG
[09/02/2005 22:11|--a------|320741] H:\DSC02538.JPG
[24/03/2005 06:38|--a------|323621] H:\DSC02642.JPG
[24/03/2005 06:38|--a------|304382] H:\DSC02643.JPG
[24/03/2005 06:38|--a------|313228] H:\DSC02644.JPG
[24/03/2005 06:39|--a------|311278] H:\DSC02645.JPG
[12/04/2005 23:29|--a------|325914] H:\DSC02667.JPG
[12/04/2005 23:29|--a------|327189] H:\DSC02668.JPG
[12/04/2005 23:29|--a------|321236] H:\DSC02669.JPG
[20/12/2008 02:24|--a------|1691298] H:\DSCI0001.JPG
[20/12/2008 04:15|--a------|443415] H:\DSCI0003.JPG
[20/12/2008 06:16|--a------|444948] H:\DSCI0005.JPG
[20/12/2008 06:17|--a------|440264] H:\DSCI0006.JPG
[20/12/2008 06:20|--a------|444794] H:\DSCI0007.JPG
[20/12/2008 06:21|--a------|446125] H:\DSCI0008.JPG
[21/12/2008 14:49|--a------|449275] H:\DSCI0009.JPG
[21/12/2008 14:49|--a------|459339] H:\DSCI0010.JPG
[17/06/2003 03:05|--a------|727373824] H:\Equilibrium.avi
[15/10/2008 00:35|--a------|229155] H:\EspadaHalibel.png
[17/12/2008 02:47|--a------|149887] H:\fate01lnj3.png
[17/12/2008 02:46|--a------|190969] H:\fille_kimono_1.png
[17/12/2008 02:29|--a------|190913] H:\fille_sexy_avec_cape.png
[28/02/2009 03:39|--a------|4455827] H:\Final_Fantasy_X__s_Anima_by_Brazilian_Ninja.jpg
[04/06/2009 02:37|---hs----|5716] H:\Folder.jpg
[23/05/2007 01:24|--a------|731727872] H:\Freedom.Writers.FR.crire pour exister.DVDRiP.REPACK.1CD.XViD-STS..avi
[07/02/2009 05:05|--a------|181] H:\GB (I).lnk
[10/12/2008 15:01|--a------|14383] H:\gb.jpg
[17/12/2008 04:23|--a------|639455] H:\ggi8p5uy.jpg
[09/01/2009 02:29|--a------|485951] H:\GinIchimaruEspada.jpg
[09/01/2009 03:36|--a------|485951] H:\GinIchimaruEspada.jpg2.jpg
[17/12/2008 04:05|--a------|717357] H:\gothic-kakashi-691893.jpeg
[17/12/2008 04:00|--a------|46631] H:\Grimmjow_Jaggergack_by_ariaofthewind.jpg
[17/12/2008 04:00|--a------|520412] H:\Grimmjow_JaggerJack_Pantera_by_KhiMa.jpg
[17/12/2008 02:41|--a------|79990] H:\guitariste.png
[18/02/2006 12:36|--a------|732772352] H:\H2G2.Le.guide.du.voyageur.galactique..avi
[01/01/2009 00:26|--a------|376463] H:\Halibel-Neliel.jpg
[31/12/2008 21:10|--a------|209758] H:\Halibel.jpg
[17/12/2008 03:52|--a------|174203] H:\halibello1.jpg
[01/01/2009 00:27|--a------|37610] H:\HalibelNel.jpg
[01/01/2009 00:22|--a------|196704] H:\HAlibelsigver2copy.png
[15/10/2008 00:40|--a------|544615] H:\Haribel_The_Arrancar_by_darkthewise.jpg
[17/12/2008 04:10|--a------|142372] H:\Hiruka__Sasuke.jpg
[24/10/2002 18:11|--a------|732045312] H:\Hors Limites.avi
[01/01/2009 00:24|--a------|49574] H:\hotarancargirlfc5ko.jpg
[29/08/2008 18:19|--a------|14771744] H:\IE7-WindowsXP-x86-fra.exe
[06/03/2009 04:59|--a------|170083] H:\Inoue-Orihime-671886.jpeg
[21/01/2009 06:16|--a------|1943672] H:\installer_Ares_Regular_2_1_1_3035.exe
[23/10/2008 03:13|-rahs----|0] H:\IO.SYS
[17/12/2008 04:27|--a------|46103] H:\itachi.jpg
[17/12/2008 04:26|--a------|175692] H:\itachi.png
[17/12/2008 02:18|--a------|29136] H:\jean.jpg
[17/11/2007 17:45|--a------|5312814] H:\Jenone Feat Kerozen - D Mashines Lyrikal (Secteur D Recordz@Hotmail).mp3
[11/09/2007 13:42|--a------|713023488] H:\Jet_Li_-_Romeo_Doit_Mourir_(DVD_-_Divx_5_FR_-_Fenix).par.www.emule-mania.com.avi
[17/12/2008 04:08|--a------|27736] H:\kakashi08.jpg
[17/12/2008 04:08|--a------|147517] H:\Kakashi_Picture.jpg
[05/01/2009 12:48|--a------|27440] H:\kamasutra.gif
[10/12/2008 15:15|--a------|9173] H:\kanu%25.jpg
[11/11/2009 20:08|--a------|1495356654] H:\KawaiiOnlineV3.exe
[17/12/2008 02:36|--a------|234704] H:\Kawaii_render.png
[14/09/2008 14:42|--a------|3296588] H:\KayRa%20-%20Remise%20Au%20Point%20%5b%5bOKINAWA%20MUSIC%5d%20(www.kalottlyrikal.net)[1].mp3
[24/08/2008 15:35|--a------|4578439] H:\Kayra-Nwel[MaaD Reco.mp3
[05/07/2008 16:02|--a------|4543323] H:\Kayra_ Jeness An Nou_[MzW StuDiO].mp3
[09/07/2008 02:49|--a------|3209462] H:\Keros-n_Bag an moin.mp3
[17/12/2008 04:03|--a------|468527] H:\knwsuryb.jpg
[17/02/2004 20:14|--a------|727101326] H:\le plus beau des combats.AVI
[07/04/2008 12:07|--a------|735195136] H:\LE.PRIX.DE.LA.TRAHISON.(2008).French.DVDRip.avi
[06/02/2005 22:01|--a------|720908068] H:\Les.seigneurs.de.Harlem.FRENCH.DVDRIP.-TeamAFP.lte.avi
[12/08/2003 02:01|--a------|732995584] H:\Le_Defi_-_Xvid_-_DVD-RIP_FR_-_tester_par_ed2k.mmaxuel.free.fr_.avi
[24/08/2008 02:46|--a------|146624] H:\mafifiya 2.jpg
[10/12/2008 15:06|--a------|10162] H:\maia%25.jpg
[22/01/2009 03:20|--a------|2475] H:\mayapurplewoedmgByFaye.flt
[17/12/2008 02:18|--a------|97932] H:\merjoie.jpg
[17/12/2008 02:34|--a------|76859] H:\Mikuru_1.png
[17/12/2008 04:01|--a------|58250] H:\mod_article36107.jpg
[23/10/2008 03:13|-rahs----|0] H:\MSDOS.SYS
[05/07/2007 12:16|--a------|733616128] H:\Naked.Weapon.avi
[17/12/2008 04:14|--a------|55626] H:\naruto2173wp33-1024.jpg
[17/12/2008 02:41|--a------|150337] H:\naruto_sexy_2.png
[03/12/2009 16:38|--a------|236047481] H:\Naruto_Shippuden_Storm_mugen.rar
[17/12/2008 03:49|--a------|279888] H:\nell.jpg
[17/12/2008 03:48|--a------|28395] H:\Nel__Espada_No_3_by_opeth_metal.jpg
[17/12/2008 04:19|--a------|15544] H:\normal-sakura-by-sandfreak.jpg
[17/12/2008 04:20|--a------|52091] H:\normal_sakura_film.jpg
[17/12/2008 02:48|--a------|74138] H:\normal__ce37445e27314365fb22066d877e2021_001_copie.png
[02/05/2008 23:57|-rahs----|47564] H:\NTDETECT.COM
[02/05/2008 23:57|-rahs----|252240] H:\ntldr
[19/03/2009 23:41|--a------|0] H:\offroad_arena-setup.exe
[19/03/2009 23:52|--a------|32131589] H:\offroad_arena-setup.exe.part
[06/03/2009 05:00|--a------|113930] H:\orihime.jpg
[18/12/2008 11:27|--a------|56714] H:\p16qla9q.jpg
[29/04/2007 15:55|--a------|27739264] H:\pack_vista_inspirat_1 1 tema para windows xp de window vista.exe
[07/07/2006 15:06|--a------|27977025] H:\Pack_Vista_Inspirat_1.1.exe
[01/01/2103 00:00|--ahs----|1107296256] H:\pagefile.sys
[24/08/2008 02:45|--a------|29856] H:\Photo 0048.jpg
[24/08/2008 02:45|--a------|28368] H:\Photo 0051.jpg
[24/08/2008 02:45|--a------|68396] H:\Photo 0052.jpg
[24/08/2008 02:45|--a------|5820] H:\Photo 0056.jpg
[02/06/2007 14:34|--a------|722315264] H:\qf-next.r5.avi
[21/01/2009 05:47|--a------|151391] H:\reborn15801022bh3.gif
[17/12/2008 02:34|--a------|110029] H:\Reina_CG.png
[17/12/2008 02:43|--a------|87849] H:\Render_Temari_Tenten.png
[10/12/2008 15:07|--a------|22243] H:\rit%25.jpg
[10/12/2008 15:06|--a------|9429] H:\saki%25.jpg
[17/12/2008 04:21|--a------|49914] H:\sakura-chan.jpg
[17/12/2008 04:18|--a------|111483] H:\Sakura01.jpg
[17/12/2008 04:18|--a------|96163] H:\Sakura07.jpg
[17/12/2008 04:18|--a------|206731] H:\Sakura08.jpg
[17/12/2008 04:20|--a------|81962] H:\sakura11.jpg
[17/12/2008 04:22|--a------|211337] H:\Sakura33.jpg
[17/12/2008 04:27|--a------|69324] H:\sasuke-itachi-1.jpg
[17/12/2008 04:12|--a------|138892] H:\sasuke.demon_ikara-o-kage.jpg
[17/12/2008 04:12|--a------|227568] H:\sasuke.png
[17/12/2008 04:11|--a------|26969] H:\sasuke3.jpg
[17/12/2008 04:09|--a------|36125] H:\Sasuke__by_KiYami.jpg
[17/12/2008 02:46|--a------|187939] H:\sexyyoko2.png
[17/12/2008 02:37|--a------|270019] H:\Sexy_1.png
[17/12/2008 04:06|--a------|78433] H:\Sexy_Kakashi.jpg
[29/04/2002 03:58|--a------|729610240] H:\Shiri.avi
[03/08/2004 09:12|--a------|731625196] H:\Sniper.23.Jours.de.Terreur.sur.Washington.FRENCH.DVDRip.par-www.divx-overnet.com.avi
[26/01/2006 15:12|--a------|735168512] H:\Supercross.Sur Laron.avi
[18/12/2008 11:26|--a------|42521] H:\t-mangas_1139254790.jpg
[22/12/2009 15:11|--a------|91332809] H:\T.I.rar
[17/12/2008 02:43|--a------|117099] H:\taizarender1.png
[17/12/2008 02:34|--a------|183813] H:\Temari.png
[17/12/2008 02:47|--a------|198653] H:\Temarie.png
[02/12/2005 20:39|--a------|732891136] H:\The Descent-dvdscreener.avi
[17/10/2008 23:41|--a------|733435904] H:\The Heaven Project DVDRip.avi
[01/06/2003 03:46|--a------|716898498] H:\The Order.avi
[08/08/2008 07:58|--a------|726118400] H:\The.Mummy.3.FRENCH.TS.XVID.CATETO.avi
[17/12/2008 04:24|--a------|141353] H:\tr5kqzkc.jpg
[21/01/2009 05:50|--a------|760712] H:\tsuna.png
[17/12/2008 04:27|--a------|1124068] H:\uchiha itachi wallpaper.png
[17/12/2008 04:10|--a------|355832] H:\Uchiha Sasuke - Forever.jpg
[17/12/2008 04:36|--a------|683413] H:\uchiha-itachi800.jpg
[12/07/2004 19:24|--a------|868247660] H:\ULTIME VENGEANCE.AVI
[23/11/2009 17:58|--a------|18030130] H:\vlc-1.0.3-win32.exe
[16/12/2009 20:18|--a------|0] H:\Volt, star malgr‚ lui .FRENCH.DVDRip.R5.MD.Xvid-PaGlop.avi
[21/01/2009 05:43|--a------|926786] H:\vongola10th1024do1.png
[21/01/2009 05:44|--a------|17773] H:\Vongola1stAVA.gif
[06/03/2009 05:07|--a------|422192] H:\vvvji5.png
[17/12/2008 04:04|--a------|202258] H:\wall_kakashi3.jpg
[20/12/2007 23:23|--a------|733599744] H:\warr_xvid.avi
[17/12/2008 02:37|--a------|213877] H:\winry_fma.png
[17/12/2008 04:20|--a------|69330] H:\yp6tsny9.jpg
[10/12/2008 15:00|--a------|16187] H:\[small][AnimePaper]scans_Keroro-Gunsou_briaeros_29605.jpg
[10/12/2008 14:57|--a------|17009] H:\[small][AnimePaper]scans_Keroro-Gunsou_keroro_67066.jpg
[25/07/2009 00:23|--a------|9633016] J:\01 cyclone f_ t-pain (radio edit).mp3
[03/12/2009 22:56|--a------|8932096] J:\01 elu palala.mp3
[03/12/2009 22:57|--a------|5273258] J:\03 fabolous ft the dream-put it in the bag.mp3
[03/12/2009 22:57|--a------|4794691] J:\04 - Rocky & Gailann - On The Road.mp3
[03/12/2009 22:57|--a------|6238801] J:\10 best i ever had.mp3
[03/12/2009 22:57|--a------|6580382] J:\14-el-a-kru-expose_precision_radio_mix-ras.mp3
[03/12/2009 22:59|--a------|9214196] J:\16 Successful (feat. Trey Songz & Lil' Wayne).mp3
[06/12/2009 19:31|--a------|4490152] J:\50 cent feat ne-yo - baby by me (original).mp3
[16/12/2007 06:28|--a------|734285824] J:\American Pie 6(Bœta House).avi
[06/06/2009 05:23|--a------|738523136] J:\anaconda 4.avi
[17/08/2009 00:23|--a------|733534208] J:\Banlieue.13.Ultimatum.FRENCH.DVDRiP.XViD-UNSKiLLED(Smartorrent).avi
[03/12/2009 22:57|--a------|2393881] J:\Battlefield La B (1).mp3
[17/12/2007 20:11|--a------|734285824] J:\beta house.avi
[10/11/2008 23:31|--a------|732643404] J:\BRAQUEUR AMATEUR.avi
[20/03/2009 14:41|--a------|8375978] J:\BRICK & LACE - BAD TO DI BONE(1).mp3
[28/02/2006 07:27|--a------|729880576] J:\Cake.avi
[23/07/2008 12:36|--a------|732424192] J:\CHARLY LES FILLES LUI DISENT MERCI.avi
[03/10/2008 18:39|--a------|734738432] J:\Chasseurs De Primes .avi
[31/12/2009 13:32|--a------|3879200] J:\ComboFix.exe
[11/07/2007 04:13|--a------|733198336] J:\Copie de PAWOL POU RI . Volume 4.avi
[13/10/2009 22:49|--a------|734842880] J:\Detour mortel 3-Left for dead DVDRIP.avi
[03/02/2009 17:45|--a------|729317376] J:\Double_Zero.FRENCH.DVDRip-XViD.COMEDIE FR.avi
[25/12/2009 16:02|--a------|14260904] J:\drake-forever ft kanye west, lil wayne & eminem.mp3
[30/12/2009 16:06|--a------|26129376] J:\drweb-cureit.exe
[31/12/2009 23:15|--a------|10077] J:\DrWeb.csv
[?|?|?] J:\Feat. Yung Stet & Soulja Boy - I'm On Fire (Soulja Boy Sample) ( 2oo9 ) [ www.MzHipHop.com ].mp3
[26/12/2009 19:07|--a------|5514959] J:\Grippe Aviaire - DJ LEWIS ET DJ BONANO.mp3
[10/12/2009 15:53|--a------|6071814] J:\gucci mane - bird flu.mp3
[10/12/2009 15:57|--a------|5403697] J:\gucci mane - i move chickens.mp3
[10/12/2009 16:00|--a------|4562790] J:\gucci mane - photoshoot.mp3
[14/12/2009 02:31|--a------|5437274] J:\gucci mane - traphouse(1).mp3
[14/12/2009 02:27|--a------|6153698] J:\gucci mane - wasted.mp3
[14/12/2009 02:22|--a------|6153698] J:\gucci_mane_ft_plies-wasted.mp3
[01/01/2010 17:58|--a------|812344] J:\HJTInstall.exe
[26/12/2009 19:18|--a------|11386253] J:\lil wayne ft gudda gudda_ nicki minaj_ drake_ tyga_ jae millz and lloyd- bed rock(2).mp3
[09/09/2004 10:44|--a------|732905472] J:\LOVE SEXE AND EATING THE BONES.avi
[26/07/2005 17:00|--a------|387495936] J:\Ma com‚re Alfred.avi
[14/12/2008 22:59|--a------|730431488] J:\Madagascar 2 Escape To Africa.FRENCH.TC XVID.MZISYS.avi
[22/06/2009 22:17|--a------|728915968] J:\Make.It.Happen.FRENCH.DVDRiP.XViD-FAN.avi
[08/12/2009 21:40|--a------|5927248] J:\mario - here i go again - let me love you(2).mp3
[25/12/2009 16:08|--a------|8029936] J:\mario feat gucci man & sean garrett - break up(2).mp3
[25/12/2009 16:08|--a------|4296748] J:\mario, jadakiss, t i - let me love you (remix) - let me love you (remix).mp3
[27/03/2009 14:22|--a------|724899840] J:\Marley.And.Me.FRENCH.DVDRiP.REPACK.1CD.NatzoX.XViD-GKS.[MeDiA-ArEnA.TK].avi
[01/12/2008 10:12|--a------|737390040] J:\Max.Payne.R5.FRENCH.REPACK.MD.XViD-K-SUAL.avi
[02/01/2010 15:34|--a------|1311] J:\mbam-log-2010-01-02 (15-33-22).txt
[01/01/2010 17:59|--a------|5061520] J:\mbam-setup.exe
[26/12/2009 19:08|--a------|4111793] J:\Mc Cr‚u - Dan‡a do Creu.mp3
[28/07/2005 16:46|--a------|569843200] J:\Mounkou baril.avi
[03/12/2009 22:59|--a------|6559838] J:\mr vegas - gallis.mp3
[03/12/2009 22:57|--a------|4502304] J:\mr vegas - raging bull.mp3
[03/12/2009 22:58|--a------|6153114] J:\Ne-Yo- Mad.mp3
[07/11/2005 13:52|--a------|730521600] J:\new york taxi .avi
[26/12/2009 18:57|--a------|206] J:\NJAYCh.bat
[25/12/2009 05:45|--a------|4543869] J:\omarion ft gucci mane- get it in - hiphopearly com.mp3
[12/06/2008 03:55|--a------|908924928] J:\on bol a 2 lansfilm.avi
[27/07/2009 23:14|--a------|733728768] J:\ong bak 2009.avi
[06/09/2009 11:42|--a------|733739008] J:\Opapatika_FR_DVDRIP.[WawaCity.eu].avi
[30/12/2009 12:11|--a------|781909] J:\RSIT.exe
[03/12/2009 22:57|--a------|3820290] J:\Saik - No Come On My Way(Extrait Street Album) .mp3
[03/12/2009 22:57|--a------|1509389] J:\Soca 2008- pressure boom remix.mp3
[03/12/2009 22:57|--a------|7341190] J:\stanky legg (dirty).mp3
[19/03/2004 14:08|--a------|734011392] J:\Suis.Ou.Meurs.avi
[09/10/2009 20:03|--a------|6166568] J:\tarrus riley ft konshens - good girl gone bad.mp3
[30/09/2009 16:22|--a------|734070784] J:\Terminator.Salvation.FRENCH.R5.MD.XviD-EldoRATdo.MZISYS.avi
[03/12/2009 22:58|--a------|3655680] J:\the dream - rockin' that thang_01.mp3
[01/02/2009 21:54|--a------|732612608] J:\THE HOLIDAY.avi
[26/11/2008 01:51|--ahs----|8704] J:\Thumbs.db
[03/12/2009 22:57|--a------|11684929] J:\Ti d‚tails õDj Mikyõ B_Side PROD!.mp3
[31/12/2009 15:42|--a------|42945] J:\UsbFix.txt
[31/12/2009 15:42|--a------|8069499] J:\UsbFix_Upload_Me_FBF77501F85C476.zip
[25/12/2009 16:05|--a------|5373952] J:\video phone official video - beyonce ft lady gaga.mp3
[20/11/2002 10:49|--a------|1073709056] J:\VTS_01_2.VOB
[20/11/2002 10:49|--a------|1073709056] J:\VTS_01_3.VOB
[20/11/2002 10:49|--a------|1073709056] J:\VTS_01_4.VOB
[20/11/2002 10:49|--a------|375597056] J:\VTS_01_5.VOB
[03/12/2009 22:57|--a------|6483636] J:\Young-Chang-MC-Ft-Tony-C-And-Deter---Dans-Les-N.mp3
[03/12/2009 22:57|--a------|4608567] J:\young_chang__en_forme_.mp3
[02/01/2010 18:41|--a------|1389870] J:\ZHPDiag 1.24.40.exe

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# H:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\JEANMI~1\Bureau\UsbFix_Upload_Me_FBF77501F85C476.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
0
Réponse 39 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
2 janv. 2010 à 21:35
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jean michel at 2010-01-03 16:31:09
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 810 MB (5%) free of 17 GB
Total RAM: 1022 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:31:14, on 03/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jean michel\Bureau\RSIT.exe
C:\Program Files\trend micro\Jean michel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" (User 'Default user')
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\OFFICE~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\OFFICE~1\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
0
Réponse 40 / 46
Santa Teresa Messages postés 49 Date d'inscription mercredi 30 décembre 2009 Statut Membre Dernière intervention 13 octobre 2010
2 janv. 2010 à 21:36
si c'est bon je te remercie grandement car se pc je l'aime beaucoup il a 6ans je veux pas le perdre
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
taxe foncière pour locataire
Cryséis -
irongege -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
SHOESBYIARA est ce une arnaque Svpp????
Anais -
Scarlett -

13 réponses