ok 
tu cliques sur "démarrer", puis tu cliques dans "poste de travail"
tu cliques sur C (ton disque dur)
et tu vas y retrouver le rapport: Combofix.txt (possible que tu ne vois pas l'extension .txt)
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
Bonjour
Le vers MSN a amené avec lui d'autres infections, il faut que je les retrouve dans le rapport Combofix, tu l'as trouvé mais tu ne l'as pas posté en entier:
| Citation : je sais pas si c'est ca
|
Il me faut ce rapport.
J'en ai besoin pour continuer la procédure. Poste le en entier.
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
je veux le rapport en entier.
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
DiagHelp version v1.4 - http://www.malekal.com
excute le 2008-01-26 à 1:32:39.93
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->2008-01-26 01:32:27
C:\WINDOWS\prefetch\HPZIPM12.EXE-02312CF9.pf -->2008-01-26 01:32:25
C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->2008-01-26 01:32:16
C:\WINDOWS\prefetch\WUAUCLT.EXE-1360D60A.pf -->2008-01-26 01:27:43
C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->2008-01-26 01:27:37
C:\WINDOWS\prefetch\WZQKPICK.EXE-0FB748E8.pf -->2008-01-26 01:21:01
C:\WINDOWS\prefetch\MSIEXEC.EXE-330626DC.pf -->2008-01-26 01:19:57
C:\WINDOWS\prefetch\FIREFOX.EXE-06188867.pf -->2008-01-26 01:18:20
C:\WINDOWS\prefetch\RUNDLL32.EXE-4532DDE6.pf -->2008-01-26 01:17:23
C:\WINDOWS\prefetch\WATCH.EXE-27B8EEDC.pf -->2008-01-26 01:02:36
C:\WINDOWS\System32\drivers\fidbox2.dat -->2008-01-26 01:31:15
C:\WINDOWS\System32\drivers\fidbox2.idx -->2008-01-25 23:51:59
C:\WINDOWS\System32\drivers\fidbox.idx -->2008-01-25 23:51:59
C:\WINDOWS\System32\drivers\fidbox.dat -->2008-01-25 23:51:59
C:\WINDOWS\System32\drivers\klif.sys -->2008-01-23 10:29:43
C:\WINDOWS\System32\drivers\klin.dat -->2008-01-23 10:23:37
C:\WINDOWS\System32\drivers\klick.dat -->2008-01-23 10:23:37
C:\WINDOWS\System32\bdod.bin -->2008-01-25 21:19:11
C:\WINDOWS\System32\bdss.log -->2008-01-25 21:00:41
C:\WINDOWS\System32\CONFIG.NT -->2008-01-23 09:57:55
C:\WINDOWS\System32\tftp.exe -->2008-01-21 21:01:08
C:\WINDOWS\System32\ftp.exe -->2008-01-21 21:01:08
C:\WINDOWS\System32\svchost.exe -->2008-01-21 20:44:53
C:\WINDOWS\System32\PCANDIS5.sys -->2008-01-20 18:42:16
C:\WINDOWS\System32\W32N50.dll -->2008-01-20 16:04:27
C:\WINDOWS\System32\wpa.dbl -->2008-01-14 20:34:20
C:\WINDOWS\System32\lvcoinst.log -->2007-11-21 20:23:47
C:\WINDOWS\System32\perfh00C.dat -->2007-11-17 18:15:24
C:\WINDOWS\System32\perfh009.dat -->2007-11-17 18:15:24
C:\WINDOWS\System32\perfc00C.dat -->2007-11-17 18:15:24
C:\WINDOWS\System32\perfc009.dat -->2007-11-17 18:15:24
C:\WINDOWS\System32\PerfStringBackup.INI -->2007-11-17 18:15:22
C:\WINDOWS\System32\klogon.dll -->2007-06-28 12:51:48
C:\WINDOWS\System32\xactengine2_8.dll -->2007-06-20 20:46:04
C:\WINDOWS\System32\x3daudio1_2.dll -->2007-06-20 20:45:20
C:\WINDOWS\System32\d3dx9_34.dll -->2007-05-16 16:45:16
C:\WINDOWS\System32\d3dx10_34.dll -->2007-05-16 16:45:16
C:\WINDOWS\System32\D3DCompiler_34.dll -->2007-05-16 16:45:16
C:\WINDOWS\System32\rmoc3260.dll -->2007-05-07 14:28:17
C:\WINDOWS\System32\pndx5032.dll -->2007-05-07 14:27:52
C:\WINDOWS\System32\pndx5016.dll -->2007-05-07 14:27:52
C:\WINDOWS\System32\pncrt.dll -->2007-05-07 14:27:42
C:\WINDOWS\WindowsUpdate.log -->2008-01-26 01:27:47
C:\WINDOWS\0.log -->2008-01-26 00:55:46
C:\WINDOWS\wiadebug.log -->2008-01-26 00:55:45
C:\WINDOWS\wiaservc.log -->2008-01-26 00:55:42
C:\WINDOWS\bootstat.dat -->2008-01-26 00:55:37
C:\WINDOWS\NeroDigital.ini -->2008-01-26 00:48:37
C:\WINDOWS\ntbtlog.txt -->2008-01-25 23:56:19
C:\WINDOWS\SchedLgU.Txt -->2008-01-25 23:51:47
C:\WINDOWS\msnfix.txt -->2008-01-24 11:33:45
C:\WINDOWS\setupapi.log -->2008-01-23 10:06:10
C:\WINDOWS\DPINST.LOG -->2008-01-22 10:37:21
C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt -->2008-01-21 09:52:57
C:\WINDOWS\InstallInventel5G.log -->2008-01-20 18:43:36
C:\WINDOWS\InvInstaller.log -->2008-01-20 18:42:16
C:\WINDOWS\setupact.log -->2008-01-20 17:13:27
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Unsigned
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1996
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
*** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image:
*** File timestamp: Wed Aug 04 09:54:15 2004
*** Loaded image timestamp: Wed Aug 04 09:54:16 2004
*** Loaded C:\WINDOWS\system32\USER32.dll differs from file image:
*** File timestamp: Wed Aug 04 09:54:10 2004
*** Loaded image timestamp: Wed Aug 04 10:06:22 2004
*** Loaded C:\WINDOWS\system32\SHELL32.dll differs from file image:
*** File timestamp: Wed Aug 04 09:53:55 2004
*** Loaded image timestamp: Wed Aug 04 10:06:30 2004
*** Loaded C:\WINDOWS\system32\SHDOCVW.dll differs from file image:
*** File timestamp: Thu Jan 27 18:14:20 2005
*** Loaded image timestamp: Thu Jan 27 18:16:34 2005
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x10000000 0x17000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
0x13420000 0x1a000 11.00.5721.5145 C:\PROGRA~1\WINDOW~1\wmpband.dll
0x00e40000 0x28000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll
0x01920000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll
0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll
0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll
0x00a90000 0xe000 3.63.0004.0000 C:\Program Files\MessengerPlus! 3\MsgPlusLoader1.dll
0x748f0000 0x130000 8.50.2162.0000 C:\WINDOWS\system32\msxml3.dll
0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x02fc0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x0bef0000 0x37000 11.00.5721.5145 C:\WINDOWS\system32\MFPlat.DLL
*** Loaded C:\WINDOWS\system32\DNSAPI.dll differs from file image:
*** File timestamp: Wed Aug 04 09:53:36 2004
*** Loaded image timestamp: Wed Aug 04 10:01:36 2004
0x042a0000 0x18000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll
0x04790000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
0x047f0000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
*** Loaded C:\PROGRA~1\WINZIP\WZSHLSTB.DLL differs from file image:
*** File timestamp: Thu Apr 12 04:32:21 2007
*** Loaded image timestamp: Fri Sep 10 19:24:03 2004
*** 0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
0x012c0000 0xb000 8.05.0000.0137 C:\Program Files\Aladdin Systems\StuffIt\CompressMenu.dll
0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Aladdin Systems\StuffIt\MFC71.DLL
0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Aladdin Systems\StuffIt\MSVCR71.dll
0x02200000 0x16000 8.05.0000.0137 C:\Program Files\Aladdin Systems\StuffIt\Aladdin.dll
0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Aladdin Systems\StuffIt\MSVCP71.dll
0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL
0x02220000 0xc000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll
0x7c420000 0x87000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll
0x00b80000 0x7000 1.00.0000.0001 C:\PROGRA~1\Wanadoo\Inactivity.dll
0x026f0000 0x24000 8.04.0001.1092 C:\Program Files\Logitech\Video\Namespc2.dll
0x01140000 0x8000 8.04.0001.1092 C:\Program Files\Logitech\Video\AlbuDBps.dll
0x04aa0000 0x27e000 5.02.5721.5145 C:\WINDOWS\system32\wpdshext.dll
0x07160000 0x46000 5.02.5721.5145 C:\WINDOWS\system32\Audiodev.dll
0x15110000 0x25a000 11.00.5721.5145 C:\WINDOWS\system32\WMVCore.DLL
0x11c70000 0x39000 11.00.5721.5145 C:\WINDOWS\system32\WMASF.DLL
0x75be0000 0x6e000 5.06.0000.8820 C:\WINDOWS\system32\jscript.dll
0x05350000 0xb000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\klscav.dll
0x66600000 0x17000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prremote.dll
0x05380000 0x48000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prloader.dll
0x64a00000 0x30000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\prkernel.ppl
0x01cb0000 0x6c000 7.00.0000.0125 c:\program files\kaspersky lab\kaspersky anti-virus 7.0\params.ppl
0x01d20000 0x9000 7.00.0000.0125 c:\program files\kaspersky lab\kaspersky anti-virus 7.0\pxstub.ppl
0x67f00000 0x7000 7.00.0000.0125 c:\program files\kaspersky lab\kaspersky anti-virus 7.0\tempfile.ppl
0x02010000 0x16000 8.04.0001.1092 C:\WINDOWS\system32\LQCUI2.dll
0x74630000 0x27000 3.10.0349.0000 C:\WINDOWS\system32\msls31.dll
0x00b40000 0x6000 4.01.0000.0000 C:\Program Files\WinZip\wzshlstb.dll
0x79170000 0x26000 1.01.4322.2032 C:\WINDOWS\system32\MSCOREE.DLL
0x79040000 0x45000 1.01.4322.2032 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
0x02c10000 0x16f000 4.05.0167.0000 C:\Program Files\Online_TV\tbOnl0.dll
0x06200000 0x16f000 4.05.0167.0000 C:\Program Files\Share_Accelerator\tbSha1.dll
0x020e0000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
0x045b0000 0x1d000 1.00.0000.0076 C:\PROGRA~1\DOWNLO~1\MDPPH.DLL
0x12950000 0xa64000 11.00.5721.5145 C:\WINDOWS\system32\wmp.dll
0x13740000 0x7ea000 11.00.5721.5145 C:\WINDOWS\system32\wmploc.dll
0x30000000 0x2ef000 9.00.0047.0000 C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 1216
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
*** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image:
*** File timestamp: Wed Aug 04 09:54:15 2004
*** Loaded image timestamp: Wed Aug 04 09:54:16 2004
*** Loaded C:\WINDOWS\system32\USER32.dll differs from file image:
*** File timestamp: Wed Aug 04 09:54:10 2004
*** Loaded image timestamp: Wed Aug 04 10:06:22 2004
*** Loaded C:\WINDOWS\system32\SHELL32.dll differs from file image:
*** File timestamp: Wed Aug 04 09:53:55 2004
*** Loaded image timestamp: Wed Aug 04 10:06:30 2004
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x10000000 0x17000 7.00.0000.0125 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
0x00c30000 0x10000 6.14.0010.4114 C:\WINDOWS\system32\Ati2evxx.dll
0x01330000 0x33000 7.00.0000.0125 C:\WINDOWS\system32\klogon.dll
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0258 C:\WINDOWS\system32\CLBCATQ.DLL
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 3CC2-7E1D
Répertoire de C:\WINDOWS\system
1998-05-07 17:04 52,736 hpsysdrv.exe
1996-08-27 02:12 4,176 QTNOTIFY.EXE
2 fichier(s) 56,912 octets
0 Rép(s) 40,813,961,216 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 3CC2-7E1D
Répertoire de C:\WINDOWS\system32
2004-08-05 19:00 6,144 csrss.exe
1 fichier(s) 6,144 octets
0 Rép(s) 40,813,961,216 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 3CC2-7E1D
Répertoire de C:\WINDOWS\Downloaded Program Files
2008-01-21 08:59 <REP> .
2008-01-21 08:59 <REP> ..
2004-11-23 22:20 65 desktop.ini
2002-07-26 01:13 24,576 dwusplay.dll
2002-07-26 01:13 196,608 dwusplay.exe
2004-07-27 23:48 323,584 isusweb.dll
2004-04-06 18:03 172,072 MessengerStatsPAClient.dll
2003-05-29 15:00 77,408 msgrchkr.dll
2003-05-29 15:00 86,112 solitaireshowdown.dll
2007-03-26 15:46 5,085 swflash.inf
8 fichier(s) 885,510 octets
Total des fichiers listés :
8 fichier(s) 885,510 octets
2 Rép(s) 40,813,957,120 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
C:\Program Files\Advert présent! Possible infection : lop.com
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
Export de la clef SharedTaskScheduler
[SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-26 01:33:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
IPC error: 2 Le fichier spécifié est introuvable.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40]
"ujdew"=hex:20,02,00,00,66,82,b3,be,25,64,dd,b5,a2,79,41,4b,8c,50,8d,7d,26,..
"ljej40"=hex:34,e7,10,fa,0d,24,57,3f,4d,1c,9a,09,b2,fe,bc,5a,b2,f8,27,8b,74,..
"ljej41"=hex
6,e7,10,fa,75,24,57,3f,4c,1c,9b,09,b3,fe,bc,5a,b2,f8,27,8b,21,..
"ljej42"=hex6,e7,10,fa,75,24,57,3f,4c,1c,9b,09,b3,fe,bc,5a,b2,f8,27,8b,21,..
"ljej43"=hex6,e7,10,fa,75,24,57,3f,4c,1c,9b,09,b3,fe,bc,5a,b2,f8,27,8b,21,..
"ljej44"=hex6,e7,10,fa,75,24,57,3f,4c,1c,9b,09,b3,fe,bc,5a,b2,f8,27,8b,21,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\astq]
"Type"=dword:00000001
"Start"=dword:00000001
"ErrorControl"=dword:00000000
"ImagePath"=str(2):"\??\C:\WINDOWS\system32\drivers\astq.tga"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\astq\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\astq]
"Type"=dword:00000001
"Start"=dword:00000001
"ErrorControl"=dword:00000000
"ImagePath"=str(2):"\??\C:\WINDOWS\system32\drivers\astq.tga"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\astq\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
"DisplayName"="Alcohol 120%"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000194
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
284 - GestionnaireInt
328 - PollingModule.e
336 - Inactivity.exe
588 - avp.exe
632 - GoogleUpdaterSe
932 - atiptaxx.exe
976 - ALERTM~1.EXE
1192 - csrss.exe
1216 - winlogon.exe
1260 - services.exe
1272 - lsass.exe
1448 - svchost.exe
1520 - svchost.exe
1560 - svchost.exe
1828 - hphmon06.exe
1996 - explorer.exe
2100 - Watch.exe
2120 - LVCOMSX.EXE
2304 - MsgPlus.exe
2308 - iPodService.exe
2376 - avp.exe
2404 - LogitechDesktop
2420 - TaskBarIcon.exe
2572 - firefox.exe
2596 - hpqtra08.exe
3900 - Toaster.exe
4092 - ComComp.exe
Total number of processes = 28
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806CE000 - \WINDOWS\system32\hal.dll
F7AFC000 - \WINDOWS\system32\KDCOM.DLL
F7A0C000 - \WINDOWS\system32\BOOTVID.dll
F74D3000 - a347bus.sys
F74A4000 - ACPI.sys
F7AFE000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS
F7493000 - pci.sys
F75FC000 - isapnp.sys
F760C000 - ohci1394.sys
F761C000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS
F7480000 - sfsync04.sys
F7BC4000 - pciide.sys
F787C000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
F762C000 - MountMgr.sys
F7461000 - ftdisk.sys
F7884000 - PartMgr.sys
F763C000 - VolSnap.sys
F7449000 -
F7B00000 - a347scsi.sys
F7431000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS
F764C000 - disk.sys
F765C000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F7412000 - fltMgr.sys
F7400000 - sr.sys
F766C000 - PxHelp20.sys
F73E9000 - KSecDD.sys
F735C000 - Ntfs.sys
F732F000 - NDIS.sys
F7318000 - sfvfs02.sys
F788C000 - sfhlp02.sys
F7304000 - sfdrv01a.sys
F72F2000 - sfdrv01.sys
F72D7000 - Mup.sys
F72BB000 - kl1.sys
F7894000 - \WINDOWS\system32\drivers\TDI.SYS
F773C000 - \SystemRoot\system32\DRIVERS\AmdK8.sys
F689B000 - \SystemRoot\system32\DRIVERS\ati2mtag.sys
F6887000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F79A4000 - \SystemRoot\system32\DRIVERS\usbohci.sys
F6864000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS
F79AC000 - \SystemRoot\system32\DRIVERS\usbehci.sys
F774C000 - \SystemRoot\system32\DRIVERS\imapi.sys
F775C000 - \SystemRoot\system32\DRIVERS\cdrom.sys
F776C000 - \SystemRoot\system32\DRIVERS\redbook.sys
F6841000 - \SystemRoot\system32\DRIVERS\ks.sys
F79B4000 - \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
F670B000 - \SystemRoot\system32\DRIVERS\AGRSM.sys
F79BC000 - \SystemRoot\System32\Drivers\Modem.SYS
F777C000 - \SystemRoot\system32\DRIVERS\R8139n51.SYS
F778C000 - \SystemRoot\system32\DRIVERS\nic1394.sys
F64D5000 - \SystemRoot\system32\drivers\ALCXWDM.SYS
F64B1000 - \SystemRoot\system32\drivers\portcls.sys
F77AC000 - \SystemRoot\system32\drivers\drmk.sys
F649D000 - \SystemRoot\system32\DRIVERS\parport.sys
F77BC000 - \SystemRoot\system32\DRIVERS\i8042prt.sys
F79C4000 - \SystemRoot\system32\DRIVERS\mouclass.sys
F7AAC000 - \SystemRoot\system32\DRIVERS\PS2.sys
F79CC000 - \SystemRoot\system32\DRIVERS\kbdclass.sys
F79D4000 - \SystemRoot\system32\DRIVERS\klim5.sys
F7C7B000 - \SystemRoot\system32\DRIVERS\audstub.sys
F781C000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys
F7AC4000 - \SystemRoot\system32\DRIVERS\ndistapi.sys
F645E000 - \SystemRoot\system32\DRIVERS\ndiswan.sys
F782C000 - \SystemRoot\system32\DRIVERS\raspppoe.sys
F6ACE000 - \SystemRoot\system32\DRIVERS\raspptp.sys
F644D000 - \SystemRoot\system32\DRIVERS\psched.sys
F783C000 - \SystemRoot\system32\DRIVERS\msgpc.sys
F79DC000 - \SystemRoot\system32\DRIVERS\ptilink.sys
F79E4000 - \SystemRoot\system32\DRIVERS\raspti.sys
F784C000 - \SystemRoot\system32\DRIVERS\termdd.sys
F7B62000 - \SystemRoot\system32\DRIVERS\swenum.sys
F6419000 - \SystemRoot\system32\DRIVERS\update.sys
F7ACC000 - \SystemRoot\system32\DRIVERS\mssmbios.sys
F7AD0000 - \SystemRoot\system32\drivers\WmBEnum.sys
F785C000 - \SystemRoot\system32\drivers\WmXlCore.sys
F786C000 - \SystemRoot\System32\Drivers\NDProxy.SYS
F6AAE000 - \SystemRoot\system32\DRIVERS\usbhub.sys
F7B66000 - \SystemRoot\system32\DRIVERS\USBD.SYS
F7B68000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
F7D29000 - \SystemRoot\System32\Drivers\Null.SYS
F7B6A000 - \SystemRoot\System32\Drivers\Beep.SYS
F79F4000 - \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
F79FC000 - \SystemRoot\System32\drivers\vga.sys
F7B6C000 - \SystemRoot\System32\Drivers\mnmdd.SYS
F7B6E000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
F7A04000 - \SystemRoot\System32\Drivers\Msfs.SYS
F78C4000 - \SystemRoot\System32\Drivers\Npfs.SYS
F728B000 - \SystemRoot\system32\DRIVERS\rasacd.sys
EE39E000 - \SystemRoot\system32\DRIVERS\ipsec.sys
EE346000 - \SystemRoot\system32\DRIVERS\tcpip.sys
EE31E000 - \SystemRoot\system32\DRIVERS\netbt.sys
EE2FC000 - \SystemRoot\System32\drivers\afd.sys
F6A8E000 - \SystemRoot\system32\DRIVERS\netbios.sys
EE231000 - \SystemRoot\system32\DRIVERS\rdbss.sys
EE1C2000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
EE18F000 - \??\C:\WINDOWS\system32\drivers\klif.sys
F6A6E000 - \SystemRoot\System32\Drivers\Fips.SYS
EE16E000 - \SystemRoot\system32\DRIVERS\ipnat.sys
F6A4E000 - \SystemRoot\system32\DRIVERS\wanarp.sys
F6A3E000 - \SystemRoot\system32\DRIVERS\arp1394.sys
F78D4000 - \SystemRoot\system32\DRIVERS\usbccgp.sys
F6491000 - \SystemRoot\system32\DRIVERS\hidusb.sys
F76AC000 - \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
F78DC000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS
EE111000 - \SystemRoot\system32\DRIVERS\sis163u.sys
F76BC000 - \SystemRoot\system32\drivers\lvusbsta.sys
EE081000 - \SystemRoot\system32\DRIVERS\LVCM.sys
EDF56000 - \SystemRoot\system32\DRIVERS\lvsvf2.sys
F76CC000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
F76DC000 - \??\C:\WINDOWS\system32\drivers\astq.tga
F76FC000 - \SystemRoot\system32\drivers\usbaudio.sys
F648D000 - \SystemRoot\system32\DRIVERS\mouhid.sys
EDF33000 - \SystemRoot\System32\Drivers\Fastfat.SYS
F779C000 - \SystemRoot\System32\Drivers\Cdfs.SYS
EDF1B000 - \SystemRoot\System32\Drivers\dump_atapi.sys
F7B78000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
F78F4000 - \SystemRoot\System32\watchdog.sys
F7ABC000 - \SystemRoot\System32\drivers\Dxapi.sys
BF9C1000 - \SystemRoot\System32\drivers\dxg.sys
F7C39000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D3000 - \SystemRoot\System32\ati2dvag.dll
BFA0F000 - \SystemRoot\System32\ati2cqag.dll
BFA41000 - \SystemRoot\System32\atikvmag.dll
BFA73000 - \SystemRoot\System32\ati3duag.dll
BFCA4000 - \SystemRoot\System32\ativvaxx.dll
EBDBB000 - \SystemRoot\system32\DRIVERS\ndisuio.sys
EBA4E000 - \SystemRoot\system32\DRIVERS\mrxdav.sys
EB9E3000 - \SystemRoot\system32\DRIVERS\atksgt.sys
F794C000 - \SystemRoot\system32\DRIVERS\lirsgt.sys
EB8C8000 - \SystemRoot\system32\DRIVERS\srv.sys
EB8A0000 - \SystemRoot\system32\DRIVERS\secdrv.sys
EB74B000 - \SystemRoot\system32\drivers\wdmaud.sys
EB983000 - \SystemRoot\system32\drivers\sysaudio.sys
EB323000 - \SystemRoot\System32\Drivers\HTTP.sys
EB528000 - \??\C:\WINDOWS\system32\PCANDIS5.SYS
BA959000 - \SystemRoot\system32\drivers\kmixer.sys
F7C87000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 139
Liste des programmes installes
1400
1400_Help
1400Trb
802.11 USB Wireless LAN Adapter
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.1 - Français
Adobe Shockwave Player
Agere Systems PCI Soft Modem
AiO_Scan
AiOSoftware
Anti-Pub 2003.03
Astérix aux Jeux Olympiques
ATI Control Panel
ATI Display Driver
Atlas Routier Michelin France
Azureus Vuze
BufferChm
CameraDrivers
Catalencoder
ColorNick v2 plugin for Messenger Plus!
Commande ECHO désactivée.
Complément Microsoft Word pour Microsoft Works Suite
Compléments d'aide et de support
Connexion Facile à Internet
Connexion Facile à Internet
Copernic Agent Basic
Copy
Correctif Windows XP - KB867282
Correctif Windows XP - KB873339
Correctif Windows XP - KB883667
Correctif Windows XP - KB885250
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB887472
Correctif Windows XP - KB887742
Correctif Windows XP - KB888113
Correctif Windows XP - KB888239
Correctif Windows XP - KB890175
Correctif Windows XP - KB891781
Cossacks - Back To War
CP_AtenaShokunin1Config
cp_dwSharkTaleAlbums1
cp_dwSharkTaleCards1
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CP_PLSBusinessFlyers
CreativeProjects
CreativeProjectsTemplates
CueTour
Destinations
Director
DivX Player
DivX Pro Codec Adware
DocProc
DocumentViewer
Drivers Comtrend CT-600
DVD Shrink 3.2
EA SPORTS online 2008
EA SPORTS™ NBA LIVE 08
eMule
Encyclopédie Microsoft Encarta 2005
Fax
FIFA 08
Football Manager 2006 Gold Demo
GameCenter
Gestionnaire Internet
GimmySmileys
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Harry Potter et l'Ordre du Phénix™
HijackThis 2.0.2
Hotfix for Windows XP (KB926239)
HP Appareils photos Photosmart 4.5
HP Deskjet Printer Preload
HP Extended Capabilities 4.7
HP Help and Support 4.0
HP Image Zone 4.8.6
HP Image Zone Plus 4.8.6
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HPIZplus450
HpSdpAppCoreApp
HPSystemDiagnostics
InstantShare
InterVideo WinDVD Player
InterVideo WinDVD Player
iPlayer Mass Storage Driver V3.1
iTunes
iTunes
J2SE Runtime Environment 5.0
Kaspersky Anti-Virus 7.0
Kaspersky Anti-Virus 7.0
KBD
Lecteur Windows Media 11
Les Sims 2
Les Sims 2 : La bonne affaire
Les Sims™ Histoires d'animaux
Logiciel QuickCam de Logitech
Logitech Desktop Messenger
Logitech Gaming Software
Macrogaming SweetIM 1.2a
Macromedia Flash Player 8
MarketResearch
Media Player Classic fr
Messenger Plus! 3 & Sponsor
MetaProducts Download Express
Micro Application - MediaDICO
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft AutoRoute 2005
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Money
Microsoft Office XP Professional avec FrontPage
Microsoft Photo Premium 10
Microsoft Photo Premium 10
Microsoft Picture It! Album 10
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Word 2002
Microsoft Works
Mise à niveau de Works
Mozilla Firefox (2.0.0.11)
MSN
MSN Polygamy 8.1
muvee autoProducer 4.0
Navigateur Orange
Need for Speed™ Carbon
Nero 6 Ultra Edition
Norton™ Security Scan
Online TV Toolbar
Outil de connexion Wanadoo
Outil de mise à jour Google
PanoStandAlone
PC-Doctor for Windows
PC-Doctor for Windows
PhotoFiltre
PhotoGallery
Photosmart 320,370,7400,8100,8400 Series (fra)
PrintScreen
ProductContext
Programme de gestion Camera de Logitech®
PS2
PSPrinters06
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QFolder
QuickProjects
QuickTime
QuickTime
QuickTime 3.0
Readme
RealArcade
RealPlayer
Scan
ScannerCopy
Secured eMule
Share Accelerator Toolbar
Shockwave
SkinsHP1
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Spyware Doctor 5.1
StuffIt Standard
StuffIt Standard
Sélecteur d'installation de Microsoft Works 2005
SweetIM For Internet Explorer 1.0a
TrayApp
Ulead GIF Animator 2.0 Full Version
Unload
UnzipThemAll 1.3
Wanadoo Messager
WebFldrs XP
WebReg
Windows Installer 3.1 (KB893803)
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
WinZip 11.1
XviD MPEG-4 Video Codec
Yahoo! Toolbar
Yahoo! Toolbar
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 3CC2-7E1D
Répertoire de C:\Program Files
2008-01-25 21:20 <REP> .
2008-01-25 21:20 <REP> ..
2007-11-17 18:19 <REP> Adobe
2007-01-05 19:22 <REP> adslTV
2008-01-22 10:28 <REP> Adverts
2006-01-15 23:59 <REP> Ahead
2006-05-28 11:38 <REP> Aladdin Systems
2006-12-14 14:59 <REP> Alcohol Soft
2007-07-29 19:45 <REP> Alwil Software
2006-06-05 16:03 <REP> Antipub
2007-12-26 18:56 <REP> Atari
2005-01-01 23:40 <REP> ATI Technologies
2007-12-24 10:20 <REP> Azureus
2006-01-19 23:48 <REP> Catalencoder
2005-11-04 17:39 <REP> Coktel
2005-09-25 09:12 <REP> Common Files
2004-11-24 02:37 <REP> ComPlus Applications
2006-01-19 23:45 <REP> Copernic Agent
2007-10-26 18:48 <REP> Cyanide
2005-09-20 14:31 <REP> DivX
2006-03-08 15:07 <REP> Download Express
2005-09-30 08:10 <REP> D-Tools
2006-01-19 23:47 <REP> DVD Shrink
2007-01-19 18:21 <REP> EA GAMES
2007-11-16 09:21 <REP> EA Sports
2006-05-18 15:45 <REP> Easy Internet signup
2007-11-18 18:43 <REP> Electronic Arts
2008-01-16 17:16 <REP> eMule
2005-10-03 07:05 <REP> Encarta
2008-01-22 21:25 <REP> Fichiers communs
2007-07-29 20:10 <REP> GimmySmileys
2007-11-29 10:39 <REP> Google
2007-04-19 09:19 <REP> GREATF~1
2005-01-01 23:52 <REP> Hewlett-Packard
2005-01-01 23:52 <REP> HP
2005-01-02 00:08 <REP> HPQ
2005-11-26 20:44 <REP> Infogrames
2007-04-20 19:31 <REP> Internet Explorer
2005-01-02 00:33 <REP> InterVideo
2006-11-03 15:15 <REP> Inventel
2007-03-27 18:42 <REP> iPlayer Mass Storage Driver V3.1
2006-07-07 11:28 <REP> iPod
2007-08-10 10:22 <REP> iTunes
2005-01-01 23:34 <REP> Java
2008-01-23 10:05 <REP> Kaspersky Lab
2005-12-11 12:57 <REP> Kodak
2007-10-27 18:21 <REP> KONAMI
2008-01-21 11:02 <REP> Lavasoft
2006-12-25 11:42 <REP> Logitech
2006-03-18 19:05 <REP> Macrogaming
2006-02-10 18:15 <REP> Maxis
2006-11-19 11:06 <REP> Media Player Classic
2005-01-01 23:37 <REP> Messenger
2008-01-21 09:40 <REP> Messenger Plus! Live
2008-01-22 10:34 <REP> MessengerPlus! 3
2005-09-25 09:35 <REP> Micro Application
2006-01-19 11:26 <REP> Microsoft AutoRoute
2006-03-03 21:33 <REP> microsoft frontpage
2006-05-21 08:45 <REP> microsoft money 2005
2006-03-03 12:16 <REP> Microsoft Office
2005-09-25 09:12 <REP> Microsoft Référence
2005-09-26 07:05 <REP> Microsoft Visual Studio
2006-01-19 11:16 <REP> Microsoft Works
2006-01-19 11:08 <REP> Microsoft Works Suite 2005
2004-11-25 04:27 <REP> Movie Maker
2008-01-26 01:28 <REP> Mozilla Firefox
2004-11-25 04:27 <REP> MSN
2006-02-02 23:15 <REP> MSN Apps
2007-10-08 19:11 <REP> MSN Content Plus Inc
2004-11-25 04:27 <REP> MSN Gaming Zone
2008-01-23 11:46 <REP> MSN Messenger
2005-01-02 00:34 <REP> muvee Technologies
2006-01-16 06:07 <REP> NetMeeting
2008-01-18 15:00 <REP> Norton Security Scan
2004-11-25 04:27 <REP> Online Services
2007-12-08 22:34 <REP> Online_TV
2007-04-20 19:31 <REP> Outlook Express
2005-01-02 00:12 <REP> PC-Doctor for Windows
2007-09-14 16:25 <REP> PhotoFiltre
2007-06-16 13:08 <REP> Picture It! Premium 10
2007-04-06 08:16 <REP> Poker.fr
2006-07-07 11:41 <REP> QuickTime
2006-01-23 17:10 <REP> Real
2008-01-19 22:02 <REP> RegCleaner
2006-01-23 17:11 774,144 RngInterstitial.dll
2007-01-01 22:42 <REP> Rockstar Games
2008-01-22 20:01 <REP> Secured eMule
2008-01-20 19:38 <REP> Securitoo
2005-01-02 00:15 <REP> Services en ligne
2007-11-20 19:10 <REP> Share_Accelerator
2007-01-01 23:08 <REP> SlySoft
2005-01-01 23:59 <REP> Sonic
2006-05-29 17:51 <REP> Sports Interactive
2007-11-17 18:36 <REP> Spyware Doctor
2007-01-13 12:59 <REP> STYLER~1
2006-01-19 22:21 <REP> Symantec
2007-07-21 09:35 <REP> Torrent101
2008-01-22 10:03 <REP> Trend Micro
2006-02-20 21:31 <REP> Ubi Soft
2007-04-26 14:36 <REP> Ulead GIF Animator 2.0
2006-06-14 10:39 <REP> Unibet
2004-11-24 02:37 <REP> Uninstall Information
2007-03-23 17:09 <REP> UnzipThemAll
2006-04-09 17:59 <REP> Valve
2008-01-26 01:02 <REP> Wanadoo
2006-11-03 15:22 <REP> Wanadoo Messager
2007-03-11 19:08 <REP> Windows Live Toolbar
2006-11-19 11:17 <REP> Windows Media Connect 2
2007-04-20 19:31 <REP> Windows Media Player
2006-01-16 06:07 <REP> Windows NT
2004-11-24 02:37 <REP> WindowsUpdate
2007-11-18 19:25 <REP> WinRAR
2008-01-26 01:20 <REP> WinZip
2006-06-25 16:38 <REP> WinZipp
2008-01-20 14:22 <REP> Wise Registry Cleaner
2004-11-25 04:28 <REP> xerox
2006-01-16 00:05 <REP> XviD
2006-03-25 21:34 <REP> Yahoo!
2007-11-28 10:33 <REP> Zapu
1 fichier(s) 774,144 octets
118 Rép(s) 40,796,131,328 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 3CC2-7E1D
Répertoire de C:\Program Files\fichiers communs
2008-01-22 21:25 <REP> .
2008-01-22 21:25 <REP> ..
2007-11-17 18:20 <REP> Adobe
2005-09-20 14:41 <REP> Ahead
2005-09-20 16:03 <REP> AOL
2006-02-20 11:58 <REP> BOONTY Shared
2006-01-19 23:45 <REP> Copernic
2006-02-22 01:14 <REP> Designer
2008-01-22 19:46 <REP> ErrorSafe
2007-02-05 17:05 278,528 FDEUnInstaller.exe
2006-01-12 17:06 <REP> FotoWire
2005-01-01 23:53 <REP> Hewlett-Packard
2005-01-01 23:46 <REP> HP
2005-01-02 00:07 <REP> InstallShield
2005-01-01 23:34 <REP> Java
2005-12-11 12:56 <REP> Kodak
2006-12-25 11:43 <REP> Logitech
2008-01-23 11:46 <REP> Microsoft Shared
2004-11-25 04:26 <REP> MSSoap
2005-01-02 00:35 <REP> muvee Technologies
2006-06-14 10:39 <REP> Nosibay
2004-11-25 04:26 <REP> ODBC
2007-05-07 14:28 <REP> Real
2006-01-16 06:07 <REP> Services
2008-01-22 11:36 <REP> Softwin
2005-01-01 23:57 <REP> Sonic Shared
2004-11-25 04:26 <REP> SpeechEngines
2005-01-01 23:57 <REP> SureThing Shared
2006-01-19 22:21 <REP> Symantec Shared
2004-11-25 04:27 <REP> System
2005-01-01 23:59 <REP> TiVo Shared
2005-09-19 20:03 <REP> xing shared
1 fichier(s) 278,528 octets
31 Rép(s) 40,796,135,424 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 3CC2-7E1D
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
2008-01-21 20:39 <REP> .
2008-01-21 20:39 <REP> ..
2005-09-26 07:05 <REP> 1033
2006-01-19 11:15 <REP> 1036
2001-02-15 05:45 1,318,912 MSONSEXT.DLL
2001-02-13 08:23 58,784 MSOSV.DLL
1999-06-03 18:09 122,937 MSOWS409.DLL
2001-03-07 13:00 127,033 MSOWS40c.DLL
2000-08-06 08:04 401,462 MSVCP60.DLL
2001-01-22 02:25 69,632 PKMAXCTL.DLL
2001-01-22 02:25 872,448 PKMCDO.DLL
2001-01-22 02:25 159,744 PKMCORE.DLL
2001-02-07 08:59 106,496 PKMFORMS.DLL
2001-02-12 03:03 684,032 PKMRES.DLL
2001-01-22 02:25 28,672 PKMSSTLB.DLL
2001-01-22 02:25 40,960 PKMTEMPL.DLL
2001-01-22 02:25 24,576 PKMTRACE.DLL
2001-01-22 02:25 86,016 PKMWS.DLL
2001-01-22 02:25 237,568 PROMDEMO.DLL
1999-03-18 05:37 593,977 RAGENT.DLL
2001-01-22 02:25 184,320 SECMGR.DLL
2001-01-22 02:25 323,584 VAIDDMGR.DLL
2001-01-22 02:25 32,768 VAIMEM.DLL
19 fichier(s) 5,473,921 octets
4 Rép(s) 40,796,114,944 octets libres
Le volume dans le lecteur C s'appelle HP_PAVILION
Le numéro de série du volume est 3CC2-7E1D
Répertoire de C:\Program Files\common files
2005-09-25 09:12 <REP> .
2005-09-25 09:12 <REP> ..
2005-09-25 09:12 <REP> Microsoft Shared
0 fichier(s) 0 octets
3 Rép(s) 40,796,114,944 octets libres
c:\Documents and Settings\All Users\Application Data\city about store file\grid glue.exe
c:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.0.125\French\setup.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3f1_6e7fc7\Setup.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\CCS\CCSStop.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Ksu\KSUStop.exe
c:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\AutoTBar.exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP1.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP10.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP11.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP2.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP3.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP4.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP5.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP6.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP7.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP8.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temp\_ISTMP9.DIR\_ISTMP0.DIR\IsUninst.Exe
c:\Documents and Settings\elodie\Local Settings\Temporary Internet Files\Content.IE5\UNE1YHST\Install_MSN_Messenger[1].EXE
c:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
c:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\mahcbgmc.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}\cache\megauper.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\kaspersky-antivirus_kaspersky_antivirus_7.0.0.125_francais_10479.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\SDFix.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\SimsPS.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\BTFix\BTFix\BTFix.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\catchme.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\diff.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\dumphive.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\find2.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\Fport.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\grep.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\gzip.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\KProcCheck.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\LFiles.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\md5sums.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\pslist.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\sigcheck.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\streams.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\swreg.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\DiagHelp\tar.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\MSNFix\MSNFix\incl\MD5File.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\MSNFix\MSNFix\incl\msnchk.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\MSNFix\MSNFix\incl\Process.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\MSNFix\MSNFix\incl\setpath.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\MSNFix\MSNFix\incl\swreg.exe
c:\Documents and Settings\HP_Propriétaire\Bureau\MSNFix\MSNFix\incl\zip.exe
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\eauninstall.exe
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\nfs_inst.exe
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\nfs_uninst.exe
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\NFSC.exe
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\setup.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\MsgPlus-362.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\SetupPoker.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\Azureus\Azureus.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\bechkam\Bureau\PhotoFiltre.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\carpentier.lydie\InternetGameBox_setup.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\Electronic Arts\Les Sims™ Histoires d'animaux\SimsPS.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\KONAMI\pes6.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\KONAMI\Pro Evolution Soccer 6\Grub_and_Burn.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\KONAMI\Pro Evolution Soccer 6\PES6.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\KONAMI\Pro Evolution Soccer 6\pes6.image_ShareAccelerator.exe
c:\Documents and Settings\HP_Propriétaire\Mes documents\KONAMI\Pro Evolution Soccer 6\save\folder1\PES6.exe
c:\Documents and Settings\mickael\Local Settings\Temp\ins1.tmp\LDMClient.exe
c:\Documents and Settings\mickael\Local Settings\Temp\ins2.tmp\LDMClient.exe
c:\Documents and Settings\mickael\Local Settings\Temp\Rar$EX02.906\game.exe
c:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3f1_6e7fc7\EasyShrx.Dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\USMT\iconlib.dll
c:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
c:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll
c:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\mahcbgmc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
c:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\mahcbgmc.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\EAInstall.dll
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\msvcp71.dll
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\msvcr71.dll
c:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\c.edouard@hotmail.fr\Sharing Folders\om76730@hotmail.fr\Need for Speed Carbon\server.dll
c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_NOM-EB85C523610.tar.gz a l'adresse http://upload.malekal.com
bonjour
Diaghelp montre ceci:
| Citation : tcpip.sys
|
Tu as un fichier système infecté ---> C:\WINDOWS\system32\drivers\tcpip.sys
Fais ceci pour remettre l'original, en mode sans échec (sans le support réseau) :
Regarder d'abord si tu trouve tcpip.sys dans le dossiers suivant :
C:\WINDOWS\ServicePackFiles\i386
Tu le recopies dans C:\WINDOWS\system32\drivers\
après, tu supprimes tes versions de Combofix
puis tu fais ceci:
Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
redémarre en mode sans echec (f8 au démarrage)
Double-clic sur ComboFix, Il va te poser une question, réponds en appuyant sur la touche1 puis attends que combofix ait terminé un rapport sera créé.
redémarre normalement:
Poste le rapport
\Combofix.txt
clique dessus pour l'ouvrir, puis edititon "sélectionner tout", edition "copier"
viens sur le forum et édition "coller"
ajoute un nouveau rapport Hijackthis.
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
