Sujet Précédent Sujet Suivant

VIRUS (besoin d'aide)

Résolu/Fermé
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 - 22 juil. 2008 à 16:27
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 - 25 juil. 2008 à 11:37
Bonjour à tous,

j'ai un problème de virus et j'aurais besoin d'aide svp, merci

voici le hjt


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:24:46, on 22/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ANTI (Tout)\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: QXK Olive - {602807BB-4586-4B35-BFD0-B2E221667595} - C:\WINDOWS\nfavxwdbxka.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AntiSpywareExpert] C:\Program Files\ANTI (Tout)\Anti spyware expert\ASE_Setup_Free_fr.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://poupoule77220.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O21 - SSODL: eqvwamkl - {8C8F4319-1A5D-4ECF-A8EC-C5EABD595B60} - C:\WINDOWS\eqvwamkl.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

68 réponses

Précédent
Réponse 41 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 19:05
127.0.0.1 www.vidaccess.net
127.0.0.1 vidaccess.net
127.0.0.1 www.vidcodecs.com
127.0.0.1 vidcodecs.com
127.0.0.1 www.videoaccessactivex.com
127.0.0.1 videoaccessactivex.com
127.0.0.1 www.videoactivexlist.com
127.0.0.1 videoactivexlist.com
127.0.0.1 www.videoactivexmode.com
127.0.0.1 videoactivexmode.com
127.0.0.1 www.videoactivexnote.com
127.0.0.1 videoactivexnote.com
127.0.0.1 www.videoactivexsetup.com
127.0.0.1 videoactivexsetup.com
127.0.0.1 www.videoactivexsoft.com
127.0.0.1 videoactivexsoft.com
127.0.0.1 www.videoactivexsoftware.com
127.0.0.1 videoactivexsoftware.com
127.0.0.1 www.videoaxdata.com
127.0.0.1 videoaxdata.com
127.0.0.1 www.videoaxdownload.com
127.0.0.1 videoaxdownload.com
127.0.0.1 www.videoaxobject.com
127.0.0.1 videoaxobject.com
127.0.0.1 www.videoaxproject.com
127.0.0.1 videoaxproject.com
127.0.0.1 www.videoaxsoftware.com
127.0.0.1 videoaxsoftware.com
127.0.0.1 www.videoaxsolution.com
127.0.0.1 videoaxsolution.com
127.0.0.1 videocategories.com
127.0.0.1 www.video-clips.in
127.0.0.1 video-clips.in
127.0.0.1 www.videoobjectax.com
127.0.0.1 videoobjectax.com
127.0.0.1 www.videoobjectmedia.com
127.0.0.1 videoobjectmedia.com
127.0.0.1 www.videoplayersite.com
127.0.0.1 videoplayersite.com
127.0.0.1 www.videos-access.com
127.0.0.1 videos-access.com
127.0.0.1 www.videosaccess.net
127.0.0.1 videosaccess.net
127.0.0.1 www.videoscodec.com
127.0.0.1 videoscodec.com
127.0.0.1 www.videosfan.com
127.0.0.1 videosfan.com
127.0.0.1 www.videosoftonline.com
127.0.0.1 videosoftonline.com
127.0.0.1 www.videosoftwareax.com
127.0.0.1 videosoftwareax.com
127.0.0.1 www.videossoftware.com
127.0.0.1 videossoftware.com
127.0.0.1 www.videowebproject.com
127.0.0.1 videowebproject.com
127.0.0.1 www.videowebsoft.com
127.0.0.1 videowebsoft.com
127.0.0.1 www.videozapping.com
127.0.0.1 videozapping.com
127.0.0.1 www.vidrgilio.it
127.0.0.1 vidrgilio.it
127.0.0.1 www.vids-access.com
127.0.0.1 vids-access.com
127.0.0.1 www.vidscodec.com
127.0.0.1 vidscodec.com
127.0.0.1 www.vidsfest.com
127.0.0.1 vidsfest.com
127.0.0.1 www.viegilio.it
127.0.0.1 viegilio.it
127.0.0.1 www.viergilio.it
127.0.0.1 viergilio.it
127.0.0.1 www.viewimageonline.com
127.0.0.1 viewimageonline.com
127.0.0.1 www.vifgilio.it
127.0.0.1 vifgilio.it
127.0.0.1 www.vifrgilio.it
127.0.0.1 vifrgilio.it
127.0.0.1 www.vigrgilio.it
127.0.0.1 vigrgilio.it
127.0.0.1 www.vigrilio.it
127.0.0.1 vigrilio.it
127.0.0.1 www.vijrgilio.it
127.0.0.1 vijrgilio.it
127.0.0.1 www.vikrgilio.it
127.0.0.1 vikrgilio.it
127.0.0.1 www.vilrgilio.it
127.0.0.1 vilrgilio.it
127.0.0.1 www.viorgilio.it
127.0.0.1 viorgilio.it
127.0.0.1 www.vipru.com
127.0.0.1 vipru.com
127.0.0.1 www.vir4gilio.it
127.0.0.1 vir4gilio.it
127.0.0.1 www.vir5gilio.it
127.0.0.1 vir5gilio.it
127.0.0.1 www.virbgilio.it
127.0.0.1 virbgilio.it
127.0.0.1 www.virbilio.it
127.0.0.1 virbilio.it
127.0.0.1 www.virdgilio.it
127.0.0.1 virdgilio.it
127.0.0.1 www.viregilio.it
127.0.0.1 viregilio.it
127.0.0.1 www.virfgilio.it
127.0.0.1 virfgilio.it
127.0.0.1 www.virg8ilio.it
127.0.0.1 virg8ilio.it
127.0.0.1 www.virg8lio.it
127.0.0.1 virg8lio.it
127.0.0.1 www.virg9ilio.it
127.0.0.1 virg9ilio.it
127.0.0.1 www.virg9lio.it
127.0.0.1 virg9lio.it
127.0.0.1 www.virgbilio.it
127.0.0.1 virgbilio.it
127.0.0.1 www.virgfilio.it
127.0.0.1 virgfilio.it
127.0.0.1 www.virghilio.it
127.0.0.1 virghilio.it
127.0.0.1 www.virgi8lio.it
127.0.0.1 virgi8lio.it
127.0.0.1 www.virgi9lio.it
127.0.0.1 virgi9lio.it
127.0.0.1 www.virgiilo.it
127.0.0.1 virgiilo.it
127.0.0.1 www.virgiio.it
127.0.0.1 virgiio.it
127.0.0.1 www.virgijlio.it
127.0.0.1 virgijlio.it
127.0.0.1 www.virgiklio.it
127.0.0.1 virgiklio.it
127.0.0.1 www.virgil8io.it
127.0.0.1 virgil8io.it
127.0.0.1 www.virgil9io.it
127.0.0.1 virgil9io.it
127.0.0.1 www.virgili0.it
127.0.0.1 virgili0.it
127.0.0.1 www.virgili8o.it
127.0.0.1 virgili8o.it
127.0.0.1 www.virgili9.it
127.0.0.1 virgili9.it
127.0.0.1 www.virgili9o.it
127.0.0.1 virgili9o.it
127.0.0.1 www.virgilijo.it
127.0.0.1 virgilijo.it
127.0.0.1 www.virgiliko.it
127.0.0.1 virgiliko.it
127.0.0.1 www.virgilil.it
127.0.0.1 virgilil.it
127.0.0.1 www.virgililo.it
127.0.0.1 virgililo.it
127.0.0.1 www.virgilio0.it
127.0.0.1 virgilio0.it
127.0.0.1 www.virgilio9.it
127.0.0.1 virgilio9.it
127.0.0.1 www.virgilioi.it
127.0.0.1 virgilioi.it
127.0.0.1 www.virgiliok.it
127.0.0.1 virgiliok.it
127.0.0.1 www.virgiliol.it
127.0.0.1 virgiliol.it
127.0.0.1 www.virgiliop.it
127.0.0.1 virgiliop.it
127.0.0.1 www.virgilipo.it
127.0.0.1 virgilipo.it
127.0.0.1 www.virgiliuo.it
127.0.0.1 virgiliuo.it
127.0.0.1 www.virgiljio.it
127.0.0.1 virgiljio.it
127.0.0.1 www.virgilkio.it
127.0.0.1 virgilkio.it
127.0.0.1 www.virgiloio.it
127.0.0.1 virgiloio.it
127.0.0.1 www.virgiloo.it
127.0.0.1 virgiloo.it
127.0.0.1 www.virgilpio.it
127.0.0.1 virgilpio.it
127.0.0.1 www.virgiluio.it
127.0.0.1 virgiluio.it
127.0.0.1 www.virgiluo.it
127.0.0.1 virgiluo.it
127.0.0.1 virgin-tgp.net
127.0.0.1 www.virgioio.it
127.0.0.1 virgioio.it
127.0.0.1 www.virgiolio.it
127.0.0.1 virgiolio.it
127.0.0.1 www.virgiplio.it
127.0.0.1 virgiplio.it
127.0.0.1 www.virgiulio.it
127.0.0.1 virgiulio.it
127.0.0.1 www.virgjilio.it
127.0.0.1 virgjilio.it
127.0.0.1 www.virgkilio.it
127.0.0.1 virgkilio.it
127.0.0.1 www.virgklio.it
127.0.0.1 virgklio.it
127.0.0.1 www.virglilio.it
127.0.0.1 virglilio.it
127.0.0.1 www.virgoilio.it
127.0.0.1 virgoilio.it
127.0.0.1 www.virgtilio.it
127.0.0.1 virgtilio.it
127.0.0.1 www.virguilio.it
127.0.0.1 virguilio.it
127.0.0.1 www.virgvilio.it
127.0.0.1 virgvilio.it
127.0.0.1 www.virgyilio.it
127.0.0.1 virgyilio.it
127.0.0.1 www.virhgilio.it
127.0.0.1 virhgilio.it
127.0.0.1 www.virprotect.com
127.0.0.1 virprotect.com
127.0.0.1 www.virtgilio.it
127.0.0.1 virtgilio.it
127.0.0.1 www.virtilio.it
127.0.0.1 virtilio.it
127.0.0.1 www.virtualcodec.com
127.0.0.1 virtualcodec.com
127.0.0.1 www.virtual-ticket.net
127.0.0.1 virtual-ticket.net
127.0.0.1 www.virusburst.com
127.0.0.1 virusburst.com
127.0.0.1 www.viruscrusher.com
127.0.0.1 viruscrusher.com
127.0.0.1 www.virusdifesa.com
127.0.0.1 virusdifesa.com
127.0.0.1 www.virusforsvar.com
127.0.0.1 virusforsvar.com
127.0.0.1 www.virusgarde.com
127.0.0.1 virusgarde.com
127.0.0.1 www.virushunter.com
127.0.0.1 virushunter.com
127.0.0.1 www.virusnuke.com
127.0.0.1 virusnuke.com
127.0.0.1 virusprotectpro.com
127.0.0.1 www.virusranger.com
127.0.0.1 virusranger.com
127.0.0.1 www.virusrescue.com
127.0.0.1 virusrescue.com
127.0.0.1 www.virusscansite.com
127.0.0.1 virusscansite.com
127.0.0.1 www.virusschlacht.com
127.0.0.1 virusschlacht.com
127.0.0.1 www.virusvakt.com
127.0.0.1 virusvakt.com
127.0.0.1 www.virvgilio.it
127.0.0.1 virvgilio.it
127.0.0.1 www.virvilio.it
127.0.0.1 virvilio.it
127.0.0.1 www.virygilio.it
127.0.0.1 virygilio.it
127.0.0.1 vitamins-for-each.com
127.0.0.1 www.vitrgilio.it
127.0.0.1 vitrgilio.it
127.0.0.1 www.viurgilio.it
127.0.0.1 viurgilio.it
127.0.0.1 www.vivacodec.net
127.0.0.1 vivacodec.net
127.0.0.1 www.vjirgilio.it
127.0.0.1 vjirgilio.it
127.0.0.1 www.vkirgilio.it
127.0.0.1 vkirgilio.it
127.0.0.1 www.vkrgilio.it
127.0.0.1 vkrgilio.it
127.0.0.1 www.vlirgilio.it
127.0.0.1 vlirgilio.it
127.0.0.1 www.voghp.com
127.0.0.1 voghp.com
127.0.0.1 void.truth-is-out-there.org
127.0.0.1 www.voirgilio.it
127.0.0.1 voirgilio.it
127.0.0.1 www.vorriere.it
127.0.0.1 vorriere.it
127.0.0.1 votehowe.org
127.0.0.1 www.vother.info
127.0.0.1 vother.info
127.0.0.1 www.votreenton.biz
127.0.0.1 votreenton.biz
127.0.0.1 vparivalka.com
127.0.0.1 www.vplprocedure.com
127.0.0.1 vplprocedure.com
127.0.0.1 vse-moe.biz
127.0.0.1 www.vskeylogger.nazwa.pl
127.0.0.1 vskeylogger.nazwa.pl
127.0.0.1 www.vtvcp-ueorn.com
127.0.0.1 vtvcp-ueorn.com
127.0.0.1 www.vtvcp-ymct.com
127.0.0.1 vtvcp-ymct.com
127.0.0.1 www.vuirgilio.it
127.0.0.1 vuirgilio.it
127.0.0.1 vxebony.com
127.0.0.1 wabq.com
127.0.0.1 wabu.com
127.0.0.1 wakeupdick.com
127.0.0.1 www.walitalia.it
127.0.0.1 walitalia.it
127.0.0.1 www.wanfuchina.com
127.0.0.1 wanfuchina.com
127.0.0.1 www.ware2006.com
127.0.0.1 ware2006.com
127.0.0.1 www.warez.com
127.0.0.1 warez.com
127.0.0.1 www.warningiepage.com
127.0.0.1 warningiepage.com
127.0.0.1 warnomore.org
127.0.0.1 www.watchonline.tv
127.0.0.1 watchonline.tv
127.0.0.1 watersport-specialties.com
127.0.0.1 www.wazzupnet.com
127.0.0.1 wazzupnet.com
127.0.0.1 www.wbay.it
127.0.0.1 wbay.it
127.0.0.1 wbkb.com
127.0.0.1 web.links4all.biz
127.0.0.1 web1000.com
127.0.0.1 www.webaccelerating.com
127.0.0.1 webaccelerating.com
127.0.0.1 www.webbuying.net
127.0.0.1 webbuying.net
127.0.0.1 www.web-codec.com
127.0.0.1 web-codec.com
127.0.0.1 webcoolsearch.com
127.0.0.1 web-entrance.co
127.0.0.1 www.web-fastserve.com
127.0.0.1 web-fastserve.com
127.0.0.1 www.webhancer.com
127.0.0.1 webhancer.com
127.0.0.1 web-homepage.net
127.0.0.1 www.webinvestigator.com
127.0.0.1 webinvestigator.com
127.0.0.1 www.webiphoneaccess.com
127.0.0.1 webiphoneaccess.com
127.0.0.1 www.webiphonedownloads.com
127.0.0.1 webiphonedownloads.com
127.0.0.1 www.webipoddownload.com
127.0.0.1 webipoddownload.com
127.0.0.1 www.Web-mediaplayer.com
127.0.0.1 Web-mediaplayer.com
127.0.0.1 www.webnetinfo.net
127.0.0.1 webnetinfo.net
127.0.0.1 web-nexus.net
127.0.0.1 www.webpspdownload.com
127.0.0.1 webpspdownload.com
127.0.0.1 www.websearch.com
127.0.0.1 websearch.com
127.0.0.1 web-search.tk
127.0.0.1 www.websearch24.com
127.0.0.1 websearch24.com
127.0.0.1 websearchdot.com
127.0.0.1 www.websopot.com
127.0.0.1 websopot.com
127.0.0.1 www.webspyshield.com
127.0.0.1 webspyshield.com
127.0.0.1 www.webtop100.net
127.0.0.1 webtop100.net
127.0.0.1 www.webtopsecurity.com
127.0.0.1 webtopsecurity.com
127.0.0.1 weekend-movies.com
127.0.0.1 www.weeproject.com
127.0.0.1 weeproject.com
127.0.0.1 www.wegvonviren.com
127.0.0.1 wegvonviren.com
127.0.0.1 www.wethere.com
127.0.0.1 wethere.com
127.0.0.1 wetpornostars.com
127.0.0.1 wfix.com
127.0.0.1 wflu.com
127.0.0.1 www.wg581.com
127.0.0.1 wg581.com
127.0.0.1 www.whatmetodonow.org
127.0.0.1 whatmetodonow.org
127.0.0.1 whatsyoursearch.com
127.0.0.1 whazit.com
127.0.0.1 www.whitecodec.com
127.0.0.1 whitecodec.com
127.0.0.1 white-pages.ws
127.0.0.1 www.whitescat.com
127.0.0.1 whitescat.com
127.0.0.1 whittierblvd.com
127.0.0.1 www.whoisprivacyprotect.com
127.0.0.1 whoisprivacyprotect.com
127.0.0.1 www.winamp2007.com
127.0.0.1 winamp2007.com
127.0.0.1 www.winamp-download-now.com
127.0.0.1 winamp-download-now.com
127.0.0.1 www.winamp-hq.com
127.0.0.1 winamp-hq.com
127.0.0.1 www.winantispam.com
127.0.0.1 winantispam.com
127.0.0.1 www.winantispy.com
127.0.0.1 winantispy.com
127.0.0.1 www.winantispyware.com
127.0.0.1 winantispyware.com
127.0.0.1 www.winantivirus.com
127.0.0.1 winantivirus.com
127.0.0.1 www.winantiviruspro.com
127.0.0.1 winantiviruspro.com
127.0.0.1 www.win-anti-virus-pro.com
127.0.0.1 win-anti-virus-pro.com
127.0.0.1 www.windefender.com
127.0.0.1 windefender.com
127.0.0.1 windowenhancer.com
127.0.0.1 www.windrivecleaner.com
127.0.0.1 windrivecleaner.com
127.0.0.1 www.windrivesafe.com
127.0.0.1 windrivesafe.com
127.0.0.1 windupdates.com
127.0.0.1 www.winfirewall.com
127.0.0.1 winfirewall.com
127.0.0.1 www.winfixer.com
127.0.0.1 winfixer.com
127.0.0.1 www.winfixer2006.com
127.0.0.1 winfixer2006.com
127.0.0.1 win-in-casino.com
127.0.0.1 www.winmediacodec.com
127.0.0.1 winmediacodec.com
127.0.0.1 winmsn.com
127.0.0.1 www.winmx.click-new-download.com
127.0.0.1 winmx.click-new-download.com
127.0.0.1 www.winmxfrance.com
127.0.0.1 winmxfrance.com
127.0.0.1 www.winmx-freebie.com
127.0.0.1 winmx-freebie.com
127.0.0.1 www.winmx-music-download.com
127.0.0.1 winmx-music-download.com
127.0.0.1 www.winnanny.com
127.0.0.1 winnanny.com
127.0.0.1 winprotect.net
127.0.0.1 www.winrar-download-now.com
127.0.0.1 winrar-download-now.com
127.0.0.1 www.winrar-hq.com
127.0.0.1 winrar-hq.com
127.0.0.1 www.winrar-stop.com
127.0.0.1 winrar-stop.com
127.0.0.1 winshow.biz
127.0.0.1 www.winsoftware.com
127.0.0.1 winsoftware.com
127.0.0.1 www.wintvguide.com
127.0.0.1 wintvguide.com
127.0.0.1 www.win-virus-pro.com
127.0.0.1 win-virus-pro.com
127.0.0.1 www.winzip-11.com
127.0.0.1 winzip-11.com
127.0.0.1 www.winzip-hq.com
127.0.0.1 winzip-hq.com
127.0.0.1 wiresearch.com
127.0.0.1 wish7.com
127.0.0.1 www.wm.buhartes.info
127.0.0.1 wm.buhartes.info
127.0.0.1 www.wm.kannylizaciya.info
127.0.0.1 wm.kannylizaciya.info
127.0.0.1 www.wm.komforochka.info
127.0.0.1 wm.komforochka.info
127.0.0.1 www.wm.vother.info
127.0.0.1 wm.vother.info
127.0.0.1 wolfpacracing.com
127.0.0.1 www.wonder-context.com
127.0.0.1 wonder-context.com
127.0.0.1 woool.100888290cs.com
127.0.0.1 wordlist.jps.ru
127.0.0.1 www.WorldAntiSpy.com
127.0.0.1 WorldAntiSpy.com
127.0.0.1 www.worldbestadult.com
127.0.0.1 worldbestadult.com
127.0.0.1 www.worldray.com
127.0.0.1 worldray.com
127.0.0.1 www.worldsecurityonline.biz
127.0.0.1 worldsecurityonline.biz
127.0.0.1 www.worldtostart.com
127.0.0.1 worldtostart.com
127.0.0.1 worldusa.com
127.0.0.1 www.worldwideadvertisingservices.info
127.0.0.1 worldwideadvertisingservices.info
127.0.0.1 www.wowsearch.org
127.0.0.1 wowsearch.org
127.0.0.1 wpc2001.org
127.0.0.1 wr.mcboo.com
127.0.0.1 wrs.mcboo.com
127.0.0.1 wspzone.sexpornonline.com
127.0.0.1 www.wsupereva.it
127.0.0.1 wsupereva.it
127.0.0.1 www1.beruijindegunhadesun.com
127.0.0.1 www2.p0rt2.com
127.0.0.1 www.www2.p0rt2.com
127.0.0.1 www224.paypopup.com
127.0.0.1 www3.bigtrafficnetwork.com
127.0.0.1 www3.hadesunharuikeya.com
127.0.0.1 www4free.info
127.0.0.1 www5.worldray.com
127.0.0.1 www6.worldray.com
127.0.0.1 www7.logih.com
127.0.0.1 www.www7.logih.com
127.0.0.1 wwwadobe-download-now.com
127.0.0.1 www-audacity.com
127.0.0.1 www.www-audacity.com
127.0.0.1 wwwbet.net
127.0.0.1 wwwbetting.net
127.0.0.1 wwwCrazygirls-world.com
127.0.0.1 wwwdownloadwizard.com
127.0.0.1 www-free-tunes.com
0
Réponse 42 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 19:07
127.0.0.1 www.www-free-tunes.com
127.0.0.1 wwwpokergames.com
127.0.0.1 wwwpokerplayers.com
127.0.0.1 wwwroulette.net
127.0.0.1 wwwsearch.biz
127.0.0.1 www.wwwsearch.biz
127.0.0.1 wwwsearchdrive.info
127.0.0.1 www-spyboot.com
127.0.0.1 www.www-spyboot.com
127.0.0.1 www.www-Spybot.net
127.0.0.1 www-spybot.net
127.0.0.1 www-Spybot.net
127.0.0.1 www.www-spybot.net
127.0.0.1 www.www-spybotcom.com
127.0.0.1 www-spybotcom.com
127.0.0.1 www.www-SpywareBot.org
127.0.0.1 www-SpywareBot.org
127.0.0.1 wwww.2211.net
127.0.0.1 wwww.adnet-plus.com
127.0.0.1 www-win-mx.com
127.0.0.1 www.www-win-mx.com
127.0.0.1 wwwxtremesoftware-ltd.com
127.0.0.1 wwwyahoo.downloadznow.net
127.0.0.1 wzdq.cn
127.0.0.1 www.wzdq.cn
127.0.0.1 x.full-tgp.net
127.0.0.1 xads.cliks.org
127.0.0.1 xathzesocc.com
127.0.0.1 www.xathzesocc.com
127.0.0.1 xbeta69.com
127.0.0.1 xbxxrvnyes.com
127.0.0.1 www.xbxxrvnyes.com
127.0.0.1 xcomics4u.com
127.0.0.1 www.xcorriere.it
127.0.0.1 xcorriere.it
127.0.0.1 www.xerocodec.com
127.0.0.1 xerocodec.com
127.0.0.1 www.xerocodec.net
127.0.0.1 xerocodec.net
127.0.0.1 x-google.net
127.0.0.1 www.xhcodec.com
127.0.0.1 xhcodec.com
127.0.0.1 xibu315.com
127.0.0.1 www.xibu315.com
127.0.0.1 xic-bs.com
127.0.0.1 xjupiter.com
127.0.0.1 www.xjupiter.com
127.0.0.1 xldr.com
127.0.0.1 x-library.com
127.0.0.1 xlola.underagehost.com
127.0.0.1 xmlsearch.mygeek.com
127.0.0.1 www.xorriere.it
127.0.0.1 xorriere.it
127.0.0.1 xosearchox.com
127.0.0.1 www.xosearchox.com
127.0.0.1 xp.attrezzi.biz
127.0.0.1 xp18.com
127.0.0.1 xpassgenerator.com
127.0.0.1 www.xpassgenerator.com
127.0.0.1 xpasswordmanager.com
127.0.0.1 www.xpasswordmanager.com
127.0.0.1 www.x-porngalleries.com
127.0.0.1 x-porngalleries.com
127.0.0.1 www.x-pornmoviez.com
127.0.0.1 x-pornmoviez.com
127.0.0.1 www.x-pornmovz.com
127.0.0.1 x-pornmovz.com
127.0.0.1 www.x-prnmoviez.com
127.0.0.1 x-prnmoviez.com
127.0.0.1 xp-vista.com
127.0.0.1 www.xp-vista.com
127.0.0.1 x-ratedclips.com
127.0.0.1 www.x-ratedclips.com
127.0.0.1 www.xrdenterprise.com
127.0.0.1 xrdenterprise.com
127.0.0.1 xrenoder.com
127.0.0.1 www.xrenoder.com
127.0.0.1 xrenosearch.com
127.0.0.1 xrensmagpost.com
127.0.0.1 xsec.org
127.0.0.1 www.xsec.org
127.0.0.1 xsex.ws
127.0.0.1 xsremover.com
127.0.0.1 www.xsremover.com
127.0.0.1 xtipp.de
127.0.0.1 www.xtipp.de
127.0.0.1 www.xtosearch.biz
127.0.0.1 xtosearch.biz
127.0.0.1 xtragay.com
127.0.0.1 www.xtravideos.com
127.0.0.1 xtravideos.com
127.0.0.1 xtremesoftware-ltd.com
127.0.0.1 xu.pl
127.0.0.1 xu.xu.pl
127.0.0.1 www.xupiter.com
127.0.0.1 xupiter.com
127.0.0.1 xvgate.com
127.0.0.1 www.xvgate.com
127.0.0.1 www.xvidscollection.com
127.0.0.1 xvidscollection.com
127.0.0.1 www.xvsenterprise.com
127.0.0.1 xvsenterprise.com
127.0.0.1 x-webdesign.com
127.0.0.1 xwebsearch.biz
127.0.0.1 www.xwebsearch.biz
127.0.0.1 www.xxlblog.info
127.0.0.1 xxlblog.info
127.0.0.1 www.xxx.com
127.0.0.1 xxx.com
127.0.0.1 xxxallvideo.com
127.0.0.1 www.xxxallvideo.com
127.0.0.1 xxxcategories.com
127.0.0.1 xxxemailxxx.com
127.0.0.1 xxxmovietour.com
127.0.0.1 www.xxxmovietour.com
127.0.0.1 www.xxxpornmovs.com
127.0.0.1 xxxpornmovs.com
127.0.0.1 xxxteenfilm.com
127.0.0.1 www.xxxteenfilm.com
127.0.0.1 xxxtoolbar.com
127.0.0.1 xxxzonevideo.com
127.0.0.1 www.xxxzonevideo.com
127.0.0.1 www.xyzlimited.com
127.0.0.1 xyzlimited.com
127.0.0.1 www.xyzsolution.com
127.0.0.1 xyzsolution.com
127.0.0.1 xzoomy.com
127.0.0.1 yahabags.com
127.0.0.1 www.yahabags.com
127.0.0.1 yahoo.downloadznow.net
127.0.0.1 yahoo.panet.org
127.0.0.1 www.yboeragu.com
127.0.0.1 yboeragu.com
127.0.0.1 www.ydaproject.com
127.0.0.1 ydaproject.com
127.0.0.1 yeak.net
127.0.0.1 y-e-l-l-o-w.com
127.0.0.1 yellow500.com
127.0.0.1 yezol.com
127.0.0.1 www.ygcoueorn.com
127.0.0.1 ygcoueorn.com
127.0.0.1 www.ygcovtvcp.com
127.0.0.1 ygcovtvcp.com
127.0.0.1 www.ygoogle.it
127.0.0.1 ygoogle.it
127.0.0.1 ygsondheks.info
127.0.0.1 www.ygsondheks.info
127.0.0.1 yim-stop.com
127.0.0.1 www.yim-stop.com
127.0.0.1 www.yiscali.it
127.0.0.1 yiscali.it
127.0.0.1 www.ymctaaqada.com
127.0.0.1 ymctaaqada.com
127.0.0.1 www.ymct-aaqada.com
127.0.0.1 ymct-aaqada.com
127.0.0.1 www.ymctavxiz.biz
127.0.0.1 ymctavxiz.biz
127.0.0.1 yoogee.com
127.0.0.1 www.yoogee.com
127.0.0.1 www.yoogle.it
127.0.0.1 yoogle.it
127.0.0.1 yootube.info
127.0.0.1 yops.biz
127.0.0.1 www.yops.biz
127.0.0.1 youfindall.com
127.0.0.1 youfindall.net
127.0.0.1 www.youlikehere.com
127.0.0.1 youlikehere.com
127.0.0.1 www.youniyouwo.com
127.0.0.1 youniyouwo.com
127.0.0.1 yourbookmarks.info
127.0.0.1 yourbookmarks.ws
127.0.0.1 www.yourchillyvids.com
127.0.0.1 yourchillyvids.com
127.0.0.1 yourcodec.com
127.0.0.1 www.yourcodec.com
127.0.0.1 yourieprotect.com
127.0.0.1 www.yourieprotect.com
127.0.0.1 youriesafety.com
127.0.0.1 www.youriesafety.com
127.0.0.1 youriesecure.com
127.0.0.1 www.youriesecure.com
127.0.0.1 www.yourphotozone.com
127.0.0.1 yourphotozone.com
127.0.0.1 your-prescriptions.net
127.0.0.1 yoursearchspace.com
127.0.0.1 www.yoursearchspace.com
127.0.0.1 yoursitebar.com
127.0.0.1 you-search.com
127.0.0.1 you-search.com.ru
127.0.0.1 ypir.com
127.0.0.1 ysa-info.net
127.0.0.1 ysbweb.com
127.0.0.1 www.ysbweb.com
127.0.0.1 www.ytiscali.it
127.0.0.1 ytiscali.it
127.0.0.1 www.ytrenitalia.it
127.0.0.1 ytrenitalia.it
127.0.0.1 yukohamano.com
127.0.0.1 www.yunibo.it
127.0.0.1 yunibo.it
127.0.0.1 ywebsearch.info
127.0.0.1 zabywjwzlr.biz.biz
127.0.0.1 www.zabywjwzlr.biz.biz
127.0.0.1 www.zalitalia.it
127.0.0.1 zalitalia.it
127.0.0.1 www.zangcodec.net
127.0.0.1 zangcodec.net
127.0.0.1 zangocash.com
127.0.0.1 www.zangocash.com
127.0.0.1 zapros.com
127.0.0.1 zcodec.com
127.0.0.1 www.zcodec.com
127.0.0.1 zdrqmpad.com
127.0.0.1 www.zdrqmpad.com
127.0.0.1 zelaznyworld.com
127.0.0.1 www.zelaznyworld.com
127.0.0.1 zenotecnico.com
127.0.0.1 www.zenotecnico.com
127.0.0.1 zenotecnico2.com
127.0.0.1 www.zenotecnico2.com
127.0.0.1 zero.bestmanage.org
127.0.0.1 zero.bestmanage0.org
127.0.0.1 zero.bestmanage1.org
127.0.0.1 zero.bestmanage2.org
127.0.0.1 zero.bestmanage3.org
127.0.0.1 zero.bestmanage4.org
127.0.0.1 zero.bestmanage5.org
127.0.0.1 zero.bestmanage6.org
127.0.0.1 zero.bestmanage7.org
127.0.0.1 zero.bestmanage8.org
127.0.0.1 zero.bestmanage9.org
127.0.0.1 zero.serverc.org
127.0.0.1 zero.sisdotnet.com
127.0.0.1 www.zerocodec.com
127.0.0.1 zerocodec.com
127.0.0.1 zero-codec.com
127.0.0.1 www.zero-codec.com
127.0.0.1 zesearch.com
127.0.0.1 zestyfind.com
127.0.0.1 www.zestyfind.com
127.0.0.1 zfxaqzkevi.com
127.0.0.1 www.zfxaqzkevi.com
127.0.0.1 zhmbscwdgk.biz
127.0.0.1 www.zhmbscwdgk.biz
127.0.0.1 zipcodec.com
127.0.0.1 www.zipcodec.com
127.0.0.1 ziportal.com
127.0.0.1 zipportal.com
127.0.0.1 zippy-lookup.com
127.0.0.1 www.zippy-lookup.com
127.0.0.1 zjkjw.gov.cn
127.0.0.1 www.zjkjw.gov.cn
127.0.0.1 znext.com
127.0.0.1 www.znext.com
127.0.0.1 zonealarm-download-now.com
127.0.0.1 www.zonealarm-download-now.com
127.0.0.1 zonealarm-stop.com
127.0.0.1 www.zonealarm-stop.com
127.0.0.1 zone-media.com
127.0.0.1 www.zone-media.com
127.0.0.1 zoneoffreeporn.com
127.0.0.1 zoofil.com
127.0.0.1 zoomegasite.com
127.0.0.1 www.zpwebsource.com
127.0.0.1 zpwebsource.com
127.0.0.1 www.zqavanjpn.biz
127.0.0.1 zqavanjpn.biz
127.0.0.1 z-quest.com
127.0.0.1 www.z-quest.com
127.0.0.1 www.zsupereva.it
127.0.0.1 zsupereva.it
127.0.0.1 www.zsvcompany.com
127.0.0.1 zsvcompany.com
127.0.0.1 zurrusco.com
127.0.0.1 www.zurrusco.com
127.0.0.1 zvimigdal.com
127.0.0.1 www.zxcsolution.com
127.0.0.1 zxcsolution.com
127.0.0.1 zxlinks.com
127.0.0.1 www.zxlinks.com
127.0.0.1 zyban-zocor-levitra.com
127.0.0.1 www.adintelligence.net
127.0.0.1 adintelligence.net
127.0.0.1 adware.pro
127.0.0.1 www.adware.pro
127.0.0.1 www.adwarealert.com
127.0.0.1 adwarealert.com
127.0.0.1 ad-warealert.com
127.0.0.1 www.ad-warealert.com
127.0.0.1 adwarearrest.com
127.0.0.1 www.adwarearrest.com
127.0.0.1 www.allcollisions.com
127.0.0.1 allcollisions.com
127.0.0.1 codecplay.com
127.0.0.1 www.codecplay.com
127.0.0.1 www.creatonsoft.com
127.0.0.1 creatonsoft.com
127.0.0.1 download.adintelligence.net
127.0.0.1 www.encodeinstrument.com
127.0.0.1 encodeinstrument.com
127.0.0.1 www.errorsmart.com
127.0.0.1 errorsmart.com
127.0.0.1 www.evidenceeraser.com
127.0.0.1 evidenceeraser.com
127.0.0.1 www.fapparatus.com
127.0.0.1 fapparatus.com
127.0.0.1 fastmediaservice.com
127.0.0.1 www.fastmediaservice.com
127.0.0.1 firecodec.com
127.0.0.1 www.firecodec.com
127.0.0.1 www.free-pc-repair.com
127.0.0.1 free-pc-repair.com
127.0.0.1 www.free-registrysmart.com
127.0.0.1 free-registrysmart.com
127.0.0.1 gasan.ru
127.0.0.1 www.gasan.ru
127.0.0.1 gicoupler.com
127.0.0.1 www.gicoupler.com
127.0.0.1 www.hqcodecvip.com
127.0.0.1 hqcodecvip.com
127.0.0.1 privacycontrol.com
127.0.0.1 www.privacycontrol.com
127.0.0.1 www.privacycontrols.com
127.0.0.1 privacycontrols.com
127.0.0.1 privacytower.com
127.0.0.1 www.privacytower.com
127.0.0.1 pvgadget.com
127.0.0.1 www.pvgadget.com
127.0.0.1 www.regclean.com
127.0.0.1 regclean.com
127.0.0.1 regrecall.com
127.0.0.1 www.regrecall.com
127.0.0.1 www.spacecodec.com
127.0.0.1 spacecodec.com
127.0.0.1 www.spywareremover.com
127.0.0.1 spywareremover.com
127.0.0.1 www.tw7890.com
127.0.0.1 tw7890.com
127.0.0.1 www.viewdevice.com
127.0.0.1 viewdevice.com
127.0.0.1 vipcodecvip.com
127.0.0.1 www.virusheat.com
127.0.0.1 virusheat.com
0
Réponse 43 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 19:08
127.0.0.1 websoft-a.com
127.0.0.1 www.websoft-a.com
127.0.0.1 WWW.vipcodecvip.com
127.0.0.1 www.blackcodec.com
127.0.0.1 blackcodec.com
127.0.0.1 www.codecmoon.com
127.0.0.1 codecmoon.com
127.0.0.1 www.explorertool.net
127.0.0.1 explorertool.net
127.0.0.1 www.movstube.com
127.0.0.1 movstube.com
127.0.0.1 www.nitrocodec.com
127.0.0.1 nitrocodec.com
127.0.0.1 www.photorepositary.com
127.0.0.1 photorepositary.com
127.0.0.1 www.picturesbomb.com
127.0.0.1 picturesbomb.com
127.0.0.1 www.pornwizardry.com
127.0.0.1 pornwizardry.com
127.0.0.1 www.regsweep.com
127.0.0.1 regsweep.com
127.0.0.1 www.remover.org
127.0.0.1 remover.org
127.0.0.1 www.restore-pc.com
127.0.0.1 restore-pc.com
127.0.0.1 www.rockingmovs.com
127.0.0.1 rockingmovs.com
127.0.0.1 www.search-and-destroy.com
127.0.0.1 search-and-destroy.com
127.0.0.1 www.starzvideos.net
127.0.0.1 starzvideos.net
127.0.0.1 www.turbocodec.com
127.0.0.1 turbocodec.com
127.0.0.1 update.shareaza.com
127.0.0.1 www.videoadaptation.com
127.0.0.1 videoadaptation.com
127.0.0.1 www.viewutility.com
127.0.0.1 viewutility.com
127.0.0.1 www.ynotube.com
127.0.0.1 ynotube.com
127.0.0.1 www.add-hhh.info
127.0.0.1 add-hhh.info
127.0.0.1 www.doofo.com
127.0.0.1 doofo.com
127.0.0.1 www.ad25.com
127.0.0.1 www.ad45.com
127.0.0.1 www.ad77.com
127.0.0.1 www.ad86.com
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywareupdates.net
127.0.0.1 www.blockcheckercontrol.com
127.0.0.1 blockcheckercontrol.com
127.0.0.1 www.dvd-codec.com
127.0.0.1 dvd-codec.com
127.0.0.1 www.mega-downloads.net
127.0.0.1 mega-downloads.net
127.0.0.1 spybotsearchudestroy.mega-downloads.net
127.0.0.1 www.spywarestop.com
127.0.0.1 spywarestop.com
127.0.0.1 www.websoftcodecdriver.com
127.0.0.1 websoftcodecdriver.com
127.0.0.1 www.websoftcodecdriver2.com
127.0.0.1 websoftcodecdriver2.com
127.0.0.1 www.winxpspeedup.com
127.0.0.1 winxpspeedup.com
127.0.0.1 www.reliablestats.com
127.0.0.1 reliablestats.com
127.0.0.1 www.safenavweb.com
127.0.0.1 safenavweb.com
127.0.0.1 www.spywareisolator.com
127.0.0.1 spywareisolator.com
127.0.0.1 www.x-webdesign.com
127.0.0.1 .supercocklol.com
127.0.0.1 www..webloyalty.com
127.0.0.1 www.antispykit.com
127.0.0.1 antispykit.com
127.0.0.1 www.antispyshield.com
127.0.0.1 antispyshield.com
127.0.0.1 aviadaptation.com
127.0.0.1 www.aviadaptation.com
127.0.0.1 www.avicoupler.com
127.0.0.1 avicoupler.com
127.0.0.1 blacklegion.info
127.0.0.1 www.blacklegion.info
127.0.0.1 www.citycodec.com
127.0.0.1 citycodec.com
127.0.0.1 cookingluck.com
127.0.0.1 www.cookingluck.com
127.0.0.1 f1.cookingluck.com
127.0.0.1 f2.cookingluck.com
127.0.0.1 f3.cookingluck.com
127.0.0.1 f4.cookingluck.com
127.0.0.1 f5.cookingluck.com
127.0.0.1 f6.cookingluck.com
127.0.0.1 f7.cookingluck.com
127.0.0.1 f8.cookingluck.com
127.0.0.1 f9.cookingluck.com
127.0.0.1 www.gateqy.com
127.0.0.1 gateqy.com
127.0.0.1 googlebawt.com
127.0.0.1 www.googlebawt.com
127.0.0.1 www.inktomi.com
127.0.0.1 inktomi.com
127.0.0.1 www.ixcodec.net
127.0.0.1 ixcodec.net
127.0.0.1 www.jobusiness.org
127.0.0.1 jobusiness.org
127.0.0.1 www.lolyousuck.com
127.0.0.1 lolyousuck.com
127.0.0.1 www.malwarecore.com
127.0.0.1 malwarecore.com
127.0.0.1 members-site.net
127.0.0.1 www.members-site.net
127.0.0.1 movperformance.com
127.0.0.1 www.movperformance.com
127.0.0.1 movutility.com
127.0.0.1 www.movutility.com
127.0.0.1 mpgapplication.com
127.0.0.1 www.mpgapplication.com
127.0.0.1 www.mpgassistant.com
127.0.0.1 mpgassistant.com
127.0.0.1 www.mpggadget.com
127.0.0.1 mpggadget.com
127.0.0.1 www.om7890.com
127.0.0.1 om7890.com
127.0.0.1 www.pc-spyware-remover.com
127.0.0.1 pc-spyware-remover.com
127.0.0.1 s1.cookingluck.com
127.0.0.1 s2.cookingluck.com
127.0.0.1 s3.cookingluck.com
127.0.0.1 s4.cookingluck.com
127.0.0.1 s5.cookingluck.com
127.0.0.1 s6.cookingluck.com
127.0.0.1 s7.cookingluck.com
127.0.0.1 s8.cookingluck.com
127.0.0.1 s9.cookingluck.com
127.0.0.1 setup.jobusiness.org
127.0.0.1 supercocklol.com
127.0.0.1 www.supercocklol.com
127.0.0.1 www.technicalcontact.com
127.0.0.1 technicalcontact.com
127.0.0.1 www.transaction-id.com
127.0.0.1 transaction-id.com
127.0.0.1 viewmpgdevice.com
127.0.0.1 www.viewmpgdevice.com
127.0.0.1 webloyalty.com
127.0.0.1 www.wmaassistant.com
127.0.0.1 wmaassistant.com
127.0.0.1 www.wmvappliance.com
127.0.0.1 wmvappliance.com
127.0.0.1 www.wmvsolution.com
127.0.0.1 wmvsolution.com
127.0.0.1 www.www-spybot-info.com
127.0.0.1 www-spybot-info.com
127.0.0.1 xpantiviruspro.com
127.0.0.1 www.xpantiviruspro.com
127.0.0.1 xponlinescanner.com
127.0.0.1 www.xponlinescanner.com
127.0.0.1 www.xp-protect-2008.com
127.0.0.1 xp-protect-2008.com
127.0.0.1 www.avidirection.com
127.0.0.1 avidirection.com
127.0.0.1 www.bestmovszone.com
127.0.0.1 bestmovszone.com
127.0.0.1 directnameservice.com
127.0.0.1 www.directnameservice.com
127.0.0.1 www.eazel.com
127.0.0.1 eazel.com
127.0.0.1 www.here4search.com
127.0.0.1 jpeg2007.com
127.0.0.1 www.jpeg2007.com
127.0.0.1 movhelper.com
127.0.0.1 www.movhelper.com
127.0.0.1 satisfactionclips.com
127.0.0.1 www.satisfactionclips.com
127.0.0.1 sexmovsonline.com
127.0.0.1 www.sexmovsonline.com
127.0.0.1 www.spybot-free-scan.com
127.0.0.1 spybot-free-scan.com
127.0.0.1 www.webloyalty.com
127.0.0.1 www.advancedcleaner.com
127.0.0.1 advancedcleaner.com
127.0.0.1 www.Ahnenforschung.de
127.0.0.1 Ahnenforschung.de
127.0.0.1 Ahnenforschung.de
127.0.0.1 astrologie-server.com
127.0.0.1 www.astrologie-server.com
127.0.0.1 astrologie-server.com
127.0.0.1 berufe-jobs.de
127.0.0.1 www.berufe-jobs.de
127.0.0.1 berufe-jobs.de
127.0.0.1 berufe-server.de
127.0.0.1 www.berufe-server.de
127.0.0.1 berufe-server.de
127.0.0.1 www.berufe-welt.de
127.0.0.1 berufe-welt.de
127.0.0.1 berufe-welt.de
127.0.0.1 www.berufs-wahl.de
127.0.0.1 berufs-wahl.de
127.0.0.1 berufs-wahl.de
127.0.0.1 bill.de
127.0.0.1 bill.de
127.0.0.1 www.bill.de
127.0.0.1 www.cocktails-ideen.de
127.0.0.1 cocktails-ideen.de
127.0.0.1 cocktails-ideen.de
127.0.0.1 www.dvden.de
127.0.0.1 dvden.de
127.0.0.1 dvden.de
127.0.0.1 esims.ch
127.0.0.1 www.esims.ch
127.0.0.1 esims.ch
127.0.0.1 www.every-game.com
127.0.0.1 every-game.com
127.0.0.1 every-game.com
127.0.0.1 fabrikverkauf.com
127.0.0.1 www.fabrikverkauf.com
127.0.0.1 fabrikverkauf.com
127.0.0.1 www.fabrik-verkauf.de
127.0.0.1 fabrik-verkauf.de
127.0.0.1 fabrik-verkauf.de
127.0.0.1 Fahrschulquiz.com
127.0.0.1 www.Fahrschulquiz.com
127.0.0.1 Fahrschulquiz.com
127.0.0.1 fuehrerscheincheck.com
127.0.0.1 fuehrerscheincheck.com
127.0.0.1 www.fuehrerscheincheck.com
127.0.0.1 www.games-u-spiele.de
127.0.0.1 games-u-spiele.de
127.0.0.1 games-u-spiele.de
127.0.0.1 www.Geburtstag-infos.de
127.0.0.1 Geburtstag-infos.de
127.0.0.1 Geburtstag-infos.de
127.0.0.1 Geburtstags-info.de
127.0.0.1 Geburtstags-info.de
127.0.0.1 www.Geburtstags-info.de
127.0.0.1 www.geburtstags-infos.de
127.0.0.1 geburtstags-infos.de
127.0.0.1 geburtstags-infos.de
127.0.0.1 www.gedichte.de
127.0.0.1 gedichte.de
127.0.0.1 gedichte.de
127.0.0.1 gedichte-server.com
127.0.0.1 www.gedichte-server.com
127.0.0.1 gedichte-server.com
127.0.0.1 gehalt-berechnung.de
127.0.0.1 www.gehalt-berechnung.de
127.0.0.1 gehalt-berechnung.de
127.0.0.1 gehaltsrechner.de
127.0.0.1 Gehaltsrechner.de
127.0.0.1 www.gehaltsrechner.de
127.0.0.1 gehaltsrechner.de
127.0.0.1 Gehaltsrechner.de
127.0.0.1 www.Gehaltsrechner.de
127.0.0.1 www.gehalts-rechner.de
127.0.0.1 gehalts-rechner.de
127.0.0.1 Gehalts-rechner.de
127.0.0.1 Gehalts-rechner.de
127.0.0.1 gehalts-rechner.de
127.0.0.1 www.Gehalts-rechner.de
127.0.0.1 genealogie.de
127.0.0.1 www.genealogie.de
127.0.0.1 genealogie.de
127.0.0.1 germanys-best-topmodel.de
127.0.0.1 germanys-best-topmodel.de
127.0.0.1 www.germanys-best-topmodel.de
127.0.0.1 Gifs-u-cliparts.de
127.0.0.1 www.Gifs-u-cliparts.de
127.0.0.1 Gifs-u-cliparts.de
127.0.0.1 grafik-archiv.com
127.0.0.1 www.grafik-archiv.com
127.0.0.1 grafik-archiv.com
127.0.0.1 GratisDVD.net
127.0.0.1 www.GratisDVD.net
127.0.0.1 GratisDVD.net
127.0.0.1 grusskarten-versand.com
127.0.0.1 grusskarten-versand.com
127.0.0.1 www.grusskarten-versand.com
0
Réponse 44 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 19:09
Suite:


127.0.0.1 hausaufgaben.de
127.0.0.1 www.hausaufgaben.de
127.0.0.1 hausaufgaben.de
127.0.0.1 www.hausaufgaben-referate.de
127.0.0.1 hausaufgaben–referate.de
127.0.0.1 hausaufgaben–referate.de
127.0.0.1 www.hausaufgaben-server.com
127.0.0.1 hausaufgaben-server.com
127.0.0.1 hausaufgaben-server.com
127.0.0.1 hochzeitsgedichte.de
127.0.0.1 www.hochzeitsgedichte.de
127.0.0.1 hochzeitsgedichte.de
127.0.0.1 IGFight.de
127.0.0.1 www.IGFight.de
127.0.0.1 IGFight.de
127.0.0.1 www.infostore.org
127.0.0.1 infostore.org
127.0.0.1 www.iqfight.de
127.0.0.1 iqfight.de
127.0.0.1 iqfight.de
127.0.0.1 IQtest.de
127.0.0.1 www.IQtest.de
127.0.0.1 IQtest.de
127.0.0.1 kochrezepte-net.de
127.0.0.1 www.kochrezepte-net.de
127.0.0.1 kochrezepte-net.de
127.0.0.1 kochrezepte-server.com
127.0.0.1 www.kochrezepte-server.com
127.0.0.1 kochrezepte-server.com
127.0.0.1 www.landkarte.de
127.0.0.1 landkarte.de
127.0.0.1 landkarte.de
127.0.0.1 Lebenserwartung-online.de
127.0.0.1 Lebenserwartung-online.de
127.0.0.1 www.Lebenserwartung-online.de
127.0.0.1 www.Lebensprognose.de
127.0.0.1 Lebensprognose.de
127.0.0.1 Lebensprognose.de
127.0.0.1 lyrik.de
127.0.0.1 www.lyrik.de
127.0.0.1 lyrik.de
127.0.0.1 meine-grafiken.de
127.0.0.1 meine-grafiken.de
127.0.0.1 www.meine-grafiken.de
127.0.0.1 millionenquiz.com
127.0.0.1 www.millionenquiz.com
127.0.0.1 millionenquiz.com
127.0.0.1 millonenquiz.de
127.0.0.1 www.millonenquiz.de
127.0.0.1 millonenquiz.de
127.0.0.1 www.mitfahr-portal.de
127.0.0.1 mitfahr-portal.de
127.0.0.1 mitfahr-portal.de
127.0.0.1 movie-tester.com
127.0.0.1 www.movie-tester.com
127.0.0.1 movie-tester.com
127.0.0.1 www.my-tiere.de
127.0.0.1 my-tiere.de
127.0.0.1 my-tiere.de
127.0.0.1 namens-bedeutung.de
127.0.0.1 www.namens-bedeutung.de
127.0.0.1 namens-bedeutung.de
127.0.0.1 namens-info.de
127.0.0.1 namens-info.de
127.0.0.1 www.namens-info.de
127.0.0.1 www.namen-und-ahnen.de
127.0.0.1 namen-und-ahnen.de
127.0.0.1 namen-und-ahnen.de
127.0.0.1 nimimit.de
127.0.0.1 nimimit.de
127.0.0.1 www.nimimit.de
127.0.0.1 www.ojiang.com
127.0.0.1 ojiang.com
127.0.0.1 online-flirten.de
127.0.0.1 online-flirten.de
127.0.0.1 www.online-flirten.de
127.0.0.1 www.online-iq-test.de
127.0.0.1 online-iq-test.de
127.0.0.1 online-iq-test.de
127.0.0.1 online-routenplaner.de
127.0.0.1 www.online-routenplaner.de
127.0.0.1 online-routenplaner.de
127.0.0.1 p2p.ag
127.0.0.1 p2p.ag
127.0.0.1 www.p2p.ag
127.0.0.1 pc-games.de
127.0.0.1 www.pc-games.de
127.0.0.1 pc-games.de
127.0.0.1 www.p-o-r-n-0.com
127.0.0.1 p-o-r-n-0.com
127.0.0.1 proben-fuer-1800-euro.com
127.0.0.1 proben-fuer-1800-euro.com
127.0.0.1 www.proben-fuer-1800-euro.com
127.0.0.1 produktpruefer.com
127.0.0.1 produktpruefer.com
127.0.0.1 www.produktpruefer.com
127.0.0.1 profi-routenplaner.de
127.0.0.1 profi-routenplaner.de
127.0.0.1 www.profi-routenplaner.de
127.0.0.1 pruefung-beginnen.net
127.0.0.1 www.pruefung-beginnen.net
127.0.0.1 pruefung-beginnen.net
127.0.0.1 www.routenplaner.com
127.0.0.1 routenplaner.com
127.0.0.1 routenplaner.com
127.0.0.1 routenplaner-online.de
127.0.0.1 routenplaner-online.de
127.0.0.1 www.routenplaner-online.de
127.0.0.1 www.routenplaner-server.com
127.0.0.1 routenplaner-server.com
127.0.0.1 routenplaner-server.com
127.0.0.1 schuldentipps.de
127.0.0.1 www.schuldentipps.de
127.0.0.1 schuldentipps.de
127.0.0.1 securepccleaner.com
127.0.0.1 www.securepccleaner.com
127.0.0.1 www.shuixian.net
127.0.0.1 shuixian.net
127.0.0.1 www.stromverbrauch.de
127.0.0.1 stromverbrauch.de
127.0.0.1 stromverbrauch.de
127.0.0.1 www.sudoku.de
127.0.0.1 sudoku.de
127.0.0.1 sudoku.de
127.0.0.1 sudoku-jetzt.de
127.0.0.1 sudoku-jetzt.de
127.0.0.1 www.sudoku-jetzt.de
127.0.0.1 sudoku-welt.com
127.0.0.1 sudoku-welt.com
127.0.0.1 www.sudoku-welt.com
127.0.0.1 tattoo-paradies.de
127.0.0.1 tattoo-paradies.de
127.0.0.1 www.tattoo-paradies.de
127.0.0.1 tattoo-server.com
127.0.0.1 www.tattoo-server.com
127.0.0.1 tattoo-server.com
127.0.0.1 Tattoos-paradies.de
127.0.0.1 www.Tattoos-paradies.de
127.0.0.1 Tattoos-paradies.de
127.0.0.1 www.thespybot.com
127.0.0.1 thespybot.com
127.0.0.1 www.tiere-infos.de
127.0.0.1 tiere-infos.de
127.0.0.1 tiere-infos.de
127.0.0.1 trauergedichte.de
127.0.0.1 trauergedichte.de
127.0.0.1 www.trauergedichte.de
127.0.0.1 verkehrsprofi.com
127.0.0.1 verkehrsprofi.com
127.0.0.1 www.verkehrsprofi.com
127.0.0.1 www.verwandschafts-test.de
127.0.0.1 verwandschafts-test.de
127.0.0.1 verwandschafts-test.de
127.0.0.1 vorlagen-archiv.com
127.0.0.1 www.vorlagen-archiv.com
127.0.0.1 vorlagen-archiv.com
127.0.0.1 vorlagen-paradies.de
127.0.0.1 vorlagen-paradies.de
127.0.0.1 www.vorlagen-paradies.de
127.0.0.1 vorlagen-world.de
127.0.0.1 www.vorlagen-world.de
127.0.0.1 vorlagen-world.de
127.0.0.1 www.wer-bumst-mich.de
127.0.0.1 wer-bumst-mich.de
127.0.0.1 xlarea.com
127.0.0.1 www.xlarea.com
127.0.0.1 xldd.com
127.0.0.1 www.xldd.com
127.0.0.1 cazygirls-world.com
127.0.0.1 www.searchdrive.info
127.0.0.1 9mmporn.com
127.0.0.1 www.adultcodecstars.com
127.0.0.1 adultcodecstars.com
127.0.0.1 www.antivirus2008x.com
127.0.0.1 antivirus2008x.com
127.0.0.1 www.asfadaptation.com
127.0.0.1 asfadaptation.com
127.0.0.1 www.bigcodecadult2008.com
127.0.0.1 bigcodecadult2008.com
127.0.0.1 www.bighot18-adult2008.com
127.0.0.1 bighot18-adult2008.com
127.0.0.1 www.bighot18codec2008.com
127.0.0.1 bighot18codec2008.com
127.0.0.1 www.boomgirltv.com
127.0.0.1 boomgirltv.com
127.0.0.1 www.codecadult18.com
127.0.0.1 codecadult18.com
127.0.0.1 www.flwcoupler.com
127.0.0.1 flwcoupler.com
127.0.0.1 www.flwplayer.com
127.0.0.1 flwplayer.com
127.0.0.1 www.flyvideonetwork.com
127.0.0.1 flyvideonetwork.com
127.0.0.1 www.fullsystemprotection.com
127.0.0.1 fullsystemprotection.com
127.0.0.1 www.gamecodec.com
127.0.0.1 gamecodec.com
127.0.0.1 hardpornmpg.com
127.0.0.1 www.herocodec.com
127.0.0.1 herocodec.com
127.0.0.1 www.hot18-codec2008.com
127.0.0.1 hot18-codec2008.com
127.0.0.1 www.hot-adult18.com
127.0.0.1 hot-adult18.com
127.0.0.1 www.hot-adulttube08.com
127.0.0.1 hot-adulttube08.com
127.0.0.1 www.hotcodecstars.com
127.0.0.1 hotcodecstars.com
127.0.0.1 www.hotecodec18.com
127.0.0.1 hotecodec18.com
127.0.0.1 www.knowhowprotection.com
127.0.0.1 knowhowprotection.com
127.0.0.1 www.mpegaddons.com
127.0.0.1 mpegaddons.com
127.0.0.1 www.nachbarschaftspost.com
127.0.0.1 nachbarschaftspost.com
127.0.0.1 www.negativebeats.com
127.0.0.1 negativebeats.com
127.0.0.1 www.porno-codec.com
127.0.0.1 porno-codec.com
127.0.0.1 www.porn-youtube-08.org
127.0.0.1 porn-youtube-08.org
127.0.0.1 www.sexicodecstars.com
127.0.0.1 sexicodecstars.com
127.0.0.1 www.sexycodecadult.com
127.0.0.1 sexycodecadult.com
127.0.0.1 www.storageprotector.com
127.0.0.1 storageprotector.com
127.0.0.1 www.swfutility.com
127.0.0.1 swfutility.com
127.0.0.1 trojansfiltre.co
127.0.0.1 www.trojanskiller.com
127.0.0.1 trojanskiller.com
127.0.0.1 www.trustedprotection.com
127.0.0.1 trustedprotection.com
127.0.0.1 www.winsecureav.com
127.0.0.1 winsecureav.com
127.0.0.1 www.winspycontrol.com
127.0.0.1 winspycontrol.com
127.0.0.1 www.wmvassistant.com
127.0.0.1 wmvassistant.com
127.0.0.1 www.antivirussuite.com
127.0.0.1 antivirussuite.com
127.0.0.1 www.eliteprotector.com
127.0.0.1 eliteprotector.com
127.0.0.1 www.malwaredestructor.com
127.0.0.1 malwaredestructor.com
127.0.0.1 www.spy-kill.com
127.0.0.1 www.88vcd.com
127.0.0.1 88vcd.com
127.0.0.1 www.abccodec.com
127.0.0.1 abccodec.com
127.0.0.1 www.adult18codec.com
127.0.0.1 adult18codec.com
127.0.0.1 www.adultcodec-2008.com
127.0.0.1 adultcodec-2008.com
127.0.0.1 www.antivirus-scanner.com
127.0.0.1 antivirus-scanner.com
127.0.0.1 www.avihelper.com
127.0.0.1 avihelper.com
127.0.0.1 www.avitool.com
127.0.0.1 avitool.com
127.0.0.1 www.bestsearchworld.info
127.0.0.1 bestsearchworld.info
127.0.0.1 www.bigcodecadult.com
127.0.0.1 bigcodecadult.com
127.0.0.1 www.bigcodecadult2008-17.com
127.0.0.1 bigcodecadult2008-17.com
127.0.0.1 www.bighot18adult2008.com
127.0.0.1 bighot18adult2008.com
127.0.0.1 www.bighot18-codec2008.com
127.0.0.1 bighot18-codec2008.com
127.0.0.1 www.codecbest.com
127.0.0.1 codecbest.com
127.0.0.1 www.codecdemo.com
127.0.0.1 codecdemo.com
127.0.0.1 www.codecmega.com
127.0.0.1 codecmega.com
127.0.0.1 www.codecnitro.com
127.0.0.1 codecnitro.com
127.0.0.1 www.codecred.net
127.0.0.1 codecred.net
127.0.0.1 www.coolonlinebusiness.com
127.0.0.1 coolonlinebusiness.com
127.0.0.1 www.destroy-spyware.net
127.0.0.1 destroy-spyware.net
127.0.0.1 www.download-now.rmp1.info
127.0.0.1 download-now.rmp1.info
127.0.0.1 www.flwsolution.com
127.0.0.1 flwsolution.com
127.0.0.1 www.freemp3splanet.com
127.0.0.1 freemp3splanet.com
127.0.0.1 www.free-spyware-downloads.com
127.0.0.1 free-spyware-downloads.com
127.0.0.1 www.getavideonow.com
127.0.0.1 getavideonow.com
127.0.0.1 www.globalfreesearch.com
127.0.0.1 globalfreesearch.com
127.0.0.1 www.globalsoftwareagreement.com
127.0.0.1 globalsoftwareagreement.com
127.0.0.1 www.hot18adult2008.com
127.0.0.1 hot18adult2008.com
127.0.0.1 www.hot200818codec.com
127.0.0.1 hot200818codec.com
127.0.0.1 www.hot2008-18codec.com
127.0.0.1 hot2008-18codec.com
127.0.0.1 www.hot2008codec.com
127.0.0.1 hot2008codec.com
127.0.0.1 www.hot-codec18.com
127.0.0.1 hot-codec18.com
127.0.0.1 www.hotstars2008-17.com
127.0.0.1 hotstars2008-17.com
127.0.0.1 www.movappliance.com
127.0.0.1 movappliance.com
127.0.0.1 www.mp3evo.com
127.0.0.1 mp3evo.com
127.0.0.1 www.mpeghelper.com
127.0.0.1 mpeghelper.com
127.0.0.1 www.mynetprotector.com
127.0.0.1 mynetprotector.com
127.0.0.1 www.neededproducts.com
127.0.0.1 neededproducts.com
127.0.0.1 www.porno18codec.com
127.0.0.1 porno18codec.com
127.0.0.1 www.pornocodec-2008.com
127.0.0.1 pornocodec-2008.com
127.0.0.1 www.pornyoutube-18.com
127.0.0.1 pornyoutube-18.com
127.0.0.1 www.raygc.com
127.0.0.1 raygc.com
127.0.0.1 www.search-galactosis.com
127.0.0.1 search-galactosis.com
127.0.0.1 www.search-insulator.com
127.0.0.1 search-insulator.com
127.0.0.1 www.search-sporadial.com
127.0.0.1 search-sporadial.com
127.0.0.1 www.secrettorich.com

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 19:13
ok

oui j'ai télécharger 3 truc dont 1 pour adulte et là ensuite problèmes j'ai tout désinstaller mais le mal était fait.

voilà à être curieux LOL

voici le rapport hjt:




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:11:16, on 22/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ANTI (Tout)\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AntiSpywareExpert] C:\Program Files\ANTI (Tout)\Anti spyware expert\ASE_Setup_Free_fr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://poupoule77220.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O21 - SSODL: eqvwamkl - {8C8F4319-1A5D-4ECF-A8EC-C5EABD595B60} - C:\WINDOWS\eqvwamkl.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 46 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 19:27
re

j'ai perdu des icones dont celle de outlook 2003 je l'ai remise mais tout à disparu, il y a des possibilités de récupérer ?

merci
0
Réponse 47 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 19:52
re

j'ai perdu aussi mes favoris dans mozilla firefox tout à disparu, il y a des possibilités de récupérer aussi ?

merci
0
Réponse 48 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 20:07
RE,

je reviens, je pars manger bonne app si ce n'est fait

0
Réponse 49 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
22 juil. 2008 à 23:45
re,

voici le rapport dont une alerte antivir durant: BDS/IRC.chazz.41 Backdoor Server programs



DiagHelp version v1.4 - http://www.malekal.com
excute le 22/07/2008 à 23:39:51,32


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->22/07/2008 23:39:50
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->22/07/2008 23:39:44
C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->22/07/2008 23:38:21
C:\WINDOWS\prefetch\WINWORD.EXE-0AB6D317.pf -->22/07/2008 23:37:16
C:\WINDOWS\prefetch\RUNDLL32.EXE-163294D0.pf -->22/07/2008 23:33:07
C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->22/07/2008 23:31:48
C:\WINDOWS\prefetch\AVWSC.EXE-236190C6.pf -->22/07/2008 23:31:20
C:\WINDOWS\prefetch\XPNETDIAG.EXE-1275668B.pf -->22/07/2008 23:29:43
C:\WINDOWS\prefetch\WMIPRVSE.EXE-28F301A9.pf -->22/07/2008 23:29:43
C:\WINDOWS\prefetch\RSVP.EXE-04E70CF3.pf -->22/07/2008 23:29:34

C:\WINDOWS\System32\drivers\fidbox.dat -->22/07/2008 23:24:53
C:\WINDOWS\System32\drivers\fidbox.idx -->22/07/2008 22:39:03
C:\WINDOWS\System32\drivers\bthport.sys -->14/06/2008 19:33:37
C:\WINDOWS\System32\drivers\rmcast.sys -->08/05/2008 16:02:52
C:\WINDOWS\System32\drivers\avipbb.sys -->15/04/2008 23:24:11
C:\WINDOWS\System32\drivers\rdpwd.sys -->14/04/2008 04:34:54
C:\WINDOWS\System32\drivers\tdtcp.sys -->14/04/2008 04:34:53

C:\WINDOWS\System32\vsconfig.xml -->22/07/2008 22:40:29
C:\WINDOWS\System32\tmp.txt -->22/07/2008 18:00:44
C:\WINDOWS\System32\tmp.reg -->22/07/2008 18:00:44
C:\WINDOWS\System32\zllictbl.dat -->22/07/2008 14:17:12
C:\WINDOWS\System32\jupdate-1.6.0_07-b06.log -->16/07/2008 10:39:39
C:\WINDOWS\System32\wpa.dbl -->16/07/2008 10:20:57
C:\WINDOWS\System32\IEDFix.C.exe -->02/07/2008 13:33:45
C:\WINDOWS\System32\MRT.exe -->25/06/2008 18:15:46
C:\WINDOWS\System32\lvcoinst.log -->19/06/2008 22:10:28
C:\WINDOWS\System32\FNTCACHE.DAT -->19/06/2008 21:39:07
C:\WINDOWS\System32\perfh00C.dat -->19/06/2008 21:19:56
C:\WINDOWS\System32\perfh009.dat -->19/06/2008 21:19:56
C:\WINDOWS\System32\perfc00C.dat -->19/06/2008 21:19:56
C:\WINDOWS\System32\perfc009.dat -->19/06/2008 21:19:56
C:\WINDOWS\System32\PerfStringBackup.INI -->19/06/2008 21:19:54
C:\WINDOWS\System32\spupdwxp.log -->19/06/2008 21:17:27
C:\WINDOWS\System32\javaws.exe -->10/06/2008 02:32:34
C:\WINDOWS\System32\javacpl.cpl -->10/06/2008 02:32:34
C:\WINDOWS\System32\javaw.exe -->10/06/2008 01:21:04
C:\WINDOWS\System32\java.exe -->10/06/2008 01:21:01
C:\WINDOWS\System32\VACFix.exe -->29/05/2008 09:35:36
C:\WINDOWS\System32\404Fix.exe -->23/05/2008 18:21:42
C:\WINDOWS\System32\IEDFix.exe -->18/05/2008 21:40:35
C:\WINDOWS\System32\wshom.ocx -->10/05/2008 01:25:02
C:\WINDOWS\System32\wshext.dll -->09/05/2008 12:55:00

C:\WINDOWS\WindowsUpdate.log -->22/07/2008 22:42:07
C:\WINDOWS\0.log -->22/07/2008 22:40:57
C:\WINDOWS\wiadebug.log -->22/07/2008 22:40:20
C:\WINDOWS\wiaservc.log -->22/07/2008 22:40:18
C:\WINDOWS\bootstat.dat -->22/07/2008 22:39:55
C:\WINDOWS\SchedLgU.Txt -->22/07/2008 22:38:45
C:\WINDOWS\ODBC.INI -->22/07/2008 19:25:17
C:\WINDOWS\WININIT.INI -->22/07/2008 15:31:36
C:\WINDOWS\grswptdl.exe -->22/07/2008 11:38:00
C:\WINDOWS\Thumbs.db -->29/06/2008 12:16:37
C:\WINDOWS\winhlp32.exe -->14/04/2008 04:34:27
C:\WINDOWS\slrundll.exe -->14/04/2008 04:34:22
C:\WINDOWS\regedit.exe -->14/04/2008 04:34:19
C:\WINDOWS\notepad.exe -->14/04/2008 04:34:15
C:\WINDOWS\hh.exe -->14/04/2008 04:34:06

winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed


ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 3604
Command line: C:\WINDOWS\Explorer.EXE

Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16674 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16674 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x00c30000 0x1b000 11.05.0000.1158 C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x44160000 0x127000 7.00.6000.16674 C:\WINDOWS\system32\urlmon.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x44360000 0x5cd000 7.00.6000.16674 C:\WINDOWS\system32\ieframe.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x442b0000 0x3c000 7.00.6000.16674 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll
0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll
0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll
0x03070000 0x185000 1.05.0000.0011 C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
0x43ff0000 0xa000 7.00.6000.16674 C:\WINDOWS\system32\jsproxy.dll
0x037a0000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x03b10000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x4eb80000 0x1a6000 5.01.3102.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll
0x10000000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
0x035c0000 0x5b000 1.01.0000.0000 C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE 2003 PRO\OFFICE11\msohev.dll
0x03930000 0x13000 7.05.0001.0036 C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\shellexecutehook.dll
0x60990000 0x7000 3.01.4001.5512 C:\WINDOWS\system32\MSISIP.DLL
0x7e6a0000 0x16000 5.07.0000.18066 C:\WINDOWS\system32\wshext.dll
0x36d30000 0x1b000 11.00.8164.0000 C:\PROGRA~1\MICROS~3\OFFICE~1\OFFICE11\MCPS.DLL

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 852
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x17000 6.14.0010.4140 C:\WINDOWS\system32\Ati2evxx.dll
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL


Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\WINDOWS\system

07/05/1998 18:04 52 736 hpsysdrv.exe
1 fichier(s) 52 736 octets
0 Rép(s) 244 681 519 104 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\WINDOWS\system32

14/04/2008 04:33 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 244 681 519 104 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\WINDOWS\Downloaded Program Files

18/07/2008 11:57 <REP> .
18/07/2008 11:57 <REP> ..
10/10/2005 13:32 65 desktop.ini
26/07/2002 02:13 24 576 dwusplay.dll
26/07/2002 02:13 196 608 dwusplay.exe
16/05/2007 09:22 399 gp.inf
28/07/2004 00:48 323 584 isusweb.dll
02/08/2007 11:31 360 320 MsnPUpld.dll
02/08/2007 15:47 569 MSNPUpld.inf
02/08/2007 11:31 67 456 PURen-us.dll
06/08/2007 12:10 68 992 PURfr-fr.dll
9 fichier(s) 1 042 569 octets

Total des fichiers listés :
9 fichier(s) 1 042 569 octets
2 Rép(s) 244 681 519 104 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..


