Sujet Précédent Sujet Suivant

Rapport navilog et hijack this

Résolu
florebcio Messages postés 193 Statut Membre -  
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour la communauté!
Je fais appel à votre aide pour m'aider à venir à bout de ces satanées pubs! En effet ces derniers temps que ce soit avec IE ou firefox je suis assailli! De plus je remarque un ralentissement de mon PC, peut-être un virus?!
Je vous joint un rapport Hijack this ainsi qu'un navilog. En vous remerciant d'avance pour votre aide. Amicalement.

Rapport Hijack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:05:36, on 4/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\windows\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\wscntfy.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnpstd3.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Winter Fun Pack 2004 for Windows XP\WinterWallToy\WinterWalltoy.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\windows\system32\WISPTIS.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft Office\Office12\INFOPATH.EXE
C:\windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\windows\system32\cmd.exe
C:\Program Files\Navilog1\catchme.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\wvusssq.dll (file missing)
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453947 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O4 - Global Startup: Winter Fun Wallpaper Changer.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download Web Info - C:\Program Files\Dataroute\Download.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3244CED3-3011-4D0D-B03C-696F282178E0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: gebcb - C:\windows\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/FLORIA~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif

29 réponses

  • 1
  • 2
Réponse 1 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re

Double cliques sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Le fix va t'informer qu'il va alors redémarrer ton PC
Fermes toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuies sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le bloc-notes. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.

Postes le rapport içi.

Ferme internet explorer puis Démarrer/panneau de configuration/options internet
- onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés", mais regarde ailleurs :
electronic-group
egroup
Montorgueil
VIP
"Sunny Day Design Ltd"
Tu les supprimes.

1
Réponse 2 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour

On va alléger le PC

· Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.(sur un des 2 liens)
http://pagesperso-orange.fr/AceRothstein/ToolsCleaner2.exe
http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe
· Clique sur Recherche et laisse le scan se terminer.
· Clique, sur Suppression pour finaliser.
· Tu peux, si tu le souhaites, te servir des Options facultatives.
· Clique sur Quitter, pour que le rapport puisse se créer.
· Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).

Et tu me refais un log hijackthis dans la foulée

1
Réponse 3 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
COucou

C'est normal, le Fix Tool sert à supprimer les logiciels de désinfection
Navilog tu n'en as plus besoin de toutes les façons ; donc à la trappe

1/ Quels sont les symptômes de ton PC ?

2/ Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
https://www.malekal.com/slenfbot-still-an-other-irc-bot/

Double clique sur SDFix.exe et choisis Install pour
l'extraire dans un dossier dédié sur le Bureau.

Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
http://www.coupdepoucepc.com/modules/news/article.php?storyid=253
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php

• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.

Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\
et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum,
avec un nouveau log Hijackthis !

+++

1
Réponse 4 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour

1) Affiche les fichiers et dossiers cachés …
Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
Ensuite, clique sur > Outils > Options des dossiers ...
clique sur l' onglet « Affichage » et ...
coche ---> Afficher les fichiers et dossiers cachés
décoche > Masquer les extensions des fichiers dont le type est connu
décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
« Appliquer » et « OK ».
refaire la manip inverse en fin de désinfection

Télécharges ComboFix à partir d'un de ces liens :
En premier
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

► Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

► Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

► Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

► Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

+ 1 log hijackthis

Stp

1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 29
cht! Messages postés 467 Statut Membre 36
 
salut
execute navilog et fait reparer
ensuite tu as une infection vundo
pour commencer coche toutes les lignes en "O18" de ton rapport hijackthis et clique sur "fix checked"

ensuite
Télécharge SmitfraudFix de S!Ri, balltrap34 et moe31

http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe le puis

* Installe le à la racine de C

Tu crees un nouveau dossier, via clic droit "créer /nouveau dossier que tu nommes SmitfraudFix --> C:\SmitfraudFix

Regarde un exemple a E ) « Faire un répertoire dédié » https://forum.pcastuces.com/sujet.asp?f=25&s=3902

* double clic sur l'exe pour le décompresser et lancer le fix.
Utilisation ----- option 1 - Recherche :
* Double clique sur smitfraudfix.cmd
* Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
* Poste le rapport ici
0
florebcio Messages postés 193 Statut Membre 7
 
Salut! Tout d'abord merci pour ton aide. J'ai supprimé comme tu me l'as dit les 018 de mon hijack this, j'ai aussi fait la detection automatique de navilog et je te poste mon rapport SmitfraudFix:
mitFraudFix v2.311

Rapport fait à 11:37:22,00, sam. 04/12/2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\windows\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\wscntfy.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnpstd3.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\windows\system32\spusltf.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Winter Fun Pack 2004 for Windows XP\WinterWallToy\WinterWalltoy.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\windows\system32\WISPTIS.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\windows\system32\NOTEPAD.EXE
C:\windows\notepad.exe
C:\windows\system32\clipbrd.exe
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\windows\notepad.exe
C:\windows\system32\cmd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\windows\system32\NOTEPAD.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\windows\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

Fichier hosts corrompu !

127.0.0.1 www.legal-at-spybot.info
127.0.0.1 legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Florian Leloup


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Florian Leloup\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FLORIA~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:/DOCUME~1/FLORIA~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif"
"SubscribedURL"="file:///C:/DOCUME~1/FLORIA~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.30.1
DNS Server Search Order: 0.0.0.0

Description: NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.30.1
DNS Server Search Order: 0.0.0.0

HKLM\SYSTEM\CCS\Services\Tcpip\..\{12E6ED51-E831-4600-A246-E0A7C16F9261}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\..\{51F46152-8379-4E0F-BB3A-A283536DEDDA}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{12E6ED51-E831-4600-A246-E0A7C16F9261}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{12E6ED51-E831-4600-A246-E0A7C16F9261}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{51F46152-8379-4E0F-BB3A-A283536DEDDA}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{12E6ED51-E831-4600-A246-E0A7C16F9261}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{51F46152-8379-4E0F-BB3A-A283536DEDDA}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Merci de me sortir de ma "galère".
0
Réponse 6 / 29
florebcio Messages postés 193 Statut Membre 7
 
Ah! Au redemarrage de mon PC j'ai eu la fenetre suivante : https://imageshack.com/

Peut-être cela te seras utile...
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re florebcio

Pour avancer

Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).

http://www.coupdepoucepc.com/modules/news/article.php?storyid=253
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php

----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum

+++

0
Réponse 7 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour

Pour suivre

A++
0
Réponse 8 / 29
nikonoz
 
Bonjour
je pense etre infecter par un virus je zsuis entrain d'effectuer un scan online avec kapersky
j'ai deja passer ccleaner, ainsi que spybot, voici mon rapport de scan avec hijahthis
pouvez vous me dire si je suis infecter et comment nettoyer mon pc

Voici le rapport de scan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:39:01, on 12/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell AIO 810\dlcgmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.118712.fr/sortir.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.118712.fr/sortir.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [MSKExe] spamkiller.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dlcgmon.exe] "C:\Program Files\Dell AIO 810\dlcgmon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DLCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\RunOnce: [SpybotDeletingA965] command /c del "C:\Program Files\Everest Poker\casino.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6890] cmd /c del "C:\Program Files\Everest Poker\casino.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3681] command /c del "C:\Program Files\Everest Poker\gvcrt.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3668] cmd /c del "C:\Program Files\Everest Poker\gvcrt.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3228] command /c del "C:\Program Files\Everest Poker\gvmain.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC110] cmd /c del "C:\Program Files\Everest Poker\gvmain.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8508] command /c del "C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1348] cmd /c del "C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6820] command /c del "C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5154] cmd /c del "C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1682] command /c del "C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7362] cmd /c del "C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\DOCUME~1\nico\LOCALS~1\TEMPOR~1\Content.IE5\HEPDTLYO\SENDCO~1.SH! C:\DOCUME~1\nico\LOCALS~1\TEMPOR~1\Content.IE5\CG36SEPG\READ_U~2.SH! C:\DOCUME~1\nico\LOCALS~1\TEMPOR~1\Content.IE5\O1MZ9NGY\01MEN_~1.SH! C:\DOCUME~1\nico\LOCALS~1\TEMPOR~1\Content.IE5\3QRYGDYC\TOP_NE~2.SH! C:\DOCUME~1\nico\LOCALS~1\TEMPOR~1\Content.IE5\O1MZ9NGY\GETBES~1.SH! C:\DOCUME~1\nico\LOCALS~1\TEMPOR~1\Content.IE5\3QRYGDYC\01NET_~1.SH! C:\DOCUME~1\nico\LOCALS~1\TEMPOR~1\Content.IE5\AV3TP8F6\TOP_NE~1.SH! C:\DOCUME~1\nico\LOCALS~1\TEMPOR~1\Content.IE5\3QRYGDYC\TOP_NE~1.SH!
O4 - HKCU\..\RunOnce: [SpybotDeletingB9683] command /c del "C:\Program Files\Everest Poker\casino.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9167] cmd /c del "C:\Program Files\Everest Poker\casino.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8122] command /c del "C:\Program Files\Everest Poker\gvcrt.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2451] cmd /c del "C:\Program Files\Everest Poker\gvcrt.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6834] command /c del "C:\Program Files\Everest Poker\gvmain.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4092] cmd /c del "C:\Program Files\Everest Poker\gvmain.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2565] command /c del "C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2773] cmd /c del "C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6675] command /c del "C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art"
O4 - HKCU\..\RunOnce: [SpybotDeletingD528] cmd /c del "C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1737] command /c del "C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1839] cmd /c del "C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3487504623-2355354576-525185988-1006\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup (User 'seb')
O4 - HKUS\S-1-5-21-3487504623-2355354576-525185988-1006\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0 (User 'seb')
O4 - HKUS\S-1-5-21-3487504623-2355354576-525185988-1006\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User 'seb')
O4 - HKUS\S-1-5-21-3487504623-2355354576-525185988-1006\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User 'seb')
O4 - HKUS\S-1-5-21-3487504623-2355354576-525185988-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'seb')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Dell Network Assistant.lnk = ?
O4 - Global Startup: END.lnk = C:\Program Files\Alice\Res\SplashScreen.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Program Files\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: aposiopetic - {91316323-2ad5-4794-9589-52a2eaa60a68} - (no file)
O23 - Service: McAfee Application Installer Cleanup (0161571207840940) (0161571207840940mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\016157~1.EXE
O23 - Service: dlcg_device - - C:\WINDOWS\system32\dlcgcoms.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour,nikonoz

CREER SON PROPRE TOPIK

Il serait préférable que tu crées ton propre « topik » message personnel. Cela rendra le poste (ici) plus compréhensible, et nous pourrons traiter ton soucis avec plus d’efficacité.
Donc
Fais ce qui suit, SVP
http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm
Merci
A++
http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm

A++

0
Réponse 9 / 29
florebcio Messages postés 193 Statut Membre 7
 
Sincérement désolé j'ai eu un petit contretemps. Merci pour l'aide que tu m'apporte. Voici le rapport:

SmitFraudFix v2.311

Rapport fait à 13:21:57,29, sam. 04/12/2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 hi.studioaperto.net
127.0.0.1 www.hi.studioaperto.net
127.0.0.1 wazzupnet.com
127.0.0.1 www.wazzupnet.com
127.0.0.1 gueb.com
127.0.0.1 www.gueb.com
127.0.0.1 kabex.com
127.0.0.1 www.kabex.com
127.0.0.1 hityou.com
127.0.0.1 www.hityou.com
127.0.0.1 miosearch.com
127.0.0.1 www.miosearch.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 start-seite.com
127.0.0.1 www.start-seite.com
127.0.0.1 sexolymp.com
127.0.0.1 www.sexolymp.com
127.0.0.1 toriii.cc
127.0.0.1 www.toriii.cc
127.0.0.1 xtipp.de
127.0.0.1 www.xtipp.de
127.0.0.1 urawa.cool.ne.jp
127.0.0.1 777search.com
127.0.0.1 www.777search.com
127.0.0.1 ace-webmaster.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 aifind.info
127.0.0.1 www.aifind.info
127.0.0.1 amateurliveshow.com
127.0.0.1 www.amateurliveshow.com
127.0.0.1 anarchylolita.com
127.0.0.1 www.anarchylolita.com
127.0.0.1 anarchyporn.com
127.0.0.1 approvedlinks.com
127.0.0.1 www.approvedlinks.com
127.0.0.1 cantfind.com
127.0.0.1 www.cantfind.com
127.0.0.1 castingsamateur.com
127.0.0.1 www.castingsamateur.com
127.0.0.1 cyberrape.com
127.0.0.1 www.cyberrape.com
127.0.0.1 dialerclub.com
127.0.0.1 www.dialerclub.com
127.0.0.1 megago.com
127.0.0.1 exit.megago.com
127.0.0.1 www.megago.com
127.0.0.1 fastmetasearch.com
127.0.0.1 www.fastmetasearch.com
127.0.0.1 findwhatevernow.com
127.0.0.1 www.findwhatevernow.com
127.0.0.1 globesearch.com
127.0.0.1 www.globesearch.com
127.0.0.1 hotfreebies.com
127.0.0.1 www.hotfreebies.com
127.0.0.1 krankin.com
127.0.0.1 www.krankin.com
127.0.0.1 begin2search.com
127.0.0.1 www.begin2search.com
127.0.0.1 mainstreamdollars.com
127.0.0.1 www.mainstreamdollars.com
127.0.0.1 live.sex-explorer.com
127.0.0.1 www.live.sex-explorer.com
127.0.0.1 loveadot.com
127.0.0.1 www.loveadot.com
127.0.0.1 megaseek.net
127.0.0.1 www.megaseek.net
127.0.0.1 mixsearch.com
127.0.0.1 www.mixsearch.com
127.0.0.1 munky.com
127.0.0.1 www.munky.com
127.0.0.1 newtopsites.com
127.0.0.1 www.newtopsites.com
127.0.0.1 noblindlinks.com
127.0.0.1 www.noblindlinks.com
127.0.0.1 babenet.com
127.0.0.1 r.babenet.com
127.0.0.1 www.babenet.com
127.0.0.1 searchresult.net
127.0.0.1 www.searchresult.net
127.0.0.1 sexarena.org
127.0.0.1 www.sexarena.org
127.0.0.1 skeech.com
127.0.0.1 www.skeech.com
127.0.0.1 superwp.by.ru
127.0.0.1 sureseeker.com
127.0.0.1 www.sureseeker.com
127.0.0.1 wethere.com
127.0.0.1 www.wethere.com
127.0.0.1 wowsearch.org
127.0.0.1 www.wowsearch.org
127.0.0.1 xxx.com
127.0.0.1 www.xxx.com
127.0.0.1 art-xxx.com
127.0.0.1 websearch.com
127.0.0.1 www.websearch.com
127.0.0.1 firehunt.com
127.0.0.1 www.firehunt.com
127.0.0.1 partner23.firehunt.com
127.0.0.1 screensaver.it
127.0.0.1 www.screensaver.it
127.0.0.1 cliks.org
127.0.0.1 www.cliks.org
127.0.0.1 xads.cliks.org
127.0.0.1 xwebsearch.biz
127.0.0.1 www.xwebsearch.biz
127.0.0.1 znext.com
127.0.0.1 www.znext.com
127.0.0.1 rawtocash.net
127.0.0.1 www.rawtocash.net
127.0.0.1 7search.com
127.0.0.1 www.7search.com
127.0.0.1 zestyfind.com
127.0.0.1 www.zestyfind.com
127.0.0.1 ntcor.com
127.0.0.1 www.ntcor.com
127.0.0.1 dev.ntcor.com
127.0.0.1 xrenoder.com
127.0.0.1 www.xrenoder.com
127.0.0.1 search.xrenoder.com
127.0.0.1 allcybersearch.com
127.0.0.1 www.allcybersearch.com
127.0.0.1 tinybar.com
127.0.0.1 www.tinybar.com
127.0.0.1 topsite.us
127.0.0.1 www.topsite.us
127.0.0.1 topsites.us
127.0.0.1 www.topsites.us
127.0.0.1 topsitez.us
127.0.0.1 www.topsitez.us
127.0.0.1 true-counter.com
127.0.0.1 www.true-counter.com
127.0.0.1 out.true-counter.com
127.0.0.1 cnetadd.com
127.0.0.1 www.cnetadd.com
127.0.0.1 okmmm.com
127.0.0.1 www.okmmm.com
127.0.0.1 139mm.com
127.0.0.1 www.139mm.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 1sexparty.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 24teen.com
127.0.0.1 www.24teen.com
127.0.0.1 36site.com
127.0.0.1 www.36site.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 777top.com
127.0.0.1 www.777top.com
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 abrp.net
127.0.0.1 www.abrp.net
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 acemedic.com
127.0.0.1 www.acemedic.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 adamsupportgroup.org
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adipics.com
127.0.0.1 www.adipics.com
127.0.0.1 adspics.com
127.0.0.1 www.adspics.com
127.0.0.1 adult-engine-search.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 adult-friends-finder.net
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adulttds.com
127.0.0.1 www.adulttds.com
127.0.0.1 exaccess.ru
127.0.0.1 www.exaccess.ru
127.0.0.1 advert.exaccess.ru
127.0.0.1 agentstudio.com
127.0.0.1 africaspromise.org
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 alfa-search.com
127.0.0.1 all-inet.com
127.0.0.1 allabtcars.com
127.0.0.1 allabtjeeps.com
127.0.0.1 allhyperlinks.com
127.0.0.1 allinternetbusiness.com
127.0.0.1 almarvideos.com
127.0.0.1 amandamountains.com
127.0.0.1 amigeek.com
127.0.0.1 amisbusiness.com
127.0.0.1 analmovi.com
127.0.0.1 anin.org
127.0.0.1 annaromeo.com
127.0.0.1 antrocity.com
127.0.0.1 anything4health.com
127.0.0.1 apsua.com
127.0.0.1 aregay.com
127.0.0.1 arheo.com
127.0.0.1 arizonaweb.org
127.0.0.1 armitageinn.com
127.0.0.1 art-func.com
127.0.0.1 artachnid.com
127.0.0.1 asiankingkong.com
127.0.0.1 ass-gals.com
127.0.0.1 athenrye.com
127.0.0.1 avian-ads.com
127.0.0.1 ayakawamura.com
127.0.0.1 ayumitaniguchi.com
127.0.0.1 bannedhost.net
127.0.0.1 barbudafarms.com
127.0.0.1 barnandfence.com
127.0.0.1 batsearch.com
127.0.0.1 baygraphicsllc.com
127.0.0.1 bb-search.com
127.0.0.1 bbbsearch.com
127.0.0.1 bedhome.com
127.0.0.1 bediadance.com
127.0.0.1 bellabasketsfl.com
127.0.0.1 bernaolatwin.com
127.0.0.1 best-counter.com
127.0.0.1 best-hardpics.com
127.0.0.1 best-winning-casino.com
127.0.0.1 bestcrawler.com
127.0.0.1 bestfor.ru
127.0.0.1 bestporngate.com
127.0.0.1 bestxporno.com
127.0.0.1 blackjack-free.net
127.0.0.1 blender.xu.pl
127.0.0.1 bodaciousbabette.com
127.0.0.1 boobdoll.com
127.0.0.1 boobsandtits.com
127.0.0.1 boobsclub.com
127.0.0.1 boredlife.com
127.0.0.1 bowlofogumbo.com
127.0.0.1 bradcoem.org
127.0.0.1 brandiyoung.com
127.0.0.1 brookeburn.com
127.0.0.1 bucps.com
127.0.0.1 burgerkingbigscreen.com
127.0.0.1 buscards.net
127.0.0.1 bustyrussell.com
127.0.0.1 buttejazz.org
127.0.0.1 buyselldomain.net
127.0.0.1 calcioturris.com
127.0.0.1 canberracricketcoaching.com
127.0.0.1 candycantaloupes.com
127.0.0.1 careers.dulcineasystems.net
127.0.0.1 carsands.com
127.0.0.1 carsrentals.net
127.0.0.1 casino-gambling-1.net
127.0.0.1 casino-gambling-2.net
127.0.0.1 casino-onlines.net
127.0.0.1 casino.com.free.game.pogo.gratisdownloads.nl
127.0.0.1 casino2win.net
127.0.0.1 casinomidas.net
127.0.0.1 casinonline.net
127.0.0.1 catallogue.com
127.0.0.1 catsss.da.ru
127.0.0.1 caxa.ru
127.0.0.1 cclebali.org
127.0.0.1 ceewawires.org
127.0.0.1 certumgroup.com
127.0.0.1 chelancatering.com
127.0.0.1 childrenvilla.com
127.0.0.1 chips-4-free.com
127.0.0.1 chrisswasey.com
127.0.0.1 chriswallace.net
127.0.0.1 ckick4thumbs.com
127.0.0.1 clackamasliteraryreview.com
127.0.0.1 clearsearch.cc
127.0.0.1 clearsearch.net
127.0.0.1 clickaire.com
127.0.0.1 clickyestoenter.net
127.0.0.1 clrsch.com
127.0.0.1 cmtapestry.com
127.0.0.1 cool-homepage.co
127.0.0.1 cool-homepage.com
127.0.0.1 cool-search.net
127.0.0.1 cool-search.netfartpost.com
127.0.0.1 cool-web-search.com
127.0.0.1 coolfetishsite.com
127.0.0.1 coolfreehost.com
127.0.0.1 coolfreepage.com
127.0.0.1 coolfreepages.com
127.0.0.1 coolmoneysearch.com
127.0.0.1 coolpornsearch.com
127.0.0.1 coolsearcher.info
127.0.0.1 coolwebsearsh.com
127.0.0.1 copmtraine.com
127.0.0.1 couldnotfind.com
127.0.0.1 count-all.com
127.0.0.1 cracks.me.uk
127.0.0.1 creamedcutties.com
127.0.0.1 creditsearchonline.com
127.0.0.1 crestring.com
127.0.0.1 crooder.com
127.0.0.1 curvedspaces.com
127.0.0.1 cvs.jps.ru
127.0.0.1 cvsymphony.com
127.0.0.1 cydom.com
127.0.0.1 daily-gals.com
127.0.0.1 dancingbabycd.com
127.0.0.1 datanotary.com
127.0.0.1 datareco.com
127.0.0.1 davemarshall.org
127.0.0.1 dcfitusa.com
127.0.0.1 defaultsearch.net
127.0.0.1 desarrollocreativo.com
127.0.0.1 develip.com
127.0.0.1 dewis.spb.ru
127.0.0.1 dewis.us
127.0.0.1 df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz
127.0.0.1 dietpills4free.com
127.0.0.1 dietpussy.com
127.0.0.1 digistreamsa.com
127.0.0.1 dionforvalleycouncil.org
127.0.0.1 doctorwaldron.com
127.0.0.1 document-not-found.pornpic.org
127.0.0.1 doggyaction.com
127.0.0.1 domain-your-registration.com
127.0.0.1 domains-for-you-online.com
127.0.0.1 domains2003.net
127.0.0.1 domkrat.com
127.0.0.1 dp-host.com
127.0.0.1 dragqueen.gay-clan.com
127.0.0.1 drug-sources-exposed.com
127.0.0.1 drvvv.com
127.0.0.1 dutch-sex.com
127.0.0.1 dvdbank.org
127.0.0.1 e-localad.com
127.0.0.1 e-plus.cc
127.0.0.1 e-websitesolutions.com
127.0.0.1 eases.net
127.0.0.1 easy-search.net
127.0.0.1 easycategories.com
127.0.0.1 ecosrioplatenses.org
127.0.0.1 ecstasyporn.net
127.0.0.1 eikokoike.com
127.0.0.1 epornsex.com
127.0.0.1 euuu.com
127.0.0.1 evidence-detector.biz
127.0.0.1 evilspidercomics.com
127.0.0.1 ewebsearch.net
127.0.0.1 findloss.com
127.0.0.1 excellentsckin.com
127.0.0.1 extremeseek.net
127.0.0.1 faithstevens.com
127.0.0.1 fantasiewelten.com
127.0.0.1 farmsteadbandb.com
127.0.0.1 fartpost.com
127.0.0.1 fastwebfinder.com
127.0.0.1 faxporn.com
127.0.0.1 fickenisgeil.de
127.0.0.1 finance-loans.com
127.0.0.1 find-itnow.com
127.0.0.1 find-uk-health.co.uk
127.0.0.1 find4u.net
127.0.0.1 findit-now.com
127.0.0.1 findthesite.com
127.0.0.1 findthewebsiteyouneed.com
127.0.0.1 www.findthewebsiteyouneed.com
127.0.0.1 fionasteel.com
127.0.0.1 firstbookmark.net
127.0.0.1 fitness-free.com
127.0.0.1 foodvacations.net
127.0.0.1 forex.jps.ru
127.0.0.1 forexcredit.com
127.0.0.1 forexcredit.ru
127.0.0.1 formingfusions.com
127.0.0.1 forsythfire.net
127.0.0.1 forthline.com
127.0.0.1 free-chipes.com
127.0.0.1 free-hit.com
127.0.0.1 free-pics-and-movies.com
127.0.0.1 free-sex-movie-clips.net
127.0.0.1 free4porno.net
127.0.0.1 free64all.com
127.0.0.1 freebookmark.net
127.0.0.1 freebookmarks.net
127.0.0.1 freecategories.com
127.0.0.1 freecoolhost.com
127.0.0.1 freerbhost.com
127.0.0.1 freeshemalepics.net
127.0.0.1 freeyaho.com
127.0.0.1 freshseek.com
127.0.0.1 freshteensite.com
127.0.0.1 gabrielscott.com
127.0.0.1 galpostgirls.com
127.0.0.1 gals-for-free.com
127.0.0.1 gambling-online4you.com
127.0.0.1 gameterror.net
127.0.0.1 gay50.com
127.0.0.1 generalsmeltingofcanada.com
127.0.0.1 geteens.com
127.0.0.1 getpicshere.com
127.0.0.1 gimmezamore.com
127.0.0.1 gimnasiaer.com
127.0.0.1 girls-porn-life.com
127.0.0.1 glbdf.org
127.0.0.1 global-finder.com
127.0.0.1 globe-finder.cc
127.0.0.1 globe-finder.com
127.0.0.1 gocybersearch.com
127.0.0.1 golftennis.net
127.0.0.1 good-mortgages-calculator.com
127.0.0.1 good-mortgages.net
127.0.0.1 goodsexs.com
127.0.0.1 googlebar.jps.ru
127.0.0.1 googlf.com
127.0.0.1 gradforum.org
127.0.0.1 gratis-porn-movie.com
127.0.0.1 gratis-pornopics.com
127.0.0.1 guzzycats.com
127.0.0.1 gzphoenix.com
127.0.0.1 hallnetaccolade.com
127.0.0.1 hand-book.com
127.0.0.1 happyanal.com
127.0.0.1 hard-gals.com
127.0.0.1 hardbodytgp.com
127.0.0.1 hardcoreover.com
127.0.0.1 hardloved.com
127.0.0.1 hardwareseek.net
127.0.0.1 harukaigawa.com
127.0.0.1 hccsolanonapa.org
127.0.0.1 health-protein.com
127.0.0.1 hentai4u.net
127.0.0.1 here4search.com
127.0.0.1 heyrichy.com
127.0.0.1 hi-search.com
127.0.0.1 hiddenguides.com
127.0.0.1 hitlistlyrics.com
127.0.0.1 holidayautostr.com
127.0.0.1 homemortage.ws
127.0.0.1 hostssp.com
127.0.0.1 hot-cartoon-sex.anime.american-teens.net
127.0.0.1 hotbookmark.com
127.0.0.1 hotels-list.net
127.0.0.1 hotelxxxcams.com
127.0.0.1 hotpopup.com
127.0.0.1 hotsearchbox.com
127.0.0.1 hotsex-series.com
127.0.0.1 hotstartpage.com
127.0.0.1 hqsex.biz
127.0.0.1 hugeporn4u.net
127.0.0.1 hunacsa.com
127.0.0.1 hupacasath.com
127.0.0.1 hzsx.com
127.0.0.1 icansearch.net
127.0.0.1 idgsearch.com
127.0.0.1 ie-search.com
127.0.0.1 incestporngate.com
127.0.0.1 infodigger.net
127.0.0.1 infoglobus.com
127.0.0.1 inherhole.com
127.0.0.1 insertthiscock.com
127.0.0.1 insurance-flood.net
127.0.0.1 insuranceall.net
127.0.0.1 internetsearch.ru
127.0.0.1 ionichost.com
127.0.0.1 ionomist.com
127.0.0.1 ipsex.net
127.0.0.1 itsanal.com
127.0.0.1 itseasy.us
127.0.0.1 iweb-commerce.com
127.0.0.1 iwebland.com
127.0.0.1 jeannineoldfield.com
127.0.0.1 jethomepage.com
127.0.0.1 jetseeker.com
127.0.0.1 jmhgallery.org
127.0.0.1 joannelatham.com
127.0.0.1 judin.ru
127.0.0.1 junkysex.com
127.0.0.1 karleyt.narod.ru
127.0.0.1 kathisomers.com
127.0.0.1 kazaa-lite.ws
127.0.0.1 keithgreenpro.com
127.0.0.1 kenmccaul.com
127.0.0.1 kilosex.com
127.0.0.1 kimhines.com
127.0.0.1 kinoru.com
127.0.0.1 ksdspups.org
127.0.0.1 landrape.com
127.0.0.1 lauraroebuck.com
127.0.0.1 leannalovelace.com
127.0.0.1 lesobank.ru
127.0.0.1 libertyonlinehosting.com
127.0.0.1 lingerie-mania.com
127.0.0.1 lisamatthew.com
127.0.0.1 liveholio.com
127.0.0.1 livenewspaper.com
127.0.0.1 louiseleeds.com
127.0.0.1 love-pix.com
127.0.0.1 lovelas.com
127.0.0.1 lovelysearch.com
127.0.0.1 low-taxes.com
127.0.0.1 luckysearch.net
127.0.0.1 lunitaweb.net
127.0.0.1 lustful-porno.com
127.0.0.1 mackinnonsbrook.org
127.0.0.1 madfinder.com
127.0.0.1 madisonmoons.com
127.0.0.1 madisonoilco.com
127.0.0.1 madonalive.com
127.0.0.1 majuozawa.com
127.0.0.1 makin-do.com
127.0.0.1 male4free.com
127.0.0.1 map-quest.org
127.0.0.1 marilynchamber.com
127.0.0.1 martfinder.com
127.0.0.1 massearch.com
127.0.0.1 matetrava.com
127.0.0.1 mature50.com
127.0.0.1 matureporngate.com
127.0.0.1 maxdzines.com
127.0.0.1 mcgeeforlabor.com
127.0.0.1 mdstunisie.org
127.0.0.1 medicare-insurance.net
127.0.0.1 medicare-supplemental.com
127.0.0.1 mega-dating-tips.com
127.0.0.1 megumikanzaki.com
127.0.0.1 meshalynn.com
127.0.0.1 meta-adult.com
127.0.0.1 meta-casino.com
127.0.0.1 meta-mobile.com
127.0.0.1 meta-porn.com
127.0.0.1 metafora.ru
127.0.0.1 metapoisk.ru
127.0.0.1 michiyonakajima.com
127.0.0.1 miconsultamedica.com
127.0.0.1 mikasakamoto.com
127.0.0.1 mikoni.com
127.0.0.1 militarygods.porn4porn.net
127.0.0.1 millennialpeople.org
127.0.0.1 mipham.org
127.0.0.1 missingcommand.com
127.0.0.1 mommykiss.com
127.0.0.1 moneyhunters.com
127.0.0.1 montgomeryhospitalanesthesia.com
127.0.0.1 morflot.com
127.0.0.1 mortgage-debt.net
127.0.0.1 mortismaximus.com
127.0.0.1 moscowwhores.com
127.0.0.1 moviecategories.com
127.0.0.1 mp3-pix.com
127.0.0.1 mrtg.jps.ru
127.0.0.1 msn-info.net
127.0.0.1 multipussy.com
127.0.0.1 mundopolar.com
127.0.0.1 mustv.com
127.0.0.1 mywebsearch.net
127.0.0.1 nativehardcore.com
127.0.0.1 naturalspy.com
127.0.0.1 nbasportsbook.net
127.0.0.1 nellyslyrics.com
127.0.0.1 nepgyan.com
127.0.0.1 nesrecords.com
127.0.0.1 netshastra.net
127.0.0.1 nettime.ru
127.0.0.1 nettracker.jps.ru
127.0.0.1 netyellowpages.info
127.0.0.1 new-incest.com
127.0.0.1 newcategories.com
127.0.0.1 newcracks.com
127.0.0.1 newcracks.net
127.0.0.1 newlife-lajolla.com
127.0.0.1 newsexgate.com
127.0.0.1 newtonsracks.com
127.0.0.1 newxpics.com
127.0.0.1 nhlsportsbook.net
127.0.0.1 niagaracapital.com
127.0.0.1 niche-tv.com
127.0.0.1 nmrba.com
127.0.0.1 nocalories.net
127.0.0.1 nocensor.com
127.0.0.1 ormandcompany.com
127.0.0.1 nsbabes.com
127.0.0.1 nuclearwitness.org
127.0.0.1 nursemania.com
127.0.0.1 nvntour.com
127.0.0.1 nvphall.org
127.0.0.1 oborot.com
127.0.0.1 ocalalivestockmarket.com
127.0.0.1 ocsff.com
127.0.0.1 oeatlanta.com
127.0.0.1 oharrowsearch.com
127.0.0.1 ok-search.com
127.0.0.1 okulta.com
127.0.0.1 omegabrains.net
127.0.0.1 online-casino-1.net
127.0.0.1 online-casino-bonus.info
127.0.0.1 online-casinos-x.com
127.0.0.1 online-winning.net
127.0.0.1 onlineserverz.com
127.0.0.1 onlinetradings.net
127.0.0.1 onlycunt.com
127.0.0.1 onlyinsured.com
127.0.0.1 operanabuco.com
127.0.0.1 opsex.com
127.0.0.1 oregoncharters.org
127.0.0.1 otrlives.com
127.0.0.1 ozawamadoka.com
127.0.0.1 paigesummer.com
127.0.0.1 pamelacollections.com
127.0.0.1 panamcup.com
127.0.0.1 pantygirls4u.com
127.0.0.1 pantyhoserealm.com
127.0.0.1 pantyplace.com
127.0.0.1 pastubes.com
127.0.0.1 paulapage.com
127.0.0.1 paulhoover.com
127.0.0.1 payfortraffic.net
127.0.0.1 pedo.ws
127.0.0.1 people.1gb.ru
127.0.0.1 pervertbot.com
127.0.0.1 pharma-diet-pills.com
127.0.0.1 pharmacy2003.com
127.0.0.1 pharmalocator.com
127.0.0.1 phendimetrazine-tenuate-adipex.com
127.0.0.1 pics-videos.com
127.0.0.1 picsdir.com
127.0.0.1 picsforbucks.com
127.0.0.1 picsofseductiveladies.com
127.0.0.1 pills-birth-control.com
127.0.0.1 pillsmall.com
127.0.0.1 pilotronix.com
127.0.0.1 pixpox.com
127.0.0.1 planemusic.com
127.0.0.1 poiska.net
127.0.0.1 poker-casino-free.com
127.0.0.1 poker-games-free.net
127.0.0.1 polradiologia.com
127.0.0.1 pooi.net
127.0.0.1 porn-teacher.com
127.0.0.1 porncamz.com
127.0.0.1 pornfree.info
127.0.0.1 pornnightdreams.com
127.0.0.1 pornokopec.com
127.0.0.1 porntetris.com
127.0.0.1 porntwist.com
127.0.0.1 powerwebsearch.com
127.0.0.1 prblitz.com
127.0.0.1 pretypics.com
127.0.0.1 pribalt.com
127.0.0.1 privacy-support.biz
127.0.0.1 privateporn.net
127.0.0.1 prostactive.com
127.0.0.1 prostol.com
127.0.0.1 protect-yourself.biz
127.0.0.1 prsainlandempire.org
127.0.0.1 put-your-link-here.com
127.0.0.1 pyrocorp.com
127.0.0.1 quick-search.ws
127.0.0.1 quiksearchgenealogy.com
127.0.0.1 radfrall.org
127.0.0.1 ramgo.com
127.0.0.1 ranafrog.ne
127.0.0.1 rapegate.com
127.0.0.1 redbudbmx.com
127.0.0.1 refinance-help.com
127.0.0.1 removeearthkeepers.org
127.0.0.1 rightfinder.net
127.0.0.1 robbsproshop.com
127.0.0.1 robertferencz.com
127.0.0.1 rotocasters.com
127.0.0.1 royalsearch.net
127.0.0.1 runsearch.com
127.0.0.1 russiansponsor.com
127.0.0.1 russogay.com
127.0.0.1 s2.exocrew.com
127.0.0.1 sacitylife.com
127.0.0.1 samplegals.com
127.0.0.1 sbssurvivor.com
127.0.0.1 scarypix.com
127.0.0.1 sccdnet.com
127.0.0.1 schoolforest.com
127.0.0.1 search-1.net
127.0.0.1 search-2003.com
127.0.0.1 search-about.net
127.0.0.1 search-hawk.com
127.0.0.1 search-log.com
127.0.0.1 search-meta.com
127.0.0.1 search-safe.com
127.0.0.1 search.psn.cn
127.0.0.1 searchadultweb.com
127.0.0.1 searchbutler.com
127.0.0.1 searchbuttler.com
127.0.0.1 searchbutler.org
127.0.0.1 searchcomplete.com
127.0.0.1 searchdesire.com
127.0.0.1 searchdot.net
127.0.0.1 searchexpander.com
127.0.0.1 searchfastnet.com
127.0.0.1 searchforge.com
127.0.0.1 searching-the-net.com
127.0.0.1 searchmeta.md
127.0.0.1 searchmeta.net
127.0.0.1 searchmeta.ru
127.0.0.1 searchmeta.webhost.ru
127.0.0.1 searchnow.ws
127.0.0.1 searchonfly.com
127.0.0.1 searchv.com
127.0.0.1 searchxl.com
127.0.0.1 searchxp.com
127.0.0.1 sebot.com
127.0.0.1 securenp.org
127.0.0.1 security-warning.biz
127.0.0.1 seehardcore.com
127.0.0.1 seekwell.net
127.0.0.1 selfbookmark.com
127.0.0.1 selfbookmark.info
127.0.0.1 selfbookmark.net
127.0.0.1 sex.free4porno.net
127.0.0.1 sex-coach.com
127.0.0.1 sex-festival.com
127.0.0.1 sex-video-galleries.com
127.0.0.1 sexgalleries4all.com
127.0.0.1 sexmoviesnet.com
127.0.0.1 sexpatriot.net
127.0.0.1 sexy18.cc
127.0.0.1 sexycat.adult-host.org
127.0.0.1 sfbayfolkboats.com
127.0.0.1 sgirls.net
127.0.0.1 sharempeg.com
127.0.0.1 shopcards.net
127.0.0.1 shopknights.com
127.0.0.1 sic02.com
127.0.0.1 sintrader.com
127.0.0.1 site1.ru
127.0.0.1 sites-in-web.com
127.0.0.1 sitevictoria.com
127.0.0.1 sixroads.com
127.0.0.1 skakalka.ru
127.0.0.1 slawsearch.com
127.0.0.1 slotch.com
127.0.0.1 slotchbar.com
127.0.0.1 smartsumo.com
127.0.0.1 smutarchive.net
127.0.0.1 solongas.com
127.0.0.1 sonomaevents.com
127.0.0.1 spermatrix.com
127.0.0.1 sportbooks-free4you.com
127.0.0.1 spros.com
127.0.0.1 spyass.com
127.0.0.1 spyorgy.net
127.0.0.1 staceyowens.com
127.0.0.1 stacistaxx.com
127.0.0.1 stacystaxx.com
127.0.0.1 start-space.com
127.0.0.1 steamycock.com
127.0.0.1 sterva.com
127.0.0.1 stevecashdollar.com
127.0.0.1 stop-tracking.biz
127.0.0.1 stopvotefraud.com
127.0.0.1 stopxxxpics.com
127.0.0.1 strekoza.com
127.0.0.1 stuffstore.com
127.0.0.1 styleclickink.com
127.0.0.1 summercollins.com
127.0.0.1 summitcross.com
127.0.0.1 super-spider.com
127.0.0.1 super-websearch.com
127.0.0.1 supersexmachine.com
127.0.0.1 superwebsearch.com
127.0.0.1 supret.com
127.0.0.1 suzannebrecht.com
127.0.0.1 sweeteenz.com
127.0.0.1 tacil.org
127.0.0.1 tangounion.com
127.0.0.1 tastethemusic.com
127.0.0.1 tax-refund4you.com
127.0.0.1 tech-jobs.ws
127.0.0.1 technology-related.com
127.0.0.1 teen-biz.com
127.0.0.1 teen-pic-post.com
127.0.0.1 teenpornosex.com
127.0.0.1 teens4free.net
127.0.0.1 teensact.com
127.0.0.1 teensgate.com
127.0.0.1 teensguru.com
127.0.0.1 teenswamp.com
127.0.0.1 testosterone-birth-control.com
127.0.0.1 the-exit.com
127.0.0.1 the-huns-yellow-pages.com
127.0.0.1 thefakejournal.com
127.0.0.1 thehuy.net
127.0.0.1 theproxy.org
127.0.0.1 therealsearch.com
127.0.0.1 thesten.com
127.0.0.1 thornleygroup.com
127.0.0.1 tings.org
127.0.0.1 tit-x.com
127.0.0.1 titanvision.com
127.0.0.1 titsianna.com
127.0.0.1 toddhayes.com
127.0.0.1 toon-comics.com
127.0.0.1 tooncomics.com
127.0.0.1 topsearcher.com
127.0.0.1 trafficback.com
127.0.0.1 trafficswitcher.com
127.0.0.1 travel.picture-posters.com
127.0.0.1 true-portal.com
127.0.0.1 trytechnical.com
127.0.0.1 ufindall.click-now.net
127.0.0.1 umaxsearch.com
127.0.0.1 une-autre-france.com
127.0.0.1 unigays.com
127.0.0.1 unipages.cc
127.0.0.1 up2you.ru
127.0.0.1 urlstat.com
127.0.0.1 urlstat.ru
127.0.0.1 uralitel.ru
127.0.0.1 ursie.net
127.0.0.1 utahsweet.com
127.0.0.1 utopicportal.com
127.0.0.1 uusocialjustice.org
127.0.0.1 v61.com
127.0.0.1 vaginpics.com
127.0.0.1 valmyers.com
127.0.0.1 vegas-free.com
127.0.0.1 vegbuy.com
127.0.0.1 veloventures.com
127.0.0.1 verzila.com
127.0.0.1 victoriaadam.com
127.0.0.1 videocategories.com
127.0.0.1 vitamins-for-each.com
127.0.0.1 votehowe.org
127.0.0.1 vxebony.com
127.0.0.1 wakeupdick.com
127.0.0.1 warnomore.org
127.0.0.1 watersport-specialties.com
127.0.0.1 web-homepage.net
127.0.0.1 web-search.tk
127.0.0.1 webcoolsearch.com
127.0.0.1 websearchdot.com
127.0.0.1 weekend-movies.com
127.0.0.1 wetpornostars.com
127.0.0.1 whatsyoursearch.com
127.0.0.1 white-pages.ws
127.0.0.1 whittierblvd.com
127.0.0.1 win-in-casino.com
127.0.0.1 wiresearch.com
127.0.0.1 wolfpacracing.com
127.0.0.1 wordlist.jps.ru
127.0.0.1 wpc2001.org
127.0.0.1 wspzone.sexpornonline.com
127.0.0.1 wwwbet.net
127.0.0.1 wwwbetting.net
127.0.0.1 wwwpokergames.com
127.0.0.1 wwwpokerplayers.com
127.0.0.1 wwwroulette.net
127.0.0.1 x-library.com
127.0.0.1 x-webdesign.com
127.0.0.1 xcomics4u.com
127.0.0.1 xic-bs.com
127.0.0.1 xldr.com
127.0.0.1 xp18.com
127.0.0.1 xrenosearch.com
127.0.0.1 xtragay.com
127.0.0.1 xu.xu.pl
127.0.0.1 xxxcategories.com
127.0.0.1 xxxemailxxx.com
127.0.0.1 y-e-l-l-o-w.com
127.0.0.1 yellow500.com
127.0.0.1 yezol.com
127.0.0.1 you-search.com
127.0.0.1 you-search.com.ru
127.0.0.1 youfindall.com
127.0.0.1 youfindall.net
127.0.0.1 your-prescriptions.net
127.0.0.1 yourbookmarks.info
127.0.0.1 yourbookmarks.ws
127.0.0.1 ypir.com
127.0.0.1 ysa-info.net
127.0.0.1 yukohamano.com
127.0.0.1 ywebsearch.info
127.0.0.1 zapros.com
127.0.0.1 zesearch.com
127.0.0.1 ziportal.com
127.0.0.1 zipportal.com
127.0.0.1 zoneoffreeporn.com
127.0.0.1 zoomegasite.com
127.0.0.1 zvimigdal.com
127.0.0.1 zyban-zocor-levitra.com
127.0.0.1 t.rack.cc
127.0.0.1 omega-search.com
127.0.0.1 cool-xxx.net
127.0.0.1 revolto3.da.ru
127.0.0.1 dating-search.net
127.0.0.1 linksummary.com
127.0.0.1 duolaimi.net
127.0.0.1 ez-searching.com
127.0.0.1 freehqmovies.com
127.0.0.1 xzoomy.com
127.0.0.1 freescratchandwin.com
127.0.0.1 globalwebsearch.com
127.0.0.1 www.gocybersearch.com
127.0.0.1 mayancasino.com
127.0.0.1 www.hastalavista.com
127.0.0.1 www.free-popup-killer.com
127.0.0.1 www.digitalfan.com
127.0.0.1 google123.web1000.com
127.0.0.1 search.ieplugin.com
127.0.0.1 i-lookup.com
127.0.0.1 spidersearch.com
127.0.0.1 istarthere.com
127.0.0.1 xxxtoolbar.com
127.0.0.1 www.seekporn.org
127.0.0.1 17-plus.com
127.0.0.1 lolita4all1.xrensmagpost.com
127.0.0.1 mafiapics.com
127.0.0.1 www.teenmonster.com
127.0.0.1 ie.marketdart.com
127.0.0.1 masterbar.com
127.0.0.1 search.netzany.co
127.0.0.1 only-virgins.com
127.0.0.1 passthison.com
127.0.0.1 blondetgp.com
127.0.0.1 prolivation.com
127.0.0.1 server-au.imrworldwide.com
127.0.0.1 rocketsearch.com
127.0.0.1 roar.com
127.0.0.1 searchaccurate.com
127.0.0.1 searchalot.com
127.0.0.1 searchandbrowse.com
127.0.0.1 gtawarehouse.com
127.0.0.1 startium.com
127.0.0.1 searchandclick.com
127.0.0.1 searchby.net
127.0.0.1 searchdot.com
127.0.0.1 search-exe.com
127.0.0.1 secret-crush.com
127.0.0.1 seekseek.com
127.0.0.1 sexarena.com
127.0.0.1 sexocean.play-lolita.com
127.0.0.1 startsurfing.com
127.0.0.1 srng.net
127.0.0.1 apps.webservicehost.com
127.0.0.1 search.shopnav.com
127.0.0.1 wish7.com
127.0.0.1 www.supersexpass.com
127.0.0.1 surferbar.com
127.0.0.1 xlola.underagehost.com
127.0.0.1 hotlolitas.underagehost.com
127.0.0.1 loading-lolita.com
127.0.0.1 www.xupiter.com
127.0.0.1 xjupiter.com
127.0.0.1 www.xjupiter.com
127.0.0.1 www.browserwise.com
127.0.0.1 sqwire.com
127.0.0.1 orbitexplorer.com
127.0.0.1 searchcentrix.com
127.0.0.1 categories.mygeek.com
127.0.0.1 web-entrance.co
127.0.0.1 whazit.com
127.0.0.1 windowenhancer.com
127.0.0.1 buz.ru
127.0.0.1 iwon.com
127.0.0.1 www.bonzi.com
127.0.0.1 featured-results.com
127.0.0.1 searchmadesafe.net
127.0.0.1 quicklaunch.com
127.0.0.1 www.cashsurfers.com
127.0.0.1 lop.com
127.0.0.1 tjdo.com
127.0.0.1 ebav.com
127.0.0.1 ebgo.com
127.0.0.1 ebaw.com
127.0.0.1 ebkb.com
127.0.0.1 ebmu.com
127.0.0.1 ecmp.com
127.0.0.1 edhq.com
127.0.0.1 edty.com
127.0.0.1 sbee.com
127.0.0.1 aavc.com
127.0.0.1 acjp.com
127.0.0.1 ecmh.com
127.0.0.1 emch.com
127.0.0.1 ecpm.com
127.0.0.1 wabu.com
127.0.0.1 wabq.com
127.0.0.1 ebch.com
127.0.0.1 ebdv.com
127.0.0.1 ebdw.com
127.0.0.1 ebjp.com
127.0.0.1 ebkn.com
127.0.0.1 ebky.com
127.0.0.1 eblv.com
127.0.0.1 wbkb.com
127.0.0.1 ebvr.com
127.0.0.1 ecwz.com
127.0.0.1 ecyb.com
127.0.0.1 eduy.com
127.0.0.1 eeev.com
127.0.0.1 farse.com
127.0.0.1 ibmx.com
127.0.0.1 icwb.com
127.0.0.1 icwo.com
127.0.0.1 icwp.com
127.0.0.1 iddh.com
127.0.0.1 idhh.com
127.0.0.1 ifiz.com
127.0.0.1 iguu.com
127.0.0.1 samz.com
127.0.0.1 saoe.com
127.0.0.1 sbjr.com
127.0.0.1 sbnl.com
127.0.0.1 sbnt.com
127.0.0.1 sbvr.com
127.0.0.1 scbm.com
127.0.0.1 sckr.com
127.0.0.1 scrk.com
127.0.0.1 sdry.com
127.0.0.1 seld.com
127.0.0.1 sfux.com
127.0.0.1 sheat.com
127.0.0.1 sipo.com
127.0.0.1 smds.com
127.0.0.1 srib.com
127.0.0.1 srox.com
127.0.0.1 srsf.com
127.0.0.1 ssaw.com
127.0.0.1 ssby.com
127.0.0.1 surj.com
127.0.0.1 tbvg.com
127.0.0.1 tdak.com
127.0.0.1 tdmy.com
127.0.0.1 tefs.com
127.0.0.1 tfil.com
127.0.0.1 tjar.com
127.0.0.1 tjaw.com
127.0.0.1 tjgo.com
127.0.0.1 tjem.com
127.0.0.1 torc.com
127.0.0.1 wfix.com
127.0.0.1 wflu.com
127.0.0.1 tdko.com
127.0.0.1 thko.com
127.0.0.1 H24413.tfil.com
127.0.0.1 germany.rub.to
127.0.0.1 search.rub.to
127.0.0.1 unitedstates.rub.to
127.0.0.1 www.commonname.com
127.0.0.1 www.ezcybersearch.com
127.0.0.1 www.jethomepage.com
127.0.0.1 www.gohip.com
127.0.0.1 hotbar.com
127.0.0.1 www.huntbar.com
127.0.0.1 search.imiserver.com
127.0.0.1 searchenhancement.com
127.0.0.1 newtonknows.com
127.0.0.1 search-explorer.net
127.0.0.1 searchsquire.com
127.0.0.1 secondpower.com
127.0.0.1 2ndpower.com
127.0.0.1 searchgateway.net
127.0.0.1 worldusa.com
127.0.0.1 www.topsearcher.com
127.0.0.1 smutserver.com
127.0.0.1 searchmeup.com
127.0.0.1 cameup.com
127.0.0.1 kliksearch.com
127.0.0.1 realphx.com
127.0.0.1 blazefind.com
127.0.0.1 zoofil.com
127.0.0.1 terafinder.com
127.0.0.1 008i.com
127.0.0.1 171203.com
127.0.0.1 39-93.com
127.0.0.1 adult-personal.us
127.0.0.1 cashsearch.biz
127.0.0.1 cl55.biz
127.0.0.1 dailyteenspic.com
127.0.0.1 dialer2004.com
127.0.0.1 digital-pornography.com
127.0.0.1 eager-sex.com
127.0.0.1 ergosites.com
127.0.0.1 freecj.com
127.0.0.1 greg-search.com
127.0.0.1 incest-host.com
127.0.0.1 ironcarteam.com
127.0.0.1 is-best.com
127.0.0.1 killerpornstars.com
127.0.0.1 lollitop.com
127.0.0.1 love-host.com
127.0.0.1 myexexex.com
127.0.0.1 my-finder.com
127.0.0.1 onlineclick.net
127.0.0.1 onlysex.ws
127.0.0.1 regfreeze.com
127.0.0.1 ruworld.com
127.0.0.1 selltraffic.biz
127.0.0.1 sexunique.net
127.0.0.1 sinpussy.com
127.0.0.1 teenhost.net
127.0.0.1 ultraload.net
127.0.0.1 vse-moe.biz
127.0.0.1 xsex.ws
127.0.0.1 75tz.com
127.0.0.1 iefeadsl.com
127.0.0.1 rf104.com
127.0.0.1 www.v61.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 c.centralmedia.ws
127.0.0.1 count.cc
127.0.0.1 topx.cc
127.0.0.1 sidefind.com
127.0.0.1 thenewsearch.com
127.0.0.1 new-search.net
127.0.0.1 x-google.net
127.0.0.1 adultgambling.org
127.0.0.1 bitchesonline.net
127.0.0.1 girls4rent.net
127.0.0.1 usefullsoft.net
127.0.0.1 livegambling.com
127.0.0.1 adultsgames.net
127.0.0.1 easyantispy.com
127.0.0.1 spybotremover.net
127.0.0.1 winprotect.net
127.0.0.1 funny-girls.com
127.0.0.1 winmsn.com
127.0.0.1 oneclicksearches.com
127.0.0.1 bestweblinks.com
127.0.0.1 iqsearch.net
127.0.0.1 dumpserv.com
127.0.0.1 helpyoursearch.com
127.0.0.1 sgrunt.biz
127.0.0.1 yeak.net
127.0.0.1 u45.cx
127.0.0.1 u46.cx
127.0.0.1 u47.cc
127.0.0.1 u48.cc
127.0.0.1 sfonditalia.biz
127.0.0.1 realarea.biz
127.0.0.1 archiviosex.net
127.0.0.1 agava.com
127.0.0.1 agava.ru
127.0.0.1 hut1.ru
127.0.0.1 hu15.ru
127.0.0.1 winfixer.com
127.0.0.1 3721.com
127.0.0.1 easysearchingtips.com
127.0.0.1 fine-search.net
127.0.0.1 noproblemsurf.com
127.0.0.1 pcspyremover.com
127.0.0.1 search-motor.com
127.0.0.1 searchwhatuwant.com
127.0.0.1 ad25.com
127.0.0.1 ad45.com
127.0.0.1 ad77.com
127.0.0.1 ad86.com
127.0.0.1 full-search.net
127.0.0.1 go2-search.com
127.0.0.1 onemoresearch.net
127.0.0.1 search-777.com
127.0.0.1 search-to-find.com
127.0.0.1 search-what.net
127.0.0.1 winshow.biz
127.0.0.1 lookfor.cc
127.0.0.1 looking-for.cc
127.0.0.1 tgp-4-you.com
127.0.0.1 veryeasysearch.com
127.0.0.1 010402.com
127.0.0.1 20x2p.com
127.0.0.1 db105.com
127.0.0.1 ga31.com
127.0.0.1 mpeg-look.com
127.0.0.1 n-udd.com
127.0.0.1 p-uud.com
127.0.0.1 porn-screen.com
127.0.0.1 rb37.com
127.0.0.1 t058.com
127.0.0.1 u-239.com
127.0.0.1 v-224.com
127.0.0.1 trackhits.cc
127.0.0.1 tracktraff.cc
127.0.0.1 power-cleaner.com
127.0.0.1 yoursitebar.com
127.0.0.1 ysbweb.com
127.0.0.1 www.ysbweb.com
127.0.0.1 installcash.com
127.0.0.1 toolbarcash.com
127.0.0.1 enjoywebsurf.com
127.0.0.1 msnguard.cc
127.0.0.1 searchclick.cc
127.0.0.1 havy.biz
127.0.0.1 ewizard.cc
127.0.0.1 4klm.com
127.0.0.1 camup.net
127.0.0.1 bdsmlibrary.net
127.0.0.1 n-glx.s-redirect.com
127.0.0.1 aaasexypics.com
127.0.0.1 allforadult.com
127.0.0.1 autoescrowpay.com
127.0.0.1 awmcash.biz
127.0.0.1 awmdabest.com
127.0.0.1 buldog-stats.com
127.0.0.1 counter.sexmaniack.com
127.0.0.1 fregat.drocherway.com
127.0.0.1 greg-tut.com
127.0.0.1 iframe.biz
127.0.0.1 megapornix.com
127.0.0.1 newiframe.biz
127.0.0.1 nylonsexy.com
127.0.0.1 pizdato.biz
127.0.0.1 sexfiles.nu
127.0.0.1 slutmania.biz
127.0.0.1 sp2fucked.biz
127.0.0.1 toolbarpartner.com
127.0.0.1 vesbiz.biz
127.0.0.1 virgin-tgp.net
127.0.0.1 vparivalka.com
127.0.0.1 x.full-tgp.net
127.0.0.1 toolbar.cc
127.0.0.1 himen.biz
127.0.0.1 msupdater.net
127.0.0.1 www.msupdater.net
127.0.0.1 1800searchonline.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 1stsearchportal.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 971searchbox.com
127.0.0.1 www.971searchbox.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 ampmsearch.com
127.0.0.1 www.ampmsearch.com
127.0.0.1 clickhere4search.com
127.0.0.1 www.clickhere4search.com
127.0.0.1 clicktomakeasearch.com
127.0.0.1 www.clicktomakeasearch.com
127.0.0.1 directsearchzone.com
127.0.0.1 www.directsearchzone.com
127.0.0.1 easysearch4you.com
127.0.0.1 www.easysearch4you.com
127.0.0.1 enterthesearch.com
127.0.0.1 www.enterthesearch.com
127.0.0.1 esearch2005.com
127.0.0.1 www.esearch2005.com
127.0.0.1 eza1netsearch.com
127.0.0.1 www.eza1netsearch.com
127.0.0.1 ezwebsearching.com
127.0.0.1 www.ezwebsearching.com
127.0.0.1 globalefinder.com
127.0.0.1 www.globalefinder.com
127.0.0.1 go2realsearch.com
127.0.0.1 www.go2realsearch.com
127.0.0.1 myseachexplorer.com
127.0.0.1 www.myseachexplorer.com
127.0.0.1 quicksearch360.com
127.0.0.1 www.quicksearch360.com
127.0.0.1 s1s1s1search.com
127.0.0.1 www.s1s1s1search.com
127.0.0.1 search101online.com
127.0.0.1 www.search101online.com
127.0.0.1 search123forme.com
127.0.0.1 www.search123forme.com
127.0.0.1 search345quest.com
127.0.0.1 www.search345quest.com
127.0.0.1 searchmiracle.com
127.0.0.1 www.searchmiracle.com
127.0.0.1 searchtheworld4you.com
127.0.0.1 www.searchtheworld4you.com
127.0.0.1 searchwebzone.com
127.0.0.1 www.searchwebzone.com
127.0.0.1 seektheglobe.com
127.0.0.1 www.seektheglobe.com
127.0.0.1 sitesearchcentral.com
127.0.0.1 www.sitesearchcentral.com
127.0.0.1 the818search-co.com
127.0.0.1 www.the818search-co.com
127.0.0.1 type2find.com
127.0.0.1 www.type2find.com
127.0.0.1 xosearchox.com
127.0.0.1 www.xosearchox.com
127.0.0.1 yoursearchspace.com
127.0.0.1 www.yoursearchspace.com
127.0.0.1 httpwwwads.com
127.0.0.1 www.httpwwwads.com
127.0.0.1 adshttp.com
127.0.0.1 www.adshttp.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 dnaads.com
127.0.0.1 www.dnaads.com
127.0.0.1 marketengines.com
127.0.0.1 www.marketengines.com
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 securityindex.net
127.0.0.1 www.securityindex.net
127.0.0.1 sexpicsporn.com
127.0.0.1 www.sexpicsporn.com
127.0.0.1 free-spybot.com
127.0.0.1 www.free-spybot.com
127.0.0.1 cashengines.com
127.0.0.1 www.cashengines.com
127.0.0.1 microsoftantispyware.net
127.0.0.1 www.microsoftantispyware.net
127.0.0.1 mircosoftantispy.com
127.0.0.1 www.mircosoftantispy.com
127.0.0.1 msantispy.com
127.0.0.1 www.msantispy.com
127.0.0.1 netspyprotector.com
127.0.0.1 www.netspyprotector.com
127.0.0.1 avforce.com
127.0.0.1 www.avforce.com
127.0.0.1 savehits.com
127.0.0.1 www.savehits.com
127.0.0.1 saveli.com
127.0.0.1 www.saveli.com
127.0.0.1 metastop.com
127.0.0.1 www.metastop.com
127.0.0.1 perlink.biz
127.0.0.1 www.perlink.biz
127.0.0.1 highdialer.com
127.0.0.1 www.highdialer.com
127.0.0.1 online-more.com
127.0.0.1 www.online-more.com
127.0.0.1 www.syserrors.com
127.0.0.1 www.vcodec.com
127.0.0.1 toolbartraff.biz
127.0.0.1 www.toolbartraff.biz
127.0.0.1 pcadprotector.cc
127.0.0.1 www.pcadprotector.cc
127.0.0.1 airtleworld.com
127.0.0.1 www.airtleworld.com
127.0.0.1 domaincar.com
127.0.0.1 www.domaincar.com
127.0.0.1 worldray.com
127.0.0.1 www.worldray.com
127.0.0.1 www5.worldray.com
127.0.0.1 www6.worldray.com
127.0.0.1 www.spytrooper.com
127.0.0.1 spytrooper.com
127.0.0.1 dl.ad-ware.cc
127.0.0.1 ad-ware.cc
127.0.0.1 downloads.adaware.cc
127.0.0.1 adaware.cc
127.0.0.1 hitscount.net
127.0.0.1 count.hitscount.net
127.0.0.1 fined.biz
127.0.0.1 de.ag
127.0.0.1 games.de.ag
127.0.0.1 www.games.de.ag
127.0.0.1 little-download.net
127.0.0.1 www.little-download.net
127.0.0.1 little-help.com
127.0.0.1 www.little-help.com
127.0.0.1 www.spyaxe.net
127.0.0.1 www.spyaxe.com
127.0.0.1 www.spyaxe.biz
127.0.0.1 www.malwarewipe.com
127.0.0.1 dl.malwarewipe.com
127.0.0.1 www.malwarewipeupdate.com
127.0.0.1 unionseek.com
127.0.0.1 www.unionseek.com
127.0.0.1 sirh0t.blackhats.tc
127.0.0.1 blackhats.tc
127.0.0.1 www.blackhats.tc
127.0.0.1 ritztours.com
127.0.0.1 www.ritztours.com
127.0.0.1 flashflashmx.3322.org
127.0.0.1 3322.org
127.0.0.1 www.3322.org
127.0.0.1 jupitersatellites.biz
127.0.0.1 www.jupitersatellites.biz
127.0.0.1 yops.biz
127.0.0.1 www.yops.biz
127.0.0.1 goldengr.hypermart.net
127.0.0.1 web-nexus.net
127.0.0.1 safe-sales.biz
127.0.0.1 www.safe-sales.biz
127.0.0.1 jerrynews.com
127.0.0.1 www.jerrynews.com
127.0.0.1 Teslaplus.com
127.0.0.1 www.Teslaplus.com
127.0.0.1 WorldAntiSpy.com
127.0.0.1 www.WorldAntiSpy.com
127.0.0.1 www.securitycaution.com
127.0.0.1 securitycaution.com
127.0.0.1 adservs.com
127.0.0.1 csx.adservs.com
127.0.0.1 www.csx.adservs.com
127.0.0.1 toolbarbest.biz
127.0.0.1 www.toolbarbest.biz
127.0.0.1 game4all.biz
127.0.0.1 www.game4all.biz
127.0.0.1 wm.kannylizaciya.info
127.0.0.1 www.wm.kannylizaciya.info
127.0.0.1 wm.buhartes.info
127.0.0.1 www.wm.buhartes.info
127.0.0.1 login.fric.cn
127.0.0.1 www.login.fric.cn
127.0.0.1 xsremover.com
127.0.0.1 www.xsremover.com
127.0.0.1 spydeface.com
127.0.0.1 www.spydeface.com
127.0.0.1 alfacleaner.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 innovagest2000.com
127.0.0.1 www.innovagest2000.com
127.0.0.1 www.thespyguard.com
127.0.0.1 thespyguard.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.spyiblock.com
127.0.0.1 spyiblock.com
127.0.0.1 www.uvu-channel.com
127.0.0.1 uvu-channel.com
127.0.0.1 www.hachimitsu-lemon.com
127.0.0.1 hachimitsu-lemon.com
127.0.0.1 SEARCHTOFIND.NET
127.0.0.1 www.SEARCHTOFIND.NET
127.0.0.1 www.pestrap.com
127.0.0.1 pestrap.com
127.0.0.1 uptodatesecurity.com
127.0.0.1 www.uptodatesecurity.com
127.0.0.1 thinstall.abetterinternet.com
127.0.0.1 www.3abetterinternet.com
127.0.0.1 download.abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 qmex.psyche-evolution.com
127.0.0.1 www.qmex.psyche-evolution.com
127.0.0.1 core.psyche-evolution.com
127.0.0.1 www.core.psyche-evolution.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 scanandrepair.com
127.0.0.1 www.scanandrepair.com
127.0.0.1 uydsiygeds.com
127.0.0.1 www.uydsiygeds.com
127.0.0.1 pesttrap.com
127.0.0.1 www.pesttrap.com
127.0.0.1 adwarebazooka.com
127.0.0.1 get.adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 kliksoftware.com
127.0.0.1 www.kliksoftware.com
127.0.0.1 hitvirus.com
127.0.0.1 get.hitvirus.com
127.0.0.1 www.hitvirus.com
127.0.0.1 promo.dollarrevenue.com
127.0.0.1 www.promo.dollarrevenue.com
127.0.0.1 maxifile.com
127.0.0.1 www.maxifile.com
127.0.0.1 targetsaver.com
127.0.0.1 www.targetsaver.com
127.0.0.1 dl.targetsaver.com
127.0.0.1 www.dl.targetsaver.com
127.0.0.1 nonameforthisdomain.com
127.0.0.1 www.nonameforthisdomain.com
127.0.0.1 hypoteches.com
127.0.0.1 www.hypoteches.com
127.0.0.1 www.earthllnk.net
127.0.0.1 earthllnk.net
127.0.0.1 hostance.net
127.0.0.1 www.hostance.net
127.0.0.1 my-dedik-one.com
127.0.0.1 www.my-dedik-one.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 6sek.com
127.0.0.1 www.6sek.com
127.0.0.1 cashdeluxe.net
127.0.0.1 www.cashdeluxe.net
127.0.0.1 stats.cashdeluxe.net
127.0.0.1 www.stats.cashdeluxe.net
127.0.0.1 www.2006ooo.com
127.0.0.1 www.spyware-stop.com
127.0.0.1 spyware-stop.com
127.0.0.1 www.SpyShield.org
127.0.0.1 SpyShield.org
127.0.0.1 utils.winfixer.com
127.0.0.1 www.utils.winfixer.com
127.0.0.1 toolbarbucks.biz
127.0.0.1 www.toolbarbucks.biz
127.0.0.1 derklaif.biz
127.0.0.1 www.derklaif.biz
127.0.0.1 www.v-codec.com
127.0.0.1 v-codec.com
127.0.0.1 www.emediacodec.com
127.0.0.1 emediacodec.com
127.0.0.1 www.popentertain.com
127.0.0.1 popentertain.com
127.0.0.1 softwareprofit.com
127.0.0.1 www.softwareprofit.com
127.0.0.1 de.winantivirus.com
127.0.0.1 download.winantivirus.com
127.0.0.1 winantivirus.com
127.0.0.1 www.winantivirus.com
127.0.0.1 offers.bullseye-network.com
127.0.0.1 www.offers.bullseye-network.com
127.0.0.1 bullseye-network.com
127.0.0.1 www.bullseye-network.com
127.0.0.1 sponsor2.ucmore.com
127.0.0.1 www.sponsor2.ucmore.com
127.0.0.1 hostthesky.com
127.0.0.1 www.hostthesky.com
127.0.0.1 dbdecicated.com
127.0.0.1 www.dbdecicated.com
127.0.0.1 readagreement.net
127.0.0.1 www.readagreement.net
127.0.0.1 gl.secdep.info
127.0.0.1 www.gl.secdep.info
127.0.0.1 spyfalcon.com
127.0.0.1 www.spyfalcon.com
127.0.0.1 spyfalconupdate.com
127.0.0.1 www.spyfalconupdate.com
127.0.0.1 spy-shield.com
127.0.0.1 www.spy-shield.com
127.0.0.1 winnanny.com
127.0.0.1 www.winnanny.com
127.0.0.1 winsoftware.com
127.0.0.1 www.winsoftware.com
127.0.0.1 winfirewall.com
127.0.0.1 www.winfirewall.com
127.0.0.1 winantispyware.com
127.0.0.1 www.winantispyware.com
127.0.0.1 udefender.com
127.0.0.1 www.udefender.com
127.0.0.1 bravesentry.com
127.0.0.1 www.bravesentry.com
127.0.0.1 content.dollarrevenue.com
127.0.0.1 www.content.dollarrevenue.com
127.0.0.1 toolbar.azebar.com
127.0.0.1 www.toolbar.azebar.com
127.0.0.1 traffsale1.biz
127.0.0.1 www.traffsale1.biz
127.0.0.1 spywaredisinfector.com
127.0.0.1 www.spywaredisinfector.com
127.0.0.1 SpyCut.com
127.0.0.1 www.SpyCut.com
127.0.0.1 almanah.biz
127.0.0.1 www.almanah.biz
127.0.0.1 antispydns.biz
127.0.0.1 www.antispydns.biz
127.0.0.1 spyaxeupdate.com
127.0.0.1 www.spyaxeupdate.com
127.0.0.1 malwarewipesupport.com
127.0.0.1 www.malwarewipesupport.com
127.0.0.1 remedyantispy.com
127.0.0.1 www.remedyantispy.com
127.0.0.1 systemstable.com
127.0.0.1 www.systemstable.com
127.0.0.1 whoisprivacyprotect.com
127.0.0.1 www.whoisprivacyprotect.com
127.0.0.1 prime.webhancer.com
127.0.0.1 www.prime.webhancer.com
127.0.0.1 webhancer.com
127.0.0.1 www.webhancer.com
127.0.0.1 dr.webhancer.com
127.0.0.1 www.dr.webhancer.com
127.0.0.1 dr2.webhancer.com
127.0.0.1 www.dr2.webhancer.com
127.0.0.1 www.onli-ne.com
127.0.0.1 spycontra.com
127.0.0.1 www.spycontra.com
127.0.0.1 anti-virus-pro.com
127.0.0.1 www.anti-virus-pro.com
127.0.0.1 check.jupitersatellites.biz
127.0.0.1 www.check.jupitersatellites.biz
127.0.0.1 necessaryupdates.com
127.0.0.1 www.necessaryupdates.com
127.0.0.1 bestworldgirls-for-u.net
127.0.0.1 www.bestworldgirls-for-u.net
127.0.0.1 stejax.pl
127.0.0.1 www.stejax.pl
127.0.0.1 kitehosting.com
127.0.0.1 www.kitehosting.com
127.0.0.1 ware2006.com
127.0.0.1 www.ware2006.com
127.0.0.1 filestore.com
127.0.0.1 www.filestore.com
127.0.0.1 systemupdates.net
127.0.0.1 www.systemupdates.net
127.0.0.1 logs.vapochille.com
127.0.0.1 www.logs.vapochille.com
127.0.0.1 goldenfreehost.com
127.0.0.1 www.goldenfreehost.com
127.0.0.1 todaywarnings.com
127.0.0.1 www.todaywarnings.com
127.0.0.1 spywarequake.com
127.0.0.1 spywarequake.info
127.0.0.1 www.spywarequake.info
127.0.0.1 www.spywarequake.com
127.0.0.1 download2.spywarequake.com
127.0.0.1 download3.spywarequake.com
127.0.0.1 download4.spywarequake.com
127.0.0.1 download5.spywarequake.com
127.0.0.1 download7.spywarequake.com
127.0.0.1 download8.spywarequake.com
127.0.0.1 download9.spywarequake.com
127.0.0.1 download10.spywarequake.com
127.0.0.1 download11.spywarequake.com
127.0.0.1 download12.spywarequake.com
127.0.0.1 download13.spywarequake.com
127.0.0.1 download15.spywarequake.com
127.0.0.1 updates.spywarequake.com
127.0.0.1 urgentsystemupdate.com
127.0.0.1 www.urgentsystemupdate.com
127.0.0.1 dl2.spywarestrike.com
127.0.0.1 dl3.spywarestrike.com
127.0.0.1 dl4.spywarestrike.com
127.0.0.1 dl5.spywarestrike.com
127.0.0.1 dl6.spywarestrike.com
127.0.0.1 dl7.spywarestrike.com
127.0.0.1 dl8.spywarestrike.com
127.0.0.1 nospywaresoft.com
127.0.0.1 spywarestrike.com
127.0.0.1 www.nospywaresoft.com
127.0.0.1 www.spywarestrike.com
127.0.0.1 spyaxesupport.com
127.0.0.1 www.spyaxesupport.com
127.0.0.1 download3.spyaxe.com
127.0.0.1 download4.spyaxe.com
127.0.0.1 download5.spyaxe.com
127.0.0.1 download6.spyaxe.com
127.0.0.1 dl2.spyfalcon.com
127.0.0.1 dl3.spyfalcon.com
127.0.0.1 dl4.spyfalcon.com
127.0.0.1 dl5.spyfalcon.com
127.0.0.1 dl9.spyfalcon.com
127.0.0.1 dl10.spyfalcon.com
127.0.0.1 dl16.spyfalcon.com
127.0.0.1 www.sgrunt.biz
127.0.0.1 traffbest.biz
127.0.0.1 www.traffbest.biz
127.0.0.1 securityfeature.com
127.0.0.1 www.securityfeature.com
127.0.0.1 pimasoft.com
127.0.0.1 www.pimasoft.com
127.0.0.1 blackhawksoftware.com
127.0.0.1 www.blackhawksoftware.com
127.0.0.1 spy-sniper.com
127.0.0.1 www.spy-sniper.com
127.0.0.1 safetydefender.com
127.0.0.1 www.safetydefender.com
127.0.0.1 securitywarnings.net
127.0.0.1 www.securitywarnings.net
127.0.0.1 urgentsystemupdate.biz
127.0.0.1 www.urgentsystemupdate.biz
127.0.0.1 antispylab.com
127.0.0.1 www.antispylab.com
127.0.0.1 spywaresheriff.com
127.0.0.1 www.spywaresheriff.com
127.0.0.1 allmegabucks.com
127.0.0.1 www.allmegabucks.com
127.0.0.1 rizalof.com
127.0.0.1 www.rizalof.com
127.0.0.1 rc.rizalof.com
127.0.0.1 media-codec.com
127.0.0.1 www.media-codec.com
127.0.0.1 SpywareScraper.com
127.0.0.1 www.SpywareScraper.com
127.0.0.1 crystalysmedia.com
127.0.0.1 www.crystalysmedia.com
127.0.0.1 180solutions.com
127.0.0.1 cts.180solutions.com
127.0.0.1 bis.180solutions.com
127.0.0.1 downloads.180solutions.com
127.0.0.1 uploads.180solutions.com
127.0.0.1 installs.180solutions.com
127.0.0.1 config.180solutions.com
127.0.0.1 ping.180solutions.com
127.0.0.1 tv.180solutions.com
127.0.0.1 nowhere.180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 theguardservices.com
127.0.0.1 www.theguardservices.com
127.0.0.1 securitybulletin.net
127.0.0.1 www.securitybulletin.net
127.0.0.1 www.supernet.speedserv.com
127.0.0.1 spyonthis.net
127.0.0.1 download.spyonthis.net
127.0.0.1 www.spyonthis.net
127.0.0.1 hijack-this.net
127.0.0.1 www.hijack-this.net
127.0.0.1 errorsafe.com
127.0.0.1 de.errorsafe.com
127.0.0.1 download.errorsafe.com
127.0.0.1 www.errorsafe.com
127.0.0.1 amaena.com
127.0.0.1 trial.updates.winsoftware.com
127.0.0.1 instlog.winfixer.com
127.0.0.1 winfixer2006.com
127.0.0.1 www.winfixer2006.com
127.0.0.1 webtopsecurity.com
127.0.0.1 www.webtopsecurity.com
127.0.0.1 traff5all.biz
127.0.0.1 www.traff5all.biz
127.0.0.1 1-extreme.biz
127.0.0.1 www.1-extreme.biz
127.0.0.1 download.bravesentry.com
127.0.0.1 www.download.bravesentry.com
127.0.0.1 evko.biz
127.0.0.1 www.evko.biz
127.0.0.1 lavasoftupdate.com
127.0.0.1 www.lavasoftupdate.com
127.0.0.1 download.secureyournet.biz
127.0.0.1 www.download.secureyournet.biz
127.0.0.1 secureyournet.biz
127.0.0.1 www.secureyournet.biz
127.0.0.1 windupdates.com
127.0.0.1 asdbiz.biz
127.0.0.1 www.asdbiz.biz
127.0.0.1 spywarelabs.com
127.0.0.1 www.spywarelabs.com
127.0.0.1 traffweb1.biz
127.0.0.1 www.traffweb1.biz
127.0.0.1 newtoolbar.biz
127.0.0.1 www.newtoolbar.biz
127.0.0.1 buytraff.biz
127.0.0.1 www.buytraff.biz
127.0.0.1 safetyuptodate.com
127.0.0.1 www.safetyuptodate.com
127.0.0.1 crazywinnings.com
127.0.0.1 frame.crazywinnings.com
127.0.0.1 www.crazywinnings.com
127.0.0.1 topconverting.com
127.0.0.1 www.topconverting.com
127.0.0.1 casalemedia.com
127.0.0.1 b.casalemedia.com
127.0.0.1 www.casalemedia.com
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 addictivetechnologies.net
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 all4internet.com
127.0.0.1 www.all4internet.com
127.0.0.1 bettersearch.biz
127.0.0.1 www.bettersearch.biz
127.0.0.1 c4tdownload.com
127.0.0.1 www.c4tdownload.com
127.0.0.1 clickspring.net
127.0.0.1 www.clickspring.net
127.0.0.1 contentmatch.net
127.0.0.1 www.contentmatch.net
127.0.0.1 dialer-shop.com
127.0.0.1 www.dialer-shop.com
127.0.0.1 dialoff.com
127.0.0.1 www.dialoff.com
127.0.0.1 energy-factor.com
127.0.0.1 www.energy-factor.com
127.0.0.1 hardcorefantasyland.com
127.0.0.1 www.hardcorefantasyland.com
127.0.0.1 hardfootballbabes.com
127.0.0.1 www.hardfootballbabes.com
127.0.0.1 linkautomatici.com
127.0.0.1 www.linkautomatici.com
127.0.0.1 master69.biz
127.0.0.1 www.master69.biz
127.0.0.1 master70.biz
127.0.0.1 www.master70.biz
127.0.0.1 master71.biz
127.0.0.1 www.master71.biz
127.0.0.1 mcdial.biz
127.0.0.1 www.mcdial.biz
127.0.0.1 mt-download.com
127.0.0.1 www.mt-download.com
127.0.0.1 my-teensex.com
127.0.0.1 overpro.com
127.0.0.1 private-dialer.biz
127.0.0.1 private-iframe.biz
127.0.0.1 redfunny.com
127.0.0.1 scoobidoo.com
127.0.0.1 skoobidoo.com
127.0.0.1 sexvideopro.com
127.0.0.1 storage-tasp.com
127.0.0.1 xbeta69.com
127.0.0.1 securityuptodate.net
127.0.0.1 www.securityuptodate.net
127.0.0.1 troonety.biz
127.0.0.1 www.troonety.biz
127.0.0.1 zurrusco.com
127.0.0.1 www.zurrusco.com
127.0.0.1 breenten.biz
127.0.0.1 www.breenten.biz
127.0.0.1 votreenton.biz
127.0.0.1 www.votreenton.biz
127.0.0.1 ozonung.biz
127.0.0.1 www.ozonung.biz
127.0.0.1 digikeygen.com
127.0.0.1 www.digikeygen.com
127.0.0.1 5starvideos.com
127.0.0.1 www.5starvideos.com
127.0.0.1 moviereality.com
127.0.0.1 www.moviereality.com
127.0.0.1 perfectedsecurity.com
127.0.0.1 www.perfectedsecurity.com
127.0.0.1 securityprecaution.net
127.0.0.1 www.securityprecaution.net
127.0.0.1 securityupdatesite.com
127.0.0.1 www.securityupdatesite.com
127.0.0.1 dns-look-up.com
127.0.0.1 www.dns-look-up.com
127.0.0.1 ayb.dns-look-up.com
127.0.0.1 search200.com
127.0.0.1 www.search200.com
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 mcboo.com
127.0.0.1 dr.mcboo.com
127.0.0.1 www.mcboo.com
127.0.0.1 appealcircuit.com
127.0.0.1 www.appealcircuit.com
127.0.0.1 balotierra.com
127.0.0.1 www.balotierra.com
127.0.0.1 oldflock.com
127.0.0.1 www.oldflock.com
127.0.0.1 pornmagpass.com
127.0.0.1 www.pornmagpass.com
127.0.0.1 dailypornmag.com
127.0.0.1 www.dailypornmag.com
127.0.0.1 babespornmag.com
127.0.0.1 www.babespornmag.com
127.0.0.1 teenspornmag.com
127.0.0.1 www.teenspornmag.com
127.0.0.1 maturespornmag.com
127.0.0.1 www.maturespornmag.com
127.0.0.1 hardcorepornmag.com
127.0.0.1 www.hardcorepornmag.com
127.0.0.1 gayspornmag.com
127.0.0.1 www.gayspornmag.com
127.0.0.1 topsecuritysite.net
127.0.0.1 www.topsecuritysite.net
127.0.0.1 bestsafetyguide.net
127.0.0.1 www.bestsafetyguide.net
127.0.0.1 searchweb2.com
127.0.0.1 www.searchweb2.com
127.0.0.1 www.lop.com
127.0.0.1 vidscodec.com
127.0.0.1 www.vidscodec.com
127.0.0.1 newvidscodec.net
127.0.0.1 www.newvidscodec.net
127.0.0.1 media-codec.net
127.0.0.1 www.media-codec.net
127.0.0.1 mediacodec.net
127.0.0.1 www.mediacodec.net
127.0.0.1 imediacodec.com
127.0.0.1 www.imediacodec.com
127.0.0.1 emcodec.com
127.0.0.1 www.emcodec.com
127.0.0.1 vicodec.com
127.0.0.1 www.vicodec.com
127.0.0.1 xpasswordmanager.com
127.0.0.1 www.xpasswordmanager.com
127.0.0.1 cracks4all.com
127.0.0.1 www.cracks4all.com
127.0.0.1 media-motor.net
127.0.0.1 mmm.media-motor.net
127.0.0.1 bins.media-motor.net
127.0.0.1 bins2.media-motor.net
127.0.0.1 logs.media-motor.net
127.0.0.1 mmohsix.com
127.0.0.1 www.mmohsix.com
127.0.0.1 pops.mmohsix.com
127.0.0.1 megalocast.net
127.0.0.1 js.megalocast.net
127.0.0.1 www.megalocast.net
127.0.0.1 dl.web-nexus.net
127.0.0.1 movies-etc.com
127.0.0.1 cdn.movies-etc.com
127.0.0.1 cdn2.movies-etc.com
127.0.0.1 internet-optimizer.com
127.0.0.1 www.internet-optimizer.com
127.0.0.1 888.com
127.0.0.1 www.888.com
127.0.0.1 images.888.com
127.0.0.1 surfsidekick.com
127.0.0.1 www.surfsidekick.com
127.0.0.1 sdl.surfsidekick.com
127.0.0.1 kmpads.com
127.0.0.1 www.kmpads.com
0
Réponse 10 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
C'est bien ce qu'il me semblait

Belle infection ;;))

Télécharge Zeb-Restore

http://telechargement.zebulon.fr/zeb-restore.html

enregistre ce fichier sur le bureau.

-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.
-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe
- Coche la case devant : Réinitialiser Fichier Hosts
- Ne coche aucune autre case
-Clique sur Restaurer
-Redémarre ton PC+++

Ensuite tu referas un log smitfraud en mode sans échec option 2 pour vérifier

+++

0
Réponse 11 / 29
florebcio Messages postés 193 Statut Membre 7
 
Re!
J'ai fait ce que tu m'as dit, je te joins maintenant le rapport. Seulement j'ai toujours l'alerte virus scan que j'ai montré dans mon post 3...Est-ce normal? L'infection Vundo trouvé par navilog à t'elle été supprimée? Je m'en remet à toi... :)

Rapport:
SmitFraudFix v2.311

Rapport fait à 14:07:11,37, sam. 04/12/2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{12E6ED51-E831-4600-A246-E0A7C16F9261}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\..\{51F46152-8379-4E0F-BB3A-A283536DEDDA}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{12E6ED51-E831-4600-A246-E0A7C16F9261}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{12E6ED51-E831-4600-A246-E0A7C16F9261}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{51F46152-8379-4E0F-BB3A-A283536DEDDA}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{12E6ED51-E831-4600-A246-E0A7C16F9261}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{51F46152-8379-4E0F-BB3A-A283536DEDDA}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 12 / 29
florebcio Messages postés 193 Statut Membre 7
 
Help ^^Marie^^ stp !! :$
0
Réponse 13 / 29
florebcio Messages postés 193 Statut Membre 7
 
Pour ne pas faire d'erreur je préfère vous demander, je fais l'étape 1 ou 2 sur navilog?Car si je veux faire l'étape 2 il me dit que c'est impossible car je n'ai pas afait l'étape 1! désolé pour mon éventuel problème de compréhension et merci encore de m'aider.
0
Réponse 14 / 29
florebcio Messages postés 193 Statut Membre 7
 
C'est bon c'est fait!
Pour les certificats je n'ai trouvé que Sunnay Day Design Ltd que j'ai bien sur supprimé!
Voici le rapport:

Clean Navipromo version 3.5.3 commencé le sam. 04/12/2008 à 22:36:06,17

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Florian Leloup"

Mise à jour le 09.04.2008 à 20h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans C:\windows\System32 *

* Suppression dans "C:\Documents and Settings\Florian Leloup\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\Famille\locals~1\applic~1" *

*** Suppression dossiers dans C:\windows ***

*** Suppression dossiers dans C:\Program Files ***

*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***

*** Suppression dossiers dans "C:\Documents and Settings\Florian Leloup\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\Florian Leloup\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\Florian Leloup\menudm~1\progra~1" ***

*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***

*** Suppression fichiers ***

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\windows\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Florian Leloup\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans C:\windows\system32 *

* Dans "C:\Documents and Settings\Florian Leloup\locals~1\applic~1" *

* Dans "C:\DOCUME~1\Famille\locals~1\applic~1" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le sam. 04/12/2008 à 22:43:11,00 ***

Merci de ton aide.
0
Réponse 15 / 29
florebcio Messages postés 193 Statut Membre 7
 
Bonjour ^^Marie^^! Tout d'abord merci à l'interet que vous continuer de porter à mes problèmes.

Voici le rapport ToolsCleaner:
-->- Recherche:

C:\SmitFraudfix: trouvé !
C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Florian Leloup\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Florian Leloup\Bureau\Navilog1.exe: trouvé !
C:\Documents and Settings\Florian Leloup\Bureau\HJTInstall.exe: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Bureau\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Florian Leloup\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Florian Leloup\Bureau\Navilog1.exe: supprimé !
C:\Documents and Settings\Florian Leloup\Bureau\HJTInstall.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\SmitFraudfix: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Et celui de Hijackthis (que j'ai dû retélécharger car votre ToolsCleaner me l' as supprimé ainsi que navilog...bref!):
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:53:23, on 4/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\windows\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wscntfy.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\windows\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnpstd3.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Winter Fun Pack 2004 for Windows XP\WinterWallToy\WinterWalltoy.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\NOTEPAD.EXE
C:\Documents and Settings\Florian Leloup\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\wvusssq.dll (file missing)
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453947 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O4 - Global Startup: Winter Fun Wallpaper Changer.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download Web Info - C:\Program Files\Dataroute\Download.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: gebcb - C:\windows\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
0
Réponse 16 / 29
florebcio Messages postés 193 Statut Membre 7
 
Re!

Les symptômes de mon PC sont les suivants:
- Mon PC est très long au niveau du démarrage de ma session. (même en ayant limité le nombre de programmes qui s'exécutent au démarrage)
- A l'ouverture j'ai toujours la fenêtre suivante: https://imageshack.com/
- Mon PC qui s'exécutait de façon plutôt rapide, est maintenant très lent pour n'importe quoi que se soit, passez moi l'expression , il rame. Je suspecte alors fortement un virus...
- Gros point positif, depuis votre intervention il me semble que les pubs que je rencontrais sous IE et firefox avant aient disparus.

Voila! Je vous joint maintenant le copier du "report.txt" :

[b]SDFix: Version 1.170 [/b]
Run by Florian Leloup on dim. 04/13/2008 at 20:20

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\FLORIA~1\Bureau\SDFix\SDFix

[b]Checking Services [/b]:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting

[b]Checking Files [/b]:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\TASKKILL.EXE - Deleted
C:\WINDOWS\SYSTEM32\QTWMCI32.DLL - Deleted
C:\windows\b.exe - Deleted

Folder C:\Temp\tn3 - Removed

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-13 20:33:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000272b00026]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e2,0a,4c,ab,87,d8,49,89,ea,03,26,9e,90,7a,92,f1,dd,ba,f9,3c,da,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,2f,21,fe,c2,54,cc,4f,a7,43,ad,6b,1d,d1,25,9a,bd,b1,..
"khjeh"=hex:ae,9e,16,8c,e7,63,32,31,15,8d,49,d6,99,5d,0b,b3,bf,42,11,e7,5e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:86,76,f4,26,5a,c9,63,e3,7e,5a,f8,00,7a,55,52,d5,f5,6b,92,87,2d,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000272b00026]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e2,0a,4c,ab,87,d8,49,89,ea,03,26,9e,90,7a,92,f1,dd,ba,f9,3c,da,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,2f,21,fe,c2,54,cc,4f,a7,43,ad,6b,1d,d1,25,9a,bd,b1,..
"khjeh"=hex:ae,9e,16,8c,e7,63,32,31,15,8d,49,d6,99,5d,0b,b3,bf,42,11,e7,5e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:86,76,f4,26,5a,c9,63,e3,7e,5a,f8,00,7a,55,52,d5,f5,6b,92,87,2d,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:e2,0a,4c,ab,87,d8,49,89,ea,03,26,9e,90,7a,92,f1,dd,ba,f9,3c,da,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,2f,21,fe,c2,54,cc,4f,a7,43,ad,6b,1d,d1,25,9a,bd,b1,..
"khjeh"=hex:ae,9e,16,8c,e7,63,32,31,15,8d,49,d6,99,5d,0b,b3,bf,42,11,e7,5e,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:86,76,f4,26,5a,c9,63,e3,7e,5a,f8,00,7a,55,52,d5,f5,6b,92,87,2d,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 124

[b]Remaining Services [/b]:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Disabled:Shareaza"
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic"
"C:\\Program Files\\adslTV\\adsltv.exe"="C:\\Program Files\\adslTV\\adsltv.exe:*:Enabled:adsltv"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"="C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe:*:Enabled:ET"
"C:\\Program Files\\MSN Messenger\\msnmgr.exe"="C:\\Program Files\\MSN Messenger\\msnmgr.exe:*:Disabled:Messenger"
"C:\\WINDOWS\\system32\\ageixncc.exe"="C:\\WINDOWS\\system32\\age"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\\Copie de quake 3\\quake3.exe"="C:\\Copie de quake 3\\quake3.exe:*:Disabled:quake3"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Program Files\\Sony\\Media Manager for PSP 2.0\\MediaManager.exe"="C:\\Program Files\\Sony\\Media Manager for PSP 2.0\\MediaManager.exe:*:Enabled:Media Manager for PSP 2.0"
"C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\WINDOWS\\system32\\dxdiag.exe"="C:\\WINDOWS\\system32\\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Fichiers communs\\AOL\\1191782072\\ee\\aolsoftware.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1191782072\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Fichiers communs\\AOL\\1191782072\\ee\\aim6.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1191782072\\ee\\aim6.exe:*:Enabled:AIM"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\\TYPSoft FTP Server\\ftpserv.exe"="C:\\TYPSoft FTP Server\\ftpserv.exe:*:Enabled:TYPSoft FTP Server"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon"
"C:\\Program Files\\No-IP\\DUC20.exe"="C:\\Program Files\\No-IP\\DUC20.exe:*:Enabled:No-IP DUC"
"C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe:*:Disabled:Framework Service"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Free Music Zilla\\FMZilla.exe"="C:\\Program Files\\Free Music Zilla\\FMZilla.exe:*:Enabled:FMZilla Module"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:

File Backups: - C:\DOCUME~1\FLORIA~1\Bureau\SDFix\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Sun 19 Mar 2006 262,144 A.SH. --- "C:\Program Files\MessengerDiscovery\SpellCHK.exe"
Mon 3 Mar 2008 61,440 A..H. --- "C:\Program Files\MSN Messenger\winmm.dll"
Tue 26 Jun 2007 1,168,749 A.SH. --- "C:\WINDOWS\system32\bcbeg.tmp"
Sun 1 Jul 2007 1,159,941 A.SH. --- "C:\WINDOWS\system32\bcbeg.tmp2"
Fri 9 Nov 2007 56 ..SHR --- "C:\WINDOWS\system32\F69E18DE48.sys"
Fri 9 Nov 2007 3,974 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Wed 2 Aug 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 10 Apr 2008 2,126 A..H. --- "C:\Program Files\InterActual\InterActual Player\iti1FF.tmp"
Mon 3 Mar 2008 61,440 A..H. --- "C:\Program Files\Windows Live\Messenger\winmm.dll"
Sun 1 Apr 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Sun 15 Apr 2007 35,328 A..H. --- "C:\Documents and Settings\Florian Leloup\Mes documents\Texte\~WRL0001.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT71.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT74.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT78.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT70.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT75.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT72.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT77.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT73.tmp"
Sat 12 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT76.tmp"
Sat 13 Jan 2007 29,696 ...H. --- "C:\Documents and Settings\Florian Leloup\Application Data\Microsoft\Word\~WRL0092.tmp"
Sat 29 Mar 2008 92,672 ...H. --- "C:\Documents and Settings\Florian Leloup\Application Data\Microsoft\Word\~WRL0925.tmp"
Fri 11 May 2007 19,456 ...H. --- "C:\Documents and Settings\Florian Leloup\Application Data\Microsoft\Word\~WRL1465.tmp"
Sat 29 Mar 2008 92,160 ...H. --- "C:\Documents and Settings\Florian Leloup\Application Data\Microsoft\Word\~WRL3855.tmp"

[b]Finished![/b]

Et le hijack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:30, on 4/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\windows\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wscntfy.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\windows\system32\notepad.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnpstd3.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Winter Fun Pack 2004 for Windows XP\WinterWallToy\WinterWalltoy.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Documents and Settings\Florian Leloup\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\wvusssq.dll (file missing)
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453947 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O4 - Global Startup: Winter Fun Wallpaper Changer.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download Web Info - C:\Program Files\Dataroute\Download.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: gebcb - C:\windows\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
0
Réponse 17 / 29
florebcio Messages postés 193 Statut Membre 7
 
Salut!

Je vous joint le rapport de Combo.fix:

ComboFix 08-04-13.3 - Florian Leloup 2008-04-14 13:37:47.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.52 [GMT 2:00]
Endroit: C:\Documents and Settings\Florian Leloup\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Starware316
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindIt.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindItHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\findithotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\finditxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Highlight.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\HighlightHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\highlighthotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\highlightxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Reference.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\ReferenceHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencehotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencexp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\screensaver.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Screensavers0.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\starware_toolbar_icon.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Weather.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherhotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\error.xml
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\related.xml
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\Travel.xml
C:\Documents and Settings\All Users\Application Data\Starware316\images\walertXP.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\macromedia\Flash Player\#SharedObjects\FF443JSC\www.broadcaster.com
C:\Documents and Settings\Florian Leloup\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Florian Leloup\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\Florian Leloup\Application Data\Starware316
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\BrowserSearch\BrowserSearch.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\BrowserSearch\BrowserSearch.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Configurator\Configurator.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Configurator\Configurator.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Games\GamesOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Games\GamesOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Games\images\active\Games0.bmp
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Layouts\ToolbarLayout.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Layouts\ToolbarLayout.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Manager\ManagerOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Manager\ManagerOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Movies\images\active\Movies0.bmp
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Movies\MoviesOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Movies\MoviesOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Reference\ReferenceOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Reference\ReferenceOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Screensavers\ScreensaversOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Screensavers\ScreensaversOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Toolbar\TBProductsOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Toolbar\TBProductsOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Weather\AlertArchive.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Weather\WeatherOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Weather\WeatherOptions.xml.backup
C:\Documents and Settings\Florian Leloup\err.log
C:\Program Files\Fichiers communs\{38EDC~1
C:\Program Files\Fichiers communs\{A8EDC~1
C:\Program Files\Fichiers communs\uninstall information
C:\Program Files\PlayMP3z
C:\Program Files\PlayMP3z\PlayMP3.exe
C:\Program Files\PlayMP3z\uninstall.exe
C:\Program Files\racle~1
C:\Program Files\racle~1\?racle\
C:\Program Files\screensavers.com
C:\Program Files\screensavers.com\SSSInst\bin\SSSUninst.exe
C:\Program Files\screensavers.com\Wallpaper\swpstart.exe
C:\Program Files\Starware316
C:\Program Files\Starware316\brand.bmp
C:\Program Files\Starware316\icons\star_16.ico
C:\Program Files\Starware316\Starware316Config.xml
C:\Program Files\Starware316\Starware316Uninstall.exe
C:\Program Files\Starware316\Thumbs.db
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\bund1
C:\WINDOWS\system32\bund1\temp.txt
c:\WINDOWS\system32\ftzhietuqe.dat
C:\WINDOWS\system32\ftzhietuqe.exe
c:\WINDOWS\system32\ftzhietuqe_nav.dat
C:\WINDOWS\system32\ftzhietuqe_navps.dat
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\sysdm.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CORE
-------\Legacy_DOMAINSERVICE
-------\Legacy_FOPN
-------\Legacy_VSPF
-------\Legacy_VSPF_HK

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-14 to 2008-04-14 ))))))))))))))))))))))))))))))))))))
.

2008-04-14 10:16 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-14 10:16 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-14 10:16 . 2008-04-10 21:00 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-14 10:16 . 2008-04-11 22:13 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-14 10:16 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-14 10:16 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-14 10:16 . 2008-04-14 10:16 4,004 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-14 10:12 . 2008-04-14 10:12 268 --ah----- C:\sqmdata08.sqm
2008-04-14 10:12 . 2008-04-14 10:12 244 --ah----- C:\sqmnoopt08.sqm
2008-04-14 10:00 . 2008-04-14 10:00 268 --ah----- C:\sqmdata07.sqm
2008-04-14 10:00 . 2008-04-14 10:00 244 --ah----- C:\sqmnoopt07.sqm
2008-04-14 00:36 . 2008-04-14 00:36 <REP> d-------- C:\WINDOWS\038A524F58DB438A83918F7F0CA14B9E.TMP
2008-04-14 00:33 . 2008-04-14 00:33 <REP> d-------- C:\Program Files\iTunes
2008-04-14 00:33 . 2008-04-14 00:33 <REP> d-------- C:\Program Files\iPod
2008-04-14 00:33 . 2008-04-14 00:33 <REP> d-------- C:\Program Files\Fichiers communs\Corel
2008-04-14 00:33 . 2008-04-14 00:34 <REP> d-------- C:\iTunes
2008-04-14 00:32 . 2008-04-14 00:32 <REP> d-------- C:\Program Files\TrackMania Nations ESWC
2008-04-14 00:32 . 2008-04-14 00:32 <REP> d-------- C:\Program Files\Poney-Club 2
2008-04-14 00:32 . 2008-04-14 00:32 <REP> d-------- C:\Program Files\Hercules
2008-04-14 00:32 . 2008-04-14 00:33 <REP> d-------- C:\Program Files\Dataroute
2008-04-14 00:32 . 2008-04-14 00:33 <REP> d-------- C:\Program Files\Corel
2008-04-14 00:32 . 2008-04-14 00:32 <REP> d-------- C:\Program Files\BrowsingAdvisor
2008-04-13 20:13 . 2008-04-14 10:59 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-12 20:58 . 2008-04-14 00:29 <REP> d-------- C:\Documents and Settings\Famille\ModŠles
2008-04-12 20:58 . 2008-04-14 00:29 <REP> d-------- C:\Documents and Settings\Famille\Favoris
2008-04-12 20:58 . 2008-04-12 20:58 <REP> d-------- C:\Documents and Settings\Famille\Application Data\PC Suite
2008-04-12 20:58 . 2008-04-14 00:29 <REP> d---s---- C:\Documents and Settings\Famille
2008-04-12 08:38 . 2008-04-12 08:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-04-12 08:23 . 2008-04-12 08:23 <REP> d-------- C:\Program Files\MSBuild
2008-04-12 08:18 . 2008-04-14 00:31 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-12 08:15 . 2008-04-12 08:15 <REP> d-------- C:\MSOCache
2008-04-12 08:11 . 2008-04-12 08:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-04-11 20:40 . 2008-04-14 00:31 <REP> d-------- C:\Program Files\eMule
2008-04-10 22:51 . 2008-04-10 22:51 268 --ah----- C:\sqmdata06.sqm
2008-04-10 22:51 . 2008-04-10 22:51 244 --ah----- C:\sqmnoopt06.sqm
2008-04-09 23:40 . 2008-04-09 23:40 268 --ah----- C:\sqmdata05.sqm
2008-04-09 23:40 . 2008-04-09 23:40 244 --ah----- C:\sqmnoopt05.sqm
2008-04-09 22:16 . 2008-04-09 22:16 268 --ah----- C:\sqmdata04.sqm
2008-04-09 22:16 . 2008-04-09 22:16 244 --ah----- C:\sqmnoopt04.sqm
2008-04-08 21:42 . 2008-04-08 21:42 268 --ah----- C:\sqmdata03.sqm
2008-04-08 21:42 . 2008-04-08 21:42 244 --ah----- C:\sqmnoopt03.sqm
2008-04-06 22:20 . 2008-04-06 22:20 268 --ah----- C:\sqmdata02.sqm
2008-04-06 22:20 . 2008-04-06 22:20 244 --ah----- C:\sqmnoopt02.sqm
2008-04-05 22:49 . 2008-04-05 22:49 268 --ah----- C:\sqmdata01.sqm
2008-04-05 22:49 . 2008-04-05 22:49 244 --ah----- C:\sqmnoopt01.sqm
2008-04-05 12:32 . 2008-04-05 12:40 <REP> d-------- C:\Documents and Settings\Florian Leloup\Nouveau dossier
2008-04-05 07:39 . 2008-04-05 07:39 268 --ah----- C:\sqmdata00.sqm
2008-04-05 07:39 . 2008-04-05 07:39 244 --ah----- C:\sqmnoopt00.sqm
2008-04-04 20:40 . 2008-04-14 00:34 <REP> d-------- C:\Bazar
2008-04-02 22:23 . 2008-04-14 00:34 <REP> d-------- C:\Stars wars 3
2008-03-30 20:00 . 2008-03-30 20:02 <REP> d-------- C:\Documents and Settings\Florian Leloup\Application Data\FMZilla
2008-03-29 17:01 . 2008-04-14 00:34 <REP> d-------- C:\Stars wars 1
2008-03-29 15:53 . 2008-04-14 00:34 <REP> d-------- C:\Stars wars
2008-03-20 10:09 . 2008-03-20 10:09 1,845,376 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-20 00:07 . 2008-03-20 00:07 <REP> d-------- C:\Documents and Settings\Florian Leloup\Application Data\Media Player Classic
2008-03-18 20:07 . 2008-04-14 00:35 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-03-18 20:07 . 2006-09-24 17:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-03-18 20:07 . 2007-09-21 02:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-03-18 20:07 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-14 11:29 --------- d-----w C:\Program Files\Java
2008-04-14 08:04 22,528 --sha-w C:\Program Files\Thumbs.db
2008-04-14 08:00 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-14 01:03 --------- d-----w C:\Program Files\Windows Live
2008-04-13 22:36 --------- d-----w C:\Program Files\Winter Fun Pack 2004 for Windows XP
2008-04-13 22:36 --------- d-----w C:\Program Files\DivX
2008-04-13 22:36 --------- d-----w C:\Documents and Settings\Florian Leloup\Application Data\uTorrent
2008-04-13 22:35 --------- d-----w C:\Program Files\MSN Messenger
2008-04-13 22:35 --------- d-----w C:\Program Files\MessengerDiscovery
2008-04-13 22:33 --------- d-----w C:\Program Files\Google
2008-04-13 22:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-13 22:32 --------- d-----w C:\Program Files\Servarena
2008-04-13 22:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-13 22:29 --------- d-----w C:\Program Files\LimeWire
2008-04-13 22:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-04-13 20:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-09 12:55 --------- d-----w C:\Program Files\Micro Application
2008-04-02 20:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-03-11 20:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2008-03-02 18:18 --------- d-----w C:\Program Files\RealVNC
2008-02-21 19:21 --------- d-----w C:\Documents and Settings\Florian Leloup\Application Data\Image Zone Express
2008-02-01 09:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-12-09 21:19 3,464,838 ----a-w C:\Program Files\httrack-3.42.exe
2007-12-08 19:53 827,024 ----a-w C:\Program Files\PhotoGreetingCards.exe
2007-12-08 19:52 1,394,568 ----a-w C:\Program Files\install_easyshare.exe
2007-12-02 14:22 4,179,293 ----a-w C:\Program Files\everesthome220.exe
2007-12-02 10:11 1,495,603 ----a-w C:\Program Files\MDL_1.3.0322.exe
2007-12-02 09:42 2,402,832 ----a-w C:\Program Files\WLinstaller.exe
2007-12-01 18:48 17,929,072 ----a-w C:\Program Files\Install_Messenger.exe
2007-11-18 19:16 1,902,536 ----a-w C:\Program Files\daemon-tools_daemon_tools_4.1_anglais_10729.exe
2007-11-08 22:18 7,736 ----a-w C:\Program Files\xip.zip
2007-11-07 20:32 684,032 ----a-w C:\Program Files\ducsetup.exe
2007-11-05 21:27 2,865,651,712 ----a-w C:\Program Files\flt-fif8.iso
2007-11-05 18:40 19,194,902 ----a-w C:\Program Files\tmnationseswc_175_to_179_setup.exe
2007-11-04 16:08 278,695,200 ----a-w C:\Program Files\TmNationsESWC_Setup.exe
2007-11-02 08:15 107 ----a-w C:\Program Files\main.c
2007-10-29 14:03 700,120 ----a-w C:\Program Files\flash-moz.exe
2007-10-29 12:36 1,367,695 ----a-w C:\Program Files\VirtualDub-MPEG2_1.6.15_b24600_Fr.exe
2007-10-18 19:11 240,365,312 ----a-w C:\Program Files\ADBEFWKSCS3_WWF.exe
2007-10-17 18:46 108,998,552 ----a-w C:\Program Files\paint-shop-pro-x_paint_shop_pro_x_10.0_francais_15224.exe
2007-10-14 10:22 2,577,800 ----a-w C:\Program Files\essentialpim2.exe
2007-07-22 11:09 132,909,372 ----a-w C:\Program Files\DofusInstaller_v1_19_0.exe
2007-07-14 17:23 22 ----a-w C:\Program Files\t.rar
2007-07-10 20:07 720,051 ----a-w C:\Program Files\vnc-4.0-x86_win32.zip
2007-07-06 23:20 8,335 ----a-w C:\Program Files\NickChange1_4.plsc
2007-07-06 20:11 3,126,056 ----a-w C:\Program Files\LimeWireWin.exe
2007-07-04 08:37 18,898,288 ----a-w C:\Program Files\Install_WLMessenger.exe
2007-07-03 16:00 1,882,020 ----a-w C:\Program Files\PhotoFiltre.zip
2007-07-01 11:02 24,708,797 ----a-w C:\Program Files\kav700123fr_1645.exe
2007-06-30 20:06 365,464 ----a-w C:\Program Files\emoticoneslive_search.exe
2007-06-28 14:27 5,370,037 ----a-w C:\Program Files\Install MPD.exe
2007-06-28 13:11 19,889,664 ----a-w C:\Program Files\WinterFunPack2004forWindowsXP.msi
2007-06-23 19:41 29,734,452 ----a-w C:\Program Files\setup-adsltv.exe
2007-06-19 20:58 3,035,141 ----a-w C:\Program Files\PimpFish.exe
2007-06-19 20:54 1,881,088 ----a-w C:\Program Files\q3cel-1.0-Windows.msi
2007-05-27 21:40 19,415,424 ----a-w C:\Program Files\StyleXPInstallMale.zip
2007-05-20 18:22 232,086 ----a-w C:\Program Files\stuffPlugybouane.oldiblog.com.exe
2007-05-18 07:44 1,104,384 ----a-w C:\Program Files\gifsetup.exe
2007-05-17 11:58 452,617 ----a-w C:\Program Files\pca1161_chateau_fantasy.zip
2007-05-17 09:46 858,310 ----a-w C:\Program Files\pca0681_naruto.zip
2007-05-17 09:43 101,472 ----a-w C:\Program Files\pca1344_eva_longoria.zip
2007-05-17 09:33 743,469 ----a-w C:\Program Files\vnc-4.0-x86_win32.exe
2007-05-14 19:06 256 ----a-w C:\Program Files\BYEBYE.ini
2007-05-14 19:03 330,391 ----a-w C:\Program Files\Byebye10.zip
2007-05-13 15:59 67,240 ----a-w C:\Program Files\vnc-4_1-javasrc[1].tar.gz
2007-05-12 08:54 121,474 ----a-w C:\Program Files\1avatars035.exe
2007-05-12 08:52 56,972 ----a-w C:\Program Files\444.exe
2007-05-12 08:19 28,374,788 ----a-w C:\Program Files\adsl-tv_adsl_tv_1.96_francais_19182.exe
2007-05-10 19:32 230,424 ----a-w C:\Program Files\img2-001.raw
2007-05-09 12:30 1,067,576 ----a-w C:\Program Files\AxCrypt-Setup.exe
2007-05-08 10:20 3,458,079 ----a-w C:\Program Files\FileZilla_2_2_32_setup.exe
2007-05-02 11:16 9,098,377 ----a-w C:\Program Files\blender-2.43-windows.exe
2007-04-30 20:24 89,478 ----a-w C:\Program Files\Tete_de_noeud.zip
2007-04-29 18:41 2,359,350 ----a-w C:\Program Files\quake.bmp
2007-04-15 12:21 811,744 ----a-w C:\Program Files\Google Updater.exe
2007-04-14 09:05 1,838,150 ----a-w C:\Program Files\Legion88-CasserDuBougnoule.mp3
2007-04-12 17:06 42,654 ----a-w C:\Program Files\SpongeBob_ScreenToy.zip
2007-04-12 14:17 167 ----a-w C:\Documents and Settings\Florian Leloup\1875.bat
2007-04-11 10:17 3,803,427 ----a-w C:\Program Files\video0.mp3
2007-04-10 18:41 1,774,682 ----a-w C:\Program Files\install_souri.rar
2007-04-10 18:40 11,716 ----a-w C:\Program Files\CocaColaMouse.zip
2007-04-10 18:37 13,306 ----a-w C:\Program Files\logochange.zip
2007-04-07 21:59 3,790,397 ----a-w C:\Program Files\dana.zip
2007-04-07 21:35 990,600 ----a-w C:\Program Files\screensaver.exe
2007-04-07 09:33 2,159,277 ----a-w C:\Program Files\testdisk-6.7-WIP.win.zip
2007-04-07 09:30 1,996,340 ----a-w C:\Program Files\testdisk-6.6.win.zip
2007-04-07 09:28 6,048 ----a-w C:\Program Files\photorecover_0.9.0-1_i386.deb
2007-04-07 09:18 2,007,546 ----a-w C:\Program Files\rescue.exe
2007-04-03 15:03 270,305,943 ----a-w C:\Program Files\WolfET.exe
2007-04-03 14:53 217,552 ----a-w C:\Program Files\XIII_Telecharger(fr_199){5794}.exe
2007-04-03 09:00 2,228,534 ----a-w C:\Program Files\audacity-win-1.2.6.exe
2007-04-01 20:45 239,999,989 ----a-w C:\Program Files\foodforce_pc.exe
2007-04-01 16:46 2,369,536 ----a-w C:\Program Files\MSCariocaSetup-fra.msi
2007-04-01 16:40 5,165,568 ----a-w C:\Program Files\WindowsDefender.msi
2007-04-01 08:02 1,077,720 ----a-w C:\Program Files\installer-8881-17-Windows-Media-Player-11-French.exe
2007-03-31 07:35 4,859,480 ----a-w C:\Program Files\MsgPlusLive-411.exe
2007-03-31 07:21 150,932 ----a-w C:\Program Files\Livepencil.zip
2007-03-30 20:47 346,666,032 ----a-w C:\Program Files\X12-30105.exe
2006-11-08 12:25 14,257,952 ----a-w C:\Program Files\eDrawingsFullFrench.exe
2006-11-01 10:13 27,086 ----a-w C:\Program Files\SDSSetup.log
2007-11-09 19:23 56 --sh--r C:\WINDOWS\system32\F69E18DE48.sys
2007-11-09 19:23 3,974 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

------- Sigcheck -------

2007-06-13 15:10 4923392 e47dc53de6bfe06c58782f22ed952f1a C:\WINDOWS\explorer.exe
2004-08-05 14:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB884883$\explorer.exe
2005-04-07 20:47 1036288 0bee3b07ace3303ee57698808e1d2de3 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\VCP_SAVE\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F}]
C:\WINDOWS\system32\gebcb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
2007-12-30 22:49 1019904 --a------ C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fsc-reminder.exe"="C:\WINDOWS\reminder\fsc-reminder.exe" [2005-01-19 17:10 28672]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-15 14:33 68856]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 11:12 695808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-10 19:25 15969280 C:\WINDOWS\RTHDCPL.EXE]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-09-05 15:55 339968]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2006-07-06 22:32 122880]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2003-09-29 07:10 81990]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2003-09-10 03:11 135251]
"iconcache"="" []
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 09:01 437160]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 18:35 1294336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Program Files\Fichiers communs\logishrd\WUApp32.exe" [2007-10-12 04:03 439568]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebcb]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Kodak software updater.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Kodak software updater.lnk
backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk
backup=C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk
backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-16 13:24 167368 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 14:42 267064 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2007-10-07 12:25 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Muscbrigade]
--a------ 2005-12-22 10:26 40960 c:\Musicbrigade\Musicbrigade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-08-31 16:46 1460560 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-15 14:33 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\Program Files\Yahoo!\Messenger\ypager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinDefend"=2 (0x2)
"gusvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"C:\\Program Files\\MSN Messenger\\msnmgr.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Copie de quake 3\\quake3.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Sony\\Media Manager for PSP 2.0\\MediaManager.exe"=
"C:\\Program Files\\Messenger\\Msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=
"C:\\Program Files\\No-IP\\DUC20.exe"=
"C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27960:UDP"= 27960:UDP:flo.servequake.com
"27961:UDP"= 27961:UDP:Quake 3 27960 UDP
"27962:UDP"= 27962:UDP:Quake 3 27960 UDP
"27963:UDP"= 27963:UDP:Quake 3 27960 UDP
"27964:UDP"= 27964:UDP:Quake 3 27960 UDP
"27965:UDP"= 27965:UDP:Quake 3 27960 UDP
"17966:UDP"= 17966:UDP:flo6.servequake.com

R2 DNS2GoClient;DNS2Go Client;C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE [2007-11-07 12:50]
R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 14:00]
S3 gel90xne;gel90xne;C:\DOCUME~1\FLORIA~1\LOCALS~1\Temp\gel90xne.sys []
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 17:53]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f06c3252-d4b6-11dc-acbe-001b2f431027}]
\Shell\AutoRun\command - L:\.pspware\PSPWareLauncher.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-12 17:59:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-14 11:39:06 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

Et le hijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:59, on 2008-04-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Florian Leloup\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453947 14
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O4 - S-1-5-18 Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (User 'Default user')
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download Web Info - C:\Program Files\Dataroute\Download.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: gebcb - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DNS2Go Client (DNS2GoClient) - Deerfield.com - C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 18 / 29
florebcio Messages postés 193 Statut Membre 7
 
Hey ^^Marie^^!
Je me suis aperçu que j'avais un procesus du nom A~NSISu_.exe qui circulait sur mon PC! Je me suis renseigné sur internet ca ne ma pas l'air très bon tout ça... :s! Je te laisse continuer à me guider, tu dois mieux savoir t'en occuper que moi mais cette saleté de "A~NSISu_.exe" fait t'il partit de la désinfection que tu es en train de me faire?! Un grand merci. A bientot j'espère.
0
Réponse 19 / 29
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour

Tu peux relancer ComboFix
Stp

+++
0
Réponse 20 / 29
florebcio Messages postés 193 Statut Membre 7
 
Hey! Matinale ce matin!

Je te joins le log ComboFix:

ComboFix 08-04-13.3 - Florian Leloup 2008-04-15 10:43:00.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.48 [GMT 2:00]Endroit: C:\Documents and Settings\Florian Leloup\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\Starware316
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindIt.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindItHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\findithotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\finditxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Highlight.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\HighlightHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\highlighthotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\highlightxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Reference.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\ReferenceHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencehotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencexp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\screensaver.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Screensavers0.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\starware_toolbar_icon.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Weather.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherhotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\error.xml
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\related.xml
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\Travel.xml
C:\Documents and Settings\All Users\Application Data\Starware316\images\walertXP.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\macromedia\Flash Player\#SharedObjects\FF443JSC\www.broadcaster.com
C:\Documents and Settings\Florian Leloup\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Florian Leloup\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\Florian Leloup\Application Data\Starware316
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\BrowserSearch\BrowserSearch.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\BrowserSearch\BrowserSearch.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Configurator\Configurator.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Configurator\Configurator.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Games\GamesOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Games\GamesOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Games\images\active\Games0.bmp
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Layouts\ToolbarLayout.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Layouts\ToolbarLayout.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Manager\ManagerOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Manager\ManagerOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Movies\images\active\Movies0.bmp
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Movies\MoviesOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Movies\MoviesOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Reference\ReferenceOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Reference\ReferenceOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Screensavers\ScreensaversOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Screensavers\ScreensaversOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Toolbar\TBProductsOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Toolbar\TBProductsOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml.backup
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Weather\AlertArchive.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Weather\WeatherOptions.xml
C:\Documents and Settings\Florian Leloup\Application Data\Starware316\Weather\WeatherOptions.xml.backup
C:\Documents and Settings\Florian Leloup\err.log
C:\Program Files\Fichiers communs\{38EDC~1
C:\Program Files\Fichiers communs\{A8EDC~1
C:\Program Files\Fichiers communs\uninstall information
C:\Program Files\PlayMP3z
C:\Program Files\PlayMP3z\PlayMP3.exe
C:\Program Files\PlayMP3z\uninstall.exe
C:\Program Files\racle~1
C:\Program Files\racle~1\?racle\
C:\Program Files\screensavers.com
C:\Program Files\screensavers.com\SSSInst\bin\SSSUninst.exe
C:\Program Files\screensavers.com\Wallpaper\swpstart.exe
C:\Program Files\Starware316
C:\Program Files\Starware316\brand.bmp
C:\Program Files\Starware316\icons\star_16.ico
C:\Program Files\Starware316\Starware316Config.xml
C:\Program Files\Starware316\Starware316Uninstall.exe
C:\Program Files\Starware316\Thumbs.db
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\bund1
C:\WINDOWS\system32\bund1\temp.txt
c:\WINDOWS\system32\ftzhietuqe.dat
C:\WINDOWS\system32\ftzhietuqe.exe
c:\WINDOWS\system32\ftzhietuqe_nav.dat
C:\WINDOWS\system32\ftzhietuqe_navps.dat
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\sysdm.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CORE
-------\Legacy_DOMAINSERVICE
-------\Legacy_FOPN
-------\Legacy_VSPF
-------\Legacy_VSPF_HK

((((((((((((((((((((((((((((( Fichiers créés 2008-03-15 to 2008-04-15 ))))))))))))))))))))))))))))))))))))
.

2008-04-14 20:22 . 2008-04-15 10:40 <REP> d-------- C:\Program Files\FBrowsingAdvisor
2008-04-14 20:22 . 2008-04-14 20:22 <REP> d-------- C:\Program Files\FBrowserAdvisor
2008-04-14 18:20 . 2008-04-14 18:20 <REP> d-------- C:\Program Files\Microsoft Works
2008-04-14 18:18 . 2008-04-14 18:18 <REP> d-------- C:\Program Files\Microsoft.NET
2008-04-14 16:44 . 2008-04-14 16:44 <REP> d-------- C:\WINDOWS\[u]0[/u]38A524F58DB438A83918F7F0CA14B9E.TMP
2008-04-14 16:42 . 2008-04-14 16:42 <REP> d-------- C:\Program Files\iTunes
2008-04-14 16:42 . 2008-04-14 16:42 <REP> d-------- C:\Program Files\iPod
2008-04-14 16:42 . 2008-04-14 16:42 <REP> d-------- C:\Program Files\Fichiers communs\Corel
2008-04-14 16:42 . 2008-04-14 16:43 <REP> d-------- C:\iTunes
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\WINDOWS\VCP_TEMP
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\WINDOWS\VCP_SAVE
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\Program Files\TrackMania Nations ESWC
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\Program Files\Poney-Club 2
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\Program Files\Hercules
2008-04-14 16:41 . 2008-04-14 16:42 <REP> d-------- C:\Program Files\Dataroute
2008-04-14 16:41 . 2008-04-14 16:42 <REP> d-------- C:\Program Files\Corel
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-a------ C:\ISP
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\install_souri
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-a------ C:\fsc-screensaver
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\Fichiers Programme
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\DISNEY
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\dana
2008-04-14 16:41 . 2008-04-14 16:41 <REP> d-------- C:\~QTWTMP.TMP
2008-04-14 10:16 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-14 10:16 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-14 10:16 . 2008-04-10 21:00 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-14 10:16 . 2008-04-11 22:13 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-14 10:16 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-14 10:16 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-14 10:16 . 2008-04-14 10:16 4,004 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-14 10:12 . 2008-04-14 10:12 268 --ah----- C:\sqmdata08.sqm
2008-04-14 10:12 . 2008-04-14 10:12 244 --ah----- C:\sqmnoopt08.sqm
2008-04-14 10:00 . 2008-04-14 10:00 268 --ah----- C:\sqmdata07.sqm
2008-04-14 10:00 . 2008-04-14 10:00 244 --ah----- C:\sqmnoopt07.sqm
2008-04-14 00:32 . 2008-04-14 16:41 <REP> d-a------ C:\FirstSteps
2008-04-14 00:32 . 2008-04-14 16:41 <REP> d-------- C:\CocaColaMouse
2008-04-13 20:13 . 2008-04-14 16:45 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-12 20:58 . 2008-04-14 16:39 <REP> d-------- C:\Documents and Settings\Famille\Modèles
2008-04-12 20:58 . 2008-04-14 16:39 <REP> d-------- C:\Documents and Settings\Famille\Favoris
2008-04-12 20:58 . 2008-04-12 20:58 <REP> d-------- C:\Documents and Settings\Famille\Application Data\PC Suite
2008-04-12 20:58 . 2008-04-14 16:39 <REP> d---s---- C:\Documents and Settings\Famille
2008-04-12 08:38 . 2008-04-12 08:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-04-12 08:23 . 2008-04-12 08:23 <REP> d-------- C:\Program Files\MSBuild
2008-04-12 08:18 . 2008-04-14 18:14 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-12 08:15 . 2008-04-12 08:15 <REP> dr-h----- C:\MSOCache
2008-04-12 08:11 . 2008-04-14 14:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-04-11 20:40 . 2008-04-14 15:38 <REP> d-------- C:\Program Files\eMule
2008-04-10 22:51 . 2008-04-10 22:51 268 --ah----- C:\sqmdata06.sqm
2008-04-10 22:51 . 2008-04-10 22:51 244 --ah----- C:\sqmnoopt06.sqm
2008-04-09 23:40 . 2008-04-09 23:40 268 --ah----- C:\sqmdata05.sqm
2008-04-09 23:40 . 2008-04-09 23:40 244 --ah----- C:\sqmnoopt05.sqm
2008-04-09 22:16 . 2008-04-09 22:16 268 --ah----- C:\sqmdata04.sqm
2008-04-09 22:16 . 2008-04-09 22:16 244 --ah----- C:\sqmnoopt04.sqm
2008-04-08 21:42 . 2008-04-08 21:42 268 --ah----- C:\sqmdata03.sqm
2008-04-08 21:42 . 2008-04-08 21:42 244 --ah----- C:\sqmnoopt03.sqm
2008-04-06 22:20 . 2008-04-06 22:20 268 --ah----- C:\sqmdata02.sqm
2008-04-06 22:20 . 2008-04-06 22:20 244 --ah----- C:\sqmnoopt02.sqm
2008-04-05 22:49 . 2008-04-05 22:49 268 --ah----- C:\sqmdata01.sqm
2008-04-05 22:49 . 2008-04-05 22:49 244 --ah----- C:\sqmnoopt01.sqm
2008-04-05 12:32 . 2008-04-05 12:40 <REP> d-------- C:\Documents and Settings\Florian Leloup\Nouveau dossier
2008-04-05 07:39 . 2008-04-05 07:39 268 --ah----- C:\sqmdata00.sqm
2008-04-05 07:39 . 2008-04-05 07:39 244 --ah----- C:\sqmnoopt00.sqm
2008-04-04 20:40 . 2008-04-14 15:37 <REP> d-------- C:\Bazar
2008-04-02 22:23 . 2008-04-14 16:43 <REP> d-------- C:\Stars wars 3
2008-03-30 20:00 . 2008-03-30 20:02 <REP> d-------- C:\Documents and Settings\Florian Leloup\Application Data\FMZilla
2008-03-29 17:01 . 2008-04-14 16:43 <REP> d-------- C:\Stars wars 1
2008-03-29 15:53 . 2008-04-14 16:43 <REP> d-------- C:\Stars wars
2008-03-20 10:09 . 2008-03-20 10:09 1,845,376 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-20 00:07 . 2008-03-20 00:07 <REP> d-------- C:\Documents and Settings\Florian Leloup\Application Data\Media Player Classic
2008-03-18 20:07 . 2008-04-14 15:37 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-03-18 20:07 . 2006-09-24 17:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-03-18 20:07 . 2007-09-21 02:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-03-18 20:07 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-14 23:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-14 14:45 --------- d-----w C:\Program Files\Windows Live
2008-04-14 14:45 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-14 14:45 --------- d-----w C:\Program Files\Java
2008-04-14 14:44 --------- d-----w C:\Program Files\DivX
2008-04-14 14:43 --------- d-----w C:\Program Files\MSN Messenger
2008-04-14 14:43 --------- d-----w C:\Program Files\MessengerDiscovery
2008-04-14 14:43 --------- d-----w C:\Documents and Settings\Florian Leloup\Application Data\uTorrent
2008-04-14 14:42 --------- d-----w C:\Program Files\Google
2008-04-14 14:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-14 14:41 --------- d-----w C:\Program Files\Servarena
2008-04-14 14:41 --------- d-----w C:\Program Files\Micro Application
2008-04-14 14:39 --------- d-----w C:\Program Files\LimeWire
2008-04-14 14:39 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-04-14 13:55 16,384 --sha-w C:\Program Files\Thumbs.db
2008-04-14 13:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-14 13:36 --------- d-----w C:\Program Files\Winter Fun Pack 2004 for Windows XP
2008-04-12 04:34 561,025,024 ----a-w C:\Program Files\[ThiWeb].Microsoft.Office.2007.Pro.Plus.Finale.Fr.iso
2008-04-02 20:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-03-11 20:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2008-03-02 18:18 --------- d-----w C:\Program Files\RealVNC
2008-02-21 19:21 --------- d-----w C:\Documents and Settings\Florian Leloup\Application Data\Image Zone Express
2008-02-01 09:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-12-09 21:19 3,464,838 ----a-w C:\Program Files\httrack-3.42.exe
2007-12-08 19:53 827,024 ----a-w C:\Program Files\PhotoGreetingCards.exe
2007-12-08 19:52 1,394,568 ----a-w C:\Program Files\install_easyshare.exe
2007-12-02 14:22 4,179,293 ----a-w C:\Program Files\everesthome220.exe
2007-12-02 10:11 1,495,603 ----a-w C:\Program Files\MDL_1.3.0322.exe
2007-12-02 09:42 2,402,832 ----a-w C:\Program Files\WLinstaller.exe
2007-12-01 18:48 17,929,072 ----a-w C:\Program Files\Install_Messenger.exe
2007-11-18 19:16 1,902,536 ----a-w C:\Program Files\daemon-tools_daemon_tools_4.1_anglais_10729.exe
2007-11-08 22:18 7,736 ----a-w C:\Program Files\xip.zip
2007-11-07 20:32 684,032 ----a-w C:\Program Files\ducsetup.exe
2007-11-05 21:27 2,865,651,712 ----a-w C:\Program Files\flt-fif8.iso
2007-11-05 18:40 19,194,902 ----a-w C:\Program Files\tmnationseswc_175_to_179_setup.exe
2007-11-04 16:08 278,695,200 ----a-w C:\Program Files\TmNationsESWC_Setup.exe
2007-11-02 08:15 107 ----a-w C:\Program Files\main.c
2007-10-29 14:03 700,120 ----a-w C:\Program Files\flash-moz.exe
2007-10-29 12:36 1,367,695 ----a-w C:\Program Files\VirtualDub-MPEG2_1.6.15_b24600_Fr.exe
2007-10-18 19:11 240,365,312 ----a-w C:\Program Files\ADBEFWKSCS3_WWF.exe
2007-10-17 18:46 108,998,552 ----a-w C:\Program Files\paint-shop-pro-x_paint_shop_pro_x_10.0_francais_15224.exe
2007-10-14 10:22 2,577,800 ----a-w C:\Program Files\essentialpim2.exe
2007-07-22 11:09 132,909,372 ----a-w C:\Program Files\DofusInstaller_v1_19_0.exe
2007-07-14 17:23 22 ----a-w C:\Program Files\t.rar
2007-07-10 20:07 720,051 ----a-w C:\Program Files\vnc-4.0-x86_win32.zip
2007-07-06 23:20 8,335 ----a-w C:\Program Files\NickChange1_4.plsc
2007-07-06 20:11 3,126,056 ----a-w C:\Program Files\LimeWireWin.exe
2007-07-04 08:37 18,898,288 ----a-w C:\Program Files\Install_WLMessenger.exe
2007-07-03 16:00 1,882,020 ----a-w C:\Program Files\PhotoFiltre.zip
2007-07-01 11:02 24,708,797 ----a-w C:\Program Files\kav700123fr_1645.exe
2007-06-30 20:06 365,464 ----a-w C:\Program Files\emoticoneslive_search.exe
2007-06-28 14:27 5,370,037 ----a-w C:\Program Files\Install MPD.exe
2007-06-28 13:11 19,889,664 ----a-w C:\Program Files\WinterFunPack2004forWindowsXP.msi
2007-06-23 19:41 29,734,452 ----a-w C:\Program Files\setup-adsltv.exe
2007-06-19 20:58 3,035,141 ----a-w C:\Program Files\PimpFish.exe
2007-06-19 20:54 1,881,088 ----a-w C:\Program Files\q3cel-1.0-Windows.msi
2007-05-27 21:40 19,415,424 ----a-w C:\Program Files\StyleXPInstallMale.zip
2007-05-20 18:22 232,086 ----a-w C:\Program Files\stuffPlugybouane.oldiblog.com.exe
2007-05-18 07:44 1,104,384 ----a-w C:\Program Files\gifsetup.exe
2007-05-17 11:58 452,617 ----a-w C:\Program Files\pca1161_chateau_fantasy.zip
2007-05-17 09:46 858,310 ----a-w C:\Program Files\pca0681_naruto.zip
2007-05-17 09:43 101,472 ----a-w C:\Program Files\pca1344_eva_longoria.zip
2007-05-17 09:33 743,469 ----a-w C:\Program Files\vnc-4.0-x86_win32.exe
2007-05-14 19:06 256 ----a-w C:\Program Files\BYEBYE.ini
2007-05-14 19:03 330,391 ----a-w C:\Program Files\Byebye10.zip
2007-05-13 15:59 67,240 ----a-w C:\Program Files\vnc-4_1-javasrc[1].tar.gz
2007-05-12 08:54 121,474 ----a-w C:\Program Files\1avatars035.exe
2007-05-12 08:52 56,972 ----a-w C:\Program Files\444.exe
2007-05-12 08:19 28,374,788 ----a-w C:\Program Files\adsl-tv_adsl_tv_1.96_francais_19182.exe
2007-05-10 19:32 230,424 ----a-w C:\Program Files\img2-001.raw
2007-05-09 12:30 1,067,576 ----a-w C:\Program Files\AxCrypt-Setup.exe
2007-05-08 10:20 3,458,079 ----a-w C:\Program Files\FileZilla_2_2_32_setup.exe
2007-05-02 11:16 9,098,377 ----a-w C:\Program Files\blender-2.43-windows.exe
2007-04-30 20:24 89,478 ----a-w C:\Program Files\Tete_de_noeud.zip
2007-04-29 18:41 2,359,350 ----a-w C:\Program Files\quake.bmp
2007-04-15 12:21 811,744 ----a-w C:\Program Files\Google Updater.exe
2007-04-14 09:05 1,838,150 ----a-w C:\Program Files\Legion88-CasserDuBougnoule.mp3
2007-04-12 17:06 42,654 ----a-w C:\Program Files\SpongeBob_ScreenToy.zip
2007-04-12 14:17 167 ----a-w C:\Documents and Settings\Florian Leloup\1875.bat
2007-04-11 10:17 3,803,427 ----a-w C:\Program Files\video0.mp3
2007-04-10 18:41 1,774,682 ----a-w C:\Program Files\install_souri.rar
2007-04-10 18:40 11,716 ----a-w C:\Program Files\CocaColaMouse.zip
2007-04-10 18:37 13,306 ----a-w C:\Program Files\logochange.zip
2007-04-07 21:59 3,790,397 ----a-w C:\Program Files\dana.zip
2007-04-07 21:35 990,600 ----a-w C:\Program Files\screensaver.exe
2007-04-07 09:33 2,159,277 ----a-w C:\Program Files\testdisk-6.7-WIP.win.zip
2007-04-07 09:30 1,996,340 ----a-w C:\Program Files\testdisk-6.6.win.zip
2007-04-07 09:28 6,048 ----a-w C:\Program Files\photorecover_0.9.0-1_i386.deb
2007-04-07 09:18 2,007,546 ----a-w C:\Program Files\rescue.exe
2007-04-03 15:03 270,305,943 ----a-w C:\Program Files\WolfET.exe
2007-04-03 14:53 217,552 ----a-w C:\Program Files\XIII_Telecharger(fr_199){5794}.exe
2007-04-03 09:00 2,228,534 ----a-w C:\Program Files\audacity-win-1.2.6.exe
2007-04-01 20:45 239,999,989 ----a-w C:\Program Files\foodforce_pc.exe
2007-04-01 16:46 2,369,536 ----a-w C:\Program Files\MSCariocaSetup-fra.msi
2007-04-01 16:40 5,165,568 ----a-w C:\Program Files\WindowsDefender.msi
2007-04-01 08:02 1,077,720 ----a-w C:\Program Files\installer-8881-17-Windows-Media-Player-11-French.exe
2007-03-31 07:35 4,859,480 ----a-w C:\Program Files\MsgPlusLive-411.exe
2007-03-31 07:21 150,932 ----a-w C:\Program Files\Livepencil.zip
2007-03-30 20:47 346,666,032 ----a-w C:\Program Files\X12-30105.exe
2006-11-08 12:25 14,257,952 ----a-w C:\Program Files\eDrawingsFullFrench.exe
2007-11-09 19:23 56 --sh--r C:\WINDOWS\system32\F69E18DE48.sys
2007-11-09 19:23 3,974 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

------- Sigcheck -------

2007-06-13 15:10 4923392 e47dc53de6bfe06c58782f22ed952f1a C:\WINDOWS\explorer.exe
2004-08-05 14:00 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB884883$\explorer.exe
2005-04-07 20:47 1036288 0bee3b07ace3303ee57698808e1d2de3 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\VCP_SAVE\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-04-14_13.52.33.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 16:20:20 110,592 ----a-w C:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2008-04-14 16:20:18 65,536 ----a-w C:\WINDOWS\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL
+ 2008-04-14 16:20:22 4,608 ----a-w C:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2008-04-14 16:20:09 31,560 ----a-w C:\WINDOWS\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL
+ 2008-04-14 16:20:19 8,007,680 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2008-04-14 16:20:09 16,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll
+ 2008-04-14 16:18:51 80,696 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2008-04-14 16:19:37 1,612,592 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2008-04-14 16:19:37 1,276,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2008-04-14 16:19:37 150,320 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2008-04-14 16:20:11 404,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll
+ 2008-04-14 16:19:39 88,896 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-04-14 16:19:39 146,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2008-04-14 16:19:37 920,376 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
+ 2008-04-14 16:19:38 35,648 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2008-04-14 16:19:38 248,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-04-14 16:19:39 232,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll
+ 2008-04-14 16:19:37 20,280 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2008-04-14 16:19:39 781,104 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-04-14 16:20:18 13,312 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2008-04-14 16:19:37 371,496 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-04-14 16:19:39 64,288 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-04-14 16:20:18 229,376 ----a-w C:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2008-04-14 16:20:20 4,096 ----a-w C:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2008-04-14 16:19:37 416,544 ----a-w C:\WINDOWS\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-04-14 16:18:47 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2008-04-14 16:18:52 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2008-04-14 16:19:53 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2008-04-14 16:20:12 12,616 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll
+ 2008-04-14 16:20:12 12,616 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll
+ 2008-04-14 16:20:02 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
+ 2008-04-14 16:20:01 12,632 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2008-04-14 16:20:02 12,112 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2008-04-14 16:20:05 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
+ 2008-04-14 16:19:53 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2008-04-14 16:20:08 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2008-04-14 16:19:56 12,080 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2008-04-14 16:19:55 11,544 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2008-04-14 16:20:18 16,384 ----a-w C:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2008-04-14 16:20:11 118,112 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2008-04-14 16:20:26 367,400 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll
+ 2008-04-14 16:20:11 609,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2008-04-14 16:20:11 43,840 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\12.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll
+ 2008-04-14 16:20:12 39,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll
+ 2008-04-14 16:20:11 60,200 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll
+ 2008-04-14 16:14:13 11,560 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.resources.dll
+ 2008-04-14 16:20:17 211,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.dll
+ 2008-04-14 16:14:13 12,600 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.resources.dll
+ 2008-04-14 16:20:17 105,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll
+ 2008-04-14 16:14:12 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.resources.dll
+ 2008-04-14 16:20:16 330,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.dll
+ 2008-04-14 16:14:13 11,064 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.resources.dll
+ 2008-04-14 16:20:17 39,712 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll
+ 2008-04-14 16:20:18 39,704 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll
+ 2008-04-14 16:14:12 13,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.resources.dll
+ 2008-04-14 16:20:16 72,472 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll
+ 2008-04-14 16:20:17 47,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2008-04-14 16:20:17 39,624 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll
- 2008-04-14 11:44:58 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-15 08:18:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-10-27 13:16:36 133,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\CONTAB32.DLL
+ 2006-10-26 18:55:32 87,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\DLGSETP.DLL
+ 2006-10-27 13:07:36 17,891,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2006-10-26 18:55:48 340,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-27 13:16:46 2,939,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-26 18:34:12 660,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-26 18:34:10 192,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-10-27 13:16:44 594,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-10-27 13:16:48 12,813,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
+ 2006-10-27 13:16:40 176,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-26 18:55:54 413,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-26 18:55:44 263,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-26 18:55:44 272,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-26 21:00:12 1,841,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL
+ 2006-10-26 19:13:08 14,674,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2006-10-26 19:17:08 11,072 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\[u]0[/u]0002109110000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2008-04-14 23:58:31 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-04-14 23:58:32 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-04-14 23:58:32 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-04-14 23:58:32 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2008-04-14 23:58:32 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-04-14 23:58:32 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-04-14 23:58:32 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-04-14 23:58:32 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-04-14 23:58:32 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-04-14 23:58:32 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-04-14 23:58:31 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-04-14 16:27:55 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-040C-0000-0000000FF1CE}\misc.exe
+ 2008-04-14 16:08:52 632,320 ----a-r C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}\IconCD95F66110.exe
+ 2008-04-14 16:08:52 29,184 ----a-r C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}\IconCD95F6617.exe
+ 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack(2)(2).dll
- 2008-04-14 01:46:55 177,856 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-15 08:18:51 290,088 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-04-14 07:56:31 65,160 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-14 17:27:09 66,004 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-14 07:56:31 87,816 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-04-14 17:27:09 88,694 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-04-14 07:56:31 410,882 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-14 17:27:09 413,786 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-04-14 07:56:31 501,516 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-04-14 17:27:09 504,272 ----a-w C:\WINDOWS\system32\perfh00C.dat
- 2008-04-13 22:37:28 20,045,020 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2008-04-14 14:46:57 8,887,372 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2006-10-26 11:40:36 1,093,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-10-26 11:40:36 1,079,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2006-10-26 11:40:36 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 11:40:36 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 11:40:36 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2006-10-26 11:40:36 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 11:40:36 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 11:40:36 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2006-10-26 11:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 11:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 11:40:36 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 11:40:36 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 11:40:36 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72B8F4DD-1C71-45A8-A0E5-A9DDF9D5F89F}]
C:\WINDOWS\system32\gebcb.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fsc-reminder.exe"="C:\WINDOWS\reminder\fsc-reminder.exe" [2005-01-19 17:10 28672]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-15 14:33 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 11:12 695808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-10 19:25 15969280 C:\WINDOWS\RTHDCPL.EXE]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-09-05 15:55 339968]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2006-07-06 22:32 122880]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2003-09-29 07:10 81990]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2003-09-10 03:11 135251]
"iconcache"="" []
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 09:01 437160]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 18:35 1294336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Program Files\Fichiers communs\logishrd\WUApp32.exe" [2007-10-12 04:03 439568]

C:\Documents and Settings\Florian Leloup\Menu D‚marrer\Programmes\D‚marrage\
No-IP DUC.lnk - C:\Program Files\No-IP\DUC20.exe [2007-12-10 21:38:34 1172992]

C:\Documents and Settings\Florian Leloup\Menu D‚marrer\Programmes\D‚marrage\
No-IP DUC.lnk - C:\Program Files\No-IP\DUC20.exe [2007-12-10 21:38:34 1172992]

C:\Documents and Settings\Florian Leloup\Menu D‚marrer\Programmes\D‚marrage\
No-IP DUC.lnk - C:\Program Files\No-IP\DUC20.exe [2007-12-10 21:38:34 1172992]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2006-05-17 16:05:52 2297856]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 11:10:02 394856]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebcb]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Kodak software updater.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Kodak software updater.lnk
backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logiciel Kodak EasyShare.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk
backup=C:\WINDOWS\pss\Logiciel Kodak EasyShare.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk
backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-16 13:24 167368 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 14:42 267064 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2007-10-07 12:25 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Muscbrigade]
--a------ 2005-12-22 10:26 40960 c:\Musicbrigade\Musicbrigade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-08-31 16:46 1460560 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-15 14:33 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\Program Files\Yahoo!\Messenger\ypager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinDefend"=2 (0x2)
"gusvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\adslTV\\adsltv.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"C:\\Program Files\\MSN Messenger\\msnmgr.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Copie de quake 3\\quake3.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Sony\\Media Manager for PSP 2.0\\MediaManager.exe"=
"C:\\Program Files\\Messenger\\Msmsgs.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=
"C:\\Program Files\\No-IP\\DUC20.exe"=
"C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27960:UDP"= 27960:UDP:flo.servequake.com
"27961:UDP"= 27961:UDP:Quake 3 27960 UDP
"27962:UDP"= 27962:UDP:Quake 3 27960 UDP
"27963:UDP"= 27963:UDP:Quake 3 27960 UDP
"27964:UDP"= 27964:UDP:Quake 3 27960 UDP
"27965:UDP"= 27965:UDP:Quake 3 27960 UDP
"17966:UDP"= 17966:UDP:flo6.servequake.com

R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 14:00]
S2 DNS2GoClient;DNS2Go Client;C:\PROGRA~1\DEERFI~1.COM\DNS2Go\DNS2GO~2.EXE [2007-11-07 12:50]
S3 gel90xne;gel90xne;C:\DOCUME~1\FLORIA~1\LOCALS~1\Temp\gel90xne.sys []
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 17:53]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f06c3252-d4b6-11dc-acbe-001b2f431027}]
\Shell\AutoRun\command - L:\.pspware\PSPWareLauncher.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-12 17:59:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-15 08:39:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-15 10:47:37
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-15 10:53:22
ComboFix-quarantined-files.txt 2008-04-15 08:53:16

Pre-Run: 31,556,517,888 octets libres
Post-Run: 31,527,563,264 octets libres
.
2008-04-14 23:58:35 --- E O F ---
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses