Voici le Rapport HijackThis SVP

doufy11 Messages postés 49 Statut Membre -  
doufy11 Messages postés 49 Statut Membre -
Bonjour à tous .

Je n'arrive pas à empécher Le logiciel "Anti Porn" de se lancer au demarrage du Pc ,ça periode d'evaluation est Términé ( il ma samblait peut efficace ) et il pose des problemes de connéxtion, et assui lorsque je travaille sur le pc . aidez Moi S'il vous Plait . voici le rapport Hijack This :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:27, on 14/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system\System\ctf\ctfmon.exe
C:\Program Files\RKFree\rkfree.exe
C:\WINDOWS\system\System\FZS\FlashPlayer.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\windows\system32\bulylrj.exe
C:\WINDOWS\system\System\NO\System.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
H:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [CTFMon] C:\WINDOWS\system\System\ctf\ctfmon.exe /b
O4 - HKLM\..\Run: [SystemXP1] "C:\WINDOWS\regedit.exe" -s "C:\WINDOWS\system\System\NO\settings.reg"
O4 - HKLM\..\Run: [SystemNT1] "C:\WINDOWS\system\System\FZS\FlashPlayer.exe" /install
O4 - HKLM\..\Run: [SystemNT2] "C:\WINDOWS\system\System\FZS\FlashPlayer.exe" /start
O4 - HKLM\..\Run: [rkfree] "C:\Program Files\RKFree\rkfree.exe" /b
O4 - HKLM\..\Run: [eagleeye] D:\Program Files\tuEagles\EagleSvr.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bulylrj] c:\windows\system32\bulylrj.exe bulylrj
O4 - HKLM\..\Run: [SystemXP2] C:\WINDOWS\system\System\NO\System.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Policies\Explorer\Run: [RegSVR] C:\WINDOWS\regedit.exe -s C:\WINDOWS\system\System\NO\sys.reg
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?00fdfddaa43946998f14e394a64d89cc
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?00fdfddaa43946998f14e394a64d89cc
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gestedoux1959.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\WINDOWS\system\System\FZS\FlashPlayer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iPodService - Apple Computer, Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

35 réponses

  • 1
  • 2
Réponse 1 / 35
doufy11 Messages postés 49 Statut Membre
 
Bonsoir à tous .

Je sais que la demande de est forte ,et que vous faitez votre possible ,j'ai besoin de mon pc pour le travaille ,s'il vous plait aidez mOI .

Merci beacoup .
0
Réponse 2 / 35
doufy11 Messages postés 49 Statut Membre
 
Bonjour tous le monde .

Aidez Moi s'il vous plait :-)
0
Réponse 3 / 35
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

Télécharge SmitfraudFix
Utilitaire de S!Ri: Moe et balltrap34
http://siri.urz.free.fr/Fix/SmitfraudFix.php
et télécharge SmitfraudFix.exe.

Regarde le tuto

Exécute le en choisissant l’option 1,
il va générer un rapport
Copie/colle le sur le poste stp.

Bon courage
A++
0
Réponse 4 / 35
doufy11 Messages postés 49 Statut Membre
 
Merci boooooooooooooookou jvé faire ske tu ma dit
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 35
doufy11 Messages postés 49 Statut Membre
 
Re salut. voici le rapport de SmithfraudeFix .

SmitFraudFix v2.253

Rapport fait à 18:01:27,48, 15/11/2007
Executé à partir de C:\Documents and Settings\user\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system\System\ctf\ctfmon.exe
C:\Program Files\RKFree\rkfree.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\windows\system32\bulylrj.exe
C:\WINDOWS\system\System\FZS\FlashPlayer.exe
C:\WINDOWS\system\System\NO\System.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
H:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\user


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\user\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\user\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
"Startup"="MCPSystemStartup"


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: ADI USB Remote NDIS Network Device #3 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.30.1
DNS Server Search Order: 0.0.0.0

Description: ADI USB Remote NDIS Network Device #3 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.30.1
DNS Server Search Order: 0.0.0.0

Description: ADI USB Remote NDIS Network Device #3 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.30.1
DNS Server Search Order: 0.0.0.0

HKLM\SYSTEM\CCS\Services\Tcpip\..\{077617C5-7633-4C99-A896-A56149FF172D}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\..\{796858F5-B3F0-4611-92AA-72AADED2300A}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BA2984D6-9AE9-45CB-8DC1-38403389A69B}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{077617C5-7633-4C99-A896-A56149FF172D}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{796858F5-B3F0-4611-92AA-72AADED2300A}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BA2984D6-9AE9-45CB-8DC1-38403389A69B}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{077617C5-7633-4C99-A896-A56149FF172D}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{796858F5-B3F0-4611-92AA-72AADED2300A}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BA2984D6-9AE9-45CB-8DC1-38403389A69B}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Merci encore .
0
Réponse 6 / 35
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 ((Si F8 ne marche pas utilise la touche F5)).
dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2,
répond oui à tous ;
Sauvegarde le rapport,
Redémarre en mode normal,
Copie/colle le rapport sauvegardé sur le forum




Télécharge BTFix 1.017 (de bibi26)
http://cluster1.easy-hebergement.net/

* Décompresse l'archive sur ton Bureau
* Ouvre le dossier BTFix
* Double clique sur BTFix.exe
* Clique sur Rechercher
* Un rapport va apparaître, copie/colle-le dans ta prochaine réponse


0
Réponse 7 / 35
doufy11 Messages postés 49 Statut Membre
 
Ok , et merci encore .
0
Réponse 8 / 35
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
ok
0
Réponse 9 / 35
doufy11 Messages postés 49 Statut Membre
 
Re salut ^^Marie^^ et désole pour le retard :-)

voici le Rapports que tu ma demandé :

1 Le Rapport de SmitFraud :

SmitFraudFix v2.253

Rapport fait à 16:51:14,03, 18/11/2007
Executé à partir de I:\Nouveau dossier (2)\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{077617C5-7633-4C99-A896-A56149FF172D}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\..\{796858F5-B3F0-4611-92AA-72AADED2300A}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BA2984D6-9AE9-45CB-8DC1-38403389A69B}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{077617C5-7633-4C99-A896-A56149FF172D}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{796858F5-B3F0-4611-92AA-72AADED2300A}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BA2984D6-9AE9-45CB-8DC1-38403389A69B}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{077617C5-7633-4C99-A896-A56149FF172D}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{796858F5-B3F0-4611-92AA-72AADED2300A}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BA2984D6-9AE9-45CB-8DC1-38403389A69B}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
"Startup"="MCPSystemStartup"


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

2 Le Rapport BTFix qui n'a rien trouver :

BTFix 1.061 (par bibi26) - 18/11/2007 17:11:44 - Analyse
Lancé depuis C:\DOCUME~1\user\LOCALS~1\Temp\~AceTemp\BTFix\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés


---> Analyse terminée


Merci beaucoup .
0
Réponse 10 / 35
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
OK

Supprime Smitfraud et BtFix
Refais un log Hijacthis

Expose tes soucis

A+++
0
Réponse 11 / 35
doufy11 Messages postés 49 Statut Membre
 
Re bonsoir ^^Marie^^, et merci pour la réponse :-))

Je te réexplique Mon Probleme :

Je n'arrive pas à empécher Le logiciel "Anti Porn" ( c'est son nom ) de se lancer au demarrage du Pc !!!!!

Lorsque je travaille sur le pc il m'Oblige sans cesse à Redemarre .

Sa periode d'evaluation est Términé ( il est peut efficace ) et je Ne Peut Pas le Désinstaller, il ne figure pas dans les commandes MSCONFIG ni dans Regedit ,ni dans ajouter /supprimer des programmes .

Bref un vrai calvaire il faut que je m'en débarrasse .

Merci .
0
Réponse 12 / 35
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re



Tu es sur qu'il n'a pas un autre nom ?
Lorsque tu fais Démarrer, rechercher, tous les fichiers, il te le trouve ?



C - Ccleaner :
(nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc.)
* Télécharge CCleaner.
https://www.pcastuces.com/logitheque/ccleaner.htm
Installe le dans un répertoire dédié.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
--- Ajouter la Barre d'Outils Yahoo! CCleaner
* Lance Ccleaner pour un nettoyage complet.
Tutorial ici:
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
https://www.malekal.com/tutoriel-ccleaner/
ET
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm


D – Ewido – AVG
AVG Anti-Spyware :
https://www.avg.com/en-ww/free-antivirus-download
Pour Vista : http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour.
Patiente!
Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
/!\ Si un fichier est infecté en fin d'analyse /!\
choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Copie/colle le rapport


E - Scan online avec BitDefender

Fais ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.

https://www.bitdefender.com/toolbox/
Copie/Colle le rapport
http://www.malekal.com/tutorial_BitDefender_AntiSpyware.php
https://kerio.probb.fr/t673-bitdefender-antivirus-en-ligne?highlight=tutorial+bitdefender
http://pageperso.aol.fr/rginformatique/mapage/defender.htm

0
Réponse 13 / 35
doufy11 Messages postés 49 Statut Membre
 
Bonsoir ^^Marie^^ ,J'espere que ça va Bien :-) .


Ecoute j'ai Identifier le Nom sous lequel se Cache se modit logiciel ( Anti Porn ) , il se trouve dans le 1ere poste

que j'ai envoye dans Le Rapport HidjackThis la 10 eme lignes des O4 - HKLM (TuEagle )


En espérant que tu trouvera comment s'en débarassé :-))

Et Merciii .
0
Réponse 14 / 35
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Ok
Merci

Cela ne t'empêche pas de faire les rapports demandés au dessus ;;))

Et je rajoute un nouveau Hijacthis

A++

0
Réponse 15 / 35
doufy11 Messages postés 49 Statut Membre
 
Bonsoirr ^^Marie^^ , voici un le Rapport Hijackthis en attendant celui de bitdefender Online :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:15:39, on 25/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\PROGRA~1\FICHIE~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system\System\ctf\ctfmon.exe
C:\WINDOWS\system\System\FZS\FlashPlayer.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system\System\NO\System.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\windows\system32\bulylrj.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [CTFMon] C:\WINDOWS\system\System\ctf\ctfmon.exe /b
O4 - HKLM\..\Run: [SystemXP1] "C:\WINDOWS\regedit.exe" -s "C:\WINDOWS\system\System\NO\settings.reg"
O4 - HKLM\..\Run: [SystemNT1] "C:\WINDOWS\system\System\FZS\FlashPlayer.exe" /install
O4 - HKLM\..\Run: [SystemNT2] "C:\WINDOWS\system\System\FZS\FlashPlayer.exe" /start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SystemXP2] C:\WINDOWS\system\System\NO\System.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [bulylrj] c:\windows\system32\bulylrj.exe bulylrj
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Policies\Explorer\Run: [RegSVR] C:\WINDOWS\regedit.exe -s C:\WINDOWS\system\System\NO\sys.reg
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - D:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?00fdfddaa43946998f14e394a64d89cc
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?00fdfddaa43946998f14e394a64d89cc
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - https://www.epson.eu/support/
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://gestedoux1959.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\WINDOWS\system\System\FZS\FlashPlayer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iPodService - Apple Computer, Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
0
Réponse 16 / 35
doufy11 Messages postés 49 Statut Membre
 
Re ^^Marie^^, je sais pas si mon message à etais editer sur le forum ,Alor je le ré envoi .


voiçi les rapport SDFix ,je croi kil yen à 2 :

le Premier :


SDFix: Version 1.115

Run by Administrateur on 25/11/2007 at 18:25

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found





Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-25 18:34:48
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG08.00.00.01WORKSTATION"="C99EC4D1A393FD9DA488FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E6675D575E7D6A3B9808A6171C11EC38DE3DC038D530D6EB3452EB2B7157EBB7E27C5C820223CF11C98181D816F5B043FC1BC25593044A266268DF681928EB23B4D5BE652CD32E195B95042D3A14774E182482E4EB944DF677DF7748C1C87FC123B195FC05139300F041E3818E0793D150B8E725CCB7996F042123922C94397727C5DF6BC558B2D106A94D74DD89F522CA116BCB37087B4E6F9449353026E3888D4A907838E2EFFCEE7BDFC4891D40F7FC69FA314065F133F5A745433862FB2275FD8E8DBB3564D5CE632FD6858149EF31817652937530A5264A637242EA30515622343BC3955E932015C4B0D9409A89879B33506B9F1F0EE471E51C602A6608767C5234D70DDF51B1C71A80A224732B71007A709910D83A6915833E38CDB69C7457AACD12E91E8FA5B4A29591BC479A37FB899B05372DD9403366FA05C6EE4ABF7FF40424BF81AF6F1C3F64E8DBBA07F15C11DD25C8A084C8CAAB1816C98D2F9D46DAF64F63A97BDABE4A030298A97D9177B5E8883D68B23762E67FCA5048CDA7037C67EA6F669B84E40E2E494FA275D8A39190CFCF73C191021CBF9B97078C490DEDBD63423D225FD74B46BD9FE645DC3C314F31825E743535478913A067B544C4B303B77D698030E737CFF5EA6E2B8B2115C0F498FDEDD10ED4334DB0B8F72D89CAE87987D68F90E5F7F018D9E346213733A6F79959B8EA2028377ED001E4EC4121BF538A270A702AA97761D5241A31647365AD522CC1D70516B26C4D76733FD61B00FC74310F0F0F5ED0A210C291A295B385985266DBC558E86871B987FEB6368E44C778FBA282F118933FF9867730394535D3EE2BBAB2BB5F3EFBE7D44336D3C64B968B48AB36374F752F4CE97CE8C36B448BBED1F8F3542A3C0D7431E577220378DF6705F5E5C3F05400811B35AEADE128829FE69230C871923CB9A6EA079C7551318CD8302583DBAED0587C99B8F053790CB0A8EAE2C64D92B3DA723E46C0C602A63B1D6ED965642956542487128D627513568AC55E00CCB1B1BB022D699010D8F5795F283BDA538B583C5E3D9908A2FC94B8B5CC432771898885FCE97A8F6249E5126138D95AE241B41C285F01E71E942143840E0BF6B1D81D263A8CD34ABEEA5192185F95DF465AD9C134F75138D1E45F2606FA01AA77016BCEC78E27CC9DF5A64E2E3F26E91E0BCDC1E9F2E209AE3B06D7FD68C403A008827364CDFA29694BEA5B7FE0937A84AA27F2E21F656D1A09E48EE4104B457E1881CE850DA57481EE34129EAD3C988436126FED335CFD6B625CC5E50F5AB9D87EA1DCD2F256483805AE92D1F6514E1E4C51170E461E567101E1BEE0668F2D682E2C5FAA0A"

scanning hidden files ...

C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.com\SharingMetadata\safette@hotmail.com\DFSR\Staging\CS{AE69180B-4FA1-5DF9-A641-B056164703B3}\01\10-{AE69180B-4FA1-5DF9-A641-B056164703B3}-v1-{0DFC5867-88AE-4607-B6CF-4F1ADE4FD19A}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.com\SharingMetadata\safette@hotmail.com\DFSR\Staging\CS{AE69180B-4FA1-5DF9-A641-B056164703B3}\11\15-{B4AEC4CC-2203-462F-8987-026948B148F1}-v11-{B4AEC4CC-2203-462F-8987-026948B148F1}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 14790 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.com\SharingMetadata\safette@hotmail.com\DFSR\Staging\CS{AE69180B-4FA1-5DF9-A641-B056164703B3}\11\15-{B4AEC4CC-2203-462F-8987-026948B148F1}-v11-{B4AEC4CC-2203-462F-8987-026948B148F1}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1704 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\01\10-{11FC1EF5-82AF-344B-EBDA-075ADD181F98}-v1-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\11\14-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v11-{ACC2504C-07CC-4B1B-8749-09F11F1CF844}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1848 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\11\14-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v11-{ACC2504C-07CC-4B1B-8749-09F11F1CF844}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 200 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\16\15-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v16-{ACC2504C-07CC-4B1B-8749-09F11F1CF844}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2028 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\16\15-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v16-{ACC2504C-07CC-4B1B-8749-09F11F1CF844}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 240 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\20\21-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v20-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1686 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\20\21-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v20-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 200 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{1D17D759-A6C7-B3CA-FFB7-5AA2A6E4064C}\01\15-{1D17D759-A6C7-B3CA-FFB7-5AA2A6E4064C}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\adelnedir@hotmail.com\DFSR\Staging\CS{9BCF0906-C0BE-526F-D9A3-4ED7AA45342A}\01\21-{9BCF0906-C0BE-526F-D9A3-4ED7AA45342A}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\adelnedir@hotmail.com\DFSR\Staging\CS{9BCF0906-C0BE-526F-D9A3-4ED7AA45342A}\14\14-{2CD37BD5-98F8-4BD0-BCA8-14A1F34A2657}-v14-{2CD37BD5-98F8-4BD0-BCA8-14A1F34A2657}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 128 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\aliouamounir@hotmail.com\DFSR\Staging\CS{13E5695A-B306-29B5-DB85-68DF56A70995}\01\19-{13E5695A-B306-29B5-DB85-68DF56A70995}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\goodbleu@hotmail.com\DFSR\Staging\CS{C51D66ED-798A-9E37-0A86-B9B6F3A08A49}\01\17-{C51D66ED-798A-9E37-0A86-B9B6F3A08A49}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\merone83@hotmail.com\DFSR\Staging\CS{A07F9757-3AD1-6A55-6182-0DBB36BAFF97}\01\14-{A07F9757-3AD1-6A55-6182-0DBB36BAFF97}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\a-ikram95@hotmail.fr\DFSR\Staging\CS{DD8081CB-CA39-61F4-B5DA-48D8D961E2A4}\01\10-{DD8081CB-CA39-61F4-B5DA-48D8D961E2A4}-v1-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\a-ikram95@hotmail.fr\DFSR\Staging\CS{DD8081CB-CA39-61F4-B5DA-48D8D961E2A4}\11\11-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v11-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2082 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\a-ikram95@hotmail.fr\DFSR\Staging\CS{DD8081CB-CA39-61F4-B5DA-48D8D961E2A4}\11\11-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v11-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 232 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\asma95papillon@hotmail.fr\DFSR\Staging\CS{10847A7A-D381-C003-D1BD-179BA4F2AEF1}\01\13-{10847A7A-D381-C003-D1BD-179BA4F2AEF1}-v1-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\01\15-{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}-v1-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\16\16-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v16-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3342 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\16\16-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v16-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 368 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\16\16-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v16-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 184 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\17\17-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v17-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1596 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\17\17-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v17-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 184 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\17\17-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v17-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 368 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\18\18-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v18-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3972 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\18\18-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v18-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 432 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\18\18-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v18-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 152 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\19\19-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v19-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1398 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\19\19-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v19-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 152 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\19\19-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v19-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 432 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\20\20-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v20-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1290 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\20\20-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v20-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\20\20-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v20-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{3A4AA428-1705-0E41-AAAD-700B84B30401}\01\21-{3A4AA428-1705-0E41-AAAD-700B84B30401}-v1-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{3A4AA428-1705-0E41-AAAD-700B84B30401}\22\22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 81354 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{3A4AA428-1705-0E41-AAAD-700B84B30401}\22\22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5700 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{3A4AA428-1705-0E41-AAAD-700B84B30401}\22\22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 9056 bytes hidden from API

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 40


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\lphant\\eLePhantClient.exe"="C:\\Program Files\\lphant\\eLePhantClient.exe:*:Enabled:lphant Client"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\ABC\\abc.exe"="C:\\Program Files\\ABC\\abc.exe:*:Enabled:abc"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Disabled:Windows© NetMeeting©"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"D:\\Program Files\\PaieFie2004\\paiefie.exe"="D:\\Program Files\\PaieFie2004\\paiefie.exe:*:Enabled:logiciel edtion de fiches de paie"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\WINDOWS\\system32\\mcoinstall.exe"="C:\\WINDOWS\\system32\\mcoinstall.exe:*:Enabled:mcoinstall"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"D:\\Program Files\\tuEagles\\EagleSvr.exe"="D:\\Program Files\\tuEagles\\EagleSvr.exe:*:Enabled:EagleSvr"
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files:
---------------


Files with Hidden Attributes:

Mon 3 Sep 2007 24,576 A.SHR --- "C:\unzipped\as337\EagleC.dll"
Tue 28 Mar 2006 56 A.SH. --- "C:\WINDOWS\system32\12DD3388F2.sys"
Fri 17 Mar 2006 56 A.SH. --- "C:\WINDOWS\system32\CF7F02823C.sys"
Sat 29 Jul 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 23 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Wed 19 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\778fd2fc3fe6b905e366b5ddbba384c8\BIT2.tmp"

Finished!


Le 2eme :

catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-25 18:34:48
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG08.00.00.01WORKSTATION"="C99EC4D1A393FD9DA488FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E6675D575E7D6A3B9808A6171C11EC38DE3DC038D530D6EB3452EB2B7157EBB7E27C5C820223CF11C98181D816F5B043FC1BC25593044A266268DF681928EB23B4D5BE652CD32E195B95042D3A14774E182482E4EB944DF677DF7748C1C87FC123B195FC05139300F041E3818E0793D150B8E725CCB7996F042123922C94397727C5DF6BC558B2D106A94D74DD89F522CA116BCB37087B4E6F9449353026E3888D4A907838E2EFFCEE7BDFC4891D40F7FC69FA314065F133F5A745433862FB2275FD8E8DBB3564D5CE632FD6858149EF31817652937530A5264A637242EA30515622343BC3955E932015C4B0D9409A89879B33506B9F1F0EE471E51C602A6608767C5234D70DDF51B1C71A80A224732B71007A709910D83A6915833E38CDB69C7457AACD12E91E8FA5B4A29591BC479A37FB899B05372DD9403366FA05C6EE4ABF7FF40424BF81AF6F1C3F64E8DBBA07F15C11DD25C8A084C8CAAB1816C98D2F9D46DAF64F63A97BDABE4A030298A97D9177B5E8883D68B23762E67FCA5048CDA7037C67EA6F669B84E40E2E494FA275D8A39190CFCF73C191021CBF9B97078C490DEDBD63423D225FD74B46BD9FE645DC3C314F31825E743535478913A067B544C4B303B77D698030E737CFF5EA6E2B8B2115C0F498FDEDD10ED4334DB0B8F72D89CAE87987D68F90E5F7F018D9E346213733A6F79959B8EA2028377ED001E4EC4121BF538A270A702AA97761D5241A31647365AD522CC1D70516B26C4D76733FD61B00FC74310F0F0F5ED0A210C291A295B385985266DBC558E86871B987FEB6368E44C778FBA282F118933FF9867730394535D3EE2BBAB2BB5F3EFBE7D44336D3C64B968B48AB36374F752F4CE97CE8C36B448BBED1F8F3542A3C0D7431E577220378DF6705F5E5C3F05400811B35AEADE128829FE69230C871923CB9A6EA079C7551318CD8302583DBAED0587C99B8F053790CB0A8EAE2C64D92B3DA723E46C0C602A63B1D6ED965642956542487128D627513568AC55E00CCB1B1BB022D699010D8F5795F283BDA538B583C5E3D9908A2FC94B8B5CC432771898885FCE97A8F6249E5126138D95AE241B41C285F01E71E942143840E0BF6B1D81D263A8CD34ABEEA5192185F95DF465AD9C134F75138D1E45F2606FA01AA77016BCEC78E27CC9DF5A64E2E3F26E91E0BCDC1E9F2E209AE3B06D7FD68C403A008827364CDFA29694BEA5B7FE0937A84AA27F2E21F656D1A09E48EE4104B457E1881CE850DA57481EE34129EAD3C988436126FED335CFD6B625CC5E50F5AB9D87EA1DCD2F256483805AE92D1F6514E1E4C51170E461E567101E1BEE0668F2D682E2C5FAA0A"

scanning hidden files ...

C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.com\SharingMetadata\safette@hotmail.com\DFSR\Staging\CS{AE69180B-4FA1-5DF9-A641-B056164703B3}\01\10-{AE69180B-4FA1-5DF9-A641-B056164703B3}-v1-{0DFC5867-88AE-4607-B6CF-4F1ADE4FD19A}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.com\SharingMetadata\safette@hotmail.com\DFSR\Staging\CS{AE69180B-4FA1-5DF9-A641-B056164703B3}\11\15-{B4AEC4CC-2203-462F-8987-026948B148F1}-v11-{B4AEC4CC-2203-462F-8987-026948B148F1}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 14790 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.com\SharingMetadata\safette@hotmail.com\DFSR\Staging\CS{AE69180B-4FA1-5DF9-A641-B056164703B3}\11\15-{B4AEC4CC-2203-462F-8987-026948B148F1}-v11-{B4AEC4CC-2203-462F-8987-026948B148F1}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1704 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\01\10-{11FC1EF5-82AF-344B-EBDA-075ADD181F98}-v1-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\11\14-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v11-{ACC2504C-07CC-4B1B-8749-09F11F1CF844}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1848 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\11\14-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v11-{ACC2504C-07CC-4B1B-8749-09F11F1CF844}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 200 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\16\15-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v16-{ACC2504C-07CC-4B1B-8749-09F11F1CF844}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2028 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\16\15-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v16-{ACC2504C-07CC-4B1B-8749-09F11F1CF844}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 240 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\20\21-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v20-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1686 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\gestedoux@hotmail.fr\SharingMetadata\domdelille@hotmail.fr\DFSR\Staging\CS{11FC1EF5-82AF-344B-EBDA-075ADD181F98}\20\21-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v20-{4F4D49CA-69AE-45A5-9072-C9ED360DE55E}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 200 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{1D17D759-A6C7-B3CA-FFB7-5AA2A6E4064C}\01\15-{1D17D759-A6C7-B3CA-FFB7-5AA2A6E4064C}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\adelnedir@hotmail.com\DFSR\Staging\CS{9BCF0906-C0BE-526F-D9A3-4ED7AA45342A}\01\21-{9BCF0906-C0BE-526F-D9A3-4ED7AA45342A}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\adelnedir@hotmail.com\DFSR\Staging\CS{9BCF0906-C0BE-526F-D9A3-4ED7AA45342A}\14\14-{2CD37BD5-98F8-4BD0-BCA8-14A1F34A2657}-v14-{2CD37BD5-98F8-4BD0-BCA8-14A1F34A2657}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 128 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\aliouamounir@hotmail.com\DFSR\Staging\CS{13E5695A-B306-29B5-DB85-68DF56A70995}\01\19-{13E5695A-B306-29B5-DB85-68DF56A70995}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\goodbleu@hotmail.com\DFSR\Staging\CS{C51D66ED-798A-9E37-0A86-B9B6F3A08A49}\01\17-{C51D66ED-798A-9E37-0A86-B9B6F3A08A49}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\lagaffe2008@hotmail.com\SharingMetadata\merone83@hotmail.com\DFSR\Staging\CS{A07F9757-3AD1-6A55-6182-0DBB36BAFF97}\01\14-{A07F9757-3AD1-6A55-6182-0DBB36BAFF97}-v1-{5B1491F3-08FC-4686-9649-963BFB825B55}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\a-ikram95@hotmail.fr\DFSR\Staging\CS{DD8081CB-CA39-61F4-B5DA-48D8D961E2A4}\01\10-{DD8081CB-CA39-61F4-B5DA-48D8D961E2A4}-v1-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\a-ikram95@hotmail.fr\DFSR\Staging\CS{DD8081CB-CA39-61F4-B5DA-48D8D961E2A4}\11\11-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v11-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2082 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\a-ikram95@hotmail.fr\DFSR\Staging\CS{DD8081CB-CA39-61F4-B5DA-48D8D961E2A4}\11\11-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v11-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 232 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\asma95papillon@hotmail.fr\DFSR\Staging\CS{10847A7A-D381-C003-D1BD-179BA4F2AEF1}\01\13-{10847A7A-D381-C003-D1BD-179BA4F2AEF1}-v1-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\01\15-{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}-v1-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\16\16-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v16-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3342 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\16\16-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v16-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 368 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\16\16-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v16-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 184 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\17\17-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v17-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1596 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\17\17-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v17-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 184 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\17\17-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v17-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 368 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\18\18-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v18-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3972 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\18\18-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v18-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 432 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\18\18-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v18-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 152 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\19\19-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v19-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1398 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\19\19-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v19-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 152 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\19\19-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v19-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 432 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\20\20-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v20-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1290 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\20\20-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v20-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\dilaraozmeric@hotmail.com\DFSR\Staging\CS{C454C0E8-4A40-6CC1-6025-84ABB63CE81B}\20\20-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v20-{F301AC08-9A15-45B3-94D9-D1F1D1AA6BD9}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{3A4AA428-1705-0E41-AAAD-700B84B30401}\01\21-{3A4AA428-1705-0E41-AAAD-700B84B30401}-v1-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{3A4AA428-1705-0E41-AAAD-700B84B30401}\22\22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 81354 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{3A4AA428-1705-0E41-AAAD-700B84B30401}\22\22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5700 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\zahrahara95@hotmail.fr\SharingMetadata\leam_007_39@hotmail.com\DFSR\Staging\CS{3A4AA428-1705-0E41-AAAD-700B84B30401}\22\22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-{5F388D22-B726-4454-9DD6-B85B7B978B05}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 9056 bytes hidden from API

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 40

Merci encore et désolé s'il ya u répétition .
0
Réponse 17 / 35
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

Je ne t'ai pas demandé le rapport SDFIX.. Qui t'a dit de le faire ????... MAIS le rapport AVG ..... relis..... Merci

+ le rapport

E - Scan online avec BitDefender

Fais ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.

https://www.bitdefender.com/toolbox/
Copie/Colle le rapport
http://www.malekal.com/tutorial_BitDefender_AntiSpyware.php
https://kerio.probb.fr/
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
0
Réponse 18 / 35
doufy11 Messages postés 49 Statut Membre
 
Alala !!! j'ai du lire une de tes réponse sur un autre poste en croyant que cela m'etais déstiné, j 'espere que SDFix ne va pas causé de déguas :-(((
0
Réponse 19 / 35
doufy11 Messages postés 49 Statut Membre
 
Re Salut ^^Marie^^ ,

Il y a une Probleme avec Bitdefender Je n'arrive pas à scanner tout le poste de travaille , il scan quelques partie et il s'arrete !!!! j'ai portant accépter tout les Actives X ect .... ,Bréf je vais essayer Panda Onlline .


A+++
0
Réponse 20 / 35
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Tu as celui-là aussi

· fait un scan antivirus en ligne avec SYMANTEC
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

A effectuer avec IE
Clique sur Virus Detection --->" Start "
Clique sur " I accept ", puis " Next "
Clique sur " I consent ", puis " Next "
Un control active X, va se charger
Dans la nouvelle fenetre qui s'ouvre, valide en bas à gauche " Toujours faire confiance .... ", puis clique sur OK
Le scan débute donc par le dernier HDD

0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Tableau croisé dynamique
Joh67 -
Joh67 -

2 réponses