Liste des fichiers en exception sur le pare-feu XP SP2

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL France"
"C:\\Program Files\\Musique\\LimeWire\\LimeWire.exe"="C:\\Program Files\\Musique\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Musique\\LireWire\\LimeWire\\LimeWire.exe"="C:\\Program Files\\Musique\\LireWire\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"



exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00



Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-22 23:40:21
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0


KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
224 - avgas.exe
420 - LVPrcSrv.exe
436 - avguard.exe
536 - hpwuSchd2.exe
636 - ehmsas.exe
684 - Communications_
712 - Quickcam.exe
792 - guard.exe
820 - csrss.exe
852 - winlogon.exe
896 - services.exe
908 - lsass.exe
1048 - ehrecvr.exe
1064 - ati2evxx.exe
1084 - svchost.exe
1164 - COCIManager.exe
1168 - svchost.exe
1236 - ehSched.exe
1332 - svchost.exe
1388 - IAANTMon.exe
1592 - vsmon.exe
1740 - ati2evxx.exe
1820 - LVComSer.exe
1892 - HPZIPM12.EXE
2076 - avgnt.exe
2120 - svchost.exe
2144 - svchost.exe
2268 - mcrdsvc.exe
2504 - cmd.exe
2668 - dllhost.exe
2704 - kbd.exe
2744 - apdproxy.exe
2788 - CLI.exe
2828 - zlclient.exe
2848 - alg.exe
2868 - ctfmon.exe
2880 - GoogleToolbarNo
3196 - hpqtra08.exe
3604 - explorer.exe
3912 - ehtray.exe
4040 - RTHDCPL.EXE
4068 - IAAnotif.exe
4092 - DMAScheduler.ex
4224 - CLI.exe
4236 - CLI.exe
5088 - usnsvc.exe
5584 - hpsysdrv.exe

Total number of processes = 48
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E4000 - \WINDOWS\system32\hal.dll
F7A50000 - \WINDOWS\system32\KDCOM.DLL
F7960000 - \WINDOWS\system32\BOOTVID.dll
F7420000 - ACPI.sys
F7A52000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
F740F000 - pci.sys
F7550000 - isapnp.sys
F7560000 - ohci1394.sys
F7570000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
F73FD000 - sfsync04.sys
F7B18000 - pciide.sys
F77D0000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
F7A54000 - viaide.sys
F7A56000 - intelide.sys
F7580000 - MountMgr.sys
F73DE000 - ftdisk.sys
F7A58000 - dmload.sys
F73B8000 - dmio.sys
F77D8000 - PartMgr.sys
F7590000 - VolSnap.sys
F72F8000 - iaStor.sys
F72E0000 - atapi.sys
F729D000 - ftsata2.sys
F7285000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
F75A0000 - disk.sys
F75B0000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F7265000 - fltmgr.sys
F7253000 - sr.sys
F75C0000 - bb-run.sys
F75D0000 - PxHelp20.sys
F723C000 - KSecDD.sys
F71AF000 - Ntfs.sys
F7182000 - NDIS.sys
F716E000 - srescan.sys
F77E0000 - sfhlp02.sys
F715C000 - sfdrv01.sys
F7142000 - Mup.sys
F7600000 - \SystemRoot\system32\DRIVERS\nic1394.sys
F7670000 - \SystemRoot\system32\DRIVERS\intelppm.sys
F7A9C000 - \SystemRoot\system32\DRIVERS\ELacpi.sys
F5A28000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys
F5A14000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F59EC000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
F78D8000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
F59C8000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
F78E0000 - \SystemRoot\system32\DRIVERS\usbehci.sys
F571C000 - \SystemRoot\system32\DRIVERS\3xHybrid.sys
F56F9000 - \SystemRoot\system32\DRIVERS\ks.sys
F7A14000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
F5686000 - \SystemRoot\system32\DRIVERS\wn5301.sys
F5660000 - \SystemRoot\system32\DRIVERS\e100b325.sys
F564C000 - \SystemRoot\system32\DRIVERS\parport.sys
F7690000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
F78E8000 - \SystemRoot\system32\DRIVERS\mouclass.sys
F7AA0000 - \SystemRoot\System32\DRIVERS\ELmou.sys
F78F0000 - \SystemRoot\system32\DRIVERS\PS2.sys
F78F8000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
F7AA2000 - \SystemRoot\System32\DRIVERS\ELkbd.sys
F76A0000 - \SystemRoot\system32\DRIVERS\imapi.sys
F76B0000 - \SystemRoot\system32\DRIVERS\cdrom.sys
F76C0000 - \SystemRoot\system32\DRIVERS\redbook.sys
F7C8B000 - \SystemRoot\system32\DRIVERS\audstub.sys
F76E0000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
F7A44000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
F3062000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
F7700000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
F4821000 - \SystemRoot\system32\DRIVERS\raspptp.sys
F4B1C000 - \SystemRoot\system32\DRIVERS\TDI.SYS
F3001000 - \SystemRoot\system32\DRIVERS\psched.sys
F4811000 - \SystemRoot\system32\DRIVERS\msgpc.sys
ECEED000 - \SystemRoot\system32\DRIVERS\ptilink.sys
ECEE5000 - \SystemRoot\system32\DRIVERS\raspti.sys
EB319000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
ED69E000 - \SystemRoot\system32\DRIVERS\termdd.sys
EE0D8000 - \SystemRoot\system32\DRIVERS\swenum.sys
EB2BB000 - \SystemRoot\system32\DRIVERS\update.sys
EE0EA000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
EF1B5000 - \SystemRoot\System32\Drivers\NDProxy.SYS
AABF0000 - \SystemRoot\system32\drivers\RtkHDAud.sys
AABCC000 - \SystemRoot\system32\drivers\portcls.sys
EEED8000 - \SystemRoot\system32\drivers\drmk.sys
F0340000 - \SystemRoot\system32\DRIVERS\usbhub.sys
F7A92000 - \SystemRoot\system32\DRIVERS\USBD.SYS
AABA9000 - \SystemRoot\system32\DRIVERS\klif.sys
F7AA6000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
EBE93000 - \SystemRoot\System32\Drivers\Null.SYS
F7AA8000 - \SystemRoot\System32\Drivers\Beep.SYS
EBDD1000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys
F187A000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
F1872000 - \SystemRoot\System32\drivers\vga.sys
F7AAA000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F7AAC000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
F186A000 - \SystemRoot\System32\Drivers\Msfs.SYS
F1862000 - \SystemRoot\System32\Drivers\Npfs.SYS
EE007000 - \SystemRoot\system32\DRIVERS\rasacd.sys
AAB76000 - \SystemRoot\system32\DRIVERS\ipsec.sys
AAB1D000 - \SystemRoot\system32\DRIVERS\tcpip.sys
AAAF5000 - \SystemRoot\system32\DRIVERS\netbt.sys
AAACF000 - \SystemRoot\system32\DRIVERS\ipnat.sys
AAA6F000 - \SystemRoot\System32\vsdatant.sys
F1A55000 - \SystemRoot\system32\DRIVERS\wanarp.sys
F1A45000 - \SystemRoot\system32\DRIVERS\arp1394.sys
F1036000 - \SystemRoot\system32\DRIVERS\LVUSBSta.sys
AA7EE000 - \SystemRoot\system32\DRIVERS\LV561AV.SYS
AA7CC000 - \SystemRoot\System32\drivers\afd.sys
F1026000 - \SystemRoot\system32\DRIVERS\netbios.sys
F185A000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
AA7A1000 - \SystemRoot\system32\DRIVERS\rdbss.sys
AA731000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
F1016000 - \SystemRoot\System32\Drivers\Fips.SYS
F7ADE000 - \SystemRoot\System32\DRIVERS\ELmon.sys
EDF18000 - \SystemRoot\System32\DRIVERS\ELhid.sys
AA71E000 - \SystemRoot\system32\DRIVERS\avipbb.sys
EEA0E000 - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
F7B5D000 - \??\C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.sys
F0FE6000 - \SystemRoot\system32\DRIVERS\IrBus.sys
AA6FA000 - \SystemRoot\System32\Drivers\Fastfat.SYS
F184A000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
F1842000 - \SystemRoot\system32\DRIVERS\hidir.sys
F0FD6000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
EBDD4000 - \SystemRoot\system32\DRIVERS\kbdhid.sys
F7A1C000 - \SystemRoot\system32\DRIVERS\mouhid.sys
AA63A000 - \SystemRoot\System32\Drivers\dump_iaStor.sys
BF800000 - \SystemRoot\System32\win32k.sys
F5C90000 - \SystemRoot\System32\drivers\Dxapi.sys
EC8EB000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F7B64000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\ati2dvag.dll
BFA18000 - \SystemRoot\System32\ati2cqag.dll
BFA5E000 - \SystemRoot\System32\atikvmag.dll
BFAA2000 - \SystemRoot\System32\ati3duag.dll
BFCE6000 - \SystemRoot\System32\ativvaxx.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
F7A30000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
A855F000 - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
A84BA000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
A8429000 - \SystemRoot\System32\Drivers\HTTP.sys
A82E7000 - \SystemRoot\system32\DRIVERS\srv.sys
A811F000 - \SystemRoot\system32\drivers\wdmaud.sys
A81BC000 - \SystemRoot\system32\drivers\sysaudio.sys
F7A82000 - \SystemRoot\system32\drivers\MSPQM.sys
F7888000 - \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
F4334000 - \SystemRoot\System32\Drivers\Cdfs.SYS
F7BE2000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
A59FB000 - \SystemRoot\system32\drivers\kmixer.sys

Total number of drivers = 147

Liste des programmes installes

ABBYY FineReader 6.0 Sprint
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player ActiveX
Adobe Reader 8.1.2 - Français
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe® Photoshop® Album Edition Découverte 3.2
Adobe® Photoshop® Album Edition Découverte 3.2
AiO_Scan
AiO_Scan_CDA
AiOSoftware
AiOSoftwareNPI
Amélioration de nos services
Amélioration de nos services
ATI Catalyst Control Center
ATI Display Driver
AutoUpdate
AVG Anti-Spyware 7.5
Avira AntiVir Personal – Free Antivirus
BufferChm
Camera RAW Plug-In for EPSON Creativity Suite
CameraDrivers
CameraDrivers
Cariboost 2.0
CCleaner (remove only)
Connexion Facile à Internet
Connexion Facile à Internet
Correctif n° 2 pour Windows XP Édition Media Center 2005
Correctif pour Windows Internet Explorer 7 (KB947864)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
Destinations
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocumentViewer
DocumentViewerQFolder
eMule
Enhanced Multimedia Keyboard Solution
EPSON-Drucker-Software
EPSON Attach To Email
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
ESDX6000_CX5900 Guide util.
Fax
Fax_CDA
FileZilla Client 3.0.9.2
FlatOut2
FullDPAppQFolder
Galerie de photos Windows Live
GemMaster Mystic
Google Earth
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Windows Media Player 10 (KB903157)
HP Appareils photos Photosmart 5.0
HP Boot Optimizer
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP DVD Play 1.0
HP Imaging Device Functions 6.0
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart for Media Center PC
HP Photosmart Premier Software 6.0
HP PSC & OfficeJet 5.3.A
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HPProductAssistant
HpSdpAppCoreApp
Installation de la C-BOX
InstantShareDevices
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel(R) Quick Resume Technology Drivers
Intel(R) Quick Resume Technology Drivers
J2SE Runtime Environment 5.0 Update 5
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Le logiciel Intel® Viiv™
Lecteur Windows Media 11
LightScribe 1.4.62.1
LimeWire 4.16.6
Logitech QuickCam
MainConcept for Software Encoder
MainConcept for Software Encoder
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
Microsoft .NET Framework 3.0 French Language Pack
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
Mozilla Firefox (2.0.0.16)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
muvee autoProducer 4.5
muvee autoProducer unPlugged 1.2
NewCopy
NewCopy_CDA
OptionalContentQFolder
Otto
Package de base Microsoft de service de chiffrement pour cartes à puce
PanoStandAlone
PC-Doctor 5 for Windows
PhotoGallery
PS2
PSPrinters08
PSTAPlugin
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
RandMap
Readme
RealPlayer
Realtek High Definition Audio Driver
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Services Internet
Services Internet
SkinsHP1
SolutionCenter
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
Status
TrayApp
Unload
VideoLAN VLC media player 0.8.6f
WebFldrs XP
WebReg
Windows Communication Foundation Language Pack - FRA
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Presentation Foundation Language Pack (FRA)
Windows Workflow Foundation FR Language Pack
Windows XP Service Pack 3
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
ZoneAlarm



Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\Program Files

21/07/2008 18:48 <REP> .
21/07/2008 18:48 <REP> ..
16/02/2008 23:34 <REP> ABBYY FineReader 6.0 Sprint
18/07/2008 13:13 <REP> Adobe
22/07/2008 16:09 <REP> ANTI (Tout)
12/02/2008 14:19 <REP> ANTI VIRUS
22/07/2008 10:23 <REP> AntiVir PersonalEdition Classic
13/02/2008 15:39 <REP> ATI Technologies
12/02/2008 13:54 <REP> CEGETEL
12/11/2005 02:09 <REP> ComPlus Applications
20/04/2008 09:53 <REP> DIVX
16/02/2008 23:35 <REP> epson
18/02/2008 18:26 <REP> Fichiers communs
03/05/2008 10:12 <REP> FileZilla
20/04/2008 09:53 <REP> FrenchOtto
20/04/2008 09:53 <REP> GemMasterFrench
03/06/2008 11:37 <REP> Google
03/06/2008 11:36 <REP> Google Earth
01/01/2005 16:31 <REP> Hewlett-Packard
01/01/2005 16:07 <REP> HP
01/01/2005 15:47 <REP> Intel
11/06/2008 19:58 <REP> Internet Explorer
18/02/2008 10:27 <REP> Intuisphere
16/07/2008 10:39 <REP> Java
28/05/2008 18:31 <REP> JEUX VINCENT
12/02/2008 12:42 <REP> Logitech
01/01/2005 15:51 <REP> MainConcept
19/06/2008 20:57 <REP> Messenger
12/02/2008 22:09 <REP> Microsoft CAPICOM 2.1.0.2
15/11/2005 04:24 <REP> microsoft frontpage
12/02/2008 13:31 <REP> Microsoft Office
20/05/2008 23:28 <REP> Microsoft Silverlight
12/02/2008 16:40 <REP> Microsoft SQL Server Compact Edition
20/04/2008 09:53 <REP> Microsoft Works
12/02/2008 13:37 <REP> Microsoft.NET
19/06/2008 20:56 <REP> Movie Maker
13/02/2008 11:07 <REP> Mozilla
22/07/2008 23:14 <REP> Mozilla Firefox
24/04/2008 09:36 <REP> MSBuild
15/11/2005 04:24 <REP> MSN
15/11/2005 04:25 <REP> MSN Gaming Zone
12/02/2008 16:54 <REP> MSXML 4.0
29/02/2008 16:33 <REP> MSXML 6.0
18/04/2008 11:52 <REP> Musique
01/01/2005 16:11 <REP> muvee Technologies
19/06/2008 20:52 <REP> NetMeeting
15/11/2005 04:25 <REP> Online Services
19/06/2008 21:14 <REP> Outlook Express
12/02/2008 15:15 <REP> PARE FEU
20/04/2008 09:53 <REP> PC-Doctor 5 for Windows
01/01/2005 16:05 <REP> Real
24/04/2008 09:33 <REP> Reference Assemblies
01/01/2005 16:19 <REP> Services en ligne
18/02/2008 10:26 <REP> Site net (mes)
01/01/2005 16:06 <REP> Sonic
20/04/2008 09:56 <REP> VIDEO
29/02/2008 12:19 <REP> Windows Live
12/02/2008 16:27 <REP> Windows Live Messenger
20/04/2008 09:53 <REP> Windows Media Connect 2
19/04/2008 23:20 <REP> Windows Media Player
19/06/2008 20:52 <REP> Windows NT
15/11/2005 04:25 <REP> Windows Plus
15/11/2005 04:26 <REP> xerox
0 fichier(s) 0 octets
63 Rép(s) 244 679 135 232 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\Program Files\fichiers communs

18/02/2008 18:26 <REP> .
18/02/2008 18:26 <REP> ..
21/03/2008 14:12 <REP> Adobe
12/02/2008 13:37 <REP> DESIGNER
01/01/2005 15:55 <REP> Hewlett-Packard
01/01/2005 15:59 <REP> HP
01/01/2005 16:10 <REP> InstallShield
01/01/2005 15:35 <REP> Java
29/04/2008 18:45 <REP> LightScribe
12/02/2008 12:42 <REP> logishrd
29/02/2008 16:34 <REP> Microsoft Shared
15/11/2005 04:24 <REP> MSSoap
01/01/2005 16:10 <REP> muvee Technologies
15/11/2005 04:24 <REP> ODBC
01/01/2005 16:05 <REP> Real
29/04/2008 18:45 <REP> Services
01/01/2005 16:06 <REP> Sonic Shared
15/11/2005 04:24 <REP> SpeechEngines
01/01/2005 16:06 <REP> SureThing Shared
12/02/2008 14:15 <REP> Symantec Shared
19/06/2008 20:52 <REP> System
01/01/2005 16:06 <REP> TiVo Shared
01/01/2005 16:05 <REP> xing shared
0 fichier(s) 0 octets
23 Rép(s) 244 679 131 136 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

18/02/2008 18:47 <REP> .
18/02/2008 18:47 <REP> ..
12/02/2008 13:37 <REP> 1033
18/02/2008 18:47 <REP> 1036
20/09/2005 13:33 1 293 008 MSONSEXT.DLL
22/03/2007 20:29 39 256 MSOSV.DLL
03/06/1999 11:09 122 937 MSOWS409.DLL
07/03/2001 06:00 127 033 MSOWS40c.DLL
11/07/2003 04:25 80 448 PKMWS.DLL
5 fichier(s) 1 662 682 octets
4 Rép(s) 244 679 131 136 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\

27/12/2005 09:21 7 477 561 setup_all.exe
1 fichier(s) 7 477 561 octets
0 Rép(s) 244 679 131 136 octets libres




c:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
c:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\wspwprtct.exe
c:\Documents and Settings\HP_Administrateur\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
c:\Documents and Settings\HP_Administrateur\Bureau\DivXUserGuide521-fr.exe
c:\Documents and Settings\HP_Administrateur\Bureau\zlsSetup_70_462_000_fr.exe
c:\Documents and Settings\HP_Administrateur\Local Settings\Temp\_isAC.exe
c:\Documents and Settings\HP_Administrateur\Local Settings\Temp\072208141053\z4barSpInstall.exe
c:\Documents and Settings\STEPHANE\Application Data\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\ccsetup209.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SDFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\404Fix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\dumphive.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\exit.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\GenericRenosFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\HostsChk.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\IEDFix.C.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\IEDFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\Policies.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\Process.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\Reboot.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\restart.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\SmiUpdate.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\SrchSTS.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\swreg.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\swsc.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\swxcacls.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\UIFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\unzip.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\VACFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\VCCLSID.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\WS2Fix.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\ARPPRODUCTICON.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe_C884B05AF5D94AE49D84E6BD9F6E7890.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe1_C884B05AF5D94AE49D84E6BD9F6E7890.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\NewShortcut5_C884B05AF5D94AE49D84E6BD9F6E7890.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\Uninstall_FlatOut2_C884B05AF5D94AE49D84E6BD9F6E7890.exe
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\MMSEF.dll
c:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\VMSEF.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_BAYARDFAMILY.tar.gz a l'adresse http://upload.malekal.com
0
Réponse 50 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 01:10
Re,

voici le rapport combo-fix pour analyse, puis suivra le diaghelp car je dois le déclencher




ComboFix 08-07-21.2 - STEPHANE 2008-07-23 0:38:02.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.555 [GMT 2:00]
Endroit: C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\C-Fix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiSpywareExpert
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\STEPHANE\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\VINCENT\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_poof


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-22 to 2008-07-22 ))))))))))))))))))))))))))))))))))))
.

2008-07-22 23:41 . 2008-07-22 23:41 12,789,101 --a------ C:\upload_moi_BAYARDFAMILY.tar.gz
2008-07-22 23:07 . 2008-07-23 00:16 21,504 --a------ C:\d‚soler.doc
2008-07-22 21:41 . 2008-07-22 21:41 <REP> d-------- C:\WINDOWS\ERUNT
2008-07-22 21:37 . 2008-07-22 22:04 <REP> d-------- C:\SDFix
2008-07-22 18:06 . 2008-07-22 18:06 268 --ah----- C:\sqmdata07.sqm
2008-07-22 18:06 . 2008-07-22 18:06 244 --ah----- C:\sqmnoopt07.sqm
2008-07-22 17:34 . 2008-07-22 17:38 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Contacts
2008-07-22 16:43 . 2008-07-22 18:00 5,220 --a------ C:\WINDOWS\system32\tmp.reg
2008-07-22 16:38 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-07-22 16:38 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-07-22 16:38 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-07-22 16:38 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-07-22 16:38 . 2008-07-02 13:33 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-07-22 16:38 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe
2008-07-22 16:38 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-07-22 16:38 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-07-22 16:38 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-07-22 15:54 . 2008-07-22 15:54 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Application Data\Grisoft
2008-07-22 15:53 . 2005-01-01 16:10 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\WINDOWS
2008-07-22 15:53 . 2005-11-12 02:08 <REP> d--h----- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Voisinage r‚seau
2008-07-22 15:53 . 2005-11-12 02:08 <REP> d--h----- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Voisinage d'impression
2008-07-22 15:53 . 2005-11-15 04:23 <REP> d--h----- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\ModŠles
2008-07-22 15:53 . 2008-07-22 17:35 <REP> dr------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Mes documents
2008-07-22 15:53 . 2008-02-12 19:47 <REP> dr------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Menu D‚marrer
2008-07-22 15:53 . 2008-07-22 16:06 <REP> dr------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Favoris
2008-07-22 15:53 . 2008-07-23 00:40 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau
2008-07-22 15:53 . 2005-01-01 15:53 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Application Data\ATI
2008-07-22 15:53 . 2008-07-22 23:53 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY
2008-07-22 15:20 . 2008-07-22 15:20 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-07-22 13:28 . 2008-07-22 15:53 <REP> d-------- C:\Documents and Settings\TEMP
2008-07-22 12:45 . 2008-07-22 12:45 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons
2008-07-22 12:44 . 2008-07-22 11:38 94,208 --a------ C:\WINDOWS\grswptdl.exe
2008-07-22 12:42 . 2008-07-22 12:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-22 22:54 434,208 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-22 22:41 6,068 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-22 14:09 --------- d-----w C:\Program Files\ANTI (Tout)
2008-07-16 08:39 --------- d-----w C:\Program Files\Java
2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-03 16:47 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\HP
2008-06-03 16:33 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\EPSON
2008-06-03 09:37 --------- d-----w C:\Program Files\Google
2008-06-03 09:36 --------- d-----w C:\Program Files\Google Earth
2008-05-28 16:31 --------- d-----w C:\Program Files\JEUX VINCENT
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-17 19:58 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:34 64512]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-02-21 17:59 143360]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35 49152]
"DMAScheduler"="c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 10:01 90112]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 02:29 249856]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 18:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 18:37 2178832]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-15 23:24 262401]
"!AVG Anti-Spyware"="C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 17:44 61440]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 12:12 90112]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-01 16:05 180269]
"ZoneAlarm Client"="C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe" [2007-12-13 19:27 919016]
"ftutil2"="ftutil2.dll" [2004-06-07 14:05 106496 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-12 02:23 15961088 C:\WINDOWS\RTHDCPL.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\Musique\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-10-03 22:57]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 20:45]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 20:45]
R3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 19:44]
S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;C:\WINDOWS\system32\DRIVERS\wn5401.sys [2005-01-07 02:08]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-22 11:11:07 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
- C:\Program Files\ANTI (Tout)\Spybot\Spybot - Search & Destroy\SpybotSD.exe
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
HKLM-Run-PCDrProfiler - (no file)


.
------- Supplementary Scan -------
.
O8 -: &Traduire à partir de l'anglais - C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O8 -: Pages liées - C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 -: Pages similaires - C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 -: Recherche &Google - C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 -: Version de la page actuelle disponible dans le cache Google - C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 00:55:19
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Fichiers communs\logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\WINDOWS\system\hpsysdrv.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-23 0:58:38 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-22 22:58:32

Pre-Run: 244,563,099,648 octets libres
Post-Run: 244,461,457,408 octets libres

187 --- E O F --- 2008-07-18 11:17:08
0
Réponse 51 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 01:17
re,

voici le rapport :

DiagHelp version v1.4 - http://www.malekal.com
excute le 23/07/2008 à 1:11:37,34


Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->23/07/2008 01:11:29
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->23/07/2008 01:10:57
C:\WINDOWS\prefetch\AVWSC.EXE-236190C6.pf -->23/07/2008 01:10:23
C:\WINDOWS\prefetch\WUAUCLT.EXE-399A8E72.pf -->23/07/2008 01:04:05
C:\WINDOWS\prefetch\ZLCLIENT.EXE-1A15C7F4.pf -->23/07/2008 01:02:56
C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->23/07/2008 01:01:32
C:\WINDOWS\prefetch\AVGAS.EXE-2E8B68D2.pf -->23/07/2008 01:00:56
C:\WINDOWS\prefetch\AVCENTER.EXE-12CB2D60.pf -->23/07/2008 01:00:15
C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->23/07/2008 00:59:37
C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->23/07/2008 00:58:50

C:\WINDOWS\System32\drivers\fidbox.dat -->23/07/2008 01:09:56
C:\WINDOWS\System32\drivers\fidbox.idx -->23/07/2008 00:41:26
C:\WINDOWS\System32\drivers\bthport.sys -->14/06/2008 19:33:37
C:\WINDOWS\System32\drivers\rmcast.sys -->08/05/2008 16:02:52
C:\WINDOWS\System32\drivers\avipbb.sys -->15/04/2008 23:24:11
C:\WINDOWS\System32\drivers\rdpwd.sys -->14/04/2008 04:34:54
C:\WINDOWS\System32\drivers\tdtcp.sys -->14/04/2008 04:34:53

C:\WINDOWS\System32\vsconfig.xml -->23/07/2008 01:03:03
C:\WINDOWS\System32\tmp.txt -->22/07/2008 18:00:44
C:\WINDOWS\System32\tmp.reg -->22/07/2008 18:00:44
C:\WINDOWS\System32\zllictbl.dat -->22/07/2008 14:17:12
C:\WINDOWS\System32\jupdate-1.6.0_07-b06.log -->16/07/2008 10:39:39
C:\WINDOWS\System32\wpa.dbl -->16/07/2008 10:20:57
C:\WINDOWS\System32\IEDFix.C.exe -->02/07/2008 13:33:45
C:\WINDOWS\System32\MRT.exe -->25/06/2008 18:15:46
C:\WINDOWS\System32\lvcoinst.log -->19/06/2008 22:10:28
C:\WINDOWS\System32\FNTCACHE.DAT -->19/06/2008 21:39:07
C:\WINDOWS\System32\perfh00C.dat -->19/06/2008 21:19:56
C:\WINDOWS\System32\perfh009.dat -->19/06/2008 21:19:56
C:\WINDOWS\System32\perfc00C.dat -->19/06/2008 21:19:56
C:\WINDOWS\System32\perfc009.dat -->19/06/2008 21:19:56
C:\WINDOWS\System32\PerfStringBackup.INI -->19/06/2008 21:19:54
C:\WINDOWS\System32\spupdwxp.log -->19/06/2008 21:17:27
C:\WINDOWS\System32\javaws.exe -->10/06/2008 02:32:34
C:\WINDOWS\System32\javacpl.cpl -->10/06/2008 02:32:34
C:\WINDOWS\System32\javaw.exe -->10/06/2008 01:21:04
C:\WINDOWS\System32\java.exe -->10/06/2008 01:21:01
C:\WINDOWS\System32\VACFix.exe -->29/05/2008 09:35:36
C:\WINDOWS\System32\404Fix.exe -->23/05/2008 18:21:42
C:\WINDOWS\System32\IEDFix.exe -->18/05/2008 21:40:35
C:\WINDOWS\System32\wshom.ocx -->10/05/2008 01:25:02
C:\WINDOWS\System32\wshext.dll -->09/05/2008 12:55:00

C:\WINDOWS\WindowsUpdate.log -->23/07/2008 01:04:39
C:\WINDOWS\KB951748.log -->23/07/2008 01:04:39
C:\WINDOWS\system.ini -->23/07/2008 00:55:17
C:\WINDOWS\0.log -->23/07/2008 00:43:22
C:\WINDOWS\wiadebug.log -->23/07/2008 00:42:44
C:\WINDOWS\wiaservc.log -->23/07/2008 00:42:41
C:\WINDOWS\bootstat.dat -->23/07/2008 00:42:22
C:\WINDOWS\SchedLgU.Txt -->23/07/2008 00:41:07
C:\WINDOWS\ODBC.INI -->22/07/2008 19:25:17
C:\WINDOWS\WININIT.INI -->22/07/2008 15:31:36
C:\WINDOWS\grswptdl.exe -->22/07/2008 11:38:00
C:\WINDOWS\Thumbs.db -->29/06/2008 12:16:37
C:\WINDOWS\winhlp32.exe -->14/04/2008 04:34:27
C:\WINDOWS\slrundll.exe -->14/04/2008 04:34:22
C:\WINDOWS\regedit.exe -->14/04/2008 04:34:19

winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed


ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 8544
Command line: C:\WINDOWS\explorer.exe

Base Size Version Path
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll
0x44080000 0xd0000 7.00.6000.16674 C:\WINDOWS\system32\WININET.dll
0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll
0x43e00000 0x45000 7.00.6000.16674 C:\WINDOWS\system32\iertutil.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll
0x00c30000 0x1b000 11.05.0000.1158 C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcInj.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0001 C:\WINDOWS\system32\ATL.DLL
0x44360000 0x5cd000 7.00.6000.16674 C:\WINDOWS\system32\ieframe.dll
0x44160000 0x127000 7.00.6000.16674 C:\WINDOWS\system32\urlmon.dll
0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll
0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll
0x442b0000 0x3c000 7.00.6000.16674 C:\WINDOWS\system32\webcheck.dll
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x67080000 0x1c000 3.00.0009.0002 C:\Program Files\FileZilla\FileZilla FTP Client\fzshellext.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll
0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll
0x78130000 0x9b000 8.00.50727.1433 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll
0x02a00000 0x185000 1.05.0000.0011 C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
0x43ff0000 0xa000 7.00.6000.16674 C:\WINDOWS\system32\jsproxy.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x034c0000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x03520000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
0x75ed0000 0x13000 5.131.2600.5512 C:\WINDOWS\system32\cryptnet.dll

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 860
Command line: winlogon.exe

Base Size Version Path
0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe
0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll
0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll
0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll
0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll
0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x17000 6.14.0010.4140 C:\WINDOWS\system32\Ati2evxx.dll
0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL


Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\WINDOWS\system

07/05/1998 18:04 52 736 hpsysdrv.exe
1 fichier(s) 52 736 octets
0 Rép(s) 244 472 274 944 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\WINDOWS\system32

14/04/2008 04:33 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 244 472 274 944 octets libres

Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\WINDOWS\Downloaded Program Files

18/07/2008 11:57 <REP> .
18/07/2008 11:57 <REP> ..
10/10/2005 13:32 65 desktop.ini
26/07/2002 02:13 24 576 dwusplay.dll
26/07/2002 02:13 196 608 dwusplay.exe
16/05/2007 09:22 399 gp.inf
28/07/2004 00:48 323 584 isusweb.dll
02/08/2007 11:31 360 320 MsnPUpld.dll
02/08/2007 15:47 569 MSNPUpld.inf
02/08/2007 11:31 67 456 PURen-us.dll
06/08/2007 12:10 68 992 PURfr-fr.dll
9 fichier(s) 1 042 569 octets

Total des fichiers listés :
9 fichier(s) 1 042 569 octets
2 Rép(s) 244 472 270 848 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..


Liste des fichiers en exception sur le pare-feu XP SP2

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\Musique\\LimeWire\\LimeWire.exe"="C:\\Program Files\\Musique\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"



exports des policies
REGEDIT4

[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
"DisableRegistryTools"=dword:00000000
"HideLegacyLogonScripts"=dword:00000000
"HideLogoffScripts"=dword:00000000
"RunLogonScriptSync"=dword:00000001
"RunStartupScriptSync"=dword:00000000
"HideStartupScripts"=dword:00000000



Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 01:12:09
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0


KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Process list by traversal of KiWaitListHead

4 - System
280 - guard.exe
456 - LVComSer.exe
472 - ehrecvr.exe
492 - ehSched.exe
604 - IAANTMon.exe
800 - HPZIPM12.EXE
828 - csrss.exe
860 - winlogon.exe
908 - services.exe
920 - lsass.exe
1040 - kbd.exe
1072 - ati2evxx.exe
1092 - svchost.exe
1108 - COCIManager.exe
1172 - svchost.exe
1224 - svchost.exe
1288 - svchost.exe
1324 - Communications_
1436 - svchost.exe
1480 - CLI.exe
1536 - ati2evxx.exe
1568 - mcrdsvc.exe
1888 - LVPrcSrv.exe
1904 - avguard.exe
2140 - hpqtra08.exe
2408 - dllhost.exe
2452 - alg.exe
2568 - ctfmon.exe
2600 - GoogleToolbarNo
2692 - CLI.exe
2872 - DMAScheduler.ex
3332 - CLI.exe
3560 - ehtray.exe
3588 - RTHDCPL.EXE
3656 - IAAnotif.exe
3688 - hpwuSchd2.exe
3700 - ehmsas.exe
3728 - Quickcam.exe
3784 - avgnt.exe
3980 - apdproxy.exe
4584 - hpsysdrv.exe
5944 - cmd.exe
8544 - explorer.exe
8800 - vsmon.exe
8828 - zlclient.exe

Total number of processes = 46
NOTE: Under WinXP, this will not show all processes.

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Driver/Module list by traversal of PsLoadedModuleList

804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E4000 - \WINDOWS\system32\hal.dll
F7A79000 - \WINDOWS\system32\KDCOM.DLL
F7989000 - \WINDOWS\system32\BOOTVID.dll
F7449000 - ACPI.sys
F7A7B000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
F7438000 - pci.sys
F7579000 - isapnp.sys
F7589000 - ohci1394.sys
F7599000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
F7426000 - sfsync04.sys
F7B41000 - pciide.sys
F77F9000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
F7A7D000 - viaide.sys
F7A7F000 - intelide.sys
F75A9000 - MountMgr.sys
F7407000 - ftdisk.sys
F7A81000 - dmload.sys
F73E1000 - dmio.sys
F7801000 - PartMgr.sys
F75B9000 - VolSnap.sys
F7321000 - iaStor.sys
F7309000 - atapi.sys
F72C6000 - ftsata2.sys
F72AE000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
F75C9000 - disk.sys
F75D9000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F728E000 - fltmgr.sys
F727C000 - sr.sys
F75E9000 - bb-run.sys
F75F9000 - PxHelp20.sys
F7265000 - KSecDD.sys
F71D8000 - Ntfs.sys
F71AB000 - NDIS.sys
F7609000 - Combo-Fix.sys
F7197000 - srescan.sys
F7809000 - sfhlp02.sys
F7185000 - sfdrv01.sys
F716B000 - Mup.sys
F7639000 - \SystemRoot\system32\DRIVERS\nic1394.sys
F76B9000 - \SystemRoot\system32\DRIVERS\intelppm.sys
F7AC9000 - \SystemRoot\system32\DRIVERS\ELacpi.sys
F5A66000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys
F5A52000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F5A2A000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys
F7929000 - \SystemRoot\system32\DRIVERS\usbuhci.sys
F5A06000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
F7931000 - \SystemRoot\system32\DRIVERS\usbehci.sys
F575A000 - \SystemRoot\system32\DRIVERS\3xHybrid.sys
F5737000 - \SystemRoot\system32\DRIVERS\ks.sys
F7A35000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS
F56C4000 - \SystemRoot\system32\DRIVERS\wn5301.sys
F569E000 - \SystemRoot\system32\DRIVERS\e100b325.sys
F568A000 - \SystemRoot\system32\DRIVERS\parport.sys
F76D9000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
F7939000 - \SystemRoot\system32\DRIVERS\mouclass.sys
F7ACD000 - \SystemRoot\System32\DRIVERS\ELmou.sys
F7941000 - \SystemRoot\system32\DRIVERS\PS2.sys
F7949000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
F7ACF000 - \SystemRoot\System32\DRIVERS\ELkbd.sys
F76E9000 - \SystemRoot\system32\DRIVERS\imapi.sys
F76F9000 - \SystemRoot\system32\DRIVERS\cdrom.sys
F7709000 - \SystemRoot\system32\DRIVERS\redbook.sys
F7B89000 - \SystemRoot\system32\DRIVERS\audstub.sys
F135A000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
EE7BF000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
EFF8E000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
F134A000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
F133A000 - \SystemRoot\system32\DRIVERS\raspptp.sys
F1E0D000 - \SystemRoot\system32\DRIVERS\TDI.SYS
EB47F000 - \SystemRoot\system32\DRIVERS\psched.sys
F132A000 - \SystemRoot\system32\DRIVERS\msgpc.sys
F1412000 - \SystemRoot\system32\DRIVERS\ptilink.sys
F140A000 - \SystemRoot\system32\DRIVERS\raspti.sys
EB44F000 - \SystemRoot\system32\DRIVERS\rdpdr.sys
F0F02000 - \SystemRoot\system32\DRIVERS\termdd.sys
F7A8F000 - \SystemRoot\system32\DRIVERS\swenum.sys
EB3F1000 - \SystemRoot\system32\DRIVERS\update.sys
F127A000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
F0EF2000 - \SystemRoot\System32\Drivers\NDProxy.SYS
AABF0000 - \SystemRoot\system32\drivers\RtkHDAud.sys
AABCC000 - \SystemRoot\system32\drivers\portcls.sys
F0EA2000 - \SystemRoot\system32\drivers\drmk.sys
F0E92000 - \SystemRoot\system32\DRIVERS\usbhub.sys
F7AAB000 - \SystemRoot\system32\DRIVERS\USBD.SYS
AABA9000 - \SystemRoot\system32\DRIVERS\klif.sys
F7ABD000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
EC7D0000 - \SystemRoot\System32\Drivers\Null.SYS
F7ABF000 - \SystemRoot\System32\Drivers\Beep.SYS
EC7CC000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys
F0BD9000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
F0BD1000 - \SystemRoot\System32\drivers\vga.sys
F7AC1000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F7AC3000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
F0BC9000 - \SystemRoot\System32\Drivers\Msfs.SYS
F0BC1000 - \SystemRoot\System32\Drivers\Npfs.SYS
EE109000 - \SystemRoot\system32\DRIVERS\rasacd.sys
AAB76000 - \SystemRoot\system32\DRIVERS\ipsec.sys
AAB1D000 - \SystemRoot\system32\DRIVERS\tcpip.sys
AAAF5000 - \SystemRoot\system32\DRIVERS\netbt.sys
AAACF000 - \SystemRoot\system32\DRIVERS\ipnat.sys
AAA6F000 - \SystemRoot\System32\vsdatant.sys
F0408000 - \SystemRoot\system32\DRIVERS\wanarp.sys
F03F8000 - \SystemRoot\system32\DRIVERS\arp1394.sys
F03D8000 - \SystemRoot\system32\DRIVERS\LVUSBSta.sys
AA7EE000 - \SystemRoot\system32\DRIVERS\LV561AV.SYS
AA7CC000 - \SystemRoot\System32\drivers\afd.sys
F03C8000 - \SystemRoot\system32\DRIVERS\netbios.sys
F0BA1000 - \SystemRoot\system32\DRIVERS\ssmdrv.sys
AA7A1000 - \SystemRoot\system32\DRIVERS\rdbss.sys
AA731000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
F03B8000 - \SystemRoot\System32\Drivers\Fips.SYS
F7AD7000 - \SystemRoot\System32\DRIVERS\ELmon.sys
F7A45000 - \SystemRoot\System32\DRIVERS\ELhid.sys
AA71E000 - \SystemRoot\system32\DRIVERS\avipbb.sys
F7AE1000 - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
F7BA6000 - \??\C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.sys
AA6FA000 - \SystemRoot\System32\Drivers\Fastfat.SYS
ED40C000 - \SystemRoot\system32\DRIVERS\IrBus.sys
F0B99000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
ECFEA000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
ECFE2000 - \SystemRoot\system32\DRIVERS\hidir.sys
ED3DC000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
F7147000 - \SystemRoot\system32\DRIVERS\usbscan.sys
EC8EC000 - \SystemRoot\system32\DRIVERS\usbprint.sys
F713F000 - \SystemRoot\system32\DRIVERS\kbdhid.sys
F713B000 - \SystemRoot\system32\DRIVERS\mouhid.sys
AA63A000 - \SystemRoot\System32\Drivers\dump_iaStor.sys
BF800000 - \SystemRoot\System32\win32k.sys
F5C1A000 - \SystemRoot\System32\drivers\Dxapi.sys
EC8DC000 - \SystemRoot\System32\watchdog.sys
BF9C3000 - \SystemRoot\System32\drivers\dxg.sys
F7C00000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D5000 - \SystemRoot\System32\ati2dvag.dll
BFA18000 - \SystemRoot\System32\ati2cqag.dll
BFA5E000 - \SystemRoot\System32\atikvmag.dll
BFAA2000 - \SystemRoot\System32\ati3duag.dll
BFCE6000 - \SystemRoot\System32\ativvaxx.dll
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
F7123000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
A851D000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
A84E2000 - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
A8339000 - \SystemRoot\System32\Drivers\HTTP.sys
A821F000 - \SystemRoot\system32\DRIVERS\srv.sys
A80F7000 - \SystemRoot\system32\drivers\wdmaud.sys
A8271000 - \SystemRoot\system32\drivers\sysaudio.sys
EE481000 - \SystemRoot\system32\drivers\MSPQM.sys
F7861000 - \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
A80BF000 - \SystemRoot\System32\Drivers\Cdfs.SYS
A7885000 - \SystemRoot\system32\drivers\kmixer.sys
F7831000 - \??\C:\C-Fix\catchme.sys
EE2F0000 - \??\C:\WINDOWS\system32\Drivers\PROCEXP90.SYS
F0AEA000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

Total number of drivers = 153

Liste des programmes installes

ABBYY FineReader 6.0 Sprint
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player ActiveX
Adobe Reader 8.1.2 - Français
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe® Photoshop® Album Edition Découverte 3.2
Adobe® Photoshop® Album Edition Découverte 3.2
AiO_Scan
AiO_Scan_CDA
AiOSoftware
AiOSoftwareNPI
Amélioration de nos services
Amélioration de nos services
ATI Catalyst Control Center
ATI Display Driver
AutoUpdate
AVG Anti-Spyware 7.5
Avira AntiVir Personal – Free Antivirus
BufferChm
Camera RAW Plug-In for EPSON Creativity Suite
CameraDrivers
CameraDrivers
Cariboost 2.0
CCleaner (remove only)
Connexion Facile à Internet
Connexion Facile à Internet
Correctif n° 2 pour Windows XP Édition Media Center 2005
Correctif pour Windows Internet Explorer 7 (KB947864)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
Destinations
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
DocumentViewer
DocumentViewerQFolder
eMule
Enhanced Multimedia Keyboard Solution
EPSON-Drucker-Software
EPSON Attach To Email
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
ESDX6000_CX5900 Guide util.
Fax
Fax_CDA
FileZilla Client 3.0.9.2
FlatOut2
FullDPAppQFolder
Galerie de photos Windows Live
GemMaster Mystic
Google Earth
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Windows Media Player 10 (KB903157)
HP Appareils photos Photosmart 5.0
HP Boot Optimizer
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP DVD Play 1.0
HP Imaging Device Functions 6.0
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart for Media Center PC
HP Photosmart Premier Software 6.0
HP PSC & OfficeJet 5.3.A
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HPProductAssistant
HpSdpAppCoreApp
Installation de la C-BOX
InstantShareDevices
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel(R) Quick Resume Technology Drivers
Intel(R) Quick Resume Technology Drivers
J2SE Runtime Environment 5.0 Update 5
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Le logiciel Intel® Viiv™
Lecteur Windows Media 11
LightScribe 1.4.62.1
LimeWire 4.16.6
Logitech QuickCam
MainConcept for Software Encoder
MainConcept for Software Encoder
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
Microsoft .NET Framework 3.0 French Language Pack
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
Mozilla Firefox (2.0.0.16)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
muvee autoProducer 4.5
muvee autoProducer unPlugged 1.2
NewCopy
NewCopy_CDA
OptionalContentQFolder
Otto
Package de base Microsoft de service de chiffrement pour cartes à puce
PanoStandAlone
PC-Doctor 5 for Windows
PhotoGallery
PS2
PSPrinters08
PSTAPlugin
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
RandMap
Readme
RealPlayer
Realtek High Definition Audio Driver
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Services Internet
Services Internet
SkinsHP1
SolutionCenter
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
Status
TrayApp
Unload
VideoLAN VLC media player 0.8.6f
WebFldrs XP
WebReg
Windows Communication Foundation Language Pack - FRA
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Presentation Foundation Language Pack (FRA)
Windows Workflow Foundation FR Language Pack
Windows XP Service Pack 3
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
ZoneAlarm



Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\Program Files

21/07/2008 18:48 <REP> .
21/07/2008 18:48 <REP> ..
16/02/2008 23:34 <REP> ABBYY FineReader 6.0 Sprint
18/07/2008 13:13 <REP> Adobe
22/07/2008 16:09 <REP> ANTI (Tout)
12/02/2008 14:19 <REP> ANTI VIRUS
22/07/2008 10:23 <REP> AntiVir PersonalEdition Classic
13/02/2008 15:39 <REP> ATI Technologies
12/02/2008 13:54 <REP> CEGETEL
12/11/2005 02:09 <REP> ComPlus Applications
20/04/2008 09:53 <REP> DIVX
16/02/2008 23:35 <REP> epson
18/02/2008 18:26 <REP> Fichiers communs
03/05/2008 10:12 <REP> FileZilla
20/04/2008 09:53 <REP> FrenchOtto
20/04/2008 09:53 <REP> GemMasterFrench
03/06/2008 11:37 <REP> Google
03/06/2008 11:36 <REP> Google Earth
01/01/2005 16:31 <REP> Hewlett-Packard
01/01/2005 16:07 <REP> HP
01/01/2005 15:47 <REP> Intel
11/06/2008 19:58 <REP> Internet Explorer
18/02/2008 10:27 <REP> Intuisphere
16/07/2008 10:39 <REP> Java
28/05/2008 18:31 <REP> JEUX VINCENT
12/02/2008 12:42 <REP> Logitech
01/01/2005 15:51 <REP> MainConcept
19/06/2008 20:57 <REP> Messenger
12/02/2008 22:09 <REP> Microsoft CAPICOM 2.1.0.2
15/11/2005 04:24 <REP> microsoft frontpage
12/02/2008 13:31 <REP> Microsoft Office
20/05/2008 23:28 <REP> Microsoft Silverlight
12/02/2008 16:40 <REP> Microsoft SQL Server Compact Edition
20/04/2008 09:53 <REP> Microsoft Works
12/02/2008 13:37 <REP> Microsoft.NET
19/06/2008 20:56 <REP> Movie Maker
13/02/2008 11:07 <REP> Mozilla
23/07/2008 00:59 <REP> Mozilla Firefox
24/04/2008 09:36 <REP> MSBuild
15/11/2005 04:24 <REP> MSN
15/11/2005 04:25 <REP> MSN Gaming Zone
12/02/2008 16:54 <REP> MSXML 4.0
29/02/2008 16:33 <REP> MSXML 6.0
18/04/2008 11:52 <REP> Musique
01/01/2005 16:11 <REP> muvee Technologies
19/06/2008 20:52 <REP> NetMeeting
15/11/2005 04:25 <REP> Online Services
19/06/2008 21:14 <REP> Outlook Express
12/02/2008 15:15 <REP> PARE FEU
20/04/2008 09:53 <REP> PC-Doctor 5 for Windows
01/01/2005 16:05 <REP> Real
24/04/2008 09:33 <REP> Reference Assemblies
01/01/2005 16:19 <REP> Services en ligne
18/02/2008 10:26 <REP> Site net (mes)
01/01/2005 16:06 <REP> Sonic
20/04/2008 09:56 <REP> VIDEO
29/02/2008 12:19 <REP> Windows Live
12/02/2008 16:27 <REP> Windows Live Messenger
20/04/2008 09:53 <REP> Windows Media Connect 2
19/04/2008 23:20 <REP> Windows Media Player
19/06/2008 20:52 <REP> Windows NT
15/11/2005 04:25 <REP> Windows Plus
15/11/2005 04:26 <REP> xerox
0 fichier(s) 0 octets
63 Rép(s) 244 469 628 928 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\Program Files\fichiers communs

18/02/2008 18:26 <REP> .
18/02/2008 18:26 <REP> ..
21/03/2008 14:12 <REP> Adobe
12/02/2008 13:37 <REP> DESIGNER
01/01/2005 15:55 <REP> Hewlett-Packard
01/01/2005 15:59 <REP> HP
01/01/2005 16:10 <REP> InstallShield
01/01/2005 15:35 <REP> Java
29/04/2008 18:45 <REP> LightScribe
12/02/2008 12:42 <REP> logishrd
29/02/2008 16:34 <REP> Microsoft Shared
15/11/2005 04:24 <REP> MSSoap
01/01/2005 16:10 <REP> muvee Technologies
15/11/2005 04:24 <REP> ODBC
01/01/2005 16:05 <REP> Real
29/04/2008 18:45 <REP> Services
01/01/2005 16:06 <REP> Sonic Shared
15/11/2005 04:24 <REP> SpeechEngines
01/01/2005 16:06 <REP> SureThing Shared
12/02/2008 14:15 <REP> Symantec Shared
19/06/2008 20:52 <REP> System
01/01/2005 16:06 <REP> TiVo Shared
01/01/2005 16:05 <REP> xing shared
0 fichier(s) 0 octets
23 Rép(s) 244 469 624 832 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

18/02/2008 18:47 <REP> .
18/02/2008 18:47 <REP> ..
12/02/2008 13:37 <REP> 1033
18/02/2008 18:47 <REP> 1036
20/09/2005 13:33 1 293 008 MSONSEXT.DLL
22/03/2007 20:29 39 256 MSOSV.DLL
03/06/1999 11:09 122 937 MSOWS409.DLL
07/03/2001 06:00 127 033 MSOWS40c.DLL
11/07/2003 04:25 80 448 PKMWS.DLL
5 fichier(s) 1 662 682 octets
4 Rép(s) 244 469 624 832 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 2492-62AB

Répertoire de C:\

27/12/2005 09:21 7 477 561 setup_all.exe
1 fichier(s) 7 477 561 octets
0 Rép(s) 244 469 624 832 octets libres




c:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
c:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\wspwprtct.exe
c:\Documents and Settings\HP_Administrateur\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
c:\Documents and Settings\HP_Administrateur\Bureau\DivXUserGuide521-fr.exe
c:\Documents and Settings\HP_Administrateur\Bureau\zlsSetup_70_462_000_fr.exe
c:\Documents and Settings\STEPHANE\Application Data\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\ccsetup209.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\C-Fix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\ComboFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SDFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\404Fix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\dumphive.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\exit.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\GenericRenosFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\HostsChk.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\IEDFix.C.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\IEDFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\Policies.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\Process.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\Reboot.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\restart.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\SmiUpdate.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\SrchSTS.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\swreg.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\swsc.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\swxcacls.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\UIFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\unzip.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\VACFix.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\VCCLSID.exe
c:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\SmitfraudFix\WS2Fix.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\ARPPRODUCTICON.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe_C884B05AF5D94AE49D84E6BD9F6E7890.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe1_C884B05AF5D94AE49D84E6BD9F6E7890.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\NewShortcut5_C884B05AF5D94AE49D84E6BD9F6E7890.exe
c:\Documents and Settings\VINCENT\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\Uninstall_FlatOut2_C884B05AF5D94AE49D84E6BD9F6E7890.exe
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aebb.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aecore.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeemu.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aegen.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aehelp.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeheur.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aeoffice.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aepack.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aerdl.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescn.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aescript.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\aevdf.dll
c:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\MMSEF.dll
c:\Documents and Settings\All Users\Application Data\Logishrd\LQCVFX\Filters\VMSEF.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\HP_Administrateur\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_BAYARDFAMILY.tar.gz a l'adresse http://upload.malekal.com


0
Réponse 52 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 01:27
re,

ok je m'en occupe

pendant le combo fix de toute à l'heure, l'ordi a redémarré et a réactivé automatiquement toutes les protections de sécurité.

Je les ai enlevé au plus vite, mais j'ai quand même eu 2 ou 3 alertes d'Avira. Est-ce que c'est bon quand même ?
0
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
23 juil. 2008 à 01:30
normal que Avira détecte Combofix comme un risktool quand il ce réactive ... si il te refais le coup ( si il y a redémarrage ) fais "ignore" avec AntiVir sur les alertes ... ;)

A demain ...
0
Réponse 53 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 03:02
re,

désolé mais cette fois ci cela à été beacoup + long je te mets le hjt aussi, bonne nuit aussi ou bonjour


ComboFix 08-07-21.2 - STEPHANE 2008-07-23 1:37:45.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.548 [GMT 2:00]
Endroit: C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\C-Fix.exe
Command switches used :: C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

FILE ::
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\wspwprtct.exe
C:\WINDOWS\grswptdl.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\LOG\20080722124420736.log
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\wspwprtct.exe
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\DivX Movies.lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\LimeWire 4.16.6.lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\Microsoft Office Outlook 2003 (2).lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\My PC Choice.lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\Raccourci vers ATF-Cleaner.lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\Raccourci vers CCleaner.lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\Raccourci vers emule.lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\Raccourci vers filezilla.lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\Spybot - Search & Destroy (2).lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\Windows Live Messenger (2).lnk
C:\Documents and Settings\STEPHANE\Application Data\TmpRecentIcons\Windows Media Player (2).lnk
C:\WINDOWS\grswptdl.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_poof


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-23 to 2008-07-23 ))))))))))))))))))))))))))))))))))))
.

2008-07-23 01:13 . 2008-07-23 01:13 13,021,712 --a------ C:\upload_moi_BAYARDFAMILY.tar.gz
2008-07-22 23:07 . 2008-07-23 01:32 24,064 --a------ C:\d‚soler.doc
2008-07-22 21:41 . 2008-07-22 21:41 <REP> d-------- C:\WINDOWS\ERUNT
2008-07-22 21:37 . 2008-07-22 22:04 <REP> d-------- C:\SDFix
2008-07-22 18:06 . 2008-07-22 18:06 268 --ah----- C:\sqmdata07.sqm
2008-07-22 18:06 . 2008-07-22 18:06 244 --ah----- C:\sqmnoopt07.sqm
2008-07-22 17:34 . 2008-07-22 17:38 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Contacts
2008-07-22 16:43 . 2008-07-22 18:00 5,220 --a------ C:\WINDOWS\system32\tmp.reg
2008-07-22 16:38 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-07-22 16:38 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-07-22 16:38 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-07-22 16:38 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-07-22 16:38 . 2008-07-02 13:33 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-07-22 16:38 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe
2008-07-22 16:38 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-07-22 16:38 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-07-22 16:38 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-07-22 15:54 . 2008-07-22 15:54 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Application Data\Grisoft
2008-07-22 15:53 . 2005-01-01 16:10 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\WINDOWS
2008-07-22 15:53 . 2005-11-12 02:08 <REP> d--h----- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Voisinage r‚seau
2008-07-22 15:53 . 2005-11-12 02:08 <REP> d--h----- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Voisinage d'impression
2008-07-22 15:53 . 2005-11-15 04:23 <REP> d--h----- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\ModŠles
2008-07-22 15:53 . 2008-07-22 17:35 <REP> dr------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Mes documents
2008-07-22 15:53 . 2008-02-12 19:47 <REP> dr------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Menu D‚marrer
2008-07-22 15:53 . 2008-07-22 16:06 <REP> dr------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Favoris
2008-07-22 15:53 . 2008-07-23 01:37 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Bureau
2008-07-22 15:53 . 2005-01-01 15:53 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY\Application Data\ATI
2008-07-22 15:53 . 2008-07-22 23:53 <REP> d-------- C:\Documents and Settings\STEPHANE.BAYARDFAMILY
2008-07-22 15:20 . 2008-07-22 15:20 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-07-22 13:28 . 2008-07-22 15:53 <REP> d-------- C:\Documents and Settings\TEMP

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-23 00:47 495,648 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-23 00:39 6,812 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-22 14:09 --------- d-----w C:\Program Files\ANTI (Tout)
2008-07-16 08:39 --------- d-----w C:\Program Files\Java
2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-03 16:47 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\HP
2008-06-03 16:33 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\EPSON
2008-06-03 09:37 --------- d-----w C:\Program Files\Google
2008-06-03 09:36 --------- d-----w C:\Program Files\Google Earth
2008-05-28 16:31 --------- d-----w C:\Program Files\JEUX VINCENT
.

((((((((((((((((((((((((((((( snapshot@2008-07-23_ 0.58.13.35 )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-17 19:58 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 21:34 64512]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-02-21 17:59 143360]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35 49152]
"DMAScheduler"="c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 10:01 90112]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 02:29 249856]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 18:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 18:37 2178832]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-15 23:24 262401]
"!AVG Anti-Spyware"="C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 17:44 61440]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 12:12 90112]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-01 16:05 180269]
"ZoneAlarm Client"="C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe" [2007-12-13 19:27 919016]
"ftutil2"="ftutil2.dll" [2004-06-07 14:05 106496 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-12 02:23 15961088 C:\WINDOWS\RTHDCPL.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\Musique\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-10-03 22:57]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 20:45]
R3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 19:44]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 20:45]
S3 WN5401;Liteon Wireless LAN PCI 802.11 a/b/g adapter WN5401A;C:\WINDOWS\system32\DRIVERS\wn5401.sys [2005-01-07 02:08]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-22 11:11:07 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
- C:\Program Files\ANTI (Tout)\Spybot\Spybot - Search & Destroy\SpybotSD.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 02:48:58
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\WINDOWS\system32\verclsid.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-23 2:53:07 - machine was rebooted [STEPHANE]
ComboFix-quarantined-files.txt 2008-07-23 00:53:01
ComboFix2.txt 2008-07-22 22:58:39

Pre-Run: 244,414,271,488 octets libres
Post-Run: 244,395,118,592 octets libres

189 --- E O F --- 2008-07-18 11:17:08







------------------------------------------------------------------------------------------------------------------------------------------------------

voici le hjt :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:00:17, on 23/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ANTI (Tout)\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://poupoule77220.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 54 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 09:56
Bonjour à toi sKe69,

poste56, résultats du combo fix et du hjt.

que dois je faire avec antivir, je me suis aperçu qu'il y avait des mauvaises choses dans la quarantaine, dois je les supprimés ?

0
Réponse 55 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 11:23
bonjour sKe69,

bon, je viens de prendre note après avoir installer des MAJ et je m'y colle à + tard au rapport final.
quarantaine antivir est supprimé.

je pense mettre Avast en anti virus gratuit parait que Avast est le meilleur mais les avis diverges.
Pour l'instant suis pas mécontent d'Antivir (gratuit). Oui c'est pas que je suis radin mais au départ on a eu Norton et j'ai coupé car c'était presqu'une passoire et tout ça en version payantre. j'ai entendu aussi parler de f-secure (payant) ton avis serais lequel en payant au final?

allez au rapport

0
Réponse 56 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 13:36
RE,


bon a y est, voici les rapports :
je te souhaite bonne app moi c'est fait pendant le scan


MalwareByte's:

Malwarebytes' Anti-Malware 1.22
Version de la base de données: 982
Windows 5.1.2600 Service Pack 3

12:56:23 23/07/2008
mbam-log-7-23-2008 (12-56-23).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 171871
Temps écoulé: 42 minute(s), 56 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP178\A0048442.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP179\A0048735.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP179\A0048741.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.


-------------------------------------------------------------------------------------------------------------------------------

hijackthis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:23, on 23/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Trend Micro\HijackThis\monjack.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\PARE FEU\ZonAlarm\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTI(T~1\Spybot\SPYBOT~1\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://poupoule77220.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\ANTI (Tout)\AVG Anti Spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 57 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 17:36
re,

alors voilà, j'ai 2 rapports antivir un fait en "mode sans échec" et l'autre c'est "après démarrage en mode normal", il a fait le scan automatiquement, dans le doute j'ai laissé faire.


rapport en "mode sans échec"


Avira AntiVir Personal
Report file date: mercredi 23 juillet 2008 14:39

Scanning for 1493079 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Save mode
Username: STEPHANE
Computer name: BAYARDFAMILY

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 15/04/2008 21:24:09
AVSCAN.DLL : 8.1.1.0 53505 Bytes 15/04/2008 21:24:09
LUKE.DLL : 8.1.2.9 151809 Bytes 15/04/2008 21:24:09
LUKERES.DLL : 8.1.2.1 12033 Bytes 15/04/2008 21:24:09
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 12:17:08
ANTIVIR2.VDF : 7.0.5.144 1690624 Bytes 21/07/2008 08:23:37
ANTIVIR3.VDF : 7.0.5.158 121344 Bytes 23/07/2008 12:27:59
Engineversion : 8.1.1.11
AEVDF.DLL : 8.1.0.5 102772 Bytes 15/04/2008 21:24:11
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 19/07/2008 08:23:38
AESCN.DLL : 8.1.0.23 119156 Bytes 16/07/2008 08:24:04
AERDL.DLL : 8.1.0.20 418165 Bytes 26/04/2008 07:32:21
AEPACK.DLL : 8.1.2.1 364917 Bytes 16/07/2008 08:24:03
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 19/07/2008 08:23:37
AEHEUR.DLL : 8.1.0.43 1339767 Bytes 19/07/2008 08:23:36
AEHELP.DLL : 8.1.0.15 115063 Bytes 30/05/2008 07:33:29
AEGEN.DLL : 8.1.0.29 307573 Bytes 21/06/2008 07:33:42
AEEMU.DLL : 8.1.0.6 430451 Bytes 08/05/2008 07:32:38
AECORE.DLL : 8.1.1.6 172405 Bytes 17/07/2008 08:24:23
AEBB.DLL : 8.1.0.1 53617 Bytes 17/07/2008 08:24:22
AVWINLL.DLL : 1.0.0.7 14593 Bytes 15/04/2008 21:24:09
AVPREF.DLL : 8.0.0.1 25857 Bytes 15/04/2008 21:24:09
AVREP.DLL : 8.0.0.1 98561 Bytes 23/07/2008 12:28:00
AVREG.DLL : 8.0.0.0 30977 Bytes 15/04/2008 21:24:09
AVARKT.DLL : 1.0.0.23 307457 Bytes 15/04/2008 21:24:08
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 15/04/2008 21:24:09
SQLITE3.DLL : 3.3.17.1 339968 Bytes 15/04/2008 21:24:10
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 15/04/2008 21:24:10
NETNT.DLL : 8.0.0.1 7937 Bytes 15/04/2008 21:24:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 15/04/2008 21:24:05
RCTEXT.DLL : 8.0.32.0 86273 Bytes 15/04/2008 21:24:05

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: mercredi 23 juillet 2008 14:39

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '34' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <HP_RECOVERY>


End of the scan: mercredi 23 juillet 2008 15:24
Used time: 45:26 min

The scan has been done completely.

9235 Scanning directories
628139 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
628139 Files not concerned
16481 Archives were scanned
6 Warnings
0 Notes





------------------------------------------------------------------------------------------------------------------------------------------------------------

rapport "après démarrage en mode normal"


Avira AntiVir Personal
Report file date: mercredi 23 juillet 2008 15:47

Scanning for 1493079 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: BAYARDFAMILY

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 15/04/2008 21:24:09
AVSCAN.DLL : 8.1.1.0 53505 Bytes 15/04/2008 21:24:09
LUKE.DLL : 8.1.2.9 151809 Bytes 15/04/2008 21:24:09
LUKERES.DLL : 8.1.2.1 12033 Bytes 15/04/2008 21:24:09
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 12:17:08
ANTIVIR2.VDF : 7.0.5.144 1690624 Bytes 21/07/2008 08:23:37
ANTIVIR3.VDF : 7.0.5.158 121344 Bytes 23/07/2008 12:27:59
Engineversion : 8.1.1.11
AEVDF.DLL : 8.1.0.5 102772 Bytes 15/04/2008 21:24:11
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 19/07/2008 08:23:38
AESCN.DLL : 8.1.0.23 119156 Bytes 16/07/2008 08:24:04
AERDL.DLL : 8.1.0.20 418165 Bytes 26/04/2008 07:32:21
AEPACK.DLL : 8.1.2.1 364917 Bytes 16/07/2008 08:24:03
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 19/07/2008 08:23:37
AEHEUR.DLL : 8.1.0.43 1339767 Bytes 19/07/2008 08:23:36
AEHELP.DLL : 8.1.0.15 115063 Bytes 30/05/2008 07:33:29
AEGEN.DLL : 8.1.0.29 307573 Bytes 21/06/2008 07:33:42
AEEMU.DLL : 8.1.0.6 430451 Bytes 08/05/2008 07:32:38
AECORE.DLL : 8.1.1.6 172405 Bytes 17/07/2008 08:24:23
AEBB.DLL : 8.1.0.1 53617 Bytes 17/07/2008 08:24:22
AVWINLL.DLL : 1.0.0.7 14593 Bytes 15/04/2008 21:24:09
AVPREF.DLL : 8.0.0.1 25857 Bytes 15/04/2008 21:24:09
AVREP.DLL : 8.0.0.1 98561 Bytes 23/07/2008 12:28:00
AVREG.DLL : 8.0.0.0 30977 Bytes 15/04/2008 21:24:09
AVARKT.DLL : 1.0.0.23 307457 Bytes 15/04/2008 21:24:08
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 15/04/2008 21:24:09
SQLITE3.DLL : 3.3.17.1 339968 Bytes 15/04/2008 21:24:10
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 15/04/2008 21:24:10
NETNT.DLL : 8.0.0.1 7937 Bytes 15/04/2008 21:24:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 15/04/2008 21:24:05
RCTEXT.DLL : 8.0.32.0 86273 Bytes 15/04/2008 21:24:05

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: mercredi 23 juillet 2008 15:47

Starting search for hidden objects.
'60905' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'HPBootOp.exe' - '1' Module(s) have been scanned
Scan process 'DMAScheduler.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'ELService.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'HPZIPM12.EXE' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'IAANTMon.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
53 processes with 53 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '27' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP178\A0048568.exe
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program
--> SmitfraudFix\restart.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '48b74417.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP178\A0048578.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program
[NOTE] The file was moved to '48b74421.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP178\A0048579.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '48b74424.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP178\A0048600.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program
[NOTE] The file was moved to '48b74428.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP178\A0048601.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '48b7442a.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0048867.EXE
[DETECTION] Contains detection pattern of the application APPL/PsExec.E
[NOTE] The file was moved to '48b74436.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0048891.com
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
[NOTE] The file was moved to '48b74439.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0048905.exe
[0] Archive type: RAR SFX (self extracting)
--> 327882R2FWJFW\NirCmd.cfexe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
--> 327882R2FWJFW\nircmd.com
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
--> 327882R2FWJFW\NirCmdC.cfexe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.1.B
--> 327882R2FWJFW\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
--> 327882R2FWJFW\pv.cfexe
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[NOTE] The file was moved to '48b7443f.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0048911.exe
[0] Archive type: RAR SFX (self extracting)
--> 327882R2FWJFW\NirCmd.cfexe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
--> 327882R2FWJFW\nircmd.com
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
--> 327882R2FWJFW\NirCmdC.cfexe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.1.B
--> 327882R2FWJFW\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
--> 327882R2FWJFW\pv.cfexe
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[NOTE] The file was moved to '48b74451.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0048915.exe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
[NOTE] The file was moved to '48b74454.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0048934.com
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
[NOTE] The file was moved to '48b74457.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0048965.com
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
[NOTE] The file was moved to '48b7445a.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP180\A0048993.com
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
[NOTE] The file was moved to '48b7445c.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0049045.EXE
[DETECTION] Contains detection pattern of the application APPL/PsExec.E
[NOTE] The file was moved to '48b74461.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP181\A0049066.com
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
[NOTE] The file was moved to '48b74463.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP182\A0049121.exe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
[NOTE] The file was moved to '48b74468.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP182\A0049213.exe
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program
--> SmitfraudFix\restart.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '48b7446e.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP182\A0049314.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program
[NOTE] The file was moved to '48b74474.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP182\A0049315.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '48b74476.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP182\A0049336.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program
[NOTE] The file was moved to '48b74479.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP182\A0049337.exe
[DETECTION] Contains detection pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '48b7447f.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP183\A0049354.exe
[0] Archive type: RAR SFX (self extracting)
--> 327882R2FWJFW\NirCmd.cfexe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
--> 327882R2FWJFW\nircmd.com
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
--> 327882R2FWJFW\NirCmdC.cfexe
[DETECTION] Contains detection pattern of the application APPL/NirCmd.E.1.B
--> 327882R2FWJFW\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
--> 327882R2FWJFW\pv.cfexe
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[NOTE] The file was moved to '48b74486.qua'!
Begin scan in 'D:\' <HP_RECOVERY>


End of the scan: mercredi 23 juillet 2008 17:29
Used time: 1:41:55 min

The scan has been done completely.

9564 Scanning directories
657894 Files were scanned
36 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
22 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
657858 Files not concerned
16511 Archives were scanned
7 Warnings
22 Notes
60905 Objects were scanned with rootkit scan
0 Hidden objects were found



0
Réponse 58 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 19:42
re,

voici le rapport bitdefender demandé :



BitDefender Online Scanner







Rapport d'analyse généré à: Wed, Jul 23, 2008 - 19:36:52









Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;















Statistiques

Temps


00:35:39

Fichiers


198274

Directoires


9178

Secteurs de boot


3

Archives


1755

Paquets programmes


17000







Résultats

Virus identifiés


0

Fichiers infectés


0

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


0







Info sur les moteurs

Définition virus


1383127

Version des moteurs


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins


16

Archive des plugins


43

Unpack des plugins


7

E-mail plugins


6

Système plugins


5







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

Aucun virus trouvé.





-
Un grand MERCI à tous pour votre aide

Stéphane
0
Réponse 59 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 21:55
re,

bon je fais tout ce dont tu m'a dis et te donne des nouvelles ensuite. dans le doute je fais ça un par un (nettoyage disk par disk et etc... ).


0
Réponse 60 / 68
steph77phane Messages postés 2437 Date d'inscription mercredi 16 mai 2007 Statut Membre Dernière intervention 9 juin 2014 37
23 juil. 2008 à 23:15
RE,

je te dis bonne nuit car ce n'est pas fini. Je te dis quoi demain. LOL (suis picard d'origine)

et merci encore pour ton aide
0
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
23 juil. 2008 à 23:33
bonne nuit et à demain ( moi j'suis lyonnais ^^)
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses