Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Trojan key logger

camomille

Par camomille
dans Analyses et éradication malwares

 Partager

Messages recommandés

camomille Junior Member

camomille

Posté(e)
Posté(e)

bonjour à tous

 

rien de bien original, j ai une fenêtre trojankeylogger blabla qui s ouvre intempestivement, me demandant de cliquer pour aller télécharger un antivirus...

voilà mon log hijack

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:59:35, on 05/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Samsung\DisplayManager\DisplayManager.exe

C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe

C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Samsung\DisplayManager\dmhkcore.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\dgtyhuxq.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe

C:\WINDOWS\system32\igfxext.exe

C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE

C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe

C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Documents and Settings\Amodali\Bureau\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myspace.com/index.cfm?fuseaction=user

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe

O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\DisplayManager\DMLoader.exe

O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DisplayManager.exe

O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe

O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\RunOnce: [spybotDeletingA9857] command /c del "C:\WINDOWS\system32\smp\msrc.exe"

O4 - HKLM\..\RunOnce: [spybotDeletingC3984] cmd /c del "C:\WINDOWS\system32\smp\msrc.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [HlpChk] C:\WINDOWS\system32\dgtyhuxq.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\RunOnce: [spybotDeletingB5577] command /c del "C:\WINDOWS\system32\smp\msrc.exe"

O4 - HKCU\..\RunOnce: [spybotDeletingD26] cmd /c del "C:\WINDOWS\system32\smp\msrc.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab

O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/...?20080814071732

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O21 - SSODL: AplWin - {2E5A65BB-B055-C0DD-0118-09975F2EE086} - C:\Program Files\uqbjlwd\AplWin.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)

O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe

O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe

O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe

 

--

End of file - 10234 bytes

chrifleur Full Patch Member

chrifleur

Posté(e)
Posté(e)

bonjour et bienvenue

* Télécharge Random's System Information Tool (RSIT) de Random / Random et sauvegarde-le sur ton Bureau,

* Double-clique sur RSIT.exe pour lancer le programme,

* Clique sur continuer sur l'écran Disclaimer,

* Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

* Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)

ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

camomille Junior Member

camomille

Posté(e)
  • Auteur
Posté(e)
bonjour et bienvenue

* Télécharge Random's System Information Tool (RSIT) de Random / Random et sauvegarde-le sur ton Bureau,

* Double-clique sur RSIT.exe pour lancer le programme,

* Clique sur continuer sur l'écran Disclaimer,

* Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

* Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)

ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

 

 

info.txt logfile of random's system information tool 1.04 2008-10-05 17:42:06

 

======Uninstall list======

 

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E47302B-8081-46D3-9FEA-BEB2E5F5C3EC}\setup.exe" -l0x40c anything

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Photoshop 6.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"

Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}

Adobe SVG Viewer-->C:\WINDOWS\IsUn040c.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"

Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}\setup.exe" -l0x40c

Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}

AVStation Premium 3.75-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{BA7AF70A-F81B-40EF-9268-741A7DE3D608} /l1036

Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe

Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

DisplayManager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -l0x9 -removeonly

EasyBox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A999CE76-D054-4684-80C7-53FC9243E019}\Setup.exe" -l0x40c Remove

FileZilla Client 3.0.11.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe

Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}

High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

HijackThis 2.0.2-->"C:\Documents and Settings\Amodali\Bureau\HijackThis.exe" /uninstall

Hotfix for Windows Media Format SDK (KB923198)-->"C:\WINDOWS\$NtUninstallKB923198$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"

inook-v4-3 Screen Saver-->C:\WINDOWS\system32\inook-v4-3.scr /u

Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2

iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}

J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}

Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Logiciel Intel® PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe

Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}

Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}

Magic Doctor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\Setup.exe" -l0x40c Remove

Magic Keyboard-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD723E53-A42C-4702-AA04-1D74A0311590}\Setup.exe" -l0x9 Remove

mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}

Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

MIKSOFT Mobile 3GP converter-->"C:\Program Files\MIKSOFT\Mobile 3GP converter\unins000.exe"

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}

PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall

QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}

RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Samsung Battery Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\Setup.exe" -l0x9 Remove

Samsung Network Manager 2.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{DEA48EFD-22C1-4CD6-B887-EB2E6B2E4735} /l1036

Samsung Update Plus-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{685707A4-911C-468D-BFC4-64A50E5E3A0C} /l1036

Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Publisher 2007 (KB936646)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}

Security Update for the 2007 Microsoft Office System (KB936960)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}

SENS LT56ADW Modem-->agrsmdel

Sonic Foundry Noise Reduction Plug-In 2.0a-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Sonic Foundry Noise Reduction Plug-In\Uninst.isu" -c"C:\Program Files\Sonic Foundry Noise Reduction Plug-In\sfnrun.dll" -z"Noise Reduction Plug-In 2.0"

Sony Sound Forge 8.0-->MsiExec.exe /X{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}

Sophos Anti-Rootkit 1.3.1-->C:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove

SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Update for Office 2007 (KB932080)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}

Update for Office 2007 (KB934393)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}

Update for Outlook 2007 (KB937608)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CBB2454D-193F-4523-8A31-FEB343B7C30E}

Update for Outlook 2007 Junk Email Filter (kb956080)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {96CC215F-3F22-4E1E-A101-F0041934A456}

Update for Word 2007 (KB934173)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}

User's Guide-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF99C14B-17C2-4994-B5C1-EB204A343A6F}\Setup.exe" Remove

VLC media player 0.9.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe

WIDCOMM Bluetooth Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}

Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows XP Media Center Edition 2005 KB919803-->"C:\WINDOWS\$NtUninstallKB919803$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

WOW XT and TSXT Filter Driver-->MsiExec.exe /X{A48A8684-A104-44DA-B3DF-0178A125D8D9}

 

=====HijackThis Backups=====

 

O4 - HKLM\..\Policies\Explorer\Run: [uIb70AyGOO] C:\Documents and Settings\All Users\Application Data\pwnmvixu\xifyrqpc.exe

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel

"PROCESSOR_REVISION"=0f06

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Logfile of random's system information tool 1.04 (written by random/random)

Run by Amodali at 2008-10-05 17:42:01

Microsoft Windows XP Professionnel Service Pack 3

System drive C: has 19 GB (19%) free of 104 GB

Total RAM: 1014 MB (58% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:42:04, on 05/10/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Samsung\DisplayManager\DisplayManager.exe

C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe

C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\igfxext.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\dgtyhuxq.exe

C:\Program Files\Samsung\DisplayManager\dmhkcore.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe

C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe

C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\VideoLAN\VLC\vlc.exe

C:\Documents and Settings\Amodali\Bureau\RSIT.exe

C:\Documents and Settings\Amodali\Bureau\Amodali.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe

O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\DisplayManager\DMLoader.exe

O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DisplayManager.exe

O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe

O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [HlpChk] C:\WINDOWS\system32\dgtyhuxq.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223216428890

O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/...?20080814071732

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O21 - SSODL: AplWin - {2E5A65BB-B055-C0DD-0118-09975F2EE086} - C:\Program Files\uqbjlwd\AplWin.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)

O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe

O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe

O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:%5

camomille Junior Member

camomille

Posté(e)
  • Auteur
Posté(e)
le rapport est incomplet...

on va commencer comme ceci

Télécharger Lop S&D.exe de eric71 et angeldark

http://eric.71.mespages.googlepages.com/Lop.sd.exe

scanne ton Pc option1

poste le rapport obtenu

 

 

 

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

 

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : Intel® Core2 CPU T5500 @ 1.66GHz )

BIOS : Phoenix FirstBIOS Notebook Pro Version 2.0 05SD

USER : Amodali ( Administrator )

BOOT : Normal boot

C:\ (Local Disk) - NTFS - Total : 101 Go Free : 18 Go

D:\ (CD or DVD)

 

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )

Option : [1] ( 05/10/2008|18:13 )

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[02/10/2008|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[20/07/2008|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[20/07/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[20/07/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[21/07/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[20/07/2008|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[05/10/2008|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft

[20/07/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia

[20/07/2008|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[21/07/2008|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[05/10/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help

[21/07/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage

[05/10/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pwnmvixu

[05/10/2008|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[20/07/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[05/10/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[20/07/2008|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[20/07/2008|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

 

[27/07/2008|12:48] C:\DOCUME~1\Amodali\APPLIC~1\Adobe

[23/07/2008|12:30] C:\DOCUME~1\Amodali\APPLIC~1\AdobeUM

[26/07/2008|18:14] C:\DOCUME~1\Amodali\APPLIC~1\Apple Computer

[27/07/2008|20:06] C:\DOCUME~1\Amodali\APPLIC~1\Arcsoft

[21/07/2008|20:26] C:\DOCUME~1\Amodali\APPLIC~1\CyberLink

[04/10/2008|23:30] C:\DOCUME~1\Amodali\APPLIC~1\FileZilla

[25/07/2008|13:19] C:\DOCUME~1\Amodali\APPLIC~1\Google

[05/10/2008|16:38] C:\DOCUME~1\Amodali\APPLIC~1\Help

[20/07/2008|17:09] C:\DOCUME~1\Amodali\APPLIC~1\Identities

[26/07/2008|18:57] C:\DOCUME~1\Amodali\APPLIC~1\Macromedia

[02/08/2008|19:33] C:\DOCUME~1\Amodali\APPLIC~1\Microsoft

[26/08/2008|14:25] C:\DOCUME~1\Amodali\APPLIC~1\Mozilla

[21/07/2008|17:39] C:\DOCUME~1\Amodali\APPLIC~1\OpenOffice.org2

[20/07/2008|20:50] C:\DOCUME~1\Amodali\APPLIC~1\Publish Providers

[19/08/2008|19:43] C:\DOCUME~1\Amodali\APPLIC~1\Real

[20/07/2008|20:50] C:\DOCUME~1\Amodali\APPLIC~1\Sony

[21/07/2008|10:54] C:\DOCUME~1\Amodali\APPLIC~1\Sun

[20/07/2008|17:40] C:\DOCUME~1\Amodali\APPLIC~1\Symantec

[05/10/2008|12:36] C:\DOCUME~1\Amodali\APPLIC~1\uTorrent

[19/09/2008|16:28] C:\DOCUME~1\Amodali\APPLIC~1\vlc

[20/07/2008|18:47] C:\DOCUME~1\Amodali\APPLIC~1\WinRAR

 

[20/07/2008|16:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

 

[20/07/2008|17:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

[20/07/2008|17:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/07/2008|17:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[04/10/2008 19:49][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{FC634178-57F0-4696-B194-1C5BA9867D50}.job

[02/10/2008 21:35][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[05/10/2008 17:28][--ah-----] C:\WINDOWS\tasks\SA.DAT

[10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[20/07/2008|19:24] C:\Program Files\Adobe

[20/07/2008|17:14] C:\Program Files\Analog Devices

[02/10/2008|21:46] C:\Program Files\Apple Software Update

[20/07/2008|19:28] C:\Program Files\ArcSoft

[02/10/2008|21:33] C:\Program Files\Bonjour

[21/07/2008|18:09] C:\Program Files\CCleaner

[20/07/2008|16:52] C:\Program Files\ComPlus Applications

[21/07/2008|20:34] C:\Program Files\CopyLock2

[22/07/2008|10:16] C:\Program Files\CyberLink

[09/08/2008|21:21] C:\Program Files\eMule

[05/10/2008|16:58] C:\Program Files\Enigma Software Group

[05/10/2008|13:41] C:\Program Files\Fichiers communs

[20/07/2008|18:51] C:\Program Files\FileZilla FTP Client

[25/07/2008|13:19] C:\Program Files\Google

[21/07/2008|20:31] C:\Program Files\InstallShield Installation Information

[20/07/2008|17:15] C:\Program Files\Intel

[05/10/2008|17:24] C:\Program Files\Internet Explorer

[02/10/2008|21:34] C:\Program Files\iPod

[02/10/2008|21:34] C:\Program Files\iTunes

[05/10/2008|16:17] C:\Program Files\Java

[05/10/2008|13:41] C:\Program Files\Lavasoft

[20/07/2008|18:49] C:\Program Files\Macromedia

[05/10/2008|16:31] C:\Program Files\Messenger

[20/07/2008|21:03] C:\Program Files\Messenger Plus! Live

[20/07/2008|20:36] C:\Program Files\MessengerPlus! 3

[20/07/2008|18:37] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[20/07/2008|16:57] C:\Program Files\microsoft frontpage

[21/07/2008|12:30] C:\Program Files\Microsoft Office

[17/08/2008|11:36] C:\Program Files\Microsoft Silverlight

[21/07/2008|12:30] C:\Program Files\Microsoft Visual Studio

[21/07/2008|12:31] C:\Program Files\Microsoft Works

[21/07/2008|12:29] C:\Program Files\Microsoft.NET

[26/07/2008|20:47] C:\Program Files\MIKSOFT

[20/07/2008|18:25] C:\Program Files\Movie Maker

[01/09/2008|12:20] C:\Program Files\Mozilla Firefox

[20/07/2008|16:49] C:\Program Files\MSN

[20/07/2008|16:49] C:\Program Files\MSN Gaming Zone

[20/07/2008|17:27] C:\Program Files\MSXML 4.0

[20/07/2008|18:23] C:\Program Files\NetMeeting

[20/07/2008|16:52] C:\Program Files\Online Services

[20/07/2008|18:23] C:\Program Files\Outlook Express

[20/07/2008|17:29] C:\Program Files\PIC

[20/07/2008|18:50] C:\Program Files\prog amo

[02/10/2008|21:32] C:\Program Files\QuickTime

[20/07/2008|19:35] C:\Program Files\Real

[20/07/2008|17:29] C:\Program Files\Samsung

[20/07/2008|16:54] C:\Program Files\Services en ligne

[23/09/2008|17:58] C:\Program Files\Sonic Foundry Noise Reduction Plug-In

[23/09/2008|17:36] C:\Program Files\Sony

[20/07/2008|20:48] C:\Program Files\Sony Setup

[05/10/2008|16:25] C:\Program Files\Sophos

[05/10/2008|17:26] C:\Program Files\Spybot - Search & Destroy

[20/07/2008|17:15] C:\Program Files\SRS Labs

[20/07/2008|17:18] C:\Program Files\Synaptics

[20/07/2008|17:09] C:\Program Files\Uninstall Information

[05/10/2008|12:31] C:\Program Files\uqbjlwd

[20/07/2008|20:32] C:\Program Files\uTorrent

[21/07/2008|17:46] C:\Program Files\VideoLAN

[20/07/2008|20:51] C:\Program Files\VSTplugins

[17/09/2008|11:40] C:\Program Files\Western Digital

[20/07/2008|17:16] C:\Program Files\WIDCOMM

[20/07/2008|20:56] C:\Program Files\Windows Live

[20/07/2008|17:30] C:\Program Files\Windows Media Player

[20/07/2008|18:23] C:\Program Files\Windows NT

[20/07/2008|16:51] C:\Program Files\Windows Plus

[20/07/2008|16:55] C:\Program Files\WindowsUpdate

[20/07/2008|18:47] C:\Program Files\WinRAR

[20/07/2008|16:57] C:\Program Files\xerox

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[27/07/2008|12:49] C:\Program Files\Fichiers communs\Adobe

[20/07/2008|19:13] C:\Program Files\Fichiers communs\Apple

[20/07/2008|19:30] C:\Program Files\Fichiers communs\ArcSoft

[21/07/2008|12:30] C:\Program Files\Fichiers communs\DESIGNER

[20/07/2008|17:26] C:\Program Files\Fichiers communs\InstallShield

[20/07/2008|17:02] C:\Program Files\Fichiers communs\Java

[20/07/2008|17:18] C:\Program Files\Fichiers communs\LightScribe

[20/07/2008|18:50] C:\Program Files\Fichiers communs\Macromedia

[21/07/2008|12:30] C:\Program Files\Fichiers communs\Microsoft Shared

[20/07/2008|16:54] C:\Program Files\Fichiers communs\MSSoap

[20/07/2008|18:44] C:\Program Files\Fichiers communs\ODBC

[20/07/2008|19:37] C:\Program Files\Fichiers communs\Real

[20/07/2008|16:54] C:\Program Files\Fichiers communs\Services

[20/07/2008|18:44] C:\Program Files\Fichiers communs\SpeechEngines

[21/07/2008|12:27] C:\Program Files\Fichiers communs\System

[20/07/2008|20:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller

[05/10/2008|13:41] C:\Program Files\Fichiers communs\Wise Installation Wizard

[20/07/2008|19:37] C:\Program Files\Fichiers communs\xing shared

 

--------------------\\ Process

 

( 63 Processes )

 

iexplore.exe ~ [PID:1620]

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

C:\DOCUME~1\Amodali\Cookies\amodali@advertstream[1].txt

C:\DOCUME~1\Amodali\Cookies\amodali@adultfriendfinder[2].txt

C:\DOCUME~1\Amodali\Cookies\amodali@advertising[2].txt

C:\DOCUME~1\Amodali\Cookies\amodali@advertising[3].txt

C:\DOCUME~1\Amodali\Cookies\amodali@advertising[4].txt

C:\DOCUME~1\Amodali\Cookies\amodali@adopt.euroclick[1].txt

C:\DOCUME~1\Amodali\Cookies\amodali@adopt.euroclick[2].txt

C:\DOCUME~1\Amodali\Cookies\amodali@adopt.euroclick[3].txt

C:\DOCUME~1\Amodali\Cookies\amodali@partypoker[2].txt

C:\DOCUME~1\Amodali\Cookies\amodali@2xmoinscher[2].txt

C:\DOCUME~1\Amodali\Cookies\amodali@cc.2xmoinscher[1].txt

C:\DOCUME~1\Amodali\Cookies\amodali@www.2xmoinscher[2].txt

C:\DOCUME~1\Amodali\Cookies\amodali@888[1].txt

 

--------------------\\ Verification du Registre

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-05 18:13:46

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\Amodali\Cookies\amodali@downloadrapidsharecrackserial[1].txt

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\mars\covers\Marc_Almond_Sarah_Cracknell-I_Close_My_Eyes_And_Count_To_Ten_dustyspringfield.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\these_are_powers_-_terrific_seasons_self-released_2007\these are powers - terrific seasons [self-released 2007]\03 cracks in the lifeline.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\white_williams\white williams\09-white_williams-fleetwood_crack.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\A Sucked Orange-NWW\16 Crack Up.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\A Sucked Orange-NWW\20 Fade Crack Down.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\01 24-24.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\02 In the Shadows.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\03 Talking Time.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\04 Animation.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\05 Over and Over.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\06 Just Fascination.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\07 Why Kill Time (When You Can Kill Yourself).mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\08 Haiti.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\09 Crackdown.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\10 Diskono.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\11 Double Vision.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\12 Badge of Evil.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\13 Moscow.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArtSmall.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArt_{12D7F7B6-1C5E-407D-A256-CB091CFA37B2}_Large.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArt_{12D7F7B6-1C5E-407D-A256-CB091CFA37B2}_Small.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\desktop.ini

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\Folder.jpg

 

 

[F:136][D:8]-> C:\DOCUME~1\Amodali\LOCALS~1\Temp

[F:2518][D:0]-> C:\DOCUME~1\Amodali\Cookies

[F:2753][D:12]-> C:\DOCUME~1\Amodali\LOCALS~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - 05/10/2008|18:14 - Option : [1]

 

--------------------\\ Fin du rapport a 18:14:57

chrifleur Full Patch Member

chrifleur

Posté(e)
Posté(e)

cherche pas d'où te viennent tes infections!! supprime tous ces cracks et keygen stp!!!

relance Lop S&D option 2 et scanne ton Pc puis poste le rapport obtenu ainsi que ceci

fais examiner ces fichiers sur virus total

http://forum.pcastuces.com/scan_chez_virus_total-f31s15.htm

 

C:\Program Files\uqbjlwd\AplWin.dll

C:\WINDOWS\system32\dgtyhuxq.exe

C:\Documents and Settings\All Users\Application Data\pwnmvixu\xifyrqpc.exe

pour celui ci idem

C:\Documents and Settings\Amodali\Bureau\Amodali.exe ==> sauf si tu sais à quoi cela correspond

camomille Junior Member

camomille

Posté(e)
  • Auteur
Posté(e)

tu peux me dire précisément lesquels?

parce que les "crack" là

 

Cracks & Keygens ..

 

C:\DOCUME~1\Amodali\Cookies\amodali@downloadrapidsharecrackserial[1].txt

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\mars\covers\Marc_Almond_Sarah_Cracknell-I_Close_My_Eyes_And_Count_To_Ten_dustyspringfield.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\these_are_powers_-_terrific_seasons_self-released_2007\these are powers - terrific seasons [self-released 2007]\03 cracks in the lifeline.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\white_williams\white williams\09-white_williams-fleetwood_crack.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\A Sucked Orange-NWW\16 Crack Up.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\A Sucked Orange-NWW\20 Fade Crack Down.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\01 24-24.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\02 In the Shadows.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\03 Talking Time.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\04 Animation.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\05 Over and Over.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\06 Just Fascination.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\07 Why Kill Time (When You Can Kill Yourself).mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\08 Haiti.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\09 Crackdown.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\10 Diskono.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\11 Double Vision.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\12 Badge of Evil.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\13 Moscow.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArtSmall.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArt_{12D7F7B6-1C5E-407D-A256-CB091CFA37B2}_Large.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArt_{12D7F7B6-1C5E-407D-A256-CB091CFA37B2}_Small.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\desktop.ini

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\Folder.jpg

 

 

 

 

je n y vois que des fichier sons contenant l"crack" et qui ne ont que des titre d album, morceaux...

 

cherche pas d'où te viennent tes infections!! supprime tous ces cracks et keygen stp!!!

relance Lop S&D option 2 et scanne ton Pc puis poste le rapport obtenu ainsi que ceci

fais examiner ces fichiers sur virus total

http://forum.pcastuces.com/scan_chez_virus_total-f31s15.htm

 

C:\Program Files\uqbjlwd\AplWin.dll

C:\WINDOWS\system32\dgtyhuxq.exe

C:\Documents and Settings\All Users\Application Data\pwnmvixu\xifyrqpc.exe

pour celui ci idem

C:\Documents and Settings\Amodali\Bureau\Amodali.exe ==> sauf si tu sais à quoi cela correspond

 

 

Documents and Settings\Amodali\Bureau\Amodali.exe en fait a la gueule de l exe hijack mais a changé de nom...

 

je vais suivre la procédure que tu m as indiquée

camomille Junior Member

camomille

Posté(e)
  • Auteur
Posté(e)

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

 

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : Intel® Core2 CPU T5500 @ 1.66GHz )

BIOS : Phoenix FirstBIOS Notebook Pro Version 2.0 05SD

USER : Amodali ( Administrator )

BOOT : Normal boot

C:\ (Local Disk) - NTFS - Total : 101 Go Free : 18 Go

D:\ (CD or DVD)

 

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )

Option : [2] ( 05/10/2008|18:53 )

 

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

 

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@advertstream[1].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@adultfriendfinder[2].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@advertising[2].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@advertising[3].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@advertising[4].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@adopt.euroclick[1].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@adopt.euroclick[2].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@adopt.euroclick[3].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@partypoker[2].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@2xmoinscher[2].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@cc.2xmoinscher[1].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@www.2xmoinscher[2].txt

Supprime! - C:\DOCUME~1\Amodali\Cookies\amodali@888[1].txt

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[02/10/2008|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[20/07/2008|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[20/07/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[20/07/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[21/07/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[20/07/2008|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[05/10/2008|13:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft

[20/07/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia

[20/07/2008|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[21/07/2008|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[05/10/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help

[21/07/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage

[05/10/2008|12:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pwnmvixu

[05/10/2008|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[20/07/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[05/10/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[20/07/2008|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[20/07/2008|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

 

[27/07/2008|12:48] C:\DOCUME~1\Amodali\APPLIC~1\Adobe

[23/07/2008|12:30] C:\DOCUME~1\Amodali\APPLIC~1\AdobeUM

[26/07/2008|18:14] C:\DOCUME~1\Amodali\APPLIC~1\Apple Computer

[27/07/2008|20:06] C:\DOCUME~1\Amodali\APPLIC~1\Arcsoft

[21/07/2008|20:26] C:\DOCUME~1\Amodali\APPLIC~1\CyberLink

[04/10/2008|23:30] C:\DOCUME~1\Amodali\APPLIC~1\FileZilla

[25/07/2008|13:19] C:\DOCUME~1\Amodali\APPLIC~1\Google

[05/10/2008|16:38] C:\DOCUME~1\Amodali\APPLIC~1\Help

[20/07/2008|17:09] C:\DOCUME~1\Amodali\APPLIC~1\Identities

[26/07/2008|18:57] C:\DOCUME~1\Amodali\APPLIC~1\Macromedia

[02/08/2008|19:33] C:\DOCUME~1\Amodali\APPLIC~1\Microsoft

[26/08/2008|14:25] C:\DOCUME~1\Amodali\APPLIC~1\Mozilla

[21/07/2008|17:39] C:\DOCUME~1\Amodali\APPLIC~1\OpenOffice.org2

[20/07/2008|20:50] C:\DOCUME~1\Amodali\APPLIC~1\Publish Providers

[19/08/2008|19:43] C:\DOCUME~1\Amodali\APPLIC~1\Real

[20/07/2008|20:50] C:\DOCUME~1\Amodali\APPLIC~1\Sony

[21/07/2008|10:54] C:\DOCUME~1\Amodali\APPLIC~1\Sun

[20/07/2008|17:40] C:\DOCUME~1\Amodali\APPLIC~1\Symantec

[05/10/2008|12:36] C:\DOCUME~1\Amodali\APPLIC~1\uTorrent

[19/09/2008|16:28] C:\DOCUME~1\Amodali\APPLIC~1\vlc

[20/07/2008|18:47] C:\DOCUME~1\Amodali\APPLIC~1\WinRAR

 

[20/07/2008|16:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

 

[20/07/2008|17:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

[20/07/2008|17:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/07/2008|17:45] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[04/10/2008 19:49][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{FC634178-57F0-4696-B194-1C5BA9867D50}.job

[02/10/2008 21:35][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[05/10/2008 17:28][--ah-----] C:\WINDOWS\tasks\SA.DAT

[10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[20/07/2008|19:24] C:\Program Files\Adobe

[20/07/2008|17:14] C:\Program Files\Analog Devices

[02/10/2008|21:46] C:\Program Files\Apple Software Update

[20/07/2008|19:28] C:\Program Files\ArcSoft

[02/10/2008|21:33] C:\Program Files\Bonjour

[21/07/2008|18:09] C:\Program Files\CCleaner

[20/07/2008|16:52] C:\Program Files\ComPlus Applications

[21/07/2008|20:34] C:\Program Files\CopyLock2

[22/07/2008|10:16] C:\Program Files\CyberLink

[09/08/2008|21:21] C:\Program Files\eMule

[05/10/2008|16:58] C:\Program Files\Enigma Software Group

[05/10/2008|13:41] C:\Program Files\Fichiers communs

[20/07/2008|18:51] C:\Program Files\FileZilla FTP Client

[25/07/2008|13:19] C:\Program Files\Google

[21/07/2008|20:31] C:\Program Files\InstallShield Installation Information

[20/07/2008|17:15] C:\Program Files\Intel

[05/10/2008|17:24] C:\Program Files\Internet Explorer

[02/10/2008|21:34] C:\Program Files\iPod

[02/10/2008|21:34] C:\Program Files\iTunes

[05/10/2008|16:17] C:\Program Files\Java

[05/10/2008|13:41] C:\Program Files\Lavasoft

[20/07/2008|18:49] C:\Program Files\Macromedia

[05/10/2008|16:31] C:\Program Files\Messenger

[20/07/2008|21:03] C:\Program Files\Messenger Plus! Live

[20/07/2008|20:36] C:\Program Files\MessengerPlus! 3

[20/07/2008|18:37] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[20/07/2008|16:57] C:\Program Files\microsoft frontpage

[21/07/2008|12:30] C:\Program Files\Microsoft Office

[17/08/2008|11:36] C:\Program Files\Microsoft Silverlight

[21/07/2008|12:30] C:\Program Files\Microsoft Visual Studio

[21/07/2008|12:31] C:\Program Files\Microsoft Works

[21/07/2008|12:29] C:\Program Files\Microsoft.NET

[26/07/2008|20:47] C:\Program Files\MIKSOFT

[20/07/2008|18:25] C:\Program Files\Movie Maker

[01/09/2008|12:20] C:\Program Files\Mozilla Firefox

[20/07/2008|16:49] C:\Program Files\MSN

[20/07/2008|16:49] C:\Program Files\MSN Gaming Zone

[20/07/2008|17:27] C:\Program Files\MSXML 4.0

[20/07/2008|18:23] C:\Program Files\NetMeeting

[20/07/2008|16:52] C:\Program Files\Online Services

[20/07/2008|18:23] C:\Program Files\Outlook Express

[20/07/2008|17:29] C:\Program Files\PIC

[20/07/2008|18:50] C:\Program Files\prog amo

[02/10/2008|21:32] C:\Program Files\QuickTime

[20/07/2008|19:35] C:\Program Files\Real

[20/07/2008|17:29] C:\Program Files\Samsung

[20/07/2008|16:54] C:\Program Files\Services en ligne

[23/09/2008|17:58] C:\Program Files\Sonic Foundry Noise Reduction Plug-In

[23/09/2008|17:36] C:\Program Files\Sony

[20/07/2008|20:48] C:\Program Files\Sony Setup

[05/10/2008|16:25] C:\Program Files\Sophos

[05/10/2008|17:26] C:\Program Files\Spybot - Search & Destroy

[20/07/2008|17:15] C:\Program Files\SRS Labs

[20/07/2008|17:18] C:\Program Files\Synaptics

[20/07/2008|17:09] C:\Program Files\Uninstall Information

[05/10/2008|12:31] C:\Program Files\uqbjlwd

[20/07/2008|20:32] C:\Program Files\uTorrent

[21/07/2008|17:46] C:\Program Files\VideoLAN

[20/07/2008|20:51] C:\Program Files\VSTplugins

[17/09/2008|11:40] C:\Program Files\Western Digital

[20/07/2008|17:16] C:\Program Files\WIDCOMM

[20/07/2008|20:56] C:\Program Files\Windows Live

[20/07/2008|17:30] C:\Program Files\Windows Media Player

[20/07/2008|18:23] C:\Program Files\Windows NT

[20/07/2008|16:51] C:\Program Files\Windows Plus

[20/07/2008|16:55] C:\Program Files\WindowsUpdate

[20/07/2008|18:47] C:\Program Files\WinRAR

[20/07/2008|16:57] C:\Program Files\xerox

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[27/07/2008|12:49] C:\Program Files\Fichiers communs\Adobe

[20/07/2008|19:13] C:\Program Files\Fichiers communs\Apple

[20/07/2008|19:30] C:\Program Files\Fichiers communs\ArcSoft

[21/07/2008|12:30] C:\Program Files\Fichiers communs\DESIGNER

[20/07/2008|17:26] C:\Program Files\Fichiers communs\InstallShield

[20/07/2008|17:02] C:\Program Files\Fichiers communs\Java

[20/07/2008|17:18] C:\Program Files\Fichiers communs\LightScribe

[20/07/2008|18:50] C:\Program Files\Fichiers communs\Macromedia

[21/07/2008|12:30] C:\Program Files\Fichiers communs\Microsoft Shared

[20/07/2008|16:54] C:\Program Files\Fichiers communs\MSSoap

[20/07/2008|18:44] C:\Program Files\Fichiers communs\ODBC

[20/07/2008|19:37] C:\Program Files\Fichiers communs\Real

[20/07/2008|16:54] C:\Program Files\Fichiers communs\Services

[20/07/2008|18:44] C:\Program Files\Fichiers communs\SpeechEngines

[21/07/2008|12:27] C:\Program Files\Fichiers communs\System

[20/07/2008|20:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller

[05/10/2008|13:41] C:\Program Files\Fichiers communs\Wise Installation Wizard

[20/07/2008|19:37] C:\Program Files\Fichiers communs\xing shared

 

--------------------\\ Process

 

( 59 Processes )

 

... OK !

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Verification du Registre

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-05 18:54:00

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\Amodali\Cookies\amodali@downloadrapidsharecrackserial[1].txt

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\mars\covers\Marc_Almond_Sarah_Cracknell-I_Close_My_Eyes_And_Count_To_Ten_dustyspringfield.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\these_are_powers_-_terrific_seasons_self-released_2007\these are powers - terrific seasons [self-released 2007]\03 cracks in the lifeline.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\div filles … passer\white_williams\white williams\09-white_williams-fleetwood_crack.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\A Sucked Orange-NWW\16 Crack Up.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\A Sucked Orange-NWW\20 Fade Crack Down.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\01 24-24.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\02 In the Shadows.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\03 Talking Time.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\04 Animation.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\05 Over and Over.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\06 Just Fascination.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\07 Why Kill Time (When You Can Kill Yourself).mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\08 Haiti.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\09 Crackdown.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\10 Diskono.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\11 Double Vision.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\12 Badge of Evil.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\13 Moscow.mp3

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArtSmall.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArt_{12D7F7B6-1C5E-407D-A256-CB091CFA37B2}_Large.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\AlbumArt_{12D7F7B6-1C5E-407D-A256-CB091CFA37B2}_Small.jpg

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\desktop.ini

C:\DOCUME~1\Amodali\Mes documents\Ma musique\divers\slsk\cabaret voltaire\the crackdown\Folder.jpg

 

 

[F:135][D:8]-> C:\DOCUME~1\Amodali\LOCALS~1\Temp

[F:2521][D:0]-> C:\DOCUME~1\Amodali\Cookies

[F:4050][D:12]-> C:\DOCUME~1\Amodali\LOCALS~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - 05/10/2008|18:14 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 05/10/2008|18:54 - Option : [2]

 

--------------------\\ Fin du rapport a 18:54:38

 

 

 

 

h

camomille Junior Member

camomille

Posté(e)
  • Auteur
Posté(e)
cherche pas d'où te viennent tes infections!! supprime tous ces cracks et keygen stp!!!

relance Lop S&D option 2 et scanne ton Pc puis poste le rapport obtenu ainsi que ceci

fais examiner ces fichiers sur virus total

http://forum.pcastuces.com/scan_chez_virus_total-f31s15.htm

 

C:\Program Files\uqbjlwd\AplWin.dll

C:\WINDOWS\system32\dgtyhuxq.exe

C:\Documents and Settings\All Users\Application Data\pwnmvixu\xifyrqpc.exe

pour celui ci idem

C:\Documents and Settings\Amodali\Bureau\Amodali.exe ==> sauf si tu sais à quoi cela correspond

 

 

C:\Program Files\uqbjlwd\AplWin.dll

bingo

http://www.virustotal.com/fr/analisis/818b...61dc44c27fe3952

 

 

C:\Documents and Settings\Amodali\Bureau\Amodali.exe

 

http://www.virustotal.com/fr/analisis/b67f...63450c094918ac7

 

 

C:\WINDOWS\system32\dgtyhuxq.exe

bingo

http://www.virustotal.com/fr/analisis/fe8b...300c05a6202e58f

 

 

C:\Documents and Settings\All Users\Application Data\pwnmvixu\xifyrqpc.exe

bingo

http://www.virustotal.com/fr/analisis/7b74...b66c6e02a3b4c89

 

 

carton plein

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...