Sujet Précédent Sujet Suivant

Gors probleme apparement crypt xpack.gen

nenesse1401 -  
NENESSE1401 Messages postés 59 Statut Membre -
bonjour a tous et merci d avance de votre aide

voila j ai eut un gros probleme en voulant telecharger msn skinner (seulement apres j ai vu que ce truc etait une grosse m....)
depuis plein de pub intempestives, esuite j ai reussi a suprimer ces pubs mais ca n a pas suffit, j ai ete pirater et un joli debit de 2300 euros environ sur ma cb car numero pirater egalement

je demande donc genereusement votre aide afin d eradiquer definitvement ce trc
j ai du coup telecharger deux ou trois anti malware dont spyware terminator qui me mets en page d acceuil que j ai crypt xpack.gen pirate informatique lointain qui est dans mon ordi (mais pas moyen de le trouver ) et egalement piratage de numero de cb
j ai egalement spybt searchand destroy, ccleaner, bitdefender total security2008, et malware antibittware

j ai fais d avance un rapport hijackthis que je vous mets ci dessous

j ai windows xp serv pack3, voila si vou avez besoin d autre infos y a qu a demander

merci d avance j ai trop de truc dans l ordi et pas envie encor de reformater et tout perdre

heu encor un truc bizar j ai dumal a ce que toute les lettres soient ecrite meme si je les tapent ...

voic le rapport

Logfile of HijackThis v1.99.1
Scan saved at 00:40:47, on 27/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\VM_STI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\DOCUME~1\SANDRA~1\LOCALS~1\Temp\QZTEMP\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/disp [...] tbid=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_ [...] TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_ [...] TbId=60446
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.exe Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S2D2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.c [...] oader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://helpx.adobe.com/shockwave/shockwave-end-of-life-faq.html [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe" -s "C:\Program Files\MioNet\wrapper.conf (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing)
A voir également:

79 réponses

Précédent
Réponse 61 / 79
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
oui envois le rapport stp
-1
Réponse 62 / 79
Utilisateur anonyme
 
------------------------------------------------------------­-------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, September 27, 2008 9:40:56 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 27/09/2008
Enregistrements dans la base antivirus Kaspersky : 1131382
------------------------------------------------------------­-------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
C:\
D:\

Statistiques de l'analyse:
Total d'objets analysés: 71952
Nombre de virus trouvés: 1
Nombre d'objets infectés: 1 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 03:01:09

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Application Data\$_hpcst$.hpc L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Application Data\BitDefender\Desktop\Profiles\asdict.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Application Data\Shareaza\Data\TigerTree.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\Historique\History.IE5\MSHist012008092720080928\ind­ex.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\temp\WCESLog.log L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\temp\~DF3AEC.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\temp\~DF3B06.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat ­L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\sandra aubert\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\BitDefender\BitDefender 2008\as2core\antispam_sig_14621\aspdict.dat L'objet est verrouillé ignoré
C:\Program Files\BitDefender\BitDefender 2008\dbokf.db L'objet est verrouillé ignoré
C:\Program Files\BitDefender\BitDefender 2008\dbokf.db-journal L'objet est verrouillé ignoré
C:\System Volume Information\_restore{7C613A87-BF99-4606-961B-887F813D12F7}\R­P75\A0007701.sys Infecté : Hoax.Win32.Agent.fu ignoré
C:\System Volume Information\_restore{7C613A87-BF99-4606-961B-887F813D12F7}\R­P93\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\hsperfdata_SYSTEM\728 L'objet est verrouillé ignoré
C:\WINDOWS\Temp\tmp00003b31\tmp00000000 L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.

Elle a fait la restauration systeme donc celui-ci devrait etre exterminé !
-1
Réponse 63 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
inferno m a dis de faire un combofix voila le rapport

ComboFix 08-09-27.01 - sandra aubert 2008-09-27 22:16:57.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.960 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\sandra aubert\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-08-27 au 2008-09-27 ))))))))))))))))))))))))))))))))))))
.

2008-09-27 18:06 . 2008-09-27 18:06 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-27 17:19 . 2008-09-27 17:19 <REP> d-------- C:\Program Files\Trend Micro
2008-09-27 17:18 . 2008-09-27 18:25 <REP> d-------- C:\ToolBar SD
2008-09-27 17:18 . 2008-09-27 18:23 3,642 --a------ C:\Documents and Settings\Orph.egd
2008-09-27 00:16 . 2008-09-27 00:17 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Spyware Terminator
2008-09-27 00:15 . 2008-09-27 00:15 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-09-27 00:14 . 2008-08-20 18:39 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-09-27 00:14 . 2008-08-20 12:27 <REP> d-------- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-09-27 00:14 . 2005-12-09 08:55 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-09-27 00:14 . 2008-08-20 18:39 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-09-27 00:14 . 2008-08-20 18:39 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-09-27 00:14 . 2008-08-20 18:39 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-09-27 00:14 . 2008-08-20 18:39 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-09-27 00:14 . 2008-09-27 00:25 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-09-27 00:14 . 2008-08-20 18:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\toshiba
2008-09-27 00:14 . 2005-12-09 12:22 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-09-27 00:14 . 2008-08-20 18:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Sonic
2008-09-27 00:14 . 2008-09-27 00:14 <REP> d-------- C:\Documents and Settings\Administrateur
2008-09-26 23:54 . 2008-09-27 12:47 <REP> d-------- C:\Program Files\Navilog1
2008-09-26 23:43 . 2008-09-26 23:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\sollab
2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\Lavasoft
2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\CCleaner
2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\InterVideo
2008-09-26 23:42 . 2008-09-26 23:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-09-26 23:41 . 2008-09-26 23:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-26 22:38 . 2008-09-26 22:41 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-09-26 22:36 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-09-26 22:34 . 2008-09-26 23:43 <REP> d-------- C:\WINDOWS\Internet Logs
2008-09-26 22:29 . 2008-09-26 23:43 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 22:29 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-26 22:29 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-26 20:16 . 2008-09-26 23:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-26 20:08 . 2008-09-27 11:21 <REP> d-------- C:\Program Files\WinClamAVShield
2008-09-26 19:51 . 2008-09-27 17:36 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\Spyware Terminator
2008-09-26 19:51 . 2008-09-26 19:51 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-09-26 19:50 . 2008-09-26 23:43 <REP> d-------- C:\Program Files\Spyware Terminator
2008-09-25 19:09 . 2002-08-14 00:08 264,704 --a------ C:\WINDOWS\system32\MaggiUninstall60.exe
2008-09-25 19:08 . 1999-03-23 09:12 299,520 --a------ C:\WINDOWS\uninst.exe
2008-09-25 18:54 . 2008-09-26 23:42 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-09-20 11:47 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-20 11:47 . 2008-09-27 17:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-20 10:05 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\BarreConfCMCIC
2008-09-18 11:26 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\QuickZip4
2008-09-16 12:22 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\Apple Software Update
2008-09-16 12:19 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\iTunes
2008-09-16 12:19 . 2008-09-26 23:42 <REP> d-------- C:\Program Files\iPod
2008-09-16 12:16 . 2008-09-26 23:41 <REP> d-------- C:\Program Files\QuickTime
2008-09-16 12:08 . 2008-09-26 23:41 <REP> d-------- C:\Program Files\Bonjour
2008-09-15 19:30 . 2008-09-15 19:30 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\Malwarebytes
2008-09-15 19:30 . 2008-09-15 19:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-15 17:58 . 1997-01-22 15:34 312,320 --a------ C:\WINDOWS\IsUninst.exe
2008-09-15 17:58 . 2008-09-25 19:44 491 --a------ C:\WINDOWS\SStylerProDemo.ini
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-09-05 20:45 . 2008-09-05 20:45 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-05 20:45 . 2008-09-05 20:45 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-05 20:45 . 2008-09-05 20:45 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-05 20:39 . 2008-09-05 20:45 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-05 20:23 . 2008-09-05 20:23 <REP> d-------- C:\WINDOWS\EHome
2008-09-04 19:08 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-09-04 19:08 . 2004-08-03 22:41 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2008-09-04 19:08 . 2004-08-03 22:41 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2008-09-04 19:08 . 2004-07-17 22:55 129,045 --------- C:\WINDOWS\system32\drivers\cxthsfs2.cty
2008-09-04 19:08 . 2004-08-03 22:41 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2008-09-04 17:53 . 2008-09-04 17:53 268 --ah----- C:\sqmdata02.sqm
2008-09-04 17:53 . 2008-09-04 17:53 244 --ah----- C:\sqmnoopt02.sqm
2008-09-03 23:00 . 2008-09-03 23:00 268 --ah----- C:\sqmdata01.sqm
2008-09-03 23:00 . 2008-09-03 23:00 244 --ah----- C:\sqmnoopt01.sqm
2008-09-03 10:41 . 2008-09-03 10:41 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-09-03 10:24 . 2008-09-03 10:24 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-09-03 10:24 . 2008-09-03 10:33 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-09-02 10:34 . 2007-11-30 08:45 644,400 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-09-01 12:25 . 2008-09-01 12:25 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\ArcSoft
2008-08-30 18:34 . 2008-08-30 18:34 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\Anuman Interactive
2008-08-30 18:13 . 2004-03-29 15:23 90,112 --a------ C:\WINDOWS\unvise32.exe
2008-08-30 17:12 . 2008-09-08 19:38 <REP> d-------- C:\Program Files\Fichiers communs\PC SOFT
2008-08-30 17:12 . 2008-08-30 17:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\magasin
2008-08-30 09:43 . 2008-08-30 10:29 <REP> d-------- C:\Documents and Settings\sandra aubert\Application Data\EBP
2008-08-30 09:16 . 2006-05-10 14:18 1,929,216 --a------ C:\WINDOWS\system32\cdintf250.dll
2008-08-30 09:13 . 2008-08-30 17:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EBP
2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\WINDOWS\system32\dns-sd.exe
2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\WINDOWS\system32\dnssd.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-27 20:20 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-09-26 21:42 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\muvee Technologies
2008-09-25 15:07 316 ----a-w C:\Documents and Settings\sandra aubert\Application Data\wklnhst.dat
2008-09-18 16:39 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-16 10:16 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-09-10 18:15 --------- d-----w C:\Program Files\Microsoft Works
2008-09-05 20:42 --------- d-----w C:\Program Files\MioNet
2008-09-03 10:35 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\DivX
2008-09-02 08:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-02 08:34 --------- d-----w C:\Program Files\Google
2008-08-26 18:02 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-08-26 17:58 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\AdobeUM
2008-08-21 20:37 --------- d-----w C:\Program Files\MSXML 4.0
2008-08-21 05:53 --------- d-----w C:\Program Files\Picasa2
2008-08-20 17:25 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Apple Computer
2008-08-20 17:10 --------- d-----w C:\Program Files\Services en ligne
2008-08-20 17:09 --------- d-----w C:\Program Files\Realtek
2008-08-20 17:07 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-20 17:07 --------- d-----w C:\Program Files\microsoft frontpage
2008-08-20 17:07 --------- d-----w C:\Program Files\ltmoh
2008-08-20 17:00 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-08-20 16:59 --------- d-----w C:\Program Files\ATI Technologies
2008-08-20 16:46 --------- d-----w C:\Program Files\DivX
2008-08-20 16:39 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\toshiba
2008-08-20 16:39 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Sonic
2008-08-20 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\SBSI
2008-08-20 16:09 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-08-20 15:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-08-20 15:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-08-20 15:43 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Yahoo!
2008-08-20 15:28 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-08-20 14:17 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-08-20 13:59 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Template
2008-08-20 12:53 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-08-20 12:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2008-08-20 12:22 --------- d-----w C:\Program Files\epson
2008-08-20 12:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\EPSON
2008-08-20 11:59 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-08-20 11:59 --------- d-----w C:\Program Files\Ahead
2008-08-20 11:54 --------- d-----w C:\Program Files\Philips
2008-08-20 11:52 --------- d-----w C:\Program Files\muvee Technologies
2008-08-20 11:52 --------- d-----w C:\Program Files\Fichiers communs\muvee Technologies
2008-08-20 11:51 --------- d-----w C:\Program Files\ArcSoft
2008-08-20 11:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\muvee Technologies
2008-08-20 11:48 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\InstallShield
2008-08-20 11:15 --------- d-----w C:\Program Files\Shareaza
2008-08-20 11:15 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\Shareaza
2008-08-20 11:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\BitDefender
2008-08-20 10:40 --------- d-----w C:\Documents and Settings\sandra aubert\Application Data\BitDefender
2008-08-20 10:39 --------- d-----w C:\Program Files\Fichiers communs\BitDefender
2008-08-20 10:39 --------- d-----w C:\Program Files\BitDefender
2008-08-20 10:38 --------- d-----w C:\Program Files\Windows Live
2008-08-20 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-20 10:27 0 --sha-r C:\WINDOWS\system32\drivers\TOSHIBA_Satellite A100_03601-FR_PSAA2E-01700.MRK
2008-08-20 10:25 17,801 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-08-20 10:25 --------- d-----w C:\Program Files\Atheros
2008-08-20 09:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-20 09:52 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-08-20 09:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\RoboForm
2008-08-20 09:38 --------- d-----w C:\Program Files\Siber Systems
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:50 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 65536]
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 4739072]
"EPSON Stylus DX6000 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE" [2006-09-22 139264]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-08-20 160592]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-08-15 443968]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-13 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-15 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-15 688218]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2005-05-19 188416]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2005-12-08 352256]
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 118784]
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077328]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-01 122940]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-09-16 368640]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 40960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-26 1783808]
"RTHDCPL"="RTHDCPL.EXE" [2005-11-10 C:\WINDOWS\RTHDCPL.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 C:\WINDOWS\agrsmmsg.exe]
"TPSMain"="TPSMain.exe" [2005-08-03 C:\WINDOWS\system32\TPSMain.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Groupement homologue Windows
"3540:UDP"= 3540:UDP:Protocole PNRP (Peer Name Resolution Protocol)
"1700:TCP"= 1700:TCP:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:MioNet Remote Drive Verification
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-09-26 141312]
R2 MioNet;MioNet Service;C:\Program Files\MioNet\MioNetManager.exe [2005-07-15 139264]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-02 86792]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.orange.fr/
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
R0 -: HKCU-Main,Default_Search_URL = hxxp://www.google.com/ie
R0 -: HKLM-Main,Window Title =
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 -: Crawler Search - tbr:iemenu
O8 -: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 -: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 -: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O16 -: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf
C:\WINDOWS\system32\unicows.dll
C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-27 22:20:54
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-09-27 22:23:33
ComboFix-quarantined-files.txt 2008-09-27 20:23:24

Avant-CF: 62ÿ780ÿ473ÿ344 octets libres
Après-CF: 62,777,561,088 octets libres

278 --- E O F --- 2008-09-10 18:19:35
-1
Réponse 64 / 79
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok...

télécharge trojan remover à cette adresse, un tuto sera à ta disposition pour savoir l utiliser :

https://www.androidworld.fr/

ensuite :

▶ Télécharge a-squared free 3.5

▶ Un tutoriel est à ta disposition pour bien l utiliser.

▶ fais la mise à jour et une analyse complète.

▶ poste le rapport stp
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
ok j fais quand meme le bitdefender on line? il telecharge els mise a jour pour le moment
-1
Réponse 66 / 79
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
y avait pas besoin de refaire un combofix :s

et on ne demande pas une désinfection par MP^^

fais ce que je t ai demandé stp nenesse

@+
-1
Réponse 67 / 79
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
oui fais tout et postes les rapports stp
-1
Réponse 68 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
ok et si inferno pouvait venir aussi sur ce post comme ca vous pouvais voir tout les deux enfin si c est possible j veux pas abuser des gens non plus
-1
Réponse 69 / 79
Utilisateur anonyme
 
Si! jveux verifier un truc redonne moi le rapport de combo mais a mon adresse email--> nucky-las@voila.fr

C:\Documents and Settings\sandra aubert\Application Data\wklnhst.dat <--navipromo n'est-ce pas ?
-1
Réponse 70 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
bon le bitdefender on line n a pas pu mettre a jour tout mais ma demande de lancer lescan ce que j ai fais j attend la fin et je post rapport merci
-1
Réponse 71 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
scan bitle scna bitdefender me dis impossible d analyser l ordi je reessaye d installer les mises a jour et de relancer le scan
-1
Réponse 72 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
deuxieme essai meme probleme bitdefender ne peut pas installer mise a jour et pas scanner

j laisse tomber ou ???
-1
Réponse 73 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
bon pour le moment a squared a detecte 65 truc mais il n a pas encor fini et trojan truc reste à 97% depuis un moment et pour bitdefender on line pas possible a chaque fois il plante
-1
Réponse 74 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
bon voila le rapport de trojan machin

***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.2.2545. For information, email support@simplysup1.com
[Unregistered version]
Scan started at: 22:38:13 27 sept. 2008
Using Database v7143
Operating System: Windows XP SP3 [Windows XP Home Edition Service Pack 3 (Build 2600)]
File System: NTFS
Data directory: C:\Documents and Settings\sandra aubert\Application Data\Simply Super Software\Trojan Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Documents and Settings\sandra aubert\Mes documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges

************************************************************

************************************************************
22:38:13: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS

************************************************************
22:38:13: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS

************************************************************
22:38:13: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:38:17: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1037824 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
26624 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
515584 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: ATIPTA
Value Data: "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
344064 bytes
Created: 09/12/2005
Modified: 05/08/2005
Company: ATI Technologies, Inc.
--------------------
Value Name: RTHDCPL
Value Data: RTHDCPL.EXE
C:\WINDOWS\RTHDCPL.EXE
15473664 bytes
Created: 09/12/2005
Modified: 10/11/2005
Company: Realtek Semiconductor Corp.
--------------------
Value Name: SynTPLpr
Value Data: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
98394 bytes
Created: 09/12/2005
Modified: 15/10/2004
Company: Synaptics, Inc.
--------------------
Value Name: SynTPEnh
Value Data: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
688218 bytes
Created: 09/12/2005
Modified: 15/10/2004
Company: Synaptics, Inc.
--------------------
Value Name: LtMoh
Value Data: C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\ltmoh\Ltmoh.exe
188416 bytes
Created: 09/12/2005
Modified: 19/05/2005
Company: Agere Systems
--------------------
Value Name: AGRSMMSG
Value Data: AGRSMMSG.exe
C:\WINDOWS\AGRSMMSG.exe
88203 bytes
Created: 09/12/2005
Modified: 15/10/2005
Company: Agere Systems
--------------------
Value Name: THotkey
Value Data: C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
352256 bytes
Created: 09/12/2005
Modified: 08/12/2005
Company: TOSHIBA
--------------------
Value Name: Tvs
Value Data: C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
73728 bytes
Created: 09/12/2005
Modified: 30/11/2005
Company: TOSHIBA Corporation
--------------------
Value Name: TPSMain
Value Data: TPSMain.exe
C:\WINDOWS\system32\TPSMain.exe
266240 bytes
Created: 09/12/2005
Modified: 03/08/2005
Company: TOSHIBA Corporation
--------------------
Value Name: SmoothView
Value Data: C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
118784 bytes
Created: 09/12/2005
Modified: 17/05/2005
Company: TOSHIBA Corporation
--------------------
Value Name: PadTouch
Value Data: C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
1077328 bytes
Created: 09/12/2005
Modified: 30/08/2005
Company: TOSHIBA
--------------------
Value Name: DLA
Value Data: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
122940 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
--------------------
Value Name: BitDefender Antiphishing Helper
Value Data: "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe
61440 bytes
Created: 09/10/2007
Modified: 09/10/2007
Company: BitDefender
--------------------
Value Name: BDAgent
Value Data: "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
368640 bytes
Created: 23/05/2008
Modified: 16/09/2008
Company: BitDefender S.R.L.
--------------------
Value Name: BigDogPath
Value Data: C:\WINDOWS\VM_STI.exe Philips SPC 200NC PC Camera
C:\WINDOWS\VM_STI.exe
40960 bytes
Created: 20/08/2008
Modified: 09/06/2004
Company: BIGDOG
--------------------
Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\qttask.exe" -atboottime
C:\Program Files\QuickTime\qttask.exe
413696 bytes
Created: 06/09/2008
Modified: 06/09/2008
Company: Apple Inc.
--------------------
Value Name: AppleSyncNotifier
Value Data: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
111936 bytes
Created: 03/09/2008
Modified: 03/09/2008
Company: Apple Inc.
--------------------
Value Name: iTunesHelper
Value Data: "C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunesHelper.exe
289576 bytes
Created: 10/09/2008
Modified: 10/09/2008
Company: Apple Inc.
--------------------
Value Name: SpywareTerminator
Value Data: "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
1783808 bytes
Created: 26/09/2008
Modified: 26/09/2008
Company: Crawler.com
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
922192 bytes
Created: 27/09/2008
Modified: 20/09/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: CTFMON.EXE
Value Data: C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
15360 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
--------------------
Value Name: TOSCDSPD
Value Data: C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
65536 bytes
Created: 09/12/2005
Modified: 11/04/2005
Company: TOSHIBA
--------------------
Value Name: Shareaza
Value Data: "C:\Program Files\Shareaza\Shareaza.exe" -tray
C:\Program Files\Shareaza\Shareaza.exe
4739072 bytes
Created: 20/08/2008
Modified: 01/01/2008
Company: Shareaza Development Team
--------------------
Value Name: EPSON Stylus DX6000 Series
Value Data: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\WINDOWS\TEMP\E_S2D2.tmp" /EF "HKCU"
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE
139264 bytes
Created: 20/08/2008
Modified: 22/09/2006
Company: SEIKO EPSON CORPORATION
--------------------
Value Name: RoboForm
Value Data: "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
160592 bytes
Created: 20/08/2008
Modified: 20/08/2008
Company: Siber Systems
--------------------
Value Name: H/PC Connection Agent
Value Data: "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
1289000 bytes
Created: 13/11/2006
Modified: 13/11/2006
Company: Microsoft Corporation
--------------------
Value Name: Picasa Media Detector
Value Data: C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
443968 bytes
Created: 15/08/2008
Modified: 15/08/2008
Company: Google Inc.
--------------------
Value Name: swg
Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
68856 bytes
Created: 13/09/2008
Modified: 13/09/2008
Company: Google Inc.
--------------------
Value Name: SpybotSD TeaTimer
Value Data: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - this entry is globally excluded
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
This Registry Key appears to be empty

************************************************************
22:38:33: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------

************************************************************
22:38:33: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:38:33: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.

************************************************************
22:38:33: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
C:\WINDOWS\INF\wmp11.inf
2441 bytes
Created: 03/11/2006
Modified: 03/11/2006
Company:
----------

************************************************************
22:38:34: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: 6to4
Path: %SystemRoot%\System32\6to4svc.dll
C:\WINDOWS\System32\6to4svc.dll
100352 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
--------------------
Key: AppMgmt
%SystemRoot%\System32\appmgmts.dll - file is globally excluded (file cannot be found)
--------------------
Key: BITS
Path: %systemroot%\system32\qmgr.dll
C:\WINDOWS\system32\qmgr.dll
409088 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
--------------------
Key: p2pgasvc
Path: %SystemRoot%\system32\p2pgasvc.dll
C:\WINDOWS\system32\p2pgasvc.dll
105472 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
--------------------
Key: scan
Path: C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll
C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll
151552 bytes
Created: 25/04/2008
Modified: 10/09/2008
Company: S.C. BitDefender S.R.L
--------------------

************************************************************
22:38:37: Scanning ----- SERVICES REGISTRY KEYS -----
Key: ACS
ImagePath: C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\acs.exe
36864 bytes
Created: 20/08/2008
Modified: 08/07/2005
Company:
----------
Key: AegisP
ImagePath: system32\DRIVERS\AegisP.sys
C:\WINDOWS\system32\DRIVERS\AegisP.sys
17801 bytes
Created: 20/08/2008
Modified: 20/08/2008
Company: Meetinghouse Data Communications
----------
Key: Apple Mobile Device
ImagePath: "C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
116040 bytes
Created: 10/09/2008
Modified: 10/09/2008
Company: Apple Inc.
----------
Key: AR5211
ImagePath: system32\DRIVERS\ar5211.sys
C:\WINDOWS\system32\DRIVERS\ar5211.sys
468736 bytes
Created: 09/12/2005
Modified: 12/09/2005
Company: Atheros Communications, Inc.
----------
Key: aspnet_state
ImagePath: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
32768 bytes
Created: 15/07/2004
Modified: 15/07/2004
Company: Microsoft Corporation
----------
Key: Bdfndisf
ImagePath: system32\DRIVERS\bdfndisf.sys
C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
86792 bytes
Created: 02/06/2008
Modified: 02/06/2008
Company: BitDefender SRL
----------
Key: bdfsfltr
ImagePath: system32\drivers\bdfsfltr.sys
C:\WINDOWS\system32\drivers\bdfsfltr.sys
196368 bytes
Created: 07/01/2008
Modified: 07/01/2008
Company: BitDefender S.R.L. Bucharest, ROMANIA
----------
Key: bdftdif
ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
156688 bytes
Created: 25/01/2008
Modified: 25/01/2008
Company: BitDefender SRL
----------
Key: BDSelfPr
ImagePath: \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
8320 bytes
Created: 16/01/2008
Modified: 16/01/2008
Company: BitDefender S.R.L.
----------
Key: Bonjour Service
ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Program Files\Bonjour\mDNSResponder.exe
238888 bytes
Created: 29/08/2008
Modified: 29/08/2008
Company: Apple Inc.
----------
Key: CFSvcs
ImagePath: C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
40960 bytes
Created: 09/12/2005
Modified: 18/01/2005
Company: TOSHIBA CORPORATION
----------
Key: DLABOIOM
ImagePath: System32\DLA\DLABOIOM.SYS
C:\WINDOWS\System32\DLA\DLABOIOM.SYS
25628 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
----------
Key: DLACDBHM
ImagePath: System32\Drivers\DLACDBHM.SYS
C:\WINDOWS\System32\Drivers\DLACDBHM.SYS
5628 bytes
Created: 09/12/2005
Modified: 07/07/2005
Company: Sonic Solutions
----------
Key: DLADResN
ImagePath: System32\DLA\DLADResN.SYS
C:\WINDOWS\System32\DLA\DLADResN.SYS
2496 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
----------
Key: DLAIFS_M
ImagePath: System32\DLA\DLAIFS_M.SYS
C:\WINDOWS\System32\DLA\DLAIFS_M.SYS
86524 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
----------
Key: DLAOPIOM
ImagePath: System32\DLA\DLAOPIOM.SYS
C:\WINDOWS\System32\DLA\DLAOPIOM.SYS
14684 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
----------
Key: DLAPoolM
ImagePath: System32\DLA\DLAPoolM.SYS
C:\WINDOWS\System32\DLA\DLAPoolM.SYS
6364 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
----------
Key: DLARTL_N
ImagePath: System32\Drivers\DLARTL_N.SYS
C:\WINDOWS\System32\Drivers\DLARTL_N.SYS
22684 bytes
Created: 09/12/2005
Modified: 07/07/2005
Company: Sonic Solutions
----------
Key: DLAUDFAM
ImagePath: System32\DLA\DLAUDFAM.SYS
C:\WINDOWS\System32\DLA\DLAUDFAM.SYS
92700 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
----------
Key: DLAUDF_M
ImagePath: System32\DLA\DLAUDF_M.SYS
C:\WINDOWS\System32\DLA\DLAUDF_M.SYS
87004 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
----------
Key: DRVMCDB
ImagePath: System32\Drivers\DRVMCDB.SYS
C:\WINDOWS\System32\Drivers\DRVMCDB.SYS
88704 bytes
Created: 09/12/2005
Modified: 28/07/2005
Company: Sonic Solutions
----------
Key: DRVNDDM
ImagePath: System32\Drivers\DRVNDDM.SYS
C:\WINDOWS\System32\Drivers\DRVNDDM.SYS
40544 bytes
Created: 09/12/2005
Modified: 07/07/2005
Company: Sonic Solutions
----------
Key: gusvc
ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
138168 bytes
Created: 21/08/2008
Modified: 21/08/2008
Company: Google
----------
Key: HDAudBus
ImagePath: system32\DRIVERS\HDAudBus.sys
C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
144384 bytes
Created: 07/01/2005
Modified: 13/04/2008
Company: Windows (R) Server 2003 DDK provider
----------
Key: ImapiService
ImagePath: %systemroot%\system32\imapi.exe
C:\WINDOWS\system32\imapi.exe
150528 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
----------
Key: IntcAzAudAddService
ImagePath: system32\drivers\RtkHDAud.sys
C:\WINDOWS\system32\drivers\RtkHDAud.sys
4064256 bytes
Created: 09/12/2005
Modified: 11/11/2005
Company: Realtek Semiconductor Corp.
----------
Key: Iviaspi
ImagePath: system32\drivers\iviaspi.sys
C:\WINDOWS\system32\drivers\iviaspi.sys
21060 bytes
Created: 09/12/2005
Modified: 11/09/2003
Company: InterVideo, Inc.
----------
Key: LIVESRV
ImagePath: "C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
1155072 bytes
Created: 30/04/2008
Modified: 30/04/2008
Company: BitDefender SRL
----------
Key: MioNet
ImagePath: "C:\Program Files\MioNet\MioNetManager.exe" -s "C:\Program Files\MioNet\wrapper.conf"
C:\Program Files\MioNet\MioNetManager.exe
-R- 139264 bytes
Created: 15/07/2005
Modified: 15/07/2005
Company:
----------
Key: Netdevio
ImagePath: system32\DRIVERS\netdevio.sys
C:\WINDOWS\system32\DRIVERS\netdevio.sys
12032 bytes
Created: 09/12/2005
Modified: 29/01/2003
Company: TOSHIBA Corporation.
----------
Key: ose
ImagePath: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
89136 bytes
Created: 28/07/2003
Modified: 28/07/2003
Company: Microsoft Corporation
----------
Key: Pfc
ImagePath: system32\drivers\pfc.sys
C:\WINDOWS\system32\drivers\pfc.sys
10368 bytes
Created: 09/12/2005
Modified: 19/09/2003
Company: Padus, Inc.
----------
Key: Profos
ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys
C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys
12800 bytes
Created: 12/07/2007
Modified: 12/07/2007
Company:
----------
Key: RTL8023xp
ImagePath: system32\DRIVERS\Rtlnicxp.sys
C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
74496 bytes
Created: 09/12/2005
Modified: 04/03/2005
Company: Realtek Semiconductor Corporation
----------
Key: sp_rsdrv2
ImagePath: \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
141312 bytes
Created: 26/09/2008
Modified: 26/09/2008
Company:
----------
Key: sp_rssrv
ImagePath: "C:\Program Files\Spyware Terminator\sp_rsser.exe"
C:\Program Files\Spyware Terminator\sp_rsser.exe
570880 bytes
Created: 26/09/2008
Modified: 26/09/2008
Company: Crawler.com
----------
Key: SwPrv
ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{0EB74963-BA23-477D-B8F5-8947340A9836}
C:\WINDOWS\system32\dllhost.exe
5120 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
----------
Key: SynTP
ImagePath: system32\DRIVERS\SynTP.sys
C:\WINDOWS\system32\DRIVERS\SynTP.sys
185728 bytes
Created: 09/12/2005
Modified: 15/10/2004
Company: Synaptics, Inc.
----------
Key: TAPPSRV
ImagePath: "C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe"
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
35328 bytes
Created: 09/12/2005
Modified: 10/08/2005
Company: TOSHIBA Corp.
----------
Key: Tcpip6
ImagePath: system32\DRIVERS\tcpip6.sys
C:\WINDOWS\system32\DRIVERS\tcpip6.sys
225856 bytes
Created: 09/12/2005
Modified: 20/06/2008
Company: Microsoft Corporation
----------
Key: Trufos
ImagePath: \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys
C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys
36736 bytes
Created: 10/07/2007
Modified: 10/07/2007
Company:
----------
Key: TVALD
ImagePath: system32\DRIVERS\NBSMI.sys
C:\WINDOWS\system32\DRIVERS\NBSMI.sys
6144 bytes
Created: 09/12/2005
Modified: 20/10/2005
Company: Toshiba Corporation
----------
Key: Tvs
ImagePath: system32\DRIVERS\Tvs.sys
C:\WINDOWS\system32\DRIVERS\Tvs.sys
43392 bytes
Created: 09/12/2005
Modified: 30/11/2005
Company: TOSHIBA Corporation
----------
Key: usb_rndisx
ImagePath: system32\DRIVERS\usb8023x.sys
C:\WINDOWS\system32\DRIVERS\usb8023x.sys
12800 bytes
Created: 20/08/2008
Modified: 21/10/2005
Company: Microsoft Corporation
----------
Key: usnjsvc
ImagePath: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
C:\Program Files\Windows Live\Messenger\usnsvc.exe
98328 bytes
Created: 18/10/2007
Modified: 18/10/2007
Company: Microsoft Corporation
----------
Key: VSSERV
ImagePath: "C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
1261568 bytes
Created: 25/04/2008
Modified: 15/09/2008
Company: BitDefender S.R.L.
----------
Key: WLSetupSvc
ImagePath: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
266240 bytes
Created: 25/10/2007
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: XCOMM
ImagePath: "C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
86016 bytes
Created: 27/11/2007
Modified: 27/11/2007
Company: BitDefender
----------

************************************************************
22:39:06: Scanning -----VXD ENTRIES-----

************************************************************
22:39:06: Scanning ----- WINLOGON\NOTIFY DLLS -----

************************************************************
22:39:07: Scanning ----- CONTEXTMENUHANDLERS -----
Key: EPPShellEx
CLSID: {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78}
Path: C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll
C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll
69632 bytes
Created: 20/08/2008
Modified: 13/04/2006
Company: SEIKO EPSON CORPORATION
----------
Key: ShellExtension
CLSID: [empty]
----------
Key: SPTContMenu
CLSID: {BD88A479-9623-4897-8546-BC62B9628F44}
Path: C:\Program Files\Spyware Terminator\sptcontmenu.dll
C:\Program Files\Spyware Terminator\sptcontmenu.dll
164352 bytes
Created: 26/09/2008
Modified: 26/09/2008
Company: Crawler.com
----------
Key: {D653647D-D607-4df6-A5B8-48D2BA195F7B}
Path: C:\Program Files\BitDefender\BitDefender 2008\bdshelxt.dll
C:\Program Files\BitDefender\BitDefender 2008\bdshelxt.dll
155648 bytes
Created: 14/12/2007
Modified: 14/12/2007
Company: BitDefender S.R.L
----------

************************************************************
22:39:08: Scanning ----- FOLDER\COLUMNHANDLERS -----

************************************************************
22:39:08: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
59032 bytes
Created: 18/12/2006
Modified: 18/12/2006
Company: Adobe Systems Incorporated
----------
Key: {53707962-6F74-2D53-2644-206D7942484F}
BHO: C:\PROGRA~1\SPYBOT~1\SDHelper.dll
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
1562448 bytes
Created: 20/09/2008
Modified: 07/07/2008
Company: Safer Networking Limited
----------
Key: {5CA3D70E-1895-11CF-8E15-001234567890}
BHO: C:\WINDOWS\System32\DLA\DLASHX_W.DLL
C:\WINDOWS\System32\DLA\DLASHX_W.DLL
110652 bytes
Created: 09/12/2005
Modified: 01/08/2005
Company: Sonic Solutions
----------
Key: {724d43a9-0d85-11d4-9908-00400523e39a}
BHO: C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
5751624 bytes
Created: 20/08/2008
Modified: 20/08/2008
Company: Siber Systems Inc.
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
328752 bytes
Created: 20/09/2007
Modified: 20/09/2007
Company: Microsoft Corporation
----------
Key: {988B07F5-7392-455A-8A1F-64935CB8B6ED}
BHO: C:\Program Files\BarreConfCMCIC\TAPBar.dll
C:\Program Files\BarreConfCMCIC\TAPBar.dll
225280 bytes
Created: 14/09/2007
Modified: 14/09/2007
Company: Euro-Information
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar2.dll
c:\program files\google\googletoolbar2.dll
-R- 2436160 bytes
Created: 21/08/2008
Modified: 19/01/2007
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
737776 bytes
Created: 13/09/2008
Modified: 13/09/2008
Company: Google Inc.
----------
Key: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}
BHO: C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
368640 bytes
Created: 20/08/2008
Modified: 21/02/2005
Company: SEIKO EPSON CORPORATION
----------

************************************************************
22:39:10: Scanning ----- SHELLSERVICEOBJECTS -----
Key: SysTray
CLSID: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Path: %systemroot%\system32\stobject.dll
C:\WINDOWS\system32\stobject.dll
122368 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
----------
Key: UPnPMonitor
CLSID: {e57ce738-33e8-4c51-8354-bb4de9d215d1}
Path: C:\WINDOWS\system32\upnpui.dll
C:\WINDOWS\system32\upnpui.dll
240128 bytes
Created: 09/12/2005
Modified: 14/04/2008
Company: Microsoft Corporation
----------
Key: WPDShServiceObj
CLSID: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Path: C:\WINDOWS\system32\WPDShServiceObj.dll
C:\WINDOWS\system32\WPDShServiceObj.dll
133632 bytes
Created: 18/10/2006
Modified: 18/10/2006
Company: Microsoft Corporation
----------

************************************************************
22:39:11: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

************************************************************
22:39:11: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
22:39:11: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank

************************************************************
22:39:11: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
22:39:12: Scanning ------ COMMON STARTUP GROUP ------
[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
-HS- 84 bytes
Created: 09/12/2005
Modified: 09/12/2005
Company:
--------------------

************************************************************
No User Startup Groups were located to check

************************************************************
22:39:12: Scanning ----- SCHEDULED TASKS -----
Taskname: AppleSoftwareUpdate.job
File: C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
566592 bytes
Created: 30/07/2008
Modified: 30/07/2008
Company: Apple Inc.
Parameters: -task
Next Run Time: 29/09/2008 12:36:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: SYSTEM
Comments: [blank]
----------
Taskname: Symantec NetDetect.job
File: C:\Program Files\Symantec\LiveUpdate\NDetect.exe
Parameters: [blank]
Next Run Time: 27/09/2008 22:44:00
Status: La tâche n'a pas encore été exécutée
Creator: SYSTEM
Comments: Symantec NetDetect
C:\Program Files\Symantec\LiveUpdate\NDetect.exe [file not found to scan]
----------

************************************************************
22:39:12: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
22:39:12: ----- ADDITIONAL CHECKS -----
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
13102134 bytes
Created: 20/08/2008
Modified: 23/09/2008
Company:
----------
Web Desktop Wallpaper: %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
C:\Documents and Settings\sandra aubert\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
13102134 bytes
Created: 20/08/2008
Modified: 23/09/2008
Company:
----------
Additional checks completed

************************************************************
22:39:18: Scanning ----- RUNNING PROCESSES -----

C:\WINDOWS\System32\smss.exe
--------------------
C:\WINDOWS\system32\csrss.exe
--------------------
C:\WINDOWS\system32\winlogon.exe
--------------------
C:\WINDOWS\system32\services.exe
--------------------
C:\WINDOWS\system32\lsass.exe
--------------------
C:\WINDOWS\system32\Ati2evxx.exe
--------------------
C:\WINDOWS\system32\svchost.exe
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\system32\Ati2evxx.exe
--------------------
C:\WINDOWS\system32\spoolsv.exe
--------------------
C:\WINDOWS\system32\acs.exe - file already scanned
--------------------
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - file already scanned
--------------------
C:\Program Files\Bonjour\mDNSResponder.exe - file already scanned
--------------------
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe - file already scanned
--------------------
C:\Program Files\MioNet\MioNetManager.exe - file already scanned
--------------------
C:\WINDOWS\system32\tcpsvcs.exe
--------------------
C:\Program Files\Spyware Terminator\sp_rsser.exe - file already scanned
--------------------
C:\Program Files\MioNet\jvm\bin\MioNet.exe
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
--------------------
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe - file already scanned
--------------------
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe - file already scanned
--------------------
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe - file already scanned
--------------------
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe - file already scanned
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
--------------------
C:\WINDOWS\System32\alg.exe
--------------------
C:\WINDOWS\system32\wscntfy.exe
--------------------
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe - file already scanned
--------------------
C:\WINDOWS\RTHDCPL.EXE - file already scanned
--------------------
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe - file already scanned
--------------------
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - file already scanned
--------------------
C:\Program Files\ltmoh\Ltmoh.exe - file already scanned
--------------------
C:\WINDOWS\AGRSMMSG.exe - file already scanned
--------------------
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe - file already scanned
--------------------
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe - file already scanned
--------------------
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe - file already scanned
--------------------
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe - file already scanned
--------------------
C:\WINDOWS\System32\DLA\DLACTRLW.EXE - file already scanned
--------------------
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe - file already scanned
--------------------
C:\WINDOWS\VM_STI.exe - file already scanned
--------------------
C:\Program Files\iTunes\iTunesHelper.exe - file already scanned
--------------------
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe - file already scanned
--------------------
C:\WINDOWS\system32\ctfmon.exe - file already scanned
--------------------
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe - file already scanned
--------------------
C:\Program Files\Shareaza\Shareaza.exe - file already scanned
--------------------
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe - file already scanned
--------------------
C:\Program Files\Microsoft ActiveSync\wcescomm.exe - file already scanned
--------------------
C:\Program Files\Picasa2\PicasaMediaDetector.exe - file already scanned
--------------------
C:\WINDOWS\system32\TPSBattM.exe
--------------------
C:\PROGRA~1\MICROS~4\rapimgr.exe
--------------------
C:\Program Files\iPod\bin\iPodService.exe
--------------------
C:\WINDOWS\explorer.exe - file already scanned
--------------------
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
--------------------
C:\Program Files\internet explorer\iexplore.exe
--------------------
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
--------------------
C:\Documents and Settings\sandra aubert\Application Data\Simply Super Software\Trojan Remover\cos57.exe
FileSize: 2552384
[This is a Trojan Remover component]
--------------------
--------------------
C:\Documents and Settings\sandra aubert\Bureau\a2FreeSetup.exe
--------------------

************************************************************
23:13:40: Checking AUTOEXEC.BAT file
AUTOEXEC.BAT found in C:\
No malicious entries were found in the AUTOEXEC.BAT file

************************************************************
23:13:40: Checking AUTOEXEC.NT file
AUTOEXEC.NT found in C:\WINDOWS\system32
No malicious entries were found in the AUTOEXEC.NT file

************************************************************
23:13:40: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.msn.com/fr-fr/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
https://www.msn.com/fr-fr/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.orange.fr/portail
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\WINDOWS\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://www.google.com/toolbar/ie8/sidebar.html

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 23:13:41 27 sept. 2008
Total Scan time: 00:35:27
************************************************************
-1
Réponse 75 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
je vous remercie deja et vous souhaite une bonne nuit je reviendrai demain un petit peu pour voir si vous avez repondu sinon je serai encor la dans la semaine des lundi matin

bon dimanche au cas ou j attend la fin de a suqared et je poste le rapport apres ca je vais me coucher donc a demain ou lundi
-1
Réponse 76 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
voila le rapport a squared

Version - a-squared Free 3.5
Dernière mise à jour : 27/09/2008 22:42:48

Paramètres des balayages :

Éléments : Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balayage ADS : Marche

Lancement du balayage : 27/09/2008 22:44:47

Key: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\software\kazaa détectés : Trace.Registry.KaZaA
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\software\microsoft\windows\currentversion\run --> shareaza détectés : Trace.Registry.Shareaza
c:\documents and settings\sandra aubert\application data\shareaza détectés : Trace.Directory.Shareaza Lite
c:\documents and settings\sandra aubert\application data\shareaza\collections détectés : Trace.Directory.Shareaza Lite
c:\documents and settings\sandra aubert\application data\shareaza\data détectés : Trace.Directory.Shareaza Lite
c:\documents and settings\sandra aubert\application data\shareaza\torrents détectés : Trace.Directory.Shareaza Lite
c:\documents and settings\sandra aubert\application data\shareaza\data\library1.dat détectés : Trace.File.Shareaza Lite
c:\documents and settings\sandra aubert\application data\shareaza\data\tigertree.dat détectés : Trace.File.Shareaza Lite
c:\documents and settings\sandra aubert\application data\shareaza\data\uploadqueues.dat détectés : Trace.File.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CLASSES_ROOT\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Downloads --> CollectionPath détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Downloads --> CompletePath détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Downloads --> IncompletePath détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Downloads --> TorrentPath détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Plugins --> {2EE9D739-7726-41cf-8F18-4B1B8763BC63} détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Plugins --> {9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646} détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> FirstRun détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> GUIMode détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> Language détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> RatesInBytes détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> Running détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Settings --> VerboseMode détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Skins --> ShareazaOS\ShareazaOS.xml détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\VersionCheck --> NextCheck détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Windows --> CMainWnd.ShowCmd détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza\Windows --> CRemoteWnd.ShowCmd détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza --> Path détectés : Trace.Registry.Shareaza Lite
Value: HKEY_USERS\S-1-5-21-1227561026-1180597129-1481750350-1006\Software\Shareaza\Shareaza --> UserPath détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Mike`s Simple Scopes détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Sonique Wrapper détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> WMP Wrapper détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .avi détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .div détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mp3 détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpeg détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpg détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\General --> Shareaza Image Viewer détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .avi détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .jpeg détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .jpg détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .mpeg détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .mpg détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\ImageService --> .png détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\LibraryBuilder --> .sks détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\MediaPlayer --> Default détectés : Trace.Registry.Shareaza Lite
C:\Documents and Settings\sandra aubert\Cookies\sandra_aubert@commentcamarche[1].txt détectés : Trace.TrackingCookie
C:\Documents and Settings\sandra aubert\Cookies\sandra_aubert@smartadserver[1].txt détectés : Trace.TrackingCookie
C:\Documents and Settings\sandra aubert\Cookies\sandra_aubert@specificclick[2].txt détectés : Trace.TrackingCookie
C:\Program Files\Navilog1\Process.exe détectés : Riskware.RiskTool.Win32.Processor.20

Analysé

Fichiers : 72192
Traces : 437248
Cookies : 47
Processus : 61

Trouvé

Fichiers : 1
Traces : 62
Cookies : 3
Processus : 0
Clés de Registre : 0

Fin du balayage : 28/09/2008 00:35:12
Durée du balayage : 1:50:25

a tte
-1
Réponse 77 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
je ne sais pas ou j en suis vous etes toujours la???

j ai lance un trendsecure scan gratuit et il a commence le scan il a deja vu un spyware, mon ordi marche encor au ralenti egalement
-1
Réponse 78 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
resolu!!!!
-1
Réponse 79 / 79
NENESSE1401 Messages postés 59 Statut Membre
 
je suis la ...
-2

Discussions similaires

Comment décrypter (ouvrir) un fichier .crypt14 Whatsapp
questionuser -
jordane45 -

5 réponses
Comment récupérer des fichiers crypt14 supprimes accident ?
CharlesIII -
Charlesiii -

4 réponses
Dechiffrer un fichier db.crypt
fabie54 -
Utilisateur anonyme -

15 réponses
Comment récupérer mes fichiers msg.db.crypt effacés
RommelMax -
RommelMax -

2 réponses
Problème Programme Crypté
Alexia0083 -
benoit -

13 réponses