Win32:confi[wrm]
Fermé
leretvil
Messages postés
115
Date d'inscription
jeudi 1 mai 2008
Statut
Membre
Dernière intervention
20 mai 2012
-
19 janv. 2010 à 13:19
Utilisateur anonyme - 18 févr. 2010 à 18:59
Utilisateur anonyme - 18 févr. 2010 à 18:59
7 réponses
Utilisateur anonyme
19 janv. 2010 à 13:57
19 janv. 2010 à 13:57
salut :
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)
▶ Télécharge et installe List&Kill'em et enregistre le sur ton bureau
▶ Branche clés usb , disques durs externes , mp3 , mp4 , etc..
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "creer une icone sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis la langue puis choisis l'option 1 = Mode Recherche
▶ laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
tu peux supprimer le rapport catchme.log de ton bureau maintenant.
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)
▶ Télécharge et installe List&Kill'em et enregistre le sur ton bureau
▶ Branche clés usb , disques durs externes , mp3 , mp4 , etc..
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "creer une icone sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis la langue puis choisis l'option 1 = Mode Recherche
▶ laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
tu peux supprimer le rapport catchme.log de ton bureau maintenant.
leretvil
Messages postés
115
Date d'inscription
jeudi 1 mai 2008
Statut
Membre
Dernière intervention
20 mai 2012
8
2 févr. 2010 à 04:41
2 févr. 2010 à 04:41
bonjour
excusez mon abscence , j'ai eu des probleme d'electricité.
Le serveur de list&kill'em est introuvable.
Le probleme persiste et j'ai des message d'erreur du genre:
- "generic host process for win32 sevice a rencontré un probleme et doit fermer"
-svchost.exe -erreur d'application l'intruction à "0x595c16e2" emploi l'addresse memoire "0x01c0005c" la memeoire ne pas être "written" (ou parfois "read")
Je n'y comprend plus rien!
merci d'avence
excusez mon abscence , j'ai eu des probleme d'electricité.
Le serveur de list&kill'em est introuvable.
Le probleme persiste et j'ai des message d'erreur du genre:
- "generic host process for win32 sevice a rencontré un probleme et doit fermer"
-svchost.exe -erreur d'application l'intruction à "0x595c16e2" emploi l'addresse memoire "0x01c0005c" la memeoire ne pas être "written" (ou parfois "read")
Je n'y comprend plus rien!
merci d'avence
Utilisateur anonyme
3 févr. 2010 à 15:19
3 févr. 2010 à 15:19
salut comment ca le serveur est introuvable ?
essaie ce lien
il faut le dezipper
http://www.cijoint.fr/cjlink.php?file=cj201002/cijCE9IkYU.zip
essaie ce lien
il faut le dezipper
http://www.cijoint.fr/cjlink.php?file=cj201002/cijCE9IkYU.zip
leretvil
Messages postés
115
Date d'inscription
jeudi 1 mai 2008
Statut
Membre
Dernière intervention
20 mai 2012
8
10 févr. 2010 à 11:03
10 févr. 2010 à 11:03
Bonjour bonjour,
voici le resultat du scan avec List_kill'em
c'est le contenu du fichier list'em
List'em by g3n-h@ckm@n 1.2.1.4
User : User (Utilisateurs du Bureau à distance)
Update on 02/02/2010 by g3n-h@ckm@n ::::: 00.45
Start at: 09:12:43 | 09/02/2010
Contact : g3n-h@ckm@n sur CCM
Intel(R) Pentium(R) M processor 1.80GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 100129-0] 4.8.1368 [ Enabled | (!) Outdated ]
C:\ -> Disque fixe local | 55,89 Go (1,87 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque fixe local | 18,64 Go (14,9 Go free) | NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque amovible | 244,76 Mo (242 Mo free) [LE PAT VIL] | FAT32
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\oracle\ora90\bin\agntsrvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Download Manager\IDMan.exe
E:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\oracle\ora90\Apache\Apache\Apache.exe
C:\WINDOWS\system32\cmd.exe
E:\oracle\ora90\bin\dbsnmp.exe
E:\oracle\ora90\BIN\TNSLSNR.exe
e:\oracle\ora90\bin\ORACLE.EXE
C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\WINDOWS\system32\wscntfy.exe
E:\oracle\ora90\Apache\jdk\bin\java.exe
E:\oracle\ora90\Apache\Apache\Apache.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\DOCUME~1\User\LOCALS~1\Temp\Google Toolbar\gtbD.tmp.exe
C:\PROGRA~1\XINOXS~1\JCREAT~1\JCreator.exe
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jdk1.6.0\bin\rmiregistry.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\List_Kill'em\List_Kill'em.scr
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\User\Local Settings\Temp\29.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} REG_SZ "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
IDMan REG_SZ C:\Program Files\Internet Download Manager\IDMan.exe /onboot
SuperCopier2.exe REG_SZ e:\Program Files\SuperCopier2\SuperCopier2.exe
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Yahoo! Pager REG_SZ "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
TuneUp MemOptimizer REG_SZ "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
RemoteControl REG_SZ "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
BluetoothAuthenticationAgent REG_SZ rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
Google Desktop Search REG_SZ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Google Quick Search Box REG_SZ "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
NeroFilterCheck REG_SZ C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
CloneCDElbyCDFL REG_SZ "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
CloneCDTray REG_SZ "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 149 (0x95)
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
AutoRestartShell REG_DWORD 1 (0x1)
DefaultDomainName REG_SZ PCSP3
DefaultUserName REG_SZ user
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 0 (0x0)
AutoAdminLogon REG_SZ 0
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 1 (0x1)
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 1 (0x1)
AltDefaultUserName REG_SZ user
AltDefaultDomainName REG_SZ PCSP3
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SCLogon
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe REG_SZ C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe:*:Disabled:Google Desktop
C:\WINDOWS\system32\sessmgr.exe REG_SZ C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe REG_SZ C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000
C:\Eclipse\eclipse-SDK-3.3.1.1-win32\eclipse\eclipse.exe REG_SZ C:\Eclipse\eclipse-SDK-3.3.1.1-win32\eclipse\eclipse.exe:*:Disabled:eclipse
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe REG_SZ C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger
E:\oracle\ora90\Apache\Apache\Apache.exe REG_SZ E:\oracle\ora90\Apache\Apache\Apache.exe:*:Disabled:Apache
C:\Program Files\Internet Download Manager\IDMan.exe REG_SZ C:\Program Files\Internet Download Manager\IDMan.exe:*:Disabled:Internet Download Manager (IDM)
C:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe REG_SZ C:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe:LocalSubNet:Disabled:VirtualBox GUI
E:\oracle\ora90\BIN\xsaagent.exe REG_SZ E:\oracle\ora90\BIN\xsaagent.exe:*:Disabled:xsaagent
C:\WINDOWS\system32\java.exe REG_SZ C:\WINDOWS\system32\java.exe:LocalSubNet:Enabled:Java(TM) Platform SE binary
C:\Program Files\Java\jre1.6.0\bin\javaw.exe REG_SZ C:\Program Files\Java\jre1.6.0\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary
C:\Program Files\Java\jdk1.6.0\bin\java.exe REG_SZ C:\Program Files\Java\jdk1.6.0\bin\java.exe:LocalSubNet:Enabled:Java(TM) Platform SE binary
E:\Program Files\SuperCopier2\SC2Config.exe REG_SZ E:\Program Files\SuperCopier2\SC2Config.exe:*:Enabled:Accéder au menu
C:\Program Files\Java\jdk1.6.0\bin\rmiregistry.exe REG_SZ C:\Program Files\Java\jdk1.6.0\bin\rmiregistry.exe:LocalSubNet:Enabled:Java(TM) Platform SE binary
C:\Program Files\Oracle\jre\1.1.8\bin\rmiregistry.exe REG_SZ C:\Program Files\Oracle\jre\1.1.8\bin\rmiregistry.exe:*:Disabled:rmiregistry
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5056b317-8d4c-43ee-8543-b9d1e234b8f4}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.google.fr/?gws_rd=ssl
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3
EapHost : 0x3
SharedAccess : 0x2
wuauserv : 0x2
=========
Atapi.sys
=========
%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Documents and Settings\User\Local Settings\Temp\29.tmp
## C:\> hashdeep C:\WINDOWS\System32\Drivers\atapi.sys
##
96512,9f3a2f5aa6875c72bf062c712cfa2674,b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9,C:\WINDOWS\System32\Drivers\atapi.sys
Sources
=======
C:\WINDOWS\system32\drivers\atapi.sys
Référence :
==========
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
=======
Drive :
=======
D‚fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.
Rapport d'analyse
55,89 Go total, 1,87 Go libre (3%), 1% fragment‚ (fragmentation du fichier 2%)
Il ne vous est pas n‚cessaire de d‚fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Present !! : C:\Program Files\Ask.com
Present !! : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
Present !! : C:\WINDOWS\SET3.tmp
Present !! : C:\WINDOWS\SET4.tmp
Present !! : C:\WINDOWS\SET8.tmp
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\taskmgr.exe"
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\mchInjDrv
============
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 09:19:16
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000fb39847d1]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000fb39847d1]
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
==========
Programs
==========
Adobe
Ahead
Alwil Software
AMT
Ask.com
baobab
CodeBlocks
CommentCaMarche
ComPlus Applications
CONEXANT
cultix
CyberLink
Elaborate Bytes
Fichiers communs
Google
InstallShield Installation Information
Internet Download Manager
Internet Explorer
Java
List_Kill'em
Malwarebytes' Anti-Malware
Messenger
microsoft frontpage
Microsoft Office
Microsoft Visual Studio
Microsoft Works
Movie Maker
Mozilla Firefox
MSBuild
MSN
MSN Gaming Zone
Nero
NetBeans 6.8
NetMeeting
Online Services
Ontrack
Oracle
Outlook Express
PDFCreator
PostgreSQL
Services en ligne
Sun
Tap'Touche 5
TechTracker
trend micro
TuneUp Utilities 2008
Uninstall Information
USB Disk Security
VS Revo Group
win'design
Windows Media Player
Windows NT
WindowsUpdate
WinRAR
xerox
Xinox Software
Yahoo!
============
Drive C:
============
AUTOEXEC.BAT
boot.ini
Bootfont.bin
Config.Msi
CONFIG.SYS
Documents and Settings
Drivers
Eclipse
hiberfil.sys
IO.SYS
Kill'em
les Cours
List'em.txt
MSDOS.SYS
MSOCache
NTDETECT.COM
ntldr
pagefile.sys
Program Files
RECYCLER
rsit
System Volume Information
T41
User
vbroker
WINDOWS
¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials
C:\Documents and Settings\Invit‚\Favoris\Serials & keys - unlocks the world.url
C:\Documents and Settings\Invit‚\Mes documents\internet\Tutoriel connection au r‚seau local et … internet d'une machine virtuelle tournant sous Backtrack 2_fichiers\crack_wpa_livebox_little.gif
C:\Documents and Settings\Invit‚\Mes documents\internet\Tutoriel connection au r‚seau local et … internet d'une machine virtuelle tournant sous Backtrack 2_fichiers\crack_wpa_neufbox_little.gif
C:\Documents and Settings\User\Mes documents\a graver\de\javae\jgrapht-0.8.1\jgrapht-0.8.1\testsrc\org\jgrapht\graph\SerializationTest.java
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\java\io\Serializable.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\java\io\SerializablePermission.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\java\io\class-use\Serializable.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\java\io\class-use\SerializablePermission.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sound\midi\Patch.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sound\midi\class-use\Patch.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialArray.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialBlob.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialClob.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialDatalink.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialException.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialJavaObject.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialRef.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialStruct.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialArray.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialBlob.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialClob.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialDatalink.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialException.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialJavaObject.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialRef.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialStruct.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\guide\javadoc\doclet\spec\com\sun\javadoc\SerialFieldTag.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\guide\javadoc\doclet\spec\com\sun\javadoc\class-use\SerialFieldTag.html
C:\Documents and Settings\User\Mes documents\programmes … graver\office 2007\Serial {Microsoft Office 2007 Pro.}.txt
C:\Documents and Settings\User\Recent\crack_wpa_livebox_little.lnk
C:\Program Files\Java\jdk1.6.0\sample\jnlp\servlet\src\classes\jnlp\sample\jardiff\Patcher.java
C:\Program Files\Oracle\Inventory\Contents\PatchesList0.ser
C:\Program Files\Oracle\Inventory\Contents\PatchesList1.ser
C:\Documents and Settings\User\Mes documents\programmes … graver\Winrar\WinRAR_v3[1].00_Final_with_AV_Working_by_The_Netmech\wrar300_Crack.exe
C:\Program Files\WinRAR\WinRAR Patch.exe
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
voici le resultat du scan avec List_kill'em
c'est le contenu du fichier list'em
List'em by g3n-h@ckm@n 1.2.1.4
User : User (Utilisateurs du Bureau à distance)
Update on 02/02/2010 by g3n-h@ckm@n ::::: 00.45
Start at: 09:12:43 | 09/02/2010
Contact : g3n-h@ckm@n sur CCM
Intel(R) Pentium(R) M processor 1.80GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 100129-0] 4.8.1368 [ Enabled | (!) Outdated ]
C:\ -> Disque fixe local | 55,89 Go (1,87 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque fixe local | 18,64 Go (14,9 Go free) | NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque amovible | 244,76 Mo (242 Mo free) [LE PAT VIL] | FAT32
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\oracle\ora90\bin\agntsrvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Download Manager\IDMan.exe
E:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\oracle\ora90\Apache\Apache\Apache.exe
C:\WINDOWS\system32\cmd.exe
E:\oracle\ora90\bin\dbsnmp.exe
E:\oracle\ora90\BIN\TNSLSNR.exe
e:\oracle\ora90\bin\ORACLE.EXE
C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\WINDOWS\system32\wscntfy.exe
E:\oracle\ora90\Apache\jdk\bin\java.exe
E:\oracle\ora90\Apache\Apache\Apache.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\DOCUME~1\User\LOCALS~1\Temp\Google Toolbar\gtbD.tmp.exe
C:\PROGRA~1\XINOXS~1\JCREAT~1\JCreator.exe
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jdk1.6.0\bin\rmiregistry.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\List_Kill'em\List_Kill'em.scr
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\User\Local Settings\Temp\29.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} REG_SZ "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
IDMan REG_SZ C:\Program Files\Internet Download Manager\IDMan.exe /onboot
SuperCopier2.exe REG_SZ e:\Program Files\SuperCopier2\SuperCopier2.exe
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Yahoo! Pager REG_SZ "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
TuneUp MemOptimizer REG_SZ "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
RemoteControl REG_SZ "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
BluetoothAuthenticationAgent REG_SZ rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
Google Desktop Search REG_SZ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Google Quick Search Box REG_SZ "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
NeroFilterCheck REG_SZ C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
CloneCDElbyCDFL REG_SZ "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
CloneCDTray REG_SZ "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 149 (0x95)
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
AutoRestartShell REG_DWORD 1 (0x1)
DefaultDomainName REG_SZ PCSP3
DefaultUserName REG_SZ user
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 0 (0x0)
AutoAdminLogon REG_SZ 0
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 1 (0x1)
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 1 (0x1)
AltDefaultUserName REG_SZ user
AltDefaultDomainName REG_SZ PCSP3
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SCLogon
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe REG_SZ C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe:*:Disabled:Google Desktop
C:\WINDOWS\system32\sessmgr.exe REG_SZ C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe REG_SZ C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000
C:\Eclipse\eclipse-SDK-3.3.1.1-win32\eclipse\eclipse.exe REG_SZ C:\Eclipse\eclipse-SDK-3.3.1.1-win32\eclipse\eclipse.exe:*:Disabled:eclipse
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe REG_SZ C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Disabled:Yahoo! Messenger
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger
E:\oracle\ora90\Apache\Apache\Apache.exe REG_SZ E:\oracle\ora90\Apache\Apache\Apache.exe:*:Disabled:Apache
C:\Program Files\Internet Download Manager\IDMan.exe REG_SZ C:\Program Files\Internet Download Manager\IDMan.exe:*:Disabled:Internet Download Manager (IDM)
C:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe REG_SZ C:\Program Files\Sun\xVM VirtualBox\VirtualBox.exe:LocalSubNet:Disabled:VirtualBox GUI
E:\oracle\ora90\BIN\xsaagent.exe REG_SZ E:\oracle\ora90\BIN\xsaagent.exe:*:Disabled:xsaagent
C:\WINDOWS\system32\java.exe REG_SZ C:\WINDOWS\system32\java.exe:LocalSubNet:Enabled:Java(TM) Platform SE binary
C:\Program Files\Java\jre1.6.0\bin\javaw.exe REG_SZ C:\Program Files\Java\jre1.6.0\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary
C:\Program Files\Java\jdk1.6.0\bin\java.exe REG_SZ C:\Program Files\Java\jdk1.6.0\bin\java.exe:LocalSubNet:Enabled:Java(TM) Platform SE binary
E:\Program Files\SuperCopier2\SC2Config.exe REG_SZ E:\Program Files\SuperCopier2\SC2Config.exe:*:Enabled:Accéder au menu
C:\Program Files\Java\jdk1.6.0\bin\rmiregistry.exe REG_SZ C:\Program Files\Java\jdk1.6.0\bin\rmiregistry.exe:LocalSubNet:Enabled:Java(TM) Platform SE binary
C:\Program Files\Oracle\jre\1.1.8\bin\rmiregistry.exe REG_SZ C:\Program Files\Oracle\jre\1.1.8\bin\rmiregistry.exe:*:Disabled:rmiregistry
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5056b317-8d4c-43ee-8543-b9d1e234b8f4}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.google.fr/?gws_rd=ssl
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3
EapHost : 0x3
SharedAccess : 0x2
wuauserv : 0x2
=========
Atapi.sys
=========
%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Documents and Settings\User\Local Settings\Temp\29.tmp
## C:\> hashdeep C:\WINDOWS\System32\Drivers\atapi.sys
##
96512,9f3a2f5aa6875c72bf062c712cfa2674,b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9,C:\WINDOWS\System32\Drivers\atapi.sys
Sources
=======
C:\WINDOWS\system32\drivers\atapi.sys
Référence :
==========
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
=======
Drive :
=======
D‚fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.
Rapport d'analyse
55,89 Go total, 1,87 Go libre (3%), 1% fragment‚ (fragmentation du fichier 2%)
Il ne vous est pas n‚cessaire de d‚fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Present !! : C:\Program Files\Ask.com
Present !! : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
Present !! : C:\WINDOWS\SET3.tmp
Present !! : C:\WINDOWS\SET4.tmp
Present !! : C:\WINDOWS\SET8.tmp
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\taskmgr.exe"
Present !! : HKLM\SYSTEM\CurrentControlSet\Services\mchInjDrv
============
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 09:19:16
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000fb39847d1]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000fb39847d1]
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
==========
Programs
==========
Adobe
Ahead
Alwil Software
AMT
Ask.com
baobab
CodeBlocks
CommentCaMarche
ComPlus Applications
CONEXANT
cultix
CyberLink
Elaborate Bytes
Fichiers communs
InstallShield Installation Information
Internet Download Manager
Internet Explorer
Java
List_Kill'em
Malwarebytes' Anti-Malware
Messenger
microsoft frontpage
Microsoft Office
Microsoft Visual Studio
Microsoft Works
Movie Maker
Mozilla Firefox
MSBuild
MSN
MSN Gaming Zone
Nero
NetBeans 6.8
NetMeeting
Online Services
Ontrack
Oracle
Outlook Express
PDFCreator
PostgreSQL
Services en ligne
Sun
Tap'Touche 5
TechTracker
trend micro
TuneUp Utilities 2008
Uninstall Information
USB Disk Security
VS Revo Group
win'design
Windows Media Player
Windows NT
WindowsUpdate
WinRAR
xerox
Xinox Software
Yahoo!
============
Drive C:
============
AUTOEXEC.BAT
boot.ini
Bootfont.bin
Config.Msi
CONFIG.SYS
Documents and Settings
Drivers
Eclipse
hiberfil.sys
IO.SYS
Kill'em
les Cours
List'em.txt
MSDOS.SYS
MSOCache
NTDETECT.COM
ntldr
pagefile.sys
Program Files
RECYCLER
rsit
System Volume Information
T41
User
vbroker
WINDOWS
¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials
C:\Documents and Settings\Invit‚\Favoris\Serials & keys - unlocks the world.url
C:\Documents and Settings\Invit‚\Mes documents\internet\Tutoriel connection au r‚seau local et … internet d'une machine virtuelle tournant sous Backtrack 2_fichiers\crack_wpa_livebox_little.gif
C:\Documents and Settings\Invit‚\Mes documents\internet\Tutoriel connection au r‚seau local et … internet d'une machine virtuelle tournant sous Backtrack 2_fichiers\crack_wpa_neufbox_little.gif
C:\Documents and Settings\User\Mes documents\a graver\de\javae\jgrapht-0.8.1\jgrapht-0.8.1\testsrc\org\jgrapht\graph\SerializationTest.java
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\java\io\Serializable.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\java\io\SerializablePermission.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\java\io\class-use\Serializable.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\java\io\class-use\SerializablePermission.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sound\midi\Patch.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sound\midi\class-use\Patch.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialArray.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialBlob.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialClob.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialDatalink.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialException.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialJavaObject.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialRef.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\SerialStruct.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialArray.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialBlob.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialClob.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialDatalink.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialException.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialJavaObject.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialRef.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\api\javax\sql\rowset\serial\class-use\SerialStruct.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\guide\javadoc\doclet\spec\com\sun\javadoc\SerialFieldTag.html
C:\Documents and Settings\User\Mes documents\jdk-1_5_0-doc\docs\guide\javadoc\doclet\spec\com\sun\javadoc\class-use\SerialFieldTag.html
C:\Documents and Settings\User\Mes documents\programmes … graver\office 2007\Serial {Microsoft Office 2007 Pro.}.txt
C:\Documents and Settings\User\Recent\crack_wpa_livebox_little.lnk
C:\Program Files\Java\jdk1.6.0\sample\jnlp\servlet\src\classes\jnlp\sample\jardiff\Patcher.java
C:\Program Files\Oracle\Inventory\Contents\PatchesList0.ser
C:\Program Files\Oracle\Inventory\Contents\PatchesList1.ser
C:\Documents and Settings\User\Mes documents\programmes … graver\Winrar\WinRAR_v3[1].00_Final_with_AV_Working_by_The_Netmech\wrar300_Crack.exe
C:\Program Files\WinRAR\WinRAR Patch.exe
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
11 févr. 2010 à 20:37
11 févr. 2010 à 20:37
et oui mais là !! .... l'outil a ete mis a jour 25 fois depuis !! :(
leretvil
Messages postés
115
Date d'inscription
jeudi 1 mai 2008
Statut
Membre
Dernière intervention
20 mai 2012
8
18 févr. 2010 à 18:44
18 févr. 2010 à 18:44
Alors que dois-je faire maintenant ?
Ma machine a-t-elle des problemes de virus svp?
y'a-t-il un probleme entre ma machine et internet?
et ce WIN32 ou ieExplorer qui me derrange tout le temps de quoi s'agit t'il?
Ma machine a-t-elle des problemes de virus svp?
y'a-t-il un probleme entre ma machine et internet?
et ce WIN32 ou ieExplorer qui me derrange tout le temps de quoi s'agit t'il?
Utilisateur anonyme
18 févr. 2010 à 18:59
18 févr. 2010 à 18:59
demarrer / executer , tape : MRT /F
puis entrée et laisse faire le scan
puis entrée et laisse faire le scan