Sécurité et rapport hijackthis

Résolu
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention   -  
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,
tout d'abord bonnes fêtes à tous...
alors j'ai une fenêtre qui s'ouvre et qui me dit que sprt_ads.dll est introuvable.;
je vous met le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:00, on 30/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\xjrockwm.exe
C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\sprt_ads.dll" DllStart
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [940e455e] rundll32.exe "C:\WINDOWS\system32\oigserhv.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www2.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/23.30/uploader2.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_6.cab
O16 - DPF: {5054F860-748D-4840-B7B4-DDDB428421AF} (phoneaccess Class) - http://ip.sponsoradulto.com/cab/4/fr/phoneaccess.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\xjrockwm.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
A voir également:

216 réponses

Précédent
Réponse 161 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
Rapport lopxpMH2 version 2.0 fait à 18:45:32,67 le 16/01/2008
C:\Documents and Settings\Propriétaire\Bureau\lopxpMH2

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\Administrateur

Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\All Users\Application Data

17/04/2004 16:26 <REP> .
17/04/2004 16:26 <REP> ..
12/01/2006 00:04 <REP> Acronis
26/06/2005 12:55 <REP> Adobe
06/10/2007 08:59 <REP> Apple Computer
14/03/2007 08:28 <REP> Avg7
05/01/2008 14:42 <REP> Avira
03/02/2007 10:13 <REP> Bluetooth
03/03/2007 00:32 <REP> BOONTY
27/05/2007 15:27 <REP> BSD
17/03/2007 11:32 <REP> FRISK Software
04/01/2007 19:37 <REP> Google
29/03/2007 00:21 <REP> Google Updater
02/07/2004 18:59 <REP> HP
19/01/2006 19:24 <REP> InstallShield
01/01/2004 11:16 <REP> InterVideo
06/03/2007 01:17 <REP> iolo
25/06/2005 19:57 <REP> Kodak
16/09/2006 17:36 <REP> Logitech
02/10/2004 23:24 <REP> Macrovision
01/01/2008 16:03 <REP> MailFrontier
01/01/2004 08:48 <REP> Microsoft
01/01/2004 11:43 <REP> Motive
25/05/2004 15:30 <REP> MSN6
25/06/2004 15:28 <REP> nView_Profiles
01/12/2006 23:12 <REP> PC Drivers Headquarters
02/12/2007 14:06 <REP> RapidSolution
30/11/2006 13:50 <REP> Samsung
01/01/2004 09:00 <REP> SBSI
28/08/2006 18:07 <REP> Spybot - Search & Destroy
01/01/2004 08:08 <REP> Symantec
29/03/2007 00:25 <REP> TEMP
05/01/2006 21:56 <REP> TuneUp Software
16/02/2005 18:48 <REP> Ulead Systems
07/12/2005 17:42 <REP> Windows Genuine Advantage
23/02/2007 09:30 <REP> Windows Live Toolbar
06/07/2007 07:45 <REP> WindowsLiveInstaller
06/07/2007 07:45 <REP> WLInstaller
08/10/2006 09:42 <REP> Yahoo! Companion
01/01/2004 08:48 62 desktop.ini
01/01/2004 10:31 8 242 hpzinstall.log
29/09/2007 12:37 0 LauncherAccess.dt
3 fichier(s) 8 304 octets
39 Rép(s) 18 940 887 040 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\Default User\Application Data

17/04/2004 16:26 <REP> .
17/04/2004 16:26 <REP> ..
01/01/2004 08:55 <REP> Identities
06/10/2007 22:44 <REP> Macromedia
01/01/2004 08:48 <REP> Microsoft
20/05/2004 20:12 <REP> SampleView
20/05/2004 20:12 <REP> Sonic
20/05/2004 20:12 <REP> Sun
20/05/2004 20:12 <REP> Symantec
01/01/2004 08:48 62 desktop.ini
1 fichier(s) 62 octets
9 Rép(s) 18 940 887 040 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

01/01/2004 08:48 <REP> .
01/01/2004 08:48 <REP> ..
20/05/2004 20:12 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142030}
20/05/2004 20:12 <REP> ApplicationHistory
20/05/2004 20:12 <REP> Microsoft
20/05/2004 20:12 135 fusioncache.dat
1 fichier(s) 135 octets
5 Rép(s) 18 940 887 040 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\LocalService\Application Data

01/01/2004 08:58 <REP> .
01/01/2004 08:58 <REP> ..
08/12/2005 19:17 <REP> Citeknet
23/01/2005 14:08 <REP> Help
06/03/2007 01:21 <REP> iolo
17/10/2006 19:40 <REP> Macromedia
01/01/2004 08:58 <REP> Microsoft
10/08/2006 17:09 2 508 $_hpcst$.hpc
1 fichier(s) 2 508 octets
7 Rép(s) 18 940 887 040 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

01/01/2004 08:58 <REP> .
01/01/2004 08:58 <REP> ..
29/03/2007 17:37 <REP> Adobe
23/01/2005 14:08 <REP> Help
01/01/2004 08:58 <REP> Microsoft
0 fichier(s) 0 octets
5 Rép(s) 18 940 887 040 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\NetworkService\Application Data

01/01/2004 08:58 <REP> .
01/01/2004 08:58 <REP> ..
30/09/2007 07:40 <REP> iolo
01/01/2004 08:58 <REP> Microsoft
0 fichier(s) 0 octets
4 Rép(s) 18 940 887 040 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

01/01/2004 08:58 <REP> .
01/01/2004 08:58 <REP> ..
30/09/2007 07:51 <REP> Adobe
01/01/2004 08:58 <REP> Microsoft
20/10/2007 11:32 <REP> PCHealth
0 fichier(s) 0 octets
5 Rép(s) 18 940 887 040 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\Propriétaire\Application Data

27/04/2006 12:34 <REP> .
27/04/2006 12:34 <REP> ..
27/04/2006 12:34 <REP> Macromedia
0 fichier(s) 0 octets
3 Rép(s) 18 940 690 432 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\Propriétaire\Application Data

17/04/2004 16:26 <REP> .
17/04/2004 16:26 <REP> ..
21/06/2004 18:34 <REP> Adobe
21/06/2004 18:34 <REP> AdobeUM
29/06/2006 18:11 <REP> aicon
13/12/2007 00:39 <REP> a?sembly
13/12/2007 00:39 <REP> A?pPatch
05/02/2007 00:38 <REP> BitTorrent
27/05/2007 14:37 <REP> BSDh9
07/01/2008 14:31 <REP> BSplayer
07/01/2008 14:31 <REP> BSplayer Pro
08/12/2005 19:15 <REP> Citeknet
07/09/2007 14:59 <REP> Delivery
18/02/2006 19:23 <REP> dvdcss
14/01/2006 20:58 <REP> FotoWire
13/12/2007 00:41 <REP> F?nts
13/12/2007 00:42 <REP> F?nts
21/08/2006 16:44 <REP> Google
20/05/2004 21:32 <REP> Help
05/12/2006 19:05 <REP> Hewlett-Packard
02/07/2004 18:59 <REP> HP
01/01/2004 08:59 <REP> Identities
03/12/2006 02:45 <REP> InstallShield
12/07/2004 21:47 <REP> InterVideo
06/03/2007 01:17 <REP> iolo
22/05/2006 10:17 <REP> Lavasoft
11/07/2004 11:42 <REP> Leadertech
13/12/2007 19:28 <REP> LimeWire
18/08/2007 09:27 <REP> ma-config.com
22/07/2004 02:38 <REP> Macromedia
06/10/2007 08:59 <REP> Media Player Classic
01/01/2004 08:59 <REP> Microsoft
29/12/2007 10:21 <REP> Mobile Master
20/05/2004 20:24 <REP> Motive
03/12/2005 16:58 <REP> Mozilla
25/05/2004 15:30 <REP> MSN6
13/12/2007 00:38 <REP> M?crosoft
30/06/2007 08:44 <REP> Panasonic
29/03/2007 00:25 <REP> PC Tools
12/07/2006 13:08 <REP> Real
01/01/2004 11:52 <REP> SampleView
29/09/2007 12:39 <REP> Samsung
21/11/2006 21:46 <REP> Skype
26/11/2006 11:06 <REP> Snapfish
21/01/2006 11:51 <REP> SolidDocuments
01/01/2004 11:14 <REP> Sonic
01/01/2004 09:58 <REP> Sun
01/01/2004 08:08 <REP> Symantec
13/12/2007 00:39 <REP> s?curity
13/12/2007 00:42 <REP> S?mantec
13/12/2007 00:38 <REP> s?mbols
13/12/2007 00:43 <REP> s?stem
13/12/2007 00:41 <REP> s?stem32
09/10/2006 18:08 <REP> Talkback
20/05/2004 20:41 <REP> Template
09/10/2006 18:07 <REP> Thunderbird
02/12/2007 14:07 <REP> Tunebite
05/01/2006 22:00 <REP> TuneUp Software
13/12/2007 00:38 <REP> T?sks
17/05/2007 08:55 <REP> U3
16/02/2005 22:55 <REP> Ulead Systems
30/11/2005 16:03 <REP> vlc
20/11/2007 09:26 <REP> Voxmobili
16/12/2005 20:41 <REP> Webroot
30/09/2007 07:41 <REP> Windows Desktop Search
13/12/2007 00:38 <REP> W?nSxS
13/12/2007 00:41 <REP> ?dobe
13/12/2007 00:40 <REP> ?ppPatch
13/12/2007 00:38 <REP> ??pPatch
13/12/2007 00:40 <REP> ?icrosoft
13/12/2007 00:42 <REP> ??crosoft
13/12/2007 00:41 <REP> ??crosoft.NET
13/12/2007 00:40 <REP> ?racle
13/12/2007 00:40 <REP> ?asks
13/12/2007 00:43 <REP> ??sks
13/12/2007 00:40 <REP> ?dobe
13/12/2007 00:38 <REP> ?ppPatch
13/12/2007 00:42 <REP> ?ssembly
13/12/2007 00:40 <REP> ??sembly
13/12/2007 00:40 <REP> ??pPatch
13/12/2007 00:41 <REP> ?ecurity
13/12/2007 00:42 <REP> ?ymantec
13/12/2007 00:39 <REP> ?ymbols
13/12/2007 00:41 <REP> ?ystem
13/12/2007 00:42 <REP> ?ystem32
13/12/2007 00:40 <REP> ??curity
13/12/2007 00:38 <REP> ??mantec
13/12/2007 00:41 <REP> ??mbols
13/12/2007 00:38 <REP> ??stem
13/12/2007 00:42 <REP> ?icrosoft
13/12/2007 00:43 <REP> ?icrosoft.NET
13/12/2007 00:41 <REP> ??crosoft.NET
13/12/2007 00:38 <REP> ?racle
13/12/2007 00:40 <REP> ?asks
13/12/2007 00:39 <REP> ??sks
24/05/2006 12:28 2 508 $_hpcst$.hpc
01/01/2004 08:59 62 desktop.ini
11/07/2004 19:27 78 048 GDIPFONTCACHEV1.DAT
31/01/2007 00:11 9 052 HPCOM_48BitScanUpdate.log
4 fichier(s) 89 670 octets
95 Rép(s) 18 940 624 896 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Documents and Settings\Propriétaire\Local Settings\Application Data

01/01/2004 08:59 <REP> .
01/01/2004 08:59 <REP> ..
01/01/2004 09:57 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142030}
21/06/2004 18:34 <REP> Adobe
08/11/2007 23:51 <REP> Apple Computer
01/01/2004 11:43 <REP> ApplicationHistory
16/09/2006 22:25 <REP> Google
20/05/2004 21:32 <REP> Help
23/05/2004 11:21 <REP> HP
22/05/2004 12:05 <REP> Identities
01/07/2004 19:29 <REP> IsolatedStorage
04/03/2007 17:22 <REP> KodakGallery
14/01/2006 21:05 <REP> Logitech-LS
01/01/2004 08:59 <REP> Microsoft
11/07/2004 11:43 <REP> MicroVision Applications
09/12/2005 20:05 <REP> Mozilla
29/03/2007 20:32 <REP> Panda Software
01/12/2006 23:14 <REP> PC_Drivers_Headquarters
09/06/2006 09:55 <REP> Stardock
09/10/2006 18:07 <REP> Thunderbird
08/12/2005 19:19 <REP> WMTools Downloaded Files
08/07/2004 20:51 60 928 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
01/01/2004 11:43 135 fusioncache.dat
20/05/2004 21:02 77 656 GDIPFONTCACHEV1.DAT
16/10/2006 01:56 1 489 484 IconCache.db
4 fichier(s) 1 628 203 octets
21 Rép(s) 18 940 624 896 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

17/04/2004 16:25 <REP> .
17/04/2004 16:25 <REP> ..
01/01/2004 08:57 <REP> Identities
01/01/2004 08:57 <REP> Microsoft
14/09/2007 20:22 <REP> Real
20/05/2004 20:16 <REP> SampleView
20/05/2004 20:16 <REP> Sonic
20/05/2004 20:16 <REP> Sun
20/05/2004 20:16 <REP> Symantec
01/01/2004 08:57 62 desktop.ini
1 fichier(s) 62 octets
9 Rép(s) 18 940 624 896 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

01/01/2004 08:57 <REP> .
01/01/2004 08:57 <REP> ..
20/05/2004 20:16 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142030}
20/05/2004 20:16 <REP> ApplicationHistory
14/09/2007 20:23 <REP> Google
20/05/2004 20:04 <REP> Microsoft
29/09/2007 09:01 <REP> WindowsLiveInstaller
20/05/2004 20:16 135 fusioncache.dat
1 fichier(s) 135 octets
7 Rép(s) 18 940 620 800 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks


C:\WINDOWS\Tasks\Connexion
Connexion inexploitable


C:\WINDOWS\Tasks\FRU
FRU inexploitable


C:\WINDOWS\Tasks\MP
MP inexploitable


C:\WINDOWS\Tasks\Norton
Norton inexploitable


C:\WINDOWS\Tasks\SWR_Wizard.job
s  À ˆ! % C : \ h p \ r e c o v e r y \ w i z a r d \ S W R _ W i z a r d . e x e  C : \ h p \ r e c o v e r y \ w i z a r d
P r o p r i é t a i r e  €  0 Ö   

C:\WINDOWS\Tasks\Vérifier
Vérifier inexploitable

******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C s'appelle PRESARIO
Le numéro de série du volume est 940E-45F1

Répertoire de C:\Program Files

12/01/2008 09:50 <REP> .
12/01/2008 09:50 <REP> ..
12/01/2008 09:50 <REP> 7-Zip
15/12/2007 08:56 25 214 A.ico
03/01/2008 19:55 22 a.zip
16/04/2007 23:38 <REP> AC3Filter
11/01/2006 23:56 <REP> Acronis
30/09/2007 08:59 <REP> Adobe
03/04/2007 19:45 <REP> aicon
15/12/2007 21:04 <REP> Alwil Software
18/10/2007 18:37 <REP> aMSN
03/02/2007 19:15 <REP> Appwalk.com Sillico Software
07/01/2008 10:49 <REP> Avira
09/11/2005 18:05 <REP> AVSMedia
13/12/2007 00:43 <REP> a?sembly
13/12/2007 00:39 <REP> A?pPatch
15/12/2007 08:56 25 214 B.ico
03/01/2008 19:59 22 b.zip
14/10/2006 13:51 <REP> BlueSquad
03/03/2007 00:34 <REP> Boonty
03/03/2007 00:34 <REP> BoontyGames
27/05/2007 14:34 <REP> BSD Concept
03/01/2008 19:59 22 c.zip
28/05/2007 09:19 <REP> CCleaner
08/12/2005 19:13 <REP> Citeknet
13/07/2004 22:43 <REP> Codemasters
13/12/2007 00:43 <REP> Common Files
03/04/2007 19:45 <REP> CursorXP
08/04/2006 13:45 <REP> Developer One
09/06/2006 08:59 <REP> DIFX
03/04/2007 19:45 <REP> DivX
03/04/2007 19:45 <REP> DVD Decrypter
01/06/2007 14:31 <REP> Easy Internet signup
21/08/2006 19:24 <REP> e-Carte Bleue
28/06/2005 00:25 <REP> Eidos Interactive
15/12/2007 10:49 <REP> eMule
12/02/2007 00:58 <REP> ESET
22/05/2006 10:11 <REP> Executive Software
29/12/2007 10:14 <REP> Fichiers communs
14/11/2007 13:03 <REP> Foxit Software
02/12/2007 15:18 <REP> Free Audio Pack
13/05/2007 13:34 <REP> Free.fr
21/10/2006 19:23 <REP> FreshDevices
01/01/2008 13:52 <REP> FRISK Software
13/12/2007 00:38 <REP> F?nts
13/12/2007 00:40 <REP> F?nts
28/05/2007 12:25 <REP> Geneatique2007
28/05/2007 09:19 <REP> GénéaTiqueMX
12/09/2007 18:29 <REP> Google
18/08/2007 09:28 <REP> HardwareDetection
09/07/2004 18:10 <REP> Hasbro Interactive
31/05/2007 17:58 <REP> Hello
31/01/2007 00:06 <REP> Hewlett-Packard
23/05/2007 19:33 <REP> HP
08/12/2005 19:09 <REP> IFilterShop
16/09/2006 17:47 <REP> Intel
01/12/2006 23:28 <REP> Intel Desktop Board
13/12/2007 18:08 <REP> Internet Explorer
20/05/2004 20:15 <REP> InterVideo
05/04/2007 23:00 <REP> iolo
03/02/2007 10:09 <REP> IVT Corporation
29/12/2007 09:14 <REP> Java
04/03/2007 09:58 <REP> Kodak
21/05/2004 17:14 <REP> Larousse
22/05/2006 10:16 <REP> Lavasoft
13/07/2004 22:33 <REP> Ligos
01/12/2006 17:00 <REP> LizardTech
16/09/2006 17:36 <REP> Logitech
18/08/2007 09:27 <REP> ma-config.com
06/10/2007 08:59 <REP> Media Player Classic
19/10/2006 16:43 <REP> Messenger
03/04/2007 19:45 <REP> MeuhMeuh TV
28/02/2007 00:55 <REP> Micro Application
11/06/2007 00:33 <REP> Microsoft ActiveSync
09/06/2006 23:20 <REP> Microsoft Bootvis
11/05/2007 20:01 <REP> Microsoft CAPICOM 2.1.0.2
14/07/2004 18:56 <REP> Microsoft Encarta
01/01/2004 08:56 <REP> microsoft frontpage
08/07/2004 12:41 <REP> Microsoft Office
20/05/2004 21:16 <REP> Microsoft Référence
30/09/2007 07:59 <REP> Microsoft SQL Server Compact Edition
19/10/2006 16:43 <REP> Microsoft Works
05/03/2007 16:47 <REP> MindSoft
29/12/2007 11:43 <REP> Mobile Master
19/10/2006 16:43 <REP> Movie Maker
16/01/2008 18:39 <REP> Mozilla Firefox
29/03/2007 00:22 <REP> Mozilla Thunderbird
29/09/2007 23:31 <REP> MSN
01/01/2004 08:51 <REP> MSN Gaming Zone
15/08/2007 21:29 <REP> MSXML 4.0
13/12/2007 00:38 <REP> M?crosoft
13/12/2007 00:38 <REP> M?crosoft.NET
19/10/2006 16:43 <REP> NetMeeting
11/07/2007 13:02 <REP> Norton Security Scan
25/05/2004 20:43 <REP> Nullsoft
01/01/2008 15:35 <REP> Orange
30/09/2007 13:47 <REP> Outlook Express
30/06/2007 08:42 <REP> Panasonic
29/03/2007 20:25 <REP> Panda Software
01/12/2006 23:12 <REP> PC Drivers Headquarters
11/11/2007 17:47 <REP> PCStitch 7
19/10/2006 16:43 <REP> PDF2W
06/06/2007 17:31 <REP> PhotoFiltre
30/09/2007 13:21 <REP> Photos de Famille
11/11/2007 10:22 <REP> Picasa2
02/12/2007 14:12 <REP> PixiePack Codec Pack
05/03/2007 17:12 <REP> Presario PC Help
06/10/2007 08:54 <REP> QuickTime
06/10/2007 08:59 <REP> QuickTime Alternative
17/11/2006 21:34 <REP> Rage Software
02/12/2007 14:06 <REP> RapidSolution
25/05/2004 20:42 <REP> Real
03/12/2006 02:45 <REP> Realtek
08/05/2007 17:04 <REP> RecordNow!
05/01/2008 09:51 <REP> RegCleaner
29/12/2007 14:31 <REP> Samsung
25/11/2005 15:01 <REP> Show
17/08/2006 23:18 <REP> Softwin
01/01/2004 11:14 <REP> Sonic
03/02/2007 19:26 <REP> Speed Gear 5
22/12/2007 10:03 <REP> Spybot - Search & Destroy
19/10/2006 16:43 <REP> Symantec
13/12/2007 00:39 <REP> s?curity
13/12/2007 00:39 <REP> S?mantec
13/12/2007 00:38 <REP> s?mbols
13/12/2007 00:39 <REP> s?stem
13/12/2007 00:39 <REP> s?stem32
28/05/2007 12:10 <REP> Tracker Software
05/01/2008 13:36 <REP> Trend Micro
16/06/2007 22:35 <REP> TuneUp Utilities 2006
13/12/2007 00:38 <REP> T?sks
31/07/2004 19:53 <REP> Ubi Soft
17/11/2006 22:15 <REP> UBISOFT
26/06/2007 17:02 <REP> ViaMichelin
21/08/2006 16:44 <REP> Video Ads Blocker
01/12/2005 01:53 <REP> VideoLAN
16/12/2005 20:41 <REP> Webroot
07/01/2008 14:31 <REP> Webteh
15/01/2008 20:03 <REP> Weight Watchers FlexiPoints
16/06/2007 09:33 <REP> Windows Defender
29/09/2007 10:54 <REP> Windows Desktop Search
29/11/2007 22:02 <REP> Windows Live
30/11/2007 21:25 <REP> Windows Live Favorites
09/03/2007 16:27 <REP> Windows Live Safety Center
30/11/2007 21:25 <REP> Windows Live Toolbar
16/02/2005 22:45 <REP> Windows Media Components
29/11/2006 00:21 <REP> Windows Media Connect 2
15/06/2007 02:02 <REP> Windows Media Player
19/10/2006 16:43 <REP> Windows NT
16/02/2005 18:48 <REP> WinFast
14/12/2007 20:09 <REP> WinRAR
13/12/2007 00:38 <REP> W?nSxS
01/01/2004 08:56 <REP> xerox
03/04/2007 19:45 <REP> XviD
01/01/2008 16:01 <REP> Zone Labs
13/12/2007 00:39 <REP> ?dobe
13/12/2007 00:40 <REP> ?ppPatch
13/12/2007 00:40 <REP> ?icrosoft.NET
13/12/2007 00:38 <REP> ?dobe
13/12/2007 00:38 <REP> ?ppPatch
13/12/2007 00:40 <REP> ?ssembly
13/12/2007 00:41 <REP> ??sembly
13/12/2007 00:39 <REP> ??pPatch
13/12/2007 00:38 <REP> ?ecurity
13/12/2007 00:38 <REP> ?ymantec
13/12/2007 00:39 <REP> ?ymbols
13/12/2007 00:38 <REP> ?ystem
13/12/2007 00:39 <REP> ?ystem32
13/12/2007 00:39 <REP> ??curity
13/12/2007 00:41 <REP> ??mantec
13/12/2007 00:38 <REP> ??mbols
13/12/2007 00:38 <REP> ??stem
13/12/2007 00:41 <REP> ??stem32
13/12/2007 00:38 <REP> ?icrosoft
13/12/2007 00:43 <REP> ?icrosoft.NET
13/12/2007 00:38 <REP> ??crosoft
13/12/2007 00:38 <REP> ?racle
13/12/2007 00:41 <REP> ?asks
13/12/2007 00:43 <REP> ??sks
5 fichier(s) 50 494 octets
174 Rép(s) 18 940 661 760 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
*.impots.gouv.fr REG_BINARY
www35.ratp.info REG_BINARY
www7.ratp.info REG_BINARY
www.3suisses.fr REG_BINARY
www.lepointcompte.com REG_BINARY
www.baby-walz.com REG_BINARY
*.salonsparis.ccip.fr REG_BINARY
www.vitrinemagique.com REG_BINARY
PopupMgr REG_SZ yes

* Mozilla Firefox (1 autorisé 2 interdit)

---------- C:\DOCUMENTS AND SETTINGS\PROPRITAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GKAT50YE.DEFAULT\HOSTPERM.1
host popup 1 www.ratp.info
host popup 1 www.julie-blonde-vip.com
host popup 1 www.sweet-pussycat.net
host popup 1 www.ratp.fr
host popup 1 www.zdnet.fr
host popup 1 www.bebeconfort.com
host popup 1 sabine-escort75.com
host popup 1 www.abatta-escort.com
host popup 1 leeloo-escort.com
host popup 1 www.laura-escort.com
host popup 1 www.pagesjaunes.fr
host popup 1 www.escort-pinky-paris.com

******************************************
## Registre

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


*************** Fin du rapport ****************
Voila comme demandé
@suivre
0
Réponse 162 / 216
Le sioux Messages postés 4894 Date d'inscription   Statut Contributeur sécurité Dernière intervention   496
 
Bonsoir Pommeverte

Je pige pas,Purity voit rien alors que subsistent dans les Program Files et dans appdata:

13/12/2007 00:39 <REP> ?dobe
13/12/2007 00:40 <REP> ?ppPatch
13/12/2007 00:40 <REP> ?icrosoft.NET
13/12/2007 00:38 <REP> ?dobe
13/12/2007 00:38 <REP> ?ppPatch
13/12/2007 00:40 <REP> ?ssembly
13/12/2007 00:41 <REP> ??sembly
13/12/2007 00:39 <REP> ??pPatch
13/12/2007 00:38 <REP> ?ecurity
13/12/2007 00:38 <REP> ?ymantec
13/12/2007 00:39 <REP> ?ymbols
13/12/2007 00:38 <REP> ?ystem
13/12/2007 00:39 <REP> ?ystem32
13/12/2007 00:39 <REP> ??curity
13/12/2007 00:41 <REP> ??mantec
13/12/2007 00:38 <REP> ??mbols
13/12/2007 00:38 <REP> ??stem
13/12/2007 00:41 <REP> ??stem32
13/12/2007 00:38 <REP> ?icrosoft
13/12/2007 00:43 <REP> ?icrosoft.NET
13/12/2007 00:38 <REP> ??crosoft
13/12/2007 00:38 <REP> ?racle
13/12/2007 00:41 <REP> ?asks
13/12/2007 00:43 <REP> ??sks

Je vais voir si je peux trouver de l 'aide pour avancer, désolé pour ce "piétinage"

@plus.
0
^^Marie^^ Messages postés 114059 Date d'inscription   Statut Membre Dernière intervention   3 279
 
COucou ► MP

A pluche
0
Réponse 163 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
Coucou
je suis vraiment désolé de vous donné autant de souci mais je vous remercie tous de l'aide que vous m'apporter...

@plus
0
Réponse 164 / 216
Le sioux Messages postés 4894 Date d'inscription   Statut Contributeur sécurité Dernière intervention   496
 
Bonsoir Pommeverte

On va essayer autrement :

Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.

http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe

Double clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.

C:\Program Files\a?sembly
C:\Program Files\A?pPatch
C:\Program Files\F?nts
C:\Program Files\T?sks
C:\Program Files\s?curity
C:\Program Files\S?mantec
C:\Program Files\s?mbols
C:\Program Files\s?stem
C:\Program Files\s?stem32
C:\Program Files\?dobe
C:\Program Files\?ppPatch
C:\Program Files\?icrosoft.NET
C:\Program Files\?dobe
C:\Program Files\?ppPatch
C:\Program Files\?ssembly
C:\Program Files\??sembly
C:\Program Files\??pPatch
C:\Program Files\?ecurity
C:\Program Files\?ymantec
C:\Program Files\?ymbols
C:\Program Files\?ystem
C:\Program Files\?ystem32
C:\Program Files\??curity
C:\Program Files\??mantec
C:\Program Files\??mbols
C:\Program Files\??stem
C:\Program Files\??stem32
C:\Program Files\?icrosoft
C:\Program Files\?icrosoft.NET
C:\Program Files\??crosoft
C:\Program Files\?racle
C:\Program Files\?asks
C:\Program Files\??sks
C:\Documents and Settings\Propriétaire\Application Data\a?sembly
C:\Documents and Settings\Propriétaire\Application Data\A?pPatch
C:\Documents and Settings\Propriétaire\Application Data\ F?nts
C:\Documents and Settings\Propriétaire\Application Data\s?stem
C:\Documents and Settings\Propriétaire\Application Data\s?stem32
C:\Documents and Settings\Propriétaire\Application Data\W?nSxS
C:\Documents and Settings\Propriétaire\Application Data\?dobe
C:\Documents and Settings\Propriétaire\Application Data\?ppPatch
C:\Documents and Settings\Propriétaire\Application Data\?icrosoft
C:\Documents and Settings\Propriétaire\Application Data\??crosoft
C:\Documents and Settings\Propriétaire\Application Data\??crosoft.NET
C:\Documents and Settings\Propriétaire\Application Data\?racle
C:\Documents and Settings\Propriétaire\Application Data\?asks
C:\Documents and Settings\Propriétaire\Application Data\??sks
C:\Documents and Settings\Propriétaire\Application Data\?dobe
C:\Documents and Settings\Propriétaire\Application Data\?ppPatch
C:\Documents and Settings\Propriétaire\Application Data\?ssembly
C:\Documents and Settings\Propriétaire\Application Data\??sembly
C:\Documents and Settings\Propriétaire\Application Data\??pPatch
C:\Documents and Settings\Propriétaire\Application Data\?ecurity
C:\Documents and Settings\Propriétaire\Application Data\?ymantec
C:\Documents and Settings\Propriétaire\Application Data\?ymbols
C:\Documents and Settings\Propriétaire\Application Data\?ystem
C:\Documents and Settings\Propriétaire\Application Data\?ystem32
C:\Documents and Settings\Propriétaire\Application Data\??curity
C:\Documents and Settings\Propriétaire\Application Data\??mantec
C:\Documents and Settings\Propriétaire\Application Data\??mbols
C:\Documents and Settings\Propriétaire\Application Data\??stem
C:\Documents and Settings\Propriétaire\Application Data\?icrosoft
C:\Documents and Settings\Propriétaire\Application Data\?icrosoft.NET
C:\Documents and Settings\Propriétaire\Application Data\??crosoft.NET
C:\Documents and Settings\Propriétaire\Application Data\?racle
C:\Documents and Settings\Propriétaire\Application Data\?asks
C:\Documents and Settings\Propriétaire\Application Data\??sks
Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaîtra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression.
si c'est le cas accepte par Yes.


--> Poste le rapport d'OTMoveIt situé dans C:\_OTMoveIt\MovedFiles (contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure)

@ suivre.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 165 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
bonsoir
alors j'ai fait ce que tu as dit mais je ne vois pas le rapport.
et quand j'allume l'ordi j'ai 2 fenêtres qui souvrent (cela faisait longtemps) est qui dit C\system32\bwevdlxx.dll et C\system32\sprt_ads.dll est introuvable.



@suivre
0
Réponse 166 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:50, on 17/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\sprt_ads.dll" DllStart
O4 - HKLM\..\Run: [940e455e] rundll32.exe "C:\WINDOWS\system32\bwevdlxx.dll",b
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 167 / 216
Le sioux Messages postés 4894 Date d'inscription   Statut Contributeur sécurité Dernière intervention   496
 
Bonsoir

Le rapport est situé dans C:\_OTMoveIt\MovedFiles (contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure)

Poste un nouveau rapport Hijackthis stp.

@ suivre.
0
Réponse 168 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:34:08, on 17/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\sprt_ads.dll" DllStart
O4 - HKLM\..\Run: [940e455e] rundll32.exe "C:\WINDOWS\system32\bwevdlxx.dll",b
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 169 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
voila
mais impossible de trouver le rapport
0
Réponse 170 / 216
Le sioux Messages postés 4894 Date d'inscription   Statut Contributeur sécurité Dernière intervention   496
 
Re

Je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procédure correctement.
(Note: tu n'auras pas accès à Internet à partir du moment ou te redémarreras en mode sans échec)
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1) Lance HijackThis.

Je te conseille d'enregistrer toutes les lignes a fixer puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procédure correctement.

Lance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Clique sur Scan Only et coche les lignes suivantes :

O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\sprt_ads.dll" DllStart
O4 - HKLM\..\Run: [940e455e] rundll32.exe "C:\WINDOWS\system32\bwevdlxx.dll",b
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"

Ferme toutes les autres fenêtres, tous les autres programmes. Pas de connections Internet.

Clique sur Fix Checked puis clique sur OK
Puis ferme HijackThis.

2) OTMoveIt (de Old_Timer)

Double clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :
Paste List of Files/Folders to be moved.

C:\WINDOWS\mrofinu1188.exe

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaîtra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression.
si c'est le cas accepte par Yes.

3) Télécharge

* SDFix d' AndyManchesta

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. N y touche pas pour l instant.

4) Redémarre en mode sans échec

Regarde ici si besoin avant ici : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.

Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

5) SDFix
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
· Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

6) Rapports :

Poste un nouveau rapport HijackThis et le rapport de SDFix en réponse ainsi que le rapport d'OTMoveIt situé dans C:\_OTMoveIt\MovedFiles
(contenu du fichier C:\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date et l'heure)

@ suivre
0
Réponse 171 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
bonjour
alors j'ai deja fait 2 partie sur 3 : hijackthis et OTMoveIt (de Old_Timer) (toujours pas trouver de rapport je me demande s'il l'enregistre bien)
Je ferais la partie 3 dimanche soir....

Bon WE à tous

@plus
0
Réponse 172 / 216
Le sioux Messages postés 4894 Date d'inscription   Statut Contributeur sécurité Dernière intervention   496
 
Re

J'avais précisé

Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.

...
0
Réponse 173 / 216
oscour cherche Le sioux
 
Bjr
0
Réponse 174 / 216
Le sioux Messages postés 4894 Date d'inscription   Statut Contributeur sécurité Dernière intervention   496
 
Bonjour Oscour ;-)

Que puis je pour toi ?
0
Réponse 175 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
Gloups pardon
bon je ferais ça dimanche alors (c'est vrai j'ai hijackthis mais en mode normal)
La vilaine qui ne lit pas correctement
0
Réponse 176 / 216
oscour
 
J'ai vraiment un gros pb avec mon pc.

Au démarrage "windows installer" s'affiche, ainsi que "document viewer" et "microsoft .NET Framework".

Mes fenêtres ne s'ouvrent pas complètement, ne se ferment pas sans "ne répond plus", "terminer le programme"...

Mon pc est vraiment trés lent.

Pourrais-tu m'aider stp ?
0
Réponse 177 / 216
Le sioux Messages postés 4894 Date d'inscription   Statut Contributeur sécurité Dernière intervention   496
 
Re

Pas grave, t'es excusée ;-)

Bonne fin de semaine, à dimanche.
0
Réponse 178 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
bonjour et bon WE
voici le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:13:53, on 20/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fgo.microsoft.com%2ffwlink%2f%3fLinkId%3d69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 179 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
le rapport OTMoveIt : File/Folder C:\WINDOWS\mrofinu1188.exe not found.

Created on 01/20/2008 09:14:56

et pour finir

SDFix: Version 1.127

Run by Propriétaire on 20/01/2008 at 09:21

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\TASKKILL.EXE - Deleted
C:\WINDOWS\system32\CatRoot\TMP78.tmp - Deleted
C:\WINDOWS\system32\CatRoot\TMPE0.tmp - Deleted
C:\Program Files\a.zip - Deleted
C:\Program Files\b.zip - Deleted
C:\Program Files\c.zip - Deleted
C:\Program Files\A.ico - Deleted
C:\Program Files\B.ico - Deleted
C:\?.bat - Deleted




Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-20 09:38:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

Tue 2 Apr 2002 173,568 A..H. --- "C:\hp\bin\AddDevicePath.exe"
Wed 5 Jan 2000 48,942 A..H. --- "C:\hp\bin\AUTOMOD.EXE"
Fri 23 May 2003 225,280 A..H. --- "C:\hp\bin\automod32.exe"
Thu 28 Oct 1999 237,568 A..H. --- "C:\hp\bin\autorun.exe"
Fri 4 Apr 1997 41,016 A..H. --- "C:\hp\bin\boxit.exe"
Thu 25 Mar 1999 15,360 A..H. --- "C:\hp\bin\CleanRec.exe"
Sun 7 Nov 1999 27,136 A..H. --- "C:\hp\bin\cloaker.exe"
Thu 6 Mar 2003 149 A..H. --- "C:\hp\bin\cmdcons2.reg"
Fri 7 Nov 2003 157 A..H. --- "C:\hp\bin\cmdcons3.reg"
Mon 26 Aug 2002 192,512 A..H. --- "C:\hp\bin\COMMANDS.EXE"
Thu 22 Apr 1993 24,917 A..H. --- "C:\hp\bin\COPYDISK.EXE"
Thu 11 Jun 1998 47,162 A..H. --- "C:\hp\bin\DISTILL.EXE"
Thu 5 Jun 2003 49,152 A..H. --- "C:\hp\bin\DM.exe"
Wed 10 Nov 1999 28,672 A..H. --- "C:\hp\bin\FindWindow.exe"
Tue 7 Nov 2000 28,672 A..H. --- "C:\hp\bin\Finis.exe"
Thu 29 Jan 2004 443,904 A..H. --- "C:\hp\bin\FullScreen.exe"
Fri 3 Jan 2003 90,112 A..H. --- "C:\hp\bin\HPBI.exe"
Thu 25 Mar 2004 44,560 A..H. --- "C:\hp\bin\hpdmi.exe"
Sat 8 Mar 2003 53,248 A..H. --- "C:\hp\bin\HPLocale.exe"
Fri 8 Nov 2002 20,480 A..H. --- "C:\hp\bin\HPPICT.EXE"
Wed 13 Aug 2003 126,976 A..H. --- "C:\hp\bin\hpqca.dll"
Fri 18 Oct 2002 51,712 A..H. --- "C:\hp\bin\HtmlMsg.exe"
Tue 2 Dec 2003 418 A..H. --- "C:\hp\bin\i386.reg"
Thu 31 Oct 2002 250 A..H. --- "C:\hp\bin\i845.reg"
Thu 30 Apr 1998 133,120 A..H. --- "C:\hp\bin\IniMerge.exe"
Thu 16 Sep 1999 55,296 A..H. --- "C:\hp\bin\IsRunning.exe"
Tue 29 Feb 2000 28,672 A..H. --- "C:\hp\bin\Locale.exe"
Mon 5 Jun 2000 28,672 A..H. --- "C:\hp\bin\MsgAction.exe"
Wed 14 Jun 1995 16,006 A..H. --- "C:\hp\bin\MSGBOX.EXE"
Fri 4 Oct 2002 330 A..H. --- "C:\hp\bin\NoScreen.reg"
Tue 26 Mar 2002 396 A..H. --- "C:\hp\bin\NoStartupSound.reg"
Thu 7 Nov 2002 155,136 A..H. --- "C:\hp\bin\OSType.exe"
Fri 24 Jan 2003 447,488 A..H. --- "C:\hp\bin\ProcessLogger.exe"
Wed 5 Dec 2001 433,664 A..H. --- "C:\hp\bin\Progress.exe"
Wed 27 Mar 2002 152,576 A..H. --- "C:\hp\bin\PwrMgt.exe"
Wed 10 Jul 2002 296 A..H. --- "C:\hp\bin\pwrmgt.reg"
Thu 6 Jun 2002 7,142,643 A..H. --- "C:\hp\bin\Python-2.2.1.exe"
Mon 18 May 1992 34,700 A..H. --- "C:\hp\bin\RECURSE.EXE"
Thu 19 Nov 1998 128,512 A..H. --- "C:\hp\bin\RefCount.exe"
Wed 13 May 1998 77,824 A..H. --- "C:\hp\bin\replace.exe"
Sun 8 Apr 2001 45,056 A..H. --- "C:\hp\bin\RPCOPY.DLL"
Fri 10 Aug 2001 131,072 A..H. --- "C:\hp\bin\RPCOPY.EXE"
Mon 19 Jun 2000 28,672 A..H. --- "C:\hp\bin\SendKey.exe"
Fri 22 May 1998 36,864 A..H. --- "C:\hp\bin\SetIni.exe"
Mon 23 Aug 1999 41,482 A..H. --- "C:\hp\bin\SETLEVEL.EXE"
Tue 24 Jun 2003 300,544 A..H. --- "C:\hp\bin\SetRes.exe"
Fri 20 Nov 1998 26,112 A..H. --- "C:\hp\bin\Sleep.exe"
Sun 9 Apr 2000 28,672 A..H. --- "C:\hp\bin\Spawn.exe"
Sat 8 Nov 2003 314 A..H. --- "C:\hp\bin\sroff.reg"
Tue 18 Aug 1998 41,248 A..H. --- "C:\hp\bin\strcmpi.exe"
Sat 27 Nov 1999 350,208 A..H. --- "C:\hp\bin\TransientMessage.exe"
Thu 11 Jul 2002 86,016 A..H. --- "C:\hp\bin\UIni.exe"
Wed 10 Jul 2002 304 A..H. --- "C:\hp\bin\usbpower.reg"
Thu 4 Apr 2002 153,088 A..H. --- "C:\hp\bin\USBPwrMGMT.exe"
Wed 14 Aug 2002 28,672 A..H. --- "C:\hp\bin\UTILITY.DLL"
Wed 12 Jun 2002 3,599,369 A..H. --- "C:\hp\bin\win32all-146.exe"
Tue 23 Oct 2001 278 A..H. --- "C:\hp\bin\winlogon.reg"
Wed 4 Jun 2003 165,888 A..H. --- "C:\hp\bin\WshTools.dll"
Thu 19 Sep 2002 126,976 A..H. --- "C:\hp\DTIcons\shortcut.exe"
Thu 4 Dec 2003 674,869 A..H. --- "C:\hp\IAccess\IAccess.exe"
Fri 1 Jun 2001 292,773 A..H. --- "C:\hp\IAccess\WBDCC34I.DLL"
Fri 1 Jun 2001 43,963 A..H. --- "C:\hp\IAccess\WBOCC34I.DLL"
Thu 15 Mar 2001 25,915 A..H. --- "C:\hp\IAccess\wilx34i.dll"
Mon 26 Mar 2001 102,400 A..H. --- "C:\hp\IAccess\wwctl34i.dll"
Fri 25 May 2001 139,352 A..H. --- "C:\hp\IAccess\wwwnt34i.dll"
Fri 5 Dec 2003 61,440 A..H. --- "C:\hp\KBD\AOL.DLL"
Tue 25 Mar 2003 94,208 A..H. --- "C:\hp\KBD\CFG.DLL"
Wed 8 Oct 2003 24,576 A..H. --- "C:\hp\KBD\CreateVF.exe"
Tue 11 Feb 2003 61,440 A..H. --- "C:\hp\KBD\kbd.exe"
Wed 28 Aug 2002 1,150 A..H. --- "C:\hp\KBD\kbd.reg"
Mon 15 Sep 2003 147,456 A..H. --- "C:\hp\KBD\KBDCPL.DLL"
Thu 31 Jul 2003 180,291 A..H. --- "C:\hp\KBD\KBUPDATE.EXE"
Mon 15 Sep 2003 2,634 A..H. --- "C:\hp\KBD\lang_country.reg"
Wed 2 Oct 2002 49,152 A..H. --- "C:\hp\KBD\LED.DLL"
Wed 3 Dec 2003 61,440 A..H. --- "C:\hp\KBD\MSG.DLL"
Wed 2 Oct 2002 69,632 A..H. --- "C:\hp\KBD\MSIKBDIF.DLL"
Sat 10 Jan 2004 61,440 A..H. --- "C:\hp\KBD\ONL.DLL"
Thu 4 Dec 2003 172,032 A..H. --- "C:\hp\KBD\OSD.DLL"
Wed 21 Aug 2002 92 A..H. --- "C:\hp\KBD\PCTYPE.REG"
Fri 12 Sep 2003 61,440 A..H. --- "C:\hp\KBD\PS2.DLL"
Thu 18 Sep 2003 16,384 A..H. --- "C:\hp\KBD\RunReg.exe"
Tue 20 Jan 2004 81,920 A..H. --- "C:\hp\KBD\SCT.DLL"
Mon 26 Feb 2001 566 A..H. --- "C:\hp\KBD\unkbd.reg"
Thu 15 Feb 2001 170 A..H. --- "C:\hp\KBD\unlang_country.reg"
Wed 2 Oct 2002 53,248 A..H. --- "C:\hp\KBD\URL.DLL"
Wed 4 Jun 2003 77,824 A..H. --- "C:\hp\KBD\USB.DLL"
Thu 2 Aug 2001 36,864 A..H. --- "C:\hp\register\REGINIT.EXE"
Tue 30 Sep 2003 284,308 A..H. --- "C:\hp\support\helper.dll"
Tue 9 Dec 2003 395,264 A..H. --- "C:\hp\support\HPSysInfo.exe"
Thu 28 Oct 1999 237,568 A..H. --- "C:\hp\VINETLINK\autorun.exe"
Thu 14 Feb 2002 28,672 A..H. --- "C:\hp\VINETLINK\InetCtrl.dll"
Mon 7 Jan 2002 24,576 A..H. --- "C:\hp\VINETLINK\VINETLINK.exe"
Sat 10 Nov 2007 6,219,320 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Sat 24 Dec 2005 1,682 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Fri 5 Dec 2003 4,323,712 A..H. --- "C:\WINDOWS\system32\nv4_disp.dll"
Fri 5 Dec 2003 397,312 A..H. --- "C:\WINDOWS\system32\nvappbar.exe"
Fri 5 Dec 2003 31,232 A..H. --- "C:\WINDOWS\system32\nvcod.dll"
Fri 5 Dec 2003 31,232 A..H. --- "C:\WINDOWS\system32\nvcodins.dll"
Fri 5 Dec 2003 3,022,848 A..H. --- "C:\WINDOWS\system32\nvcpl.dll"
Fri 5 Dec 2003 1,175,552 A..H. --- "C:\WINDOWS\system32\nview.dll"
Fri 5 Dec 2003 1,007,616 A..H. --- "C:\WINDOWS\system32\nviewimg.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\WINDOWS\system32\nvinstnt.dll"
Fri 5 Dec 2003 49,152 A..H. --- "C:\WINDOWS\system32\nvmctray.dll"
Fri 5 Dec 2003 3,551,232 A..H. --- "C:\WINDOWS\system32\nvoglnt.dll"
Fri 5 Dec 2003 172,032 A..H. --- "C:\WINDOWS\system32\nvrsar.dll"
Fri 5 Dec 2003 122,880 A..H. --- "C:\WINDOWS\system32\nvrsda.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\WINDOWS\system32\nvrsde.dll"
Fri 5 Dec 2003 118,784 A..H. --- "C:\WINDOWS\system32\nvrseng.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\WINDOWS\system32\nvrses.dll"
Fri 5 Dec 2003 114,688 A..H. --- "C:\WINDOWS\system32\nvrsfi.dll"
Fri 5 Dec 2003 135,168 A..H. --- "C:\WINDOWS\system32\nvrsfr.dll"
Fri 5 Dec 2003 135,168 A..H. --- "C:\WINDOWS\system32\nvrsit.dll"
Fri 5 Dec 2003 143,360 A..H. --- "C:\WINDOWS\system32\nvrsja.dll"
Fri 5 Dec 2003 143,360 A..H. --- "C:\WINDOWS\system32\nvrsko.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\WINDOWS\system32\nvrsnl.dll"
Fri 5 Dec 2003 118,784 A..H. --- "C:\WINDOWS\system32\nvrsno.dll"
Fri 5 Dec 2003 126,976 A..H. --- "C:\WINDOWS\system32\nvrspt.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\WINDOWS\system32\nvrsptb.dll"
Fri 5 Dec 2003 118,784 A..H. --- "C:\WINDOWS\system32\nvrssv.dll"
Fri 5 Dec 2003 122,880 A..H. --- "C:\WINDOWS\system32\nvrstr.dll"
Fri 5 Dec 2003 65,536 A..H. --- "C:\WINDOWS\system32\nvrszhc.dll"
Fri 5 Dec 2003 65,536 A..H. --- "C:\WINDOWS\system32\nvrszht.dll"
Fri 5 Dec 2003 450,560 A..H. --- "C:\WINDOWS\system32\nvshell.dll"
Fri 5 Dec 2003 77,824 A..H. --- "C:\WINDOWS\system32\nvsvc32.exe"
Fri 5 Dec 2003 110,592 A..H. --- "C:\WINDOWS\system32\nvudisp.exe"
Fri 5 Dec 2003 35,840 A..H. --- "C:\WINDOWS\system32\nvwddi.dll"
Fri 5 Dec 2003 1,474,633 A..H. --- "C:\WINDOWS\system32\nvwdmcpl.dll"
Fri 5 Dec 2003 221,184 A..H. --- "C:\WINDOWS\system32\nvwrsar.dll"
Fri 5 Dec 2003 229,376 A..H. --- "C:\WINDOWS\system32\nvwrsda.dll"
Fri 5 Dec 2003 241,664 A..H. --- "C:\WINDOWS\system32\nvwrsde.dll"
Fri 5 Dec 2003 221,184 A..H. --- "C:\WINDOWS\system32\nvwrseng.dll"
Fri 5 Dec 2003 262,144 A..H. --- "C:\WINDOWS\system32\nvwrses.dll"
Fri 5 Dec 2003 237,568 A..H. --- "C:\WINDOWS\system32\nvwrsfi.dll"
Fri 5 Dec 2003 249,856 A..H. --- "C:\WINDOWS\system32\nvwrsfr.dll"
Fri 5 Dec 2003 249,856 A..H. --- "C:\WINDOWS\system32\nvwrsit.dll"
Fri 5 Dec 2003 163,840 A..H. --- "C:\WINDOWS\system32\nvwrsja.dll"
Fri 5 Dec 2003 151,552 A..H. --- "C:\WINDOWS\system32\nvwrsko.dll"
Fri 5 Dec 2003 245,760 A..H. --- "C:\WINDOWS\system32\nvwrsnl.dll"
Fri 5 Dec 2003 233,472 A..H. --- "C:\WINDOWS\system32\nvwrsno.dll"
Fri 5 Dec 2003 253,952 A..H. --- "C:\WINDOWS\system32\nvwrspt.dll"
Fri 5 Dec 2003 249,856 A..H. --- "C:\WINDOWS\system32\nvwrsptb.dll"
Fri 5 Dec 2003 229,376 A..H. --- "C:\WINDOWS\system32\nvwrssv.dll"
Fri 5 Dec 2003 237,568 A..H. --- "C:\WINDOWS\system32\nvwrstr.dll"
Fri 5 Dec 2003 126,976 A..H. --- "C:\WINDOWS\system32\nvwrszhc.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\WINDOWS\system32\nvwrszht.dll"
Fri 5 Dec 2003 753,664 A..H. --- "C:\WINDOWS\system32\nwiz.exe"
Fri 18 Nov 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 31 Mar 2001 45,056 A..H. --- "C:\hp\bin\burnboot\EJECT.EXE"
Thu 30 Apr 1998 133,120 A..H. --- "C:\hp\bin\burnboot\IniMerge.exe"
Tue 13 Jan 2004 156,672 A..H. --- "C:\hp\bin\burnboot\MsgBoxPlus.exe"
Mon 28 Oct 2002 442,880 A..H. --- "C:\hp\bin\burnboot\restore.exe"
Mon 12 Jan 2004 236 A..H. --- "C:\hp\bin\burnboot\run_optimize.REG"
Wed 10 Jul 2002 86,016 A..H. --- "C:\hp\bin\burnboot\UINI.EXE"
Wed 17 Dec 2003 122 A..H. --- "C:\hp\bin\burnboot\unrun_optimize.REG"
Thu 3 Apr 2003 50,176 A..H. --- "C:\hp\drivers\audio_realtek\Alcxmntr.exe"
Fri 12 Dec 2003 391,424 A..H. --- "C:\hp\drivers\audio_realtek\ALCXSENS.sys"
Fri 12 Dec 2003 538,236 A..H. --- "C:\hp\drivers\audio_realtek\ALCXWDM.SYS"
Tue 23 Sep 2003 65,536 A..H. --- "C:\hp\drivers\audio_realtek\Audio3D.dll"
Thu 21 Nov 2002 765,952 A..H. --- "C:\hp\drivers\audio_realtek\crlds3d.dll"
Fri 12 Sep 2003 98,304 A..H. --- "C:\hp\drivers\keyboard\PS2.EXE"
Mon 29 Jul 2002 23,808 A..H. --- "C:\hp\drivers\keyboard\PS2.SYS"
Wed 27 Jun 2001 36,864 A..H. --- "C:\hp\drivers\keyboard\PS2BAT.DLL"
Fri 4 Oct 2002 46,976 A..H. --- "C:\hp\drivers\lan_Realtek\R8139n51.sys"
Fri 12 Dec 2003 1,205,356 A..H. --- "C:\hp\drivers\modem_Agere_Sequoia\AGRSM.sys"
Fri 5 Sep 2003 64,512 A..H. --- "C:\hp\drivers\modem_Agere_Sequoia\agrsmdel.exe"
Fri 12 Dec 2003 88,363 A..H. --- "C:\hp\drivers\modem_Agere_Sequoia\AGRSMMsg.exe"
Wed 5 Nov 2003 32,218 A..H. --- "C:\hp\drivers\modem_Conexant\HSFCI008.dll"
Fri 14 Nov 2003 210,304 A..H. --- "C:\hp\drivers\modem_Conexant\HSFHWBS2.sys"
Fri 14 Nov 2003 679,808 A..H. --- "C:\hp\drivers\modem_Conexant\HSF_CNXT.sys"
Fri 14 Nov 2003 1,042,816 A..H. --- "C:\hp\drivers\modem_Conexant\HSF_DP.sys"
Wed 9 Apr 2003 90,112 A..H. --- "C:\hp\drivers\modem_Conexant\MdmXSdk.dll"
Wed 9 Apr 2003 11,043 A..H. --- "C:\hp\drivers\modem_Conexant\MDMXSDK.sys"
Fri 5 Dec 2003 4,323,712 A..H. --- "C:\hp\drivers\video_nVidia\nv4_disp.dll"
Fri 5 Dec 2003 1,619,243 A..H. --- "C:\hp\drivers\video_nVidia\nv4_mini.sys"
Fri 5 Dec 2003 397,312 A..H. --- "C:\hp\drivers\video_nVidia\nvappbar.exe"
Wed 30 Jul 2003 126,348 A..H. --- "C:\hp\drivers\video_nVidia\nvcap.sys"
Fri 5 Dec 2003 31,232 A..H. --- "C:\hp\drivers\video_nVidia\nvcod.dll"
Fri 5 Dec 2003 3,022,848 A..H. --- "C:\hp\drivers\video_nVidia\nvcpl.dll"
Fri 5 Dec 2003 1,175,552 A..H. --- "C:\hp\drivers\video_nVidia\nview.dll"
Fri 5 Dec 2003 1,007,616 A..H. --- "C:\hp\drivers\video_nVidia\nviewimg.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\hp\drivers\video_nVidia\nvinstnt.dll"
Fri 5 Dec 2003 49,152 A..H. --- "C:\hp\drivers\video_nVidia\nvmctray.dll"
Fri 5 Dec 2003 3,551,232 A..H. --- "C:\hp\drivers\video_nVidia\nvoglnt.dll"
Fri 5 Dec 2003 172,032 A..H. --- "C:\hp\drivers\video_nVidia\nvrsar.dll"
Fri 5 Dec 2003 122,880 A..H. --- "C:\hp\drivers\video_nVidia\nvrsda.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\hp\drivers\video_nVidia\nvrsde.dll"
Fri 5 Dec 2003 118,784 A..H. --- "C:\hp\drivers\video_nVidia\nvrseng.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\hp\drivers\video_nVidia\nvrses.dll"
Fri 5 Dec 2003 114,688 A..H. --- "C:\hp\drivers\video_nVidia\nvrsfi.dll"
Fri 5 Dec 2003 135,168 A..H. --- "C:\hp\drivers\video_nVidia\nvrsfr.dll"
Fri 5 Dec 2003 135,168 A..H. --- "C:\hp\drivers\video_nVidia\nvrsit.dll"
Fri 5 Dec 2003 143,360 A..H. --- "C:\hp\drivers\video_nVidia\nvrsja.dll"
Fri 5 Dec 2003 143,360 A..H. --- "C:\hp\drivers\video_nVidia\nvrsko.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\hp\drivers\video_nVidia\nvrsnl.dll"
Fri 5 Dec 2003 118,784 A..H. --- "C:\hp\drivers\video_nVidia\nvrsno.dll"
Fri 5 Dec 2003 126,976 A..H. --- "C:\hp\drivers\video_nVidia\nvrspt.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\hp\drivers\video_nVidia\nvrsptb.dll"
Fri 5 Dec 2003 118,784 A..H. --- "C:\hp\drivers\video_nVidia\nvrssv.dll"
Fri 5 Dec 2003 122,880 A..H. --- "C:\hp\drivers\video_nVidia\nvrstr.dll"
Fri 5 Dec 2003 65,536 A..H. --- "C:\hp\drivers\video_nVidia\nvrszhc.dll"
Fri 5 Dec 2003 65,536 A..H. --- "C:\hp\drivers\video_nVidia\nvrszht.dll"
Fri 5 Dec 2003 450,560 A..H. --- "C:\hp\drivers\video_nVidia\nvshell.dll"
Fri 5 Dec 2003 77,824 A..H. --- "C:\hp\drivers\video_nVidia\nvsvc32.exe"
Fri 5 Dec 2003 110,592 A..H. --- "C:\hp\drivers\video_nVidia\nvudisp.exe"
Fri 5 Dec 2003 35,840 A..H. --- "C:\hp\drivers\video_nVidia\nvwddi.dll"
Fri 5 Dec 2003 1,474,633 A..H. --- "C:\hp\drivers\video_nVidia\nvwdmcpl.dll"
Fri 5 Dec 2003 221,184 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsar.dll"
Fri 5 Dec 2003 229,376 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsda.dll"
Fri 5 Dec 2003 241,664 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsde.dll"
Fri 5 Dec 2003 221,184 A..H. --- "C:\hp\drivers\video_nVidia\nvwrseng.dll"
Fri 5 Dec 2003 262,144 A..H. --- "C:\hp\drivers\video_nVidia\nvwrses.dll"
Fri 5 Dec 2003 237,568 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsfi.dll"
Fri 5 Dec 2003 249,856 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsfr.dll"
Fri 5 Dec 2003 249,856 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsit.dll"
Fri 5 Dec 2003 163,840 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsja.dll"
Fri 5 Dec 2003 151,552 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsko.dll"
Fri 5 Dec 2003 245,760 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsnl.dll"
Fri 5 Dec 2003 233,472 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsno.dll"
Fri 5 Dec 2003 253,952 A..H. --- "C:\hp\drivers\video_nVidia\nvwrspt.dll"
Fri 5 Dec 2003 249,856 A..H. --- "C:\hp\drivers\video_nVidia\nvwrsptb.dll"
Fri 5 Dec 2003 229,376 A..H. --- "C:\hp\drivers\video_nVidia\nvwrssv.dll"
Fri 5 Dec 2003 237,568 A..H. --- "C:\hp\drivers\video_nVidia\nvwrstr.dll"
Fri 5 Dec 2003 126,976 A..H. --- "C:\hp\drivers\video_nVidia\nvwrszhc.dll"
Fri 5 Dec 2003 131,072 A..H. --- "C:\hp\drivers\video_nVidia\nvwrszht.dll"
Wed 30 Jul 2003 13,006 A..H. --- "C:\hp\drivers\video_nVidia\nvxbar.sys"
Fri 5 Dec 2003 753,664 A..H. --- "C:\hp\drivers\video_nVidia\nwiz.exe"
Fri 5 Dec 2003 165,888 A..H. --- "C:\hp\drivers\video_nVidia\setup.exe"
Wed 14 Aug 2002 28,672 A..H. --- "C:\hp\features\bin\utility.dll"
Mon 8 Dec 2003 200,704 A..H. --- "C:\hp\patches\41EU1HDD\commands.exe"
Thu 25 Mar 2004 44,560 A..H. --- "C:\hp\patches\42WW1TAT\hpdmi.exe"
Thu 25 Mar 2004 782,848 A..H. --- "C:\hp\patches\42WW1TAT\RDBios32.dll"
Thu 26 Feb 2004 696,832 A..H. --- "C:\hp\patches\42WW3SEQ\Agere_Cheetah_Modem_6386-01.exe"
Thu 26 Feb 2004 995,328 A..H. --- "C:\hp\patches\42WW3SEQ\Agere_Sequoia_Modem_6960-01.exe"
Wed 1 Oct 2003 1,402,880 A..H. --- "C:\hp\recovery\wizard\SWR_Wizard.exe"
Thu 1 Jan 2004 32,396 A..H. --- "C:\hp\recovery\wizard\uninstall.exe"
Thu 1 Jan 2004 432 A..H. --- "C:\hp\region\mfu\FR_FR-MFU.reg"
Fri 1 Jun 2001 292,773 A..H. --- "C:\hp\region\wallpaper\WBDCC34I.DLL"
Fri 1 Jun 2001 43,963 A..H. --- "C:\hp\region\wallpaper\WBOCC34I.DLL"
Thu 15 Mar 2001 25,915 A..H. --- "C:\hp\region\wallpaper\wilx34i.dll"
Mon 26 Mar 2001 102,400 A..H. --- "C:\hp\region\wallpaper\wwctl34i.dll"
Fri 25 May 2001 139,352 A..H. --- "C:\hp\region\wallpaper\wwwnt34i.dll"
Fri 5 Dec 2003 1,619,243 A..H. --- "C:\WINDOWS\system32\drivers\nv4_mini.sys"
Mon 7 Jan 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Sat 31 Mar 2001 45,056 A..H. --- "C:\hp\bin\burnboot\blocks\EJECT.EXE"
Wed 22 Aug 2001 49,209 A..H. --- "C:\hp\bin\burnboot\blocks\FINIS.EXE"
Fri 7 Jun 2002 453,120 A..H. --- "C:\hp\bin\burnboot\blocks\GREPINATOR.EXE"
Fri 22 Aug 2003 55,296 A..H. --- "C:\hp\bin\burnboot\blocks\ISRUNNING.EXE"
Fri 22 Aug 2003 28,672 A..H. --- "C:\hp\bin\burnboot\blocks\SLEEP.EXE"
Fri 22 Aug 2003 28,672 A..H. --- "C:\hp\bin\burnboot\blocks\SPAWN.EXE"
Tue 16 Sep 2003 122,880 A..H. --- "C:\hp\drivers\WebCam\Elch\HPortal.dll"
Tue 16 Sep 2003 143,360 A..H. --- "C:\hp\drivers\WebCam\Elch\HVideoS.exe"
Tue 16 Sep 2003 28,672 A..H. --- "C:\hp\drivers\WebCam\Elch\HVideoSP.dll"
Tue 16 Sep 2003 696,320 A..H. --- "C:\hp\drivers\WebCam\Elch\LHPortal.dll"
Tue 16 Sep 2003 20,480 A..H. --- "C:\hp\drivers\WebCam\Elch\LQCTwn32.dll"
Tue 16 Sep 2003 152,576 A..H. --- "C:\hp\drivers\WebCam\Elch\LV532AV.SYS"
Tue 16 Sep 2003 172,032 A..H. --- "C:\hp\drivers\WebCam\Elch\lvcodec2.dll"
Tue 16 Sep 2003 86,016 A..H. --- "C:\hp\drivers\WebCam\Elch\lvcoinst.dll"
Tue 16 Sep 2003 57,344 A..H. --- "C:\hp\drivers\WebCam\Elch\LVComC.dll"
Tue 16 Sep 2003 135,214 A..H. --- "C:\hp\drivers\WebCam\Elch\LVComS.exe"
Tue 16 Sep 2003 24,576 A..H. --- "C:\hp\drivers\WebCam\Elch\lvsf.dll"
Tue 16 Sep 2003 122,880 A..H. --- "C:\hp\drivers\WebCam\Elch\LVUI2.dll"
Tue 16 Sep 2003 360,448 A..H. --- "C:\hp\drivers\WebCam\Elch\LVUI2RC.dll"
Tue 16 Sep 2003 12,112 A..H. --- "C:\hp\drivers\WebCam\Elch\LVUSBSta.sys"
Tue 16 Sep 2003 106,496 A..H. --- "C:\hp\drivers\WebCam\Elch\lvWIAext.dll"
Tue 16 Sep 2003 167,936 A..H. --- "C:\hp\drivers\WebCam\Elch\pcsmart.dll"
Fri 27 Jun 2003 155,648 A..H. --- "C:\hp\drivers\WebCam\MSGR\HPortal.dll"
Fri 27 Jun 2003 143,360 A..H. --- "C:\hp\drivers\WebCam\MSGR\HVideoS.exe"
Fri 27 Jun 2003 28,672 A..H. --- "C:\hp\drivers\WebCam\MSGR\HVideoSP.dll"
Fri 27 Jun 2003 696,320 A..H. --- "C:\hp\drivers\WebCam\MSGR\LHPortal.dll"
Fri 27 Jun 2003 20,480 A..H. --- "C:\hp\drivers\WebCam\MSGR\LQCTwn32.dll"
Fri 27 Jun 2003 472,332 A..H. --- "C:\hp\drivers\WebCam\MSGR\lvcm.sys"
Fri 27 Jun 2003 172,032 A..H. --- "C:\hp\drivers\WebCam\MSGR\lvcodec2.dll"
Fri 27 Jun 2003 77,824 A..H. --- "C:\hp\drivers\WebCam\MSGR\lvcoinst.dll"
Fri 27 Jun 2003 57,344 A..H. --- "C:\hp\drivers\WebCam\MSGR\LVComC.dll"
Fri 27 Jun 2003 135,214 A..H. --- "C:\hp\drivers\WebCam\MSGR\LVComS.exe"
Fri 27 Jun 2003 24,576 A..H. --- "C:\hp\drivers\WebCam\MSGR\lvsf.dll"
Fri 27 Jun 2003 122,880 A..H. --- "C:\hp\drivers\WebCam\MSGR\LVUI2.dll"
Fri 27 Jun 2003 327,680 A..H. --- "C:\hp\drivers\WebCam\MSGR\LVUI2RC.dll"
Fri 27 Jun 2003 12,112 A..H. --- "C:\hp\drivers\WebCam\MSGR\LVUSBSta.sys"
Fri 27 Jun 2003 106,496 A..H. --- "C:\hp\drivers\WebCam\MSGR\lvWIAext.dll"
Fri 27 Jun 2003 167,936 A..H. --- "C:\hp\drivers\WebCam\MSGR\pcsmart.dll"
Fri 27 Jun 2003 155,648 A..H. --- "C:\hp\drivers\WebCam\XPRS\HPortal.dll"
Fri 27 Jun 2003 143,360 A..H. --- "C:\hp\drivers\WebCam\XPRS\HVideoS.exe"
Fri 27 Jun 2003 28,672 A..H. --- "C:\hp\drivers\WebCam\XPRS\HVideoSP.dll"
Fri 27 Jun 2003 696,320 A..H. --- "C:\hp\drivers\WebCam\XPRS\LHPortal.dll"
Fri 27 Jun 2003 20,480 A..H. --- "C:\hp\drivers\WebCam\XPRS\LQCTwn32.dll"
Fri 27 Jun 2003 474,240 A..H. --- "C:\hp\drivers\WebCam\XPRS\lvcd.sys"
Fri 27 Jun 2003 172,032 A..H. --- "C:\hp\drivers\WebCam\XPRS\lvcodec2.dll"
Fri 27 Jun 2003 77,824 A..H. --- "C:\hp\drivers\WebCam\XPRS\lvcoinst.dll"
Fri 27 Jun 2003 57,344 A..H. --- "C:\hp\drivers\WebCam\XPRS\LVComC.dll"
Fri 27 Jun 2003 135,214 A..H. --- "C:\hp\drivers\WebCam\XPRS\LVComS.exe"
Fri 27 Jun 2003 24,576 A..H. --- "C:\hp\drivers\WebCam\XPRS\lvsf.dll"
Fri 27 Jun 2003 122,880 A..H. --- "C:\hp\drivers\WebCam\XPRS\LVUI2.dll"
Fri 27 Jun 2003 327,680 A..H. --- "C:\hp\drivers\WebCam\XPRS\LVUI2RC.dll"
Fri 27 Jun 2003 12,112 A..H. --- "C:\hp\drivers\WebCam\XPRS\LVUSBSta.sys"
Fri 27 Jun 2003 106,496 A..H. --- "C:\hp\drivers\WebCam\XPRS\lvWIAext.dll"
Fri 27 Jun 2003 167,936 A..H. --- "C:\hp\drivers\WebCam\XPRS\pcsmart.dll"
Fri 8 Nov 2002 233,472 A..H. --- "C:\hp\KBD\STATIC\Common\hpkey.exe"
Thu 26 Feb 2004 321,120 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-FRA.exe"
Thu 26 Feb 2004 321,632 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-ITA.exe"
Thu 26 Feb 2004 321,120 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-NLD.exe"
Thu 26 Feb 2004 320,608 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-SVE.exe"
Thu 26 Feb 2004 321,120 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-PTG.exe"
Thu 26 Feb 2004 320,608 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-FIN.exe"
Thu 26 Feb 2004 321,120 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-ESN.exe"
Thu 26 Feb 2004 319,072 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-JPN.exe"
Thu 26 Feb 2004 321,120 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-DEU.exe"
Thu 26 Feb 2004 318,560 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-ENU.exe"
Thu 26 Feb 2004 321,120 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-TRK.exe"
Thu 26 Feb 2004 318,560 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-KOR.exe"
Thu 26 Feb 2004 320,096 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-NOR.exe"
Thu 26 Feb 2004 320,096 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-ARA.exe"
Thu 26 Feb 2004 318,048 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-CHS.exe"
Thu 26 Feb 2004 318,048 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-CHT.exe"
Thu 26 Feb 2004 320,608 A..H. --- "C:\hp\patches\42WW1ASN\src\WindowsXP-KB828028-x86-DAN.exe"
Sun 8 Feb 2004 5,294,080 A..H. --- "C:\hp\patches\42WW1REC\src\App00153.exe"
Sun 8 Feb 2004 452,096 A..H. --- "C:\hp\patches\42WW1REC\src\App00292.exe"
Sun 8 Feb 2004 444,416 A..H. --- "C:\hp\patches\42WW1REC\src\App00491.exe"
Sun 8 Feb 2004 1,838,592 A..H. --- "C:\hp\patches\42WW1REC\src\App02995.exe"
Sun 8 Feb 2004 492,544 A..H. --- "C:\hp\patches\42WW1REC\src\App04827.exe"
Sun 8 Feb 2004 1,401,856 A..H. --- "C:\hp\patches\42WW1REC\src\App05447.exe"
Sun 8 Feb 2004 440,320 A..H. --- "C:\hp\patches\42WW1REC\src\App05705.exe"
Sun 8 Feb 2004 462,848 A..H. --- "C:\hp\patches\42WW1REC\src\App09961.exe"
Sun 8 Feb 2004 15,596,032 A..H. --- "C:\hp\patches\42WW1REC\src\App14604.exe"
Sun 8 Feb 2004 5,256,704 A..H. --- "C:\hp\patches\42WW1REC\src\App16827.exe"
Sun 8 Feb 2004 3,668,992 A..H. --- "C:\hp\patches\42WW1REC\src\App17421.exe"
Wed 11 Feb 2004 696,832 A..H. --- "C:\hp\patches\42WW1REC\src\App18716.exe"
Sun 8 Feb 2004 423,936 A..H. --- "C:\hp\patches\42WW1REC\src\App19169.exe"
Sun 8 Feb 2004 1,157,632 A..H. --- "C:\hp\patches\42WW1REC\src\App19718.exe"
Wed 11 Feb 2004 995,328 A..H. --- "C:\hp\patches\42WW1REC\src\App19895.exe"
Sun 8 Feb 2004 453,632 A..H. --- "C:\hp\patches\42WW1REC\src\App23281.exe"
Sun 8 Feb 2004 453,632 A..H. --- "C:\hp\patches\42WW1REC\src\App24464.exe"
Sun 8 Feb 2004 2,251,776 A..H. --- "C:\hp\patches\42WW1REC\src\App26962.exe"
Sun 8 Feb 2004 481,792 A..H. --- "C:\hp\patches\42WW1REC\src\App29358.exe"
Sun 8 Feb 2004 12,426,752 A..H. --- "C:\hp\patches\42WW1REC\src\App32391.exe"
Sun 8 Feb 2004 12,426,752 A..H. --- "C:\hp\patches\42WW1REC\src\App99990.exe"
Sun 8 Feb 2004 15,596,032 A..H. --- "C:\hp\patches\42WW1REC\src\App99992.exe"
Sun 8 Feb 2004 5,256,704 A..H. --- "C:\hp\patches\42WW1REC\src\App99993.exe"
Sun 8 Feb 2004 5,256,704 A..H. --- "C:\hp\patches\42WW1REC\src\xApp14604.exe"
Fri 27 Feb 1998 3,968 A..H. --- "C:\hp\patches\42WW4USB\src\PCIDUMPR.SYS"
Sat 10 Mar 2001 40,448 A..H. --- "C:\hp\patches\42WW4USB\src\PCIFINDX.exe"
Fri 20 Feb 2004 370 A..H. --- "C:\hp\patches\42WW4USB\src\runUSB.reg"
Sat 13 Dec 2003 28,672 A..H. --- "C:\hp\recovery\wizard\fscommand\AppRecoveryLink.exe"
Sat 13 Dec 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\AppRecoveryLink_ret.exe"
Tue 5 Aug 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\CDLogic.exe"
Sat 13 Dec 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\CDLogic_ret.exe"
Sat 13 Dec 2003 28,672 A..H. --- "C:\hp\recovery\wizard\fscommand\CreatorLink.exe"
Sat 13 Dec 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\CreatorLink_ret.exe"
Sat 13 Dec 2003 28,672 A..H. --- "C:\hp\recovery\wizard\fscommand\RestoreLink.exe"
Sat 13 Dec 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\RestoreLink_ret.exe"
Sat 13 Dec 2003 28,672 A..H. --- "C:\hp\recovery\wizard\fscommand\RTCDLink.exe"
Sat 13 Dec 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\RTCDLink_ret.exe"
Sat 13 Dec 2003 28,672 A..H. --- "C:\hp\recovery\wizard\fscommand\RunLink.exe"
Sat 13 Dec 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\RunLink_ret.exe"
Sat 13 Dec 2003 28,672 A..H. --- "C:\hp\recovery\wizard\fscommand\SysRecoveryLink.exe"
Sat 13 Dec 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\SysRecoveryLink_ret.exe"
Sat 13 Dec 2003 28,672 A..H. --- "C:\hp\recovery\wizard\fscommand\WizardLink.exe"
Sat 13 Dec 2003 20,480 A..H. --- "C:\hp\recovery\wizard\fscommand\WizardLink_ret.exe"
Wed 26 Apr 2006 16,136 A..H. --- "C:\Documents and Settings\Propri‚taire\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll"
Fri 9 Dec 2005 135 A..H. --- "C:\Documents and Settings\Propri‚taire\Application Data\Microsoft\Internet Explorer\brndlog.bak"
Fri 23 Jan 2004 32,768 A..H. --- "C:\hp\bin\burnboot\blocks\BBoot\BBoot_CleanUp_1_0_ALL_WW_0000-03.exe"
Tue 20 Jan 2004 31,744 A..H. --- "C:\hp\bin\burnboot\blocks\BBoot\BBoot_Execute_Cmdlines_ALL_WW_0000-02.exe"
Mon 29 Dec 2003 30,720 A..H. --- "C:\hp\bin\burnboot\blocks\BBoot\BBoot_UnRunOptimize_reg_ALL_WW_0000-01.exe"
Fri 16 Jan 2004 133,120 A..H. --- "C:\hp\bin\burnboot\blocks\BBoot\HP_EndBuild_for_BBoot_ALL_WW_0000-16.exe"
Mon 29 Dec 2003 45,056 A..H. --- "C:\hp\bin\burnboot\blocks\BBoot\Power_Options_System_Standby_Off_ALL_WW_0000-01.exe"
Wed 28 Jan 2004 622,592 A..H. --- "C:\hp\patches\42WW1CDC\files\ALL\CD Creator.exe"
Thu 26 Feb 2004 2,907,392 A..H. --- "C:\hp\patches\42WW1HTM\src\Arabic\Q832894.exe"
Thu 26 Feb 2004 2,910,464 A..H. --- "C:\hp\patches\42WW1HTM\src\Dan\Q832894.exe"
Thu 26 Feb 2004 2,907,904 A..H. --- "C:\hp\patches\42WW1HTM\src\Eng\Q832894.exe"
Thu 26 Feb 2004 2,909,440 A..H. --- "C:\hp\patches\42WW1HTM\src\Fin\Q832894.exe"
Thu 26 Feb 2004 2,912,000 A..H. --- "C:\hp\patches\42WW1HTM\src\Fr\Q832894.exe"
Thu 26 Feb 2004 2,912,512 A..H. --- "C:\hp\patches\42WW1HTM\src\Ger\Q832894.exe"
Thu 26 Feb 2004 2,912,512 A..H. --- "C:\hp\patches\42WW1HTM\src\It\Q832894.exe"
Thu 26 Feb 2004 2,904,320 A..H. --- "C:\hp\patches\42WW1HTM\src\Jpn\Q832894.exe"
Thu 26 Feb 2004 2,902,784 A..H. --- "C:\hp\patches\42WW1HTM\src\Kor\Q832894.exe"
Thu 26 Feb 2004 2,912,512 A..H. --- "C:\hp\patches\42WW1HTM\src\NL\Q832894.exe"
Thu 26 Feb 2004 2,907,904 A..H. --- "C:\hp\patches\42WW1HTM\src\Nor\Q832894.exe"
Thu 26 Feb 2004 2,910,976 A..H. --- "C:\hp\patches\42WW1HTM\src\Port\Q832894.exe"
Thu 26 Feb 2004 2,899,712 A..H. --- "C:\hp\patches\42WW1HTM\src\SC\Q832894.exe"
Thu 26 Feb 2004 2,910,464 A..H. --- "C:\hp\patches\42WW1HTM\src\Sp\Q832894.exe"
Thu 26 Feb 2004 2,907,392 A..H. --- "C:\hp\patches\42WW1HTM\src\SW\Q832894.exe"
Thu 26 Feb 2004 2,901,760 A..H. --- "C:\hp\patches\42WW1HTM\src\TC\Q832894.exe"
Thu 26 Feb 2004 2,909,440 A..H. --- "C:\hp\patches\42WW1HTM\src\Turk\Q832894.exe"
Thu 26 Feb 2004 240,416 A..H. --- "C:\hp\patches\42WW2IPD\src\ARA\WindowsXP-KB821431-x86-ARA.exe"
Thu 26 Feb 2004 238,368 A..H. --- "C:\hp\patches\42WW2IPD\src\CHS\WindowsXP-KB821431-x86-CHS.exe"
Thu 26 Feb 2004 238,880 A..H. --- "C:\hp\patches\42WW2IPD\src\CHT\WindowsXP-KB821431-x86-CHT.exe"
Thu 26 Feb 2004 240,928 A..H. --- "C:\hp\patches\42WW2IPD\src\CSY\WindowsXP-KB821431-x86-CSY.exe"
Thu 26 Feb 2004 240,416 A..H. --- "C:\hp\patches\42WW2IPD\src\DAN\WindowsXP-KB821431-x86-DAN.exe"
Thu 26 Feb 2004 241,440 A..H. --- "C:\hp\patches\42WW2IPD\src\DEU\WindowsXP-KB821431-x86-DEU.exe"
Thu 26 Feb 2004 243,488 A..H. --- "C:\hp\patches\42WW2IPD\src\ELL\WindowsXP-KB821431-x86-ELL.exe"
Thu 26 Feb 2004 238,368 A..H. --- "C:\hp\patches\42WW2IPD\src\ENU\WindowsXP-KB821431-x86-ENU.exe"
Thu 26 Feb 2004 240,928 A..H. --- "C:\hp\patches\42WW2IPD\src\ESN\WindowsXP-KB821431-x86-ESN.exe"
Thu 26 Feb 2004 240,928 A..H. --- "C:\hp\patches\42WW2IPD\src\FIN\WindowsXP-KB821431-x86-FIN.exe"
Thu 26 Feb 2004 241,440 A..H. --- "C:\hp\patches\42WW2IPD\src\FRA\WindowsXP-KB821431-x86-FRA.exe"
Thu 26 Feb 2004 239,904 A..H. --- "C:\hp\patches\42WW2IPD\src\HEB\WindowsXP-KB821431-x86-HEB.exe"
Thu 26 Feb 2004 241,952 A..H. --- "C:\hp\patches\42WW2IPD\src\HUN\WindowsXP-KB821431-x86-HUN.exe"
Thu 26 Feb 2004 240,928 A..H. --- "C:\hp\patches\42WW2IPD\src\ITA\WindowsXP-KB821431-x86-ITA.exe"
Thu 26 Feb 2004 238,880 A..H. --- "C:\hp\patches\42WW2IPD\src\JPN\WindowsXP-KB821431-x86-JPN.exe"
Thu 26 Feb 2004 238,880 A..H. --- "C:\hp\patches\42WW2IPD\src\KOR\WindowsXP-KB821431-x86-KOR.exe"
Thu 26 Feb 2004 241,952 A..H. --- "C:\hp\patches\42WW2IPD\src\NLD\WindowsXP-KB821431-x86-NLD.exe"
Thu 26 Feb 2004 239,904 A..H. --- "C:\hp\patches\42WW2IPD\src\NOR\WindowsXP-KB821431-x86-NOR.exe"
Thu 26 Feb 2004 241,952 A..H. --- "C:\hp\patches\42WW2IPD\src\PLK\WindowsXP-KB821431-x86-PLK.exe"
Thu 26 Feb 2004 240,928 A..H. --- "C:\hp\patches\42WW2IPD\src\PTB\WindowsXP-KB821431-x86-PTB.exe"
Thu 26 Feb 2004 240,928 A..H. --- "C:\hp\patches\42WW2IPD\src\PTG\WindowsXP-KB821431-x86-PTG.exe"
Thu 26 Feb 2004 240,928 A..H. --- "C:\hp\patches\42WW2IPD\src\RUS\WindowsXP-KB821431-x86-RUS.exe"
Thu 26 Feb 2004 240,416 A..H. --- "C:\hp\patches\42WW2IPD\src\SVE\WindowsXP-KB821431-x86-SVE.exe"
Thu 26 Feb 2004 240,928 A..H. --- "C:\hp\patches\42WW2IPD\src\TRK\WindowsXP-KB821431-x86-TRK.exe"
Thu 29 Aug 2002 28,160 A..H. --- "C:\hp\patches\42WW4USB\src\usb\usbccgp.sys"
Thu 29 Aug 2002 19,328 A..H. --- "C:\hp\patches\42WW4USB\src\usb\usbehci.sys"
Thu 29 Aug 2002 51,968 A..H. --- "C:\hp\patches\42WW4USB\src\usb\usbhub.sys"
Thu 29 Aug 2002 15,744 A..H. --- "C:\hp\patches\42WW4USB\src\usb\usbohci.sys"
Thu 29 Aug 2002 135,552 A..H. --- "C:\hp\patches\42WW4USB\src\usb\usbport.sys"
Thu 29 Aug 2002 19,328 A..H. --- "C:\hp\patches\42WW4USB\src\usb\usbuhci.sys"
Wed 21 Jun 2006 16,208 A..H. --- "C:\Documents and Settings\Propri‚taire\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll"
Sat 16 Sep 2006 10,134 A..H. --- "C:\Documents and Settings\Propri‚taire\Application Data\Microsoft\Installer\{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}\ARPPRODUCTICON.exe"
Sat 16 Sep 2006 10,134 A..H. --- "C:\Documents and Settings\Propri‚taire\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe"
Sat 16 Sep 2006 10,134 A..H. --- "C:\Documents and Settings\Propri‚taire\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe"
Sat 19 Jan 2008 106,909 A..H. --- "C:\Documents and Settings\Propri‚taire\Application Data\Mozilla\Firefox\Profiles\gkat50ye.default\flashgot.log.bak"

Finished!
0
Réponse 180 / 216
pommeverte63 Messages postés 157 Date d'inscription   Statut Membre Dernière intervention  
 
il y a un rapoort qui s'est mis tout seul et qui se nomme catchme.log :
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-20 09:38:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
0

Discussions similaires

Sécurité de l'URL
ghaouar -
fiddy -

2 réponses
comment lire un message masqué????
linx33 -
linx33 -

6 réponses
La nouvelle messagerie du Boncoin....
Utilisateur anonyme -
Madabatro -

69 réponses
Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses