BernardTTW

Membres

Afficher le profil Afficher son activité

Compteur de contenus
7
Inscription
le 12 février 2008
Dernière visite
le 14 février 2008

Autres informations

Mes langues
FR

BernardTTW's Achievements

Junior Member (3/12)

Réputation sur la communauté

Infection virale!!!

BernardTTW a répondu à un(e) sujet de BernardTTW dans Analyses et éradication malwares

Bonjour Pear Comme demandé voici le rapport de ComboFix. pour la suite necessaire que dois-je faire. Merci ComboFix 08-02-13.2 - Admin 2008-02-14 20:42:03.14 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.588 [GMT 1:00] Endroit: C:\Documents and Settings\Admin\Bureau\virus\ComboFix.exe Command switches used :: C:\Documents and Settings\Admin\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-01-14 to 2008-02-14 )))))))))))))))))))))))))))))))))))) . 2008-02-14 20:33 . 2008-02-14 20:33 60,416 --a------ C:\WINDOWS\system32\drivers\ComboFix.sys 2008-02-14 20:00 . 2008-02-14 20:00 <REP> d-------- C:\Program Files\AnalogX 2008-02-14 15:33 . 2008-02-14 15:35 <REP> d-------- C:\Program Files\Navilog1 2008-02-13 09:43 . 2008-02-13 09:43 <REP> d-------- C:\Program Files\Avira 2008-02-13 09:43 . 2008-02-13 09:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-02-13 08:39 . 2008-02-13 09:17 318 --ahs---- C:\WINDOWS\system32\qstwa.ini 2008-02-13 08:12 . 2008-02-13 08:24 <REP> d-------- C:\Downloads 2008-02-12 23:16 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-02-12 23:16 . 2008-02-13 08:16 3,354 --a------ C:\WINDOWS\system32\tmp.reg 2008-02-12 21:46 . 2008-02-12 21:46 <REP> d-------- C:\Program Files\Trend Micro 2008-02-12 14:16 . 2008-02-12 14:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-12 13:00 . 2008-02-12 13:00 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft 2008-02-12 11:41 . 2008-02-11 08:44 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe 2008-02-12 09:23 . 2008-02-12 09:23 <REP> d-------- C:\WINDOWS\system32\bfubackups 2008-02-12 08:59 . 2008-02-12 08:59 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Grisoft 2008-02-12 08:57 . 2008-02-12 08:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-02-12 08:57 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-02-11 22:11 . 2008-02-08 23:55 85,504 --a------ C:\WINDOWS\system32\VACFix.exe 2008-02-11 22:11 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-02-11 22:04 . 2008-02-14 20:35 12,804 --a------ C:\WINDOWS\system32\OODBS.lor 2008-02-11 21:58 . 2008-02-11 21:58 <REP> d-------- C:\Program Files\GiPo@Utilities 2008-02-11 21:58 . 2008-02-11 21:58 <REP> d-------- C:\Program Files\Fichiers communs\Gibinsoft Shared 2008-02-11 15:51 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-02-11 15:51 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-02-11 15:51 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-02-11 15:51 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-02-11 15:30 . 2008-02-11 15:30 <REP> d-------- C:\Program Files\RootKit Hook Analyzer 2008-02-11 15:30 . 2008-02-11 23:31 <REP> d-------- C:\Program Files\RegCleaner 2008-02-11 15:30 . 2007-07-07 00:39 19,248 --a------ C:\WINDOWS\system32\drivers\rspsc32.sys 2008-02-11 14:38 . 2004-08-19 15:56 281,600 --a--c--- C:\WINDOWS\system32\dllcache\OLD53.tmp 2008-02-11 14:38 . 2001-08-24 13:00 96,768 --a--c--- C:\WINDOWS\system32\dllcache\OLD50.tmp 2008-02-11 14:38 . 2003-03-24 15:52 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD49.tmp 2008-02-11 14:38 . 2003-03-24 15:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD4D.tmp 2008-02-11 14:38 . 2003-03-24 15:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD3F.tmp 2008-02-11 14:34 . 2008-02-11 14:34 <REP> d-------- C:\WINDOWS\BDOSCAN8 2008-02-11 10:46 . 2008-02-14 14:15 <REP> d-------- C:\VundoFix Backups 2008-02-10 20:39 . 2008-02-10 20:39 262,144 --a------ C:\WINDOWS\system32\default_user_class.dat 2008-02-10 12:38 . 2008-02-11 23:47 201 --a------ C:\WINDOWS\wininit.ini 2008-02-10 12:07 . 2008-02-10 12:06 691,545 --a------ C:\WINDOWS\unins000.exe 2008-02-10 12:07 . 2008-02-10 12:07 3,452 --a------ C:\WINDOWS\unins000.dat 2008-02-09 23:27 . 2008-02-10 11:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip 2008-02-07 09:45 . 2008-02-07 09:45 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-07 09:45 . 2008-02-07 09:45 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-29 09:06 . 2008-01-29 09:06 <REP> d-------- C:\Program Files\Windows Installer Clean Up 2008-01-28 11:23 . 2008-01-28 11:23 <REP> d-------- C:\Program Files\Michael K. Weise 2008-01-28 11:18 . 2008-01-28 11:18 <REP> d-------- C:\Program Files\Monkey's Audio1 2008-01-28 11:18 . 2008-01-28 11:18 <REP> d-------- C:\Program Files\Audio Studio Gold 2008-01-28 10:01 . 2008-01-28 10:08 <REP> d-------- C:\Program Files\Beneton Movie GIF 2008-01-16 13:21 . 2008-01-16 13:21 <REP> d-------- C:\Documents and Settings\Admin\Application Data\dBpoweramp . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-14 13:11 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-13 08:22 --------- d-----w C:\Program Files\BitComet 2008-02-12 13:04 --------- d-----w C:\Program Files\BitDownload 2008-02-11 22:04 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-02-11 10:49 --------- d-----w C:\Program Files\Musicmatch 2008-02-11 07:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-02-07 10:13 --------- d-----w C:\Program Files\TagRename 2008-02-07 10:13 --------- d-----w C:\Program Files\cam2pc 2008-02-07 07:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-02-01 20:33 --------- d-----w C:\Documents and Settings\Admin\Application Data\foobar2000 2008-01-29 08:05 --------- d-----w C:\Program Files\MSECACHE 2008-01-29 07:27 --------- d-----w C:\Program Files\microsoft frontpage 2008-01-28 10:22 --------- d-----w C:\Program Files\DivX 2008-01-28 10:16 --------- d-----w C:\Program Files\foobar2000 2008-01-28 09:47 --------- d-----w C:\Program Files\jv16 PowerTools 2006 2008-01-28 09:47 --------- d-----w C:\Program Files\eeMule 2008-01-20 16:05 --------- d-----w C:\Program Files\Winamp 2008-01-12 10:02 --------- d-----w C:\Program Files\MIKSOFT 2008-01-09 14:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe 2008-01-08 07:41 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-04 21:59 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe 2008-01-04 21:58 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2008-01-04 21:58 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2008-01-04 21:58 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2008-01-04 21:57 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2008-01-04 21:57 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2008-01-04 21:57 682,496 ----a-w C:\WINDOWS\system32\DivX.dll 2008-01-04 21:57 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll 2008-01-04 21:57 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll 2008-01-04 21:57 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll 2008-01-04 21:57 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll 2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll 2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll 2008-01-04 21:57 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll 2008-01-04 21:56 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-01-04 21:56 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll 2008-01-04 12:25 --------- d-----w C:\Program Files\DS-Monkey Audio Source 2007-12-29 16:10 --------- d-----w C:\Program Files\Free Audio Pack 2007-12-29 15:08 --------- d-----w C:\Program Files\Nero 2007-12-29 13:50 --------- d-----w C:\Program Files\Fichiers communs\LightScribe 2007-12-29 13:50 --------- d-----w C:\Documents and Settings\Admin\Application Data\Nero 2007-12-29 13:31 --------- d-----w C:\Program Files\Fichiers communs\Nero 2007-12-29 13:18 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2007-12-29 13:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2007-12-22 08:05 --------- d-----w C:\Program Files\Notepad++ 2007-12-22 08:05 --------- d-----w C:\Documents and Settings\Admin\Application Data\Notepad++ 2007-12-21 21:38 --------- d-----w C:\Program Files\CR-TEKnologies 2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys 2007-12-17 08:50 --------- d-----w C:\Program Files\TagScanner 2007-12-14 20:44 --------- d-----w C:\Program Files\Winamp Toolbar 2007-12-14 20:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Winamp Toolbar 2007-12-07 00:47 670,208 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:41 550,912 ------w C:\WINDOWS\system32\oleaut32.dll 2007-12-04 08:59 972,072 ----a-w C:\WINDOWS\UNRecode.exe 2007-11-21 22:38 1,409 ----a-w C:\WINDOWS\Fonts\sncf09.fot 2007-10-04 07:14 23,960 ----a-w C:\Documents and Settings\Admin\Application Data\GDIPFONTCACHEV1.DAT 2006-02-19 02:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll 2007-03-12 08:19 5 --sha-w C:\WINDOWS\system32\fabdab4_s.dll . <pre> ----a-w 13,704,584 2007-02-02 09:12:31 C:\Documents and Settings\Admin\Mes documents\sp26552realtekAudio5.10.0.5123 .exe </pre> ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{60CA9253-D3C6-450B-89C6-DA30CFA97089}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9920DACE-EA29-43AB-9EB1-835578A3D67A}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A690C595-CD09-4000-9298-6D32B1C78BFD}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA2A616C-02D4-47BA-871D-E128D2FB47D7}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F797FA56-2E76-4B77-90E8-82F8B98AE125}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD54600D-10EA-4A68-AB47-3D3BE3C52F9A}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 21:06 1135968] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 13:07 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 08:33 892928] "Logitech Utility"="Logi_MwX.Exe" [2003-12-17 09:50 19968 C:\WINDOWS\LOGI_MWX.EXE] "SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 577536 C:\WINDOWS\soundman.exe] "AlcWzrd"="ALCWZRD.EXE" [2006-05-04 16:26 2808832 C:\WINDOWS\alcwzrd.exe] "Cloneur Expert Monitor"="C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" [2007-03-16 14:46 508573] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-03-16 14:46 65536] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "QuickTime Task"="C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" [2007-03-31 10:12 282624] "TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 15:52 3770024] "OmniPage"="C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe" [1999-11-08 01:04 53248] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-13 09:47 249896] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Config"="C:\WINDOWS\system32\run.cmd" [2006-02-14 11:24 248] "tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-09-24 19:38:04 110592] D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 07:56:20 73728] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoStrCmpLogical"= 0 (0x0) "NoInstrumentation"= 0 (0x0) "EditLevel"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoSMHelp"= 1 (0x1) "NoStartMenuMFUprogramsList"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run] "Windows Printing Driver"= WinSpooler.exe "WinUpdating"= WinUpdating.exe [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "System"="1" R0 ntcdrdrv;ntcdrdrv;C:\WINDOWS\system32\DRIVERS\ntcdrdrv.sys [2007-05-11 10:16] R3 HCWBT8XX;Hauppauge WinTV 848/9 WDM Video Driver;C:\WINDOWS\system32\drivers\HCWBT8XX.sys [2004-05-24 13:51] R3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\drivers\lccfltr.sys [2004-03-03 09:50] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-14 20:42:51 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-02-14 20:43:10 ComboFix-quarantined-files.txt 2008-02-14 19:43:08 ComboFix2.txt 2008-02-14 13:25:06 ComboFix3.txt 2008-02-14 10:41:42 ComboFix4.txt 2008-02-14 09:55:53 ComboFix5.txt 2008-02-14 09:18:29 . 2008-02-13 07:52:28 --- E O F ---
- le 14 février 2008
- 11 réponses
Infection virale!!!

BernardTTW a répondu à un(e) sujet de BernardTTW dans Analyses et éradication malwares

Hello Il me semble avoir trouver la solution!!!!!! XP et redevenu exploitable;>) Pour info: J'avais constaté dans mon dossier Temp l'apparition de fichiers "Perflib_Perfdata.dat" Mais sans plus d'interet, pris par ces virus. A bout d'arguments et moult reflextions : ces fichiers ne devraient pas se creer. Ceux ci sont crees, il me semble, lorsque la restoration sous XP est activée .... peut etre a confirmer..... Alors que la restoration je ne l'active jamais. Je vais voir "System Volume Information" et la je constate la creation de repertoires & fichiers qui se sont crees depuis la date de debut de mes deboires. Grrrand menage Depuis tout est OK Un de ces virus presents chargeait dans"System Volume Information" preparant la restoration!!!! Celle ci etant pourtant desactivee. Donc problemes resolus Grand merci à ceux qui sont venus à mon aide Heu...comment on met RESOLU dans le titre du sujet. Papy est pas habitue aux forums MERCIS
- le 14 février 2008
- 11 réponses
Infection virale!!!

BernardTTW a répondu à un(e) sujet de BernardTTW dans Analyses et éradication malwares

Bonjour Me revoila.... A l'aide! merci Je n'arrive toujours pas à nettoyer Meme apres passages de ATF-Cleaner Antivir VundoFix ComboFix haxfix je vois que sous system32 reviennent des dll indesirables C:\WINDOWS\system32\ssqqron.dll C:\WINDOWS\system32\abadd.ini C:\WINDOWS\system32\abadd.ini2 C:\WINDOWS\system32\ddaba.dll C:\WINDOWS\system32\ssqqron.dll aux noms aléatoires elles propagent ? TR/TRASH.GEN BDS/Ulrbot.c <---plus bien sur orthographe precise et apres quelques minutes d'utilisation lorsque j'ouvre mon explorateur de fichiers il se ferme apres une dizaine de secondes et par la suite mon bureau perd toutes les icones ctrl/alt/sup>>>nouvelle tache >explorer meme symptome. 10 secondes et plus rien. 2 cles registre me semble [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"System"="1" 1 C'est quoi? [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"="" et rien dans celle ci Voici le rapport HijackThis Logfile of HijackThis v1.99.1 Scan saved at 14:34:59, on 14/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\vssvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Admin\Bureau\virus\Hijack.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {60CA9253-D3C6-450B-89C6-DA30CFA97089} - C:\WINDOWS\system32\pmnlj.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {9920DACE-EA29-43AB-9EB1-835578A3D67A} - C:\WINDOWS\system32\geebc.dll (file missing) O2 - BHO: (no name) - {A690C595-CD09-4000-9298-6D32B1C78BFD} - C:\WINDOWS\system32\jkhhh.dll (file missing) O2 - BHO: (no name) - {AA2A616C-02D4-47BA-871D-E128D2FB47D7} - C:\WINDOWS\system32\vtstt.dll (file missing) O2 - BHO: (no name) - {F797FA56-2E76-4B77-90E8-82F8B98AE125} - C:\WINDOWS\system32\ssttr.dll (file missing) O2 - BHO: (no name) - {FD54600D-10EA-4A68-AB47-3D3BE3C52F9A} - C:\WINDOWS\system32\awvvu.dll (file missing) O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [OmniPage] C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0E536CD0-ED8A-455F-BCD5-69732EE67BE9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{0E536CD0-ED8A-455F-BCD5-69732EE67BE9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{0E536CD0-ED8A-455F-BCD5-69732EE67BE9}: NameServer = 192.168.1.1 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR1\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR1\RpcSandraSrv.exe -------- ComboFix 08-02-13.2 - Admin 2008-02-14 14:19:54.12 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.577 [GMT 1:00] Endroit: C:\Documents and Settings\Admin\Bureau\ComboFix.exe AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\ssqqron.dll C:\WINDOWS\system32\abadd.ini C:\WINDOWS\system32\abadd.ini2 C:\WINDOWS\system32\ddaba.dll C:\WINDOWS\system32\ssqqron.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-14 to 2008-02-14 )))))))))))))))))))))))))))))))))))) . 2008-02-13 09:43 . 2008-02-13 09:43 <REP> d-------- C:\Program Files\Avira 2008-02-13 09:43 . 2008-02-13 09:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-02-13 08:49 . 2008-02-13 08:50 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-02-13 08:39 . 2008-02-13 09:17 318 --ahs---- C:\WINDOWS\system32\qstwa.ini 2008-02-13 08:12 . 2008-02-13 08:24 <REP> d-------- C:\Downloads 2008-02-12 23:16 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-02-12 23:16 . 2008-02-13 08:16 3,354 --a------ C:\WINDOWS\system32\tmp.reg 2008-02-12 21:46 . 2008-02-12 21:46 <REP> d-------- C:\Program Files\Trend Micro 2008-02-12 14:38 . 2004-08-19 16:09 400,896 --a------ C:\kmd.exe 2008-02-12 14:16 . 2008-02-12 14:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-12 13:00 . 2008-02-12 13:00 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft 2008-02-12 11:41 . 2008-02-11 08:44 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe 2008-02-12 09:23 . 2008-02-12 09:23 <REP> d-------- C:\WINDOWS\system32\bfubackups 2008-02-12 08:59 . 2008-02-12 08:59 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Grisoft 2008-02-12 08:57 . 2008-02-12 08:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-02-12 08:57 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-02-11 22:11 . 2008-02-08 23:55 85,504 --a------ C:\WINDOWS\system32\VACFix.exe 2008-02-11 22:11 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-02-11 22:04 . 2008-02-14 14:23 11,931 --a------ C:\WINDOWS\system32\OODBS.lor 2008-02-11 21:58 . 2008-02-11 21:58 <REP> d-------- C:\Program Files\GiPo@Utilities 2008-02-11 21:58 . 2008-02-11 21:58 <REP> d-------- C:\Program Files\Fichiers communs\Gibinsoft Shared 2008-02-11 15:51 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-02-11 15:51 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-02-11 15:51 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-02-11 15:51 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-02-11 15:30 . 2008-02-11 15:30 <REP> d-------- C:\Program Files\RootKit Hook Analyzer 2008-02-11 15:30 . 2008-02-11 23:31 <REP> d-------- C:\Program Files\RegCleaner 2008-02-11 15:30 . 2007-07-07 00:39 19,248 --a------ C:\WINDOWS\system32\drivers\rspsc32.sys 2008-02-11 14:38 . 2004-08-19 15:56 281,600 --a--c--- C:\WINDOWS\system32\dllcache\OLD53.tmp 2008-02-11 14:38 . 2001-08-24 13:00 96,768 --a--c--- C:\WINDOWS\system32\dllcache\OLD50.tmp 2008-02-11 14:38 . 2003-03-24 15:52 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD49.tmp 2008-02-11 14:38 . 2003-03-24 15:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD4D.tmp 2008-02-11 14:38 . 2003-03-24 15:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD3F.tmp 2008-02-11 14:34 . 2008-02-11 14:34 <REP> d-------- C:\WINDOWS\BDOSCAN8 2008-02-11 10:46 . 2008-02-14 14:15 <REP> d-------- C:\VundoFix Backups 2008-02-10 20:39 . 2008-02-10 20:39 262,144 --a------ C:\WINDOWS\system32\default_user_class.dat 2008-02-10 12:38 . 2008-02-11 23:47 201 --a------ C:\WINDOWS\wininit.ini 2008-02-10 12:07 . 2008-02-10 12:06 691,545 --a------ C:\WINDOWS\unins000.exe 2008-02-10 12:07 . 2008-02-10 12:07 3,452 --a------ C:\WINDOWS\unins000.dat 2008-02-09 23:27 . 2008-02-10 11:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip 2008-02-07 09:45 . 2008-02-07 09:45 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-07 09:45 . 2008-02-07 09:45 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-29 09:06 . 2008-01-29 09:06 <REP> d-------- C:\Program Files\Windows Installer Clean Up 2008-01-28 11:23 . 2008-01-28 11:23 <REP> d-------- C:\Program Files\Michael K. Weise 2008-01-28 11:18 . 2008-01-28 11:18 <REP> d-------- C:\Program Files\Monkey's Audio1 2008-01-28 11:18 . 2008-01-28 11:18 <REP> d-------- C:\Program Files\Audio Studio Gold 2008-01-28 10:01 . 2008-01-28 10:08 <REP> d-------- C:\Program Files\Beneton Movie GIF 2008-01-16 13:21 . 2008-01-16 13:21 <REP> d-------- C:\Documents and Settings\Admin\Application Data\dBpoweramp . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-14 13:11 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-13 08:22 --------- d-----w C:\Program Files\BitComet 2008-02-12 13:04 --------- d-----w C:\Program Files\BitDownload 2008-02-11 22:04 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-02-11 10:49 --------- d-----w C:\Program Files\Musicmatch 2008-02-11 07:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-02-07 10:13 --------- d-----w C:\Program Files\TagRename 2008-02-07 10:13 --------- d-----w C:\Program Files\cam2pc 2008-02-07 07:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-02-01 20:33 --------- d-----w C:\Documents and Settings\Admin\Application Data\foobar2000 2008-01-29 08:05 --------- d-----w C:\Program Files\MSECACHE 2008-01-29 07:27 --------- d-----w C:\Program Files\microsoft frontpage 2008-01-28 10:22 --------- d-----w C:\Program Files\DivX 2008-01-28 10:16 --------- d-----w C:\Program Files\foobar2000 2008-01-28 09:47 --------- d-----w C:\Program Files\jv16 PowerTools 2006 2008-01-28 09:47 --------- d-----w C:\Program Files\eeMule 2008-01-20 16:05 --------- d-----w C:\Program Files\Winamp 2008-01-12 10:02 --------- d-----w C:\Program Files\MIKSOFT 2008-01-09 14:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe 2008-01-08 07:41 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-04 21:59 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe 2008-01-04 21:58 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2008-01-04 21:58 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2008-01-04 21:58 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2008-01-04 21:57 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2008-01-04 21:57 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2008-01-04 21:57 682,496 ----a-w C:\WINDOWS\system32\DivX.dll 2008-01-04 21:57 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll 2008-01-04 21:57 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll 2008-01-04 21:57 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll 2008-01-04 21:57 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll 2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll 2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll 2008-01-04 21:57 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll 2008-01-04 21:56 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-01-04 21:56 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll 2008-01-04 12:25 --------- d-----w C:\Program Files\DS-Monkey Audio Source 2007-12-29 16:10 --------- d-----w C:\Program Files\Free Audio Pack 2007-12-29 15:08 --------- d-----w C:\Program Files\Nero 2007-12-29 13:50 --------- d-----w C:\Program Files\Fichiers communs\LightScribe 2007-12-29 13:50 --------- d-----w C:\Documents and Settings\Admin\Application Data\Nero 2007-12-29 13:31 --------- d-----w C:\Program Files\Fichiers communs\Nero 2007-12-29 13:18 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2007-12-29 13:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2007-12-22 08:05 --------- d-----w C:\Program Files\Notepad++ 2007-12-22 08:05 --------- d-----w C:\Documents and Settings\Admin\Application Data\Notepad++ 2007-12-21 21:38 --------- d-----w C:\Program Files\CR-TEKnologies 2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys 2007-12-17 08:50 --------- d-----w C:\Program Files\TagScanner 2007-12-14 20:44 --------- d-----w C:\Program Files\Winamp Toolbar 2007-12-14 20:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Winamp Toolbar 2007-12-07 00:47 670,208 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:41 550,912 ------w C:\WINDOWS\system32\oleaut32.dll 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-12-04 08:59 972,072 ----a-w C:\WINDOWS\UNRecode.exe 2007-11-21 22:38 1,409 ----a-w C:\WINDOWS\Fonts\sncf09.fot 2007-10-04 07:14 23,960 ----a-w C:\Documents and Settings\Admin\Application Data\GDIPFONTCACHEV1.DAT 2006-02-19 02:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll 2007-03-12 08:19 5 --sha-w C:\WINDOWS\system32\fabdab4_s.dll . <pre> ----a-w 13,704,584 2007-02-02 09:12:31 C:\Documents and Settings\Admin\Mes documents\sp26552realtekAudio5.10.0.5123 .exe </pre> ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{60CA9253-D3C6-450B-89C6-DA30CFA97089}] C:\WINDOWS\system32\pmnlj.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9920DACE-EA29-43AB-9EB1-835578A3D67A}] C:\WINDOWS\system32\geebc.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A690C595-CD09-4000-9298-6D32B1C78BFD}] C:\WINDOWS\system32\jkhhh.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA2A616C-02D4-47BA-871D-E128D2FB47D7}] C:\WINDOWS\system32\vtstt.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F797FA56-2E76-4B77-90E8-82F8B98AE125}] C:\WINDOWS\system32\ssttr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD54600D-10EA-4A68-AB47-3D3BE3C52F9A}] C:\WINDOWS\system32\awvvu.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 21:06 1135968] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 13:07 1289000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2004-03-18 08:33 892928] "Logitech Utility"="Logi_MwX.Exe" [2003-12-17 09:50 19968 C:\WINDOWS\LOGI_MWX.EXE] "SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 577536 C:\WINDOWS\soundman.exe] "AlcWzrd"="ALCWZRD.EXE" [2006-05-04 16:26 2808832 C:\WINDOWS\alcwzrd.exe] "Cloneur Expert Monitor"="C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" [2007-03-16 14:46 508573] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-03-16 14:46 65536] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "QuickTime Task"="C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" [2007-03-31 10:12 282624] "TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 15:52 3770024] "OmniPage"="C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe" [1999-11-08 01:04 53248] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-13 09:47 249896] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Config"="C:\WINDOWS\system32\run.cmd" [2006-02-14 11:24 248] "tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 15:52 44544] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoStrCmpLogical"= 0 (0x0) "NoInstrumentation"= 0 (0x0) "EditLevel"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoSMHelp"= 1 (0x1) "NoStartMenuMFUprogramsList"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run] "Windows Printing Driver"= WinSpooler.exe "WinUpdating"= WinUpdating.exe [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{25BE2418-6C95-418F-BE03-0D9B9354A167}"= C:\WINDOWS\system32\ssqqron.dll [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "System"="1" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\ddaba.dll R0 ntcdrdrv;ntcdrdrv;C:\WINDOWS\system32\DRIVERS\ntcdrdrv.sys [2007-05-11 10:16] R3 HCWBT8XX;Hauppauge WinTV 848/9 WDM Video Driver;C:\WINDOWS\system32\drivers\HCWBT8XX.sys [2004-05-24 13:51] R3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\drivers\lccfltr.sys [2004-03-03 09:50] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-14 14:24:19 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . Temps d'accomplissement: 2008-02-14 14:25:05 ComboFix-quarantined-files.txt 2008-02-14 13:25:02 ComboFix2.txt 2008-02-14 10:41:42 ComboFix3.txt 2008-02-14 09:55:53 ComboFix4.txt 2008-02-14 09:18:29 ComboFix5.txt 2008-02-13 14:05:20 . 2008-02-13 07:52:28 --- E O F --- LE DESESPOIR ME GAGNE NON je ne voudrais pas formater
- le 14 février 2008
- 11 réponses
Infection virale!!!

BernardTTW a répondu à un(e) sujet de BernardTTW dans Analyses et éradication malwares

Bonjour Bon erreur de ma part suite a lecture plus intensive des posts anciens... .....Je n'etais pas passer sous "administrateur". Donc je corrige ceci ainsi que parametrage conforme Msg ZONC 17/12/07 18h18 @+
- le 14 février 2008
- 11 réponses
Infection virale!!!

BernardTTW a répondu à un(e) sujet de BernardTTW dans Analyses et éradication malwares

Hello Confirme sans echec. Mais probleme de disparition des icones du bureau en moins de 10 secondes Ctl/Alt/Sup/ nouvelle tache/explorer et meme punition!!! meme symptome pour gestionnaire de fichiers J'ai reussi à constater la creation de DLL au noms aleatoires sous /system32 Dans ces noms il y a toujours de consonnes identiquent accolées. Et deux fichier xxx.ini et xxx.ini2 Une piste??? je peux refaire les manips?? Ou d'autres? Je dois m'absenter pendant une dixaine d'heure Merci de suivre mon probleme
- le 13 février 2008
- 11 réponses
Infection virale!!!

BernardTTW a répondu à un(e) sujet de BernardTTW dans Analyses et éradication malwares

Bonjour Merci à ZONK qui a bien voulu prendre en consideration mon probleme. J'ai suivi ses conseils de procedure Desinstal de: BiComet Avast Execution de ATF Claener puis instal de Antivir J'ai lancer Antivir qui a mouliné 2h00, avec les options conseillées. Il est apparu une vingtaine "d'indésirables" Plusieurs se sont retrouvés en Quarantaine puisque impossibles à effacer. A la fin du scan arret sur bureau vide 15mn ? Reset. J'ai relancer un scan Antivir de nouveau. Le pc mouline. A la suite de ce deuxieme scan, JANK as tu besoin de rapport si oui le(s)quel(s) Encore Merci à ZONK Prochainement des nouvelles de mes péripéties!!!!!
- le 13 février 2008
- 11 réponses
Infection virale!!!

BernardTTW a posté un sujet dans Analyses et éradication malwares

Bonjour je traine cette cochonnerie depuis 3 jours Si quelqu'un veut bien m'aider je l'en remercie d'avance. Mon explorateur de fichiers se ferme seul en quelques secondes Parfois mon bureau disparait. J'ai fait de nombreuses manips apres avoir lu des infos sur le net pour eradiquer ce mal venu, mais mes capacités informatique sont dépassées!!! Voici un rapport , j'attends de l'aide..... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:44:09, on 12/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\WINSOS\WINSOS.EXE C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\BitComet\BitComet.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [OmniPage] C:\PROGRA~1\Caere\OMNIPA~1.0\opware32.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe O4 - HKCU\..\Policies\Explorer\Run: [WinUpdating] WinUpdating.exe O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0E536CD0-ED8A-455F-BCD5-69732EE67BE9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{0E536CD0-ED8A-455F-BCD5-69732EE67BE9}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{0E536CD0-ED8A-455F-BCD5-69732EE67BE9}: NameServer = 192.168.1.1 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR1\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professionnel 2005.SR1\RpcSandraSrv.exe -- End of file - 9063 bytes
- le 12 février 2008
- 11 réponses

Connexion

BernardTTW

Compteur de contenus

Inscription

Dernière visite

Autres informations

BernardTTW's Achievements

Junior Member (3/12)

Réputation sur la communauté

Infection virale!!!

Infection virale!!!

Infection virale!!!

Infection virale!!!

Infection virale!!!

Infection virale!!!

Infection virale!!!

Zebulon

Outils en ligne

Naviguer