infection suite à keygen..

bonjour bonjour ..

Sur pc d'un pote :
Nombreux bugs divers et variés caractéristiques suite au lancement d'un keygen. Infection sur.

Merci !

Scan hijackthis :

____________________________

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:03, on 29/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\STEPHANE\winlogon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Logon Applicationedc] C:\Documents and Settings\STEPHANE\winlogon.exe
O4 - HKLM\..\Run: [94f19fd3] rundll32.exe "C:\WINDOWS\system32\smcxlpdq.dll",b
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/ [...] loader.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/supergerba [...] Loader.dll
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 2160294500
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (OD2 Music Manager) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://player.virtools.com/downloa [...] taller.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 11940 bytes

Message édité par geloblackeagle le 29-06-2008 à 21:53:53

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

supprimes ces lignes en les cochant avec hijackthis:

C:\Documents and Settings\STEPHANE\winlogon.exe

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/supergerba [...] Loader.dll

O4 - HKLM\..\Run: [Windows Logon Applicationedc] C:\Documents and Settings\STEPHANE\winlogon.exe

------------------------------ Bonnes Fêtes
Répondre à bilox2000

Nouveau scan apres fixage & reboot :

cependant reste un problème avec les Màj windows qui ne veulent pas se relancer.

___________

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:41:26, on 29/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [94f19fd3] rundll32.exe "C:\WINDOWS\system32\smcxlpdq.dll",b
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/ [...] loader.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/supergerba [...] Loader.dll
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 2160294500
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (OD2 Music Manager) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://player.virtools.com/downloa [...] taller.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 11745 bytes

Message édité par geloblackeagle le 29-06-2008 à 22:52:10

Répondre à geloblackeagle

fix ces lignes:

O4 - HKLM\..\Run: [94f19fd3] rundll32.exe "C:\WINDOWS\system32\smcxlpdq.dll",b

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/supergerba [...] Loader.dll

Inconnu
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://player.virtools.com/downloa [...] taller.exe

au passage, ça ne sert à rien d'avoir 1000 antivirus, 1000 parefeu, machin...tu perturbes le fonctionnement de l'appareil. il se peut que ce soit à cause de ça que windows n'arrives à plus faire la mises à jour. tu as: Bitdenfender, Kerio personnal firewall, windows defender, avast, même symantec.
prends 1 antivirus et 1 parefeu et 1 antispy c'est tout.

------------------------------ Bonnes Fêtes
Répondre à bilox2000

Poste pour suivre

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:26, on 30/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.c [...] x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://securityresponse.symantec.c [...] x_homepage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BM97c2ac4f] Rundll32.exe "C:\WINDOWS\system32\eaysbeke.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/ [...] loader.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 2160294500
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (OD2 Music Manager) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 9396 bytes

Répondre à geloblackeagle

ps : norton et bitdefender sont désinstallé

Répondre à geloblackeagle

ouvres internet explorer, vas dans les options et vides les cookies, les fichiers temporaires, histoiques, etc...

ensuite, assures-toi que toutes les mises à jour windows sont effectuées (si c'est la version originale)

Et enfin, télécharges SPYBOT si tu ne l'as pas,installes-le (n'active pas teatimer à l'installation) fais sa mise à jour, vaccines. Ensuite lances-le scan jusqu'à la fin et corriges ce qu'il va trouver.

tiens-nous au courant.

en cas de non-amélioration , on passe à une autre astuce.

EDIT: SI TEATIMER de SPYBOT EST ACTIVE DESACTIVES-LE

Message édité par bilox2000 le 30-06-2008 à 13:29:42

------------------------------ Bonnes Fêtes
Répondre à bilox2000

Citation :

ensuite, assures-toi que toutes les mises à jour windows sont effectuées (si c'est la version originale)

On n'installe pas le SP3 sur une machine vérolée, on attend d'avoir fini la désinfection, sinon l'utilisateur aura une version de windows vérolée.

Message cité 1 fois

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

Egwene a écrit :

Citation :

ensuite, assures-toi que toutes les mises à jour windows sont effectuées (si c'est la version originale)

On n'installe pas le SP3 sur une machine vérolée, on attend d'avoir fini la désinfection, sinon l'utilisateur aura une version de windows vérolée.

pour ton apprentissage: ceux qui ont encore un SP1 vérolé, ont sérieusement du mal à nettoyer à cause du manque de nouveaux éléments de sécurité windows. il leur faut passer au SP2, même vérolé pour avoir la possibilité de le faire.

Il est préférable d'attendre sa réponse pour commenter.ton aide (et pas ton ironie) sera la bienvenue si aucune amélioration ne se présente,

Message cité 1 fois
Message édité par bilox2000 le 30-06-2008 à 13:38:39

------------------------------ Bonnes Fêtes
Répondre à bilox2000

les maj ne marchent pas, imposible de lancer le service.

spybot à trouver un truc : virtumonde & .dll

Amélioration de l'état général du pc, retour d'un débit correct grace à changement de session.

Le seul problème reste donc les màj qui sont bloqué.. J'essaye de résoudre et je reply

Répondre à geloblackeagle

bonsoir

bilox2000 a écrit :

pour ton apprentissage: ceux qui ont encore un SP1 vérolé, ont sérieusement du mal à nettoyer à cause du manque de nouveaux éléments de sécurité windows. il leur faut passer au SP2, même vérolé pour avoir la possibilité de le faire.

Il est préférable d'attendre sa réponse pour commenter.ton aide (et pas ton ironie) sera la bienvenue si aucune amélioration ne se présente,

Je pense que l'apprentissage de Merillym n'est plus à faire... enfin je peux me tromper hein....

Moi ce que je vois, c'est que tu tournes en rond et que plus on perd de temps, plus on va se galérer pour nettoyer son infection.

Merillym, je vais commencer, mais on peut prendre ce topic ensemble si tu veux. Je serai pas trop présent là...

geloblackeagle

1

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

2

Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport :C: \Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

3

ajoute un nouveau rapport Hijackthis.

------------------------------ Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock

Pas de souci Sham_Rock, présent jusqu'à 07 juillet :super:

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

Apres avoir fais tout ça les màj sont revenu... Mais le problème est revenu quelques heures apres, utilisation du pc tout à fait sans risque (surf pour lire le journal ect .. ^^)

Le service refuse de se lancer : erreur 1058
_______________________

Citation :

ComboFix 08-06-20.4 - STEPHANE 2008-07-01 16:20:51.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.214 [GMT 2:00]
Endroit: C:\Documents and Settings\STEPHANE\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\BM97c2ac4f.xml
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\egNmlnnn.ini
C:\WINDOWS\system32\egNmlnnn.ini2
C:\WINDOWS\system32\HNpVwyxx.ini
C:\WINDOWS\system32\HNpVwyxx.ini2
C:\WINDOWS\system32\LVvuvvut.ini
C:\WINDOWS\system32\LVvuvvut.ini2
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nnnlmNge.dll
C:\WINDOWS\system32\qdplxcms.ini

----- BITS: Possible sites infect‚s -----

hxxp://aõj
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-01 to 2008-07-01 ))))))))))))))))))))))))))))))))))))
.

2008-07-01 12:27 . 2008-07-01 12:27 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\Malwarebytes
2008-07-01 12:26 . 2008-07-01 12:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 12:26 . 2008-07-01 12:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-01 12:26 . 2008-06-28 14:21 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 12:26 . 2008-06-28 14:21 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-01 11:43 . 2008-07-01 11:43 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\OD2
2008-07-01 11:37 . 2008-07-01 11:37 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\DivX
2008-07-01 10:51 . 2008-07-01 10:51 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\vlc
2008-07-01 10:39 . 2008-07-01 10:39 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\BitDefender
2008-06-30 21:36 . 2008-06-30 21:36 <REP> d-------- C:\Documents and Settings\Famille Rochereau\Application Data\Microsoft Games
2008-06-30 20:23 . 2008-06-30 20:23 <REP> d-------- C:\Documents and Settings\Famille Rochereau\Application Data\BitDefender
2008-06-30 19:46 . 2008-06-30 19:46 104,448 --a------ C:\WINDOWS\system32\ogqaow.dll
2008-06-30 19:45 . 2008-06-30 19:46 104,448 --a------ C:\WINDOWS\system32\lfbtcrdf.dll
2008-06-30 19:43 . 2008-06-30 19:43 94,208 --a------ C:\WINDOWS\system32\lkbqbhgl.dll
2008-06-30 19:35 . 2008-07-01 16:39 121 --a------ C:\WINDOWS\bdagent.INI
2008-06-30 18:32 . 2008-06-30 18:32 104,448 --a------ C:\WINDOWS\system32\limqdy.dll
2008-06-30 18:32 . 2008-06-30 18:32 104,448 --a------ C:\WINDOWS\system32\jjwjhovs.dll
2008-06-30 18:29 . 2008-06-30 18:29 94,208 --a------ C:\WINDOWS\system32\wxwvjidi.dll
2008-06-30 17:25 . 2008-07-01 16:51 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-06-30 14:51 . 2008-06-30 14:51 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\BitDefender
2008-06-30 14:47 . 2008-06-30 14:48 <REP> d-------- C:\Program Files\BitDefender
2008-06-30 14:47 . 2008-06-30 16:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-06-30 14:45 . 2008-06-30 14:47 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-06-30 09:39 . 2008-06-30 09:39 104,448 --a------ C:\WINDOWS\system32\qqumai.dll
2008-06-30 09:39 . 2008-06-30 09:39 104,448 --a------ C:\WINDOWS\system32\imibnbgn.dll
2008-06-30 09:37 . 2008-06-30 09:37 95,232 --a------ C:\WINDOWS\system32\eaysbeke.dll
2008-06-29 21:28 . 2008-06-29 21:28 <REP> d-------- C:\Program Files\Trend Micro
2008-06-29 20:51 . 2008-06-29 20:51 34,304 --------- C:\WINDOWS\system32\wvUmnkHX.dll
2008-06-25 21:35 . 2008-06-25 21:35 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\Microsoft Games
2008-06-25 10:35 . 2008-06-25 10:35 <REP> d-------- C:\Program Files\MC2
2008-06-24 19:12 . 2008-06-24 19:15 <REP> d-------- C:\Program Files\VirtualDub
2008-06-13 23:29 . 2008-06-13 23:29 <REP> d-------- C:\Program Files\Apple Software Update
2008-06-13 23:27 . 2008-06-13 23:27 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-06-13 23:27 . 2008-06-13 23:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-11 13:35 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-09 16:29 . 2008-06-09 17:14 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\FileZilla
2008-06-08 12:42 . 2008-06-08 12:42 691,545 --a------ C:\WINDOWS\unins000.exe
2008-06-08 12:42 . 2008-06-08 12:42 2,556 --a------ C:\WINDOWS\unins000.dat
2008-06-08 00:56 . 2008-06-13 23:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-08 00:56 . 2008-06-08 00:56 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-30 20:12 --------- d-----w C:\Documents and Settings\Famille Rochereau\Application Data\LimeWire
2008-06-30 19:43 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-30 19:43 --------- d-----w C:\Program Files\Call of Duty
2008-06-30 18:41 --------- d-----w C:\Program Files\Wanadoo
2008-06-30 12:54 86,792 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-06-30 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-30 09:16 52,436 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-06-30 07:43 --------- d-----w C:\Program Files\Virtools Web Player 2.5
2008-06-29 18:34 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\LimeWire
2008-06-29 11:33 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-26 08:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-25 19:26 --------- d-----w C:\Program Files\Microsoft Games
2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 21:39 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\Apple Computer
2008-06-13 21:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-13 21:34 --------- d-----w C:\Program Files\QuickTime
2008-06-08 10:47 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-07 21:21 --------- d-----w C:\Program Files\ElcomSoft
2008-06-03 10:01 --------- d-----w C:\Program Files\LimeWire
2008-05-25 09:56 --------- d-----w C:\Program Files\eMule
2008-05-24 12:11 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2008-05-24 12:10 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2008-05-23 18:51 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-05-22 17:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-14 01:29 41,296 ----a-w C:\WINDOWS\system32\xfcodec.dll
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 13:06 --------- d-----w C:\Program Files\ServerMania
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 14:42 --------- d-----w C:\Program Files\TmNationsForever
2008-05-03 11:40 --------- d-----w C:\Program Files\RegCleaner
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 15:23 46,016 ----a-w C:\Documents and Settings\STEPHANE\Application Data\GDIPFONTCACHEV1.DAT
2008-04-01 17:52 22,328 ----a-w C:\Documents and Settings\STEPHANE\Application Data\PnkBstrK.sys
2007-06-10 15:21 43,656 ----a-w C:\Documents and Settings\Famille Rochereau\Application Data\GDIPFONTCACHEV1.DAT
2006-03-11 17:40 41,792 ----a-w C:\Documents and Settings\DIM\Application Data\GDIPFONTCACHEV1.DAT
2007-01-28 16:23 61 --sh--w C:\WINDOWS\cnerolf.dat
2005-05-13 15:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5adcaefa-a1be-4224-9020-a143a03b4bd2}]
2008-06-30 19:46 104448 --a------ C:\WINDOWS\system32\ogqaow.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68950839-2675-49E2-B6A5-442E0B0D1BA4}]
2008-06-29 20:51 34304 --------- C:\WINDOWS\system32\wvUmnkHX.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-29 11:11 67128]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-24 21:15 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl,CMICtrlWnd" []
"SoundMan"="SOUNDMAN.EXE" [2002-10-16 12:24 47104 C:\WINDOWS\SOUNDMAN.EXE]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 17:47 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 17:37 217088]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-22 03:08 813912]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-06-30 14:54 368640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-05 14:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{68950839-2675-49E2-B6A5-442E0B0D1BA4}"= C:\WINDOWS\system32\wvUmnkHX.dll [2008-06-29 20:51 34304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUmnkHX]
wvUmnkHX.dll 2008-06-29 20:51 34304 C:\WINDOWS\system32\wvUmnkHX.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
backup=C:\WINDOWS\pss\DSLMON.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
--a------ 2002-12-17 13:28 684032 C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2006-11-12 12:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Tool 3]
--a------ 2004-06-07 11:28 147456 C:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\flockbox]
--a------ 2007-12-14 17:59 1071472 C:\Program Files\My Lockbox\flockbox.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 17:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 05:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2006-12-30 14:50 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 15:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-10-14 17:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 15:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\nations.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

R0 MPRIFL;MPRIFL;C:\WINDOWS\system32\DRIVERS\MPRIFL.SYS [2007-12-13 21:13]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-30 14:54]
S3 musbehco;musbehco;C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp\musbehco.sys []
S3 USB-100;USB 10/100 Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\USBKR100.SYS [2001-06-20 13:39]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-01 16:42:45
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\wvUmnkHX.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-01 16:59:35 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-01 14:59:10

Pre-Run: 31,884,062,720 octets libres
Post-Run: 31,964,471,296 octets libres

258 --- E O F --- 2008-06-26 08:14:47

Citation :

ComboFix 08-06-20.4 - STEPHANE 2008-07-01 16:20:51.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.214 [GMT 2:00]
Endroit: C:\Documents and Settings\STEPHANE\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\BM97c2ac4f.xml
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\egNmlnnn.ini
C:\WINDOWS\system32\egNmlnnn.ini2
C:\WINDOWS\system32\HNpVwyxx.ini
C:\WINDOWS\system32\HNpVwyxx.ini2
C:\WINDOWS\system32\LVvuvvut.ini
C:\WINDOWS\system32\LVvuvvut.ini2
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nnnlmNge.dll
C:\WINDOWS\system32\qdplxcms.ini

----- BITS: Possible sites infect‚s -----

hxxp://aõj
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-01 to 2008-07-01 ))))))))))))))))))))))))))))))))))))
.

2008-07-01 12:27 . 2008-07-01 12:27 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\Malwarebytes
2008-07-01 12:26 . 2008-07-01 12:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 12:26 . 2008-07-01 12:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-01 12:26 . 2008-06-28 14:21 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 12:26 . 2008-06-28 14:21 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-01 11:43 . 2008-07-01 11:43 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\OD2
2008-07-01 11:37 . 2008-07-01 11:37 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\DivX
2008-07-01 10:51 . 2008-07-01 10:51 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\vlc
2008-07-01 10:39 . 2008-07-01 10:39 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\BitDefender
2008-06-30 21:36 . 2008-06-30 21:36 <REP> d-------- C:\Documents and Settings\Famille Rochereau\Application Data\Microsoft Games
2008-06-30 20:23 . 2008-06-30 20:23 <REP> d-------- C:\Documents and Settings\Famille Rochereau\Application Data\BitDefender
2008-06-30 19:46 . 2008-06-30 19:46 104,448 --a------ C:\WINDOWS\system32\ogqaow.dll
2008-06-30 19:45 . 2008-06-30 19:46 104,448 --a------ C:\WINDOWS\system32\lfbtcrdf.dll
2008-06-30 19:43 . 2008-06-30 19:43 94,208 --a------ C:\WINDOWS\system32\lkbqbhgl.dll
2008-06-30 19:35 . 2008-07-01 16:39 121 --a------ C:\WINDOWS\bdagent.INI
2008-06-30 18:32 . 2008-06-30 18:32 104,448 --a------ C:\WINDOWS\system32\limqdy.dll
2008-06-30 18:32 . 2008-06-30 18:32 104,448 --a------ C:\WINDOWS\system32\jjwjhovs.dll
2008-06-30 18:29 . 2008-06-30 18:29 94,208 --a------ C:\WINDOWS\system32\wxwvjidi.dll
2008-06-30 17:25 . 2008-07-01 16:51 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-06-30 14:51 . 2008-06-30 14:51 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\BitDefender
2008-06-30 14:47 . 2008-06-30 14:48 <REP> d-------- C:\Program Files\BitDefender
2008-06-30 14:47 . 2008-06-30 16:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-06-30 14:45 . 2008-06-30 14:47 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-06-30 09:39 . 2008-06-30 09:39 104,448 --a------ C:\WINDOWS\system32\qqumai.dll
2008-06-30 09:39 . 2008-06-30 09:39 104,448 --a------ C:\WINDOWS\system32\imibnbgn.dll
2008-06-30 09:37 . 2008-06-30 09:37 95,232 --a------ C:\WINDOWS\system32\eaysbeke.dll
2008-06-29 21:28 . 2008-06-29 21:28 <REP> d-------- C:\Program Files\Trend Micro
2008-06-29 20:51 . 2008-06-29 20:51 34,304 --------- C:\WINDOWS\system32\wvUmnkHX.dll
2008-06-25 21:35 . 2008-06-25 21:35 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\Microsoft Games
2008-06-25 10:35 . 2008-06-25 10:35 <REP> d-------- C:\Program Files\MC2
2008-06-24 19:12 . 2008-06-24 19:15 <REP> d-------- C:\Program Files\VirtualDub
2008-06-13 23:29 . 2008-06-13 23:29 <REP> d-------- C:\Program Files\Apple Software Update
2008-06-13 23:27 . 2008-06-13 23:27 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-06-13 23:27 . 2008-06-13 23:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-11 13:35 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-09 16:29 . 2008-06-09 17:14 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\FileZilla
2008-06-08 12:42 . 2008-06-08 12:42 691,545 --a------ C:\WINDOWS\unins000.exe
2008-06-08 12:42 . 2008-06-08 12:42 2,556 --a------ C:\WINDOWS\unins000.dat
2008-06-08 00:56 . 2008-06-13 23:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-08 00:56 . 2008-06-08 00:56 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-30 20:12 --------- d-----w C:\Documents and Settings\Famille Rochereau\Application Data\LimeWire
2008-06-30 19:43 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-30 19:43 --------- d-----w C:\Program Files\Call of Duty
2008-06-30 18:41 --------- d-----w C:\Program Files\Wanadoo
2008-06-30 12:54 86,792 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-06-30 12:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-30 09:16 52,436 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-06-30 07:43 --------- d-----w C:\Program Files\Virtools Web Player 2.5
2008-06-29 18:34 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\LimeWire
2008-06-29 11:33 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-26 08:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-25 19:26 --------- d-----w C:\Program Files\Microsoft Games
2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 21:39 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\Apple Computer
2008-06-13 21:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-13 21:34 --------- d-----w C:\Program Files\QuickTime
2008-06-08 10:47 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-07 21:21 --------- d-----w C:\Program Files\ElcomSoft
2008-06-03 10:01 --------- d-----w C:\Program Files\LimeWire
2008-05-25 09:56 --------- d-----w C:\Program Files\eMule
2008-05-24 12:11 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2008-05-24 12:10 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2008-05-23 18:51 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-05-22 17:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-14 01:29 41,296 ----a-w C:\WINDOWS\system32\xfcodec.dll
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 13:06 --------- d-----w C:\Program Files\ServerMania
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 14:42 --------- d-----w C:\Program Files\TmNationsForever
2008-05-03 11:40 --------- d-----w C:\Program Files\RegCleaner
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 15:23 46,016 ----a-w C:\Documents and Settings\STEPHANE\Application Data\GDIPFONTCACHEV1.DAT
2008-04-01 17:52 22,328 ----a-w C:\Documents and Settings\STEPHANE\Application Data\PnkBstrK.sys
2007-06-10 15:21 43,656 ----a-w C:\Documents and Settings\Famille Rochereau\Application Data\GDIPFONTCACHEV1.DAT
2006-03-11 17:40 41,792 ----a-w C:\Documents and Settings\DIM\Application Data\GDIPFONTCACHEV1.DAT
2007-01-28 16:23 61 --sh--w C:\WINDOWS\cnerolf.dat
2005-05-13 15:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5adcaefa-a1be-4224-9020-a143a03b4bd2}]
2008-06-30 19:46 104448 --a------ C:\WINDOWS\system32\ogqaow.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68950839-2675-49E2-B6A5-442E0B0D1BA4}]
2008-06-29 20:51 34304 --------- C:\WINDOWS\system32\wvUmnkHX.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-29 11:11 67128]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-24 21:15 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl,CMICtrlWnd" []
"SoundMan"="SOUNDMAN.EXE" [2002-10-16 12:24 47104 C:\WINDOWS\SOUNDMAN.EXE]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 17:47 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 17:37 217088]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-22 03:08 813912]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-06-30 14:54 368640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-05 14:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{68950839-2675-49E2-B6A5-442E0B0D1BA4}"= C:\WINDOWS\system32\wvUmnkHX.dll [2008-06-29 20:51 34304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUmnkHX]
wvUmnkHX.dll 2008-06-29 20:51 34304 C:\WINDOWS\system32\wvUmnkHX.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
backup=C:\WINDOWS\pss\DSLMON.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
--a------ 2002-12-17 13:28 684032 C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2006-11-12 12:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Tool 3]
--a------ 2004-06-07 11:28 147456 C:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\flockbox]
--a------ 2007-12-14 17:59 1071472 C:\Program Files\My Lockbox\flockbox.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 17:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 05:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2006-12-30 14:50 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 15:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-10-14 17:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 15:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\nations.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

R0 MPRIFL;MPRIFL;C:\WINDOWS\system32\DRIVERS\MPRIFL.SYS [2007-12-13 21:13]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-30 14:54]
S3 musbehco;musbehco;C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp\musbehco.sys []
S3 USB-100;USB 10/100 Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\USBKR100.SYS [2001-06-20 13:39]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-01 16:42:45
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\wvUmnkHX.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-01 16:59:35 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-01 14:59:10

Pre-Run: 31,884,062,720 octets libres
Post-Run: 31,964,471,296 octets libres

258 --- E O F --- 2008-06-26 08:14:47

Citation :

Malwarebytes' Anti-Malware 1.19
Version de la base de données: 910
Windows 5.1.2600 Service Pack 2

16:10:27 01/07/2008
mbam-log-7-1-2008 (16-10-19).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 285479
Temps écoulé: 3 hour(s), 36 minute(s), 56 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 14
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 16

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\nnnlmNge.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wvUmnkHX.dll (Trojan.Vundo) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79991736-08f9-46a5-bdb2-92ad5edb59e1} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{79991736-08f9-46a5-bdb2-92ad5edb59e1} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{68950839-2675-49e2-b6a5-442e0b0d1ba4} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68950839-2675-49e2-b6a5-442e0b0d1ba4} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvumnkhx (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{40b2127e-cc18-37d0-43ca-afa158c64001} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{450b9e4d-4014-4de3-b34e-014a81468293} (Trojan.Downloader) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BrowsingEnhancer.DLL (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\BrowsingEnhancer (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{68950839-2675-49e2-b6a5-442e0b0d1ba4} (Trojan.Vundo) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\nnnlmnge -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\nnnlmnge -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\PlayMP3z (Adware.PlayMP3Z) -> No action taken.

Fichier(s) infecté(s):
C:\WINDOWS\system32\nnnlmNge.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\egNmlnnn.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\egNmlnnn.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\nrsumtxb.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\bxtmusrn.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\nsqpeghx.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\xhgepqsn.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ytyadppt.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tppdayty.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wvUmnkHX.dll (Trojan.Vundo) -> No action taken.
C:\Program Files\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> No action taken.
C:\WINDOWS\cookies.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\fdfnonfwvv_navps.dat (Adware.NaviPromo) -> No action taken.
C:\WINDOWS\system32\fdfnonfwvv_nav.dat (Adware.NaviPromo) -> No action taken.
C:\Documents and Settings\STEPHANE\services.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\STEPHANE\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.

Citation :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:03:18, on 01/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {2db4b30a-341a-0209-4224-eb1aafeacda5} - {5adcaefa-a1be-4224-9020-a143a03b4bd2} - C:\WINDOWS\system32\ogqaow.dll
O2 - BHO: (no name) - {68950839-2675-49E2-B6A5-442E0B0D1BA4} - C:\WINDOWS\system32\wvUmnkHX.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/ [...] loader.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 2160294500
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (OD2 Music Manager) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: wvUmnkHX - C:\WINDOWS\SYSTEM32\wvUmnkHX.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 11505 bytes

Répondre à geloblackeagle

:hello: Bonjour,

Tu es infecté(e) par "Vundo". Supprime tous les cracks de ton PC s'ils sont présents car sinon ils relanceront l'infection.

Je te conseille de désinstaller et de supprimer tous tes logiciels de p2p : 50% de ce que tu télécharges via p2p est piégé. Le p2p est le premier vecteur d'infection de nos jours.

***

Désactive toute protection résidente ( antivirus…) ! <------- Pense-y !

Copie le texte se situant dans le cadre ci-dessous : ( Ctrl + C )

Citation :

File::
C:\WINDOWS\system32\ogqaow.dll
C:\WINDOWS\system32\lfbtcrdf.dll
C:\WINDOWS\system32\lkbqbhgl.dll
C:\WINDOWS\system32\limqdy.dll
C:\WINDOWS\system32\jjwjhovs.dll
C:\WINDOWS\system32\wxwvjidi.dll
C:\WINDOWS\system32\qqumai.dll
C:\WINDOWS\system32\imibnbgn.dll
C:\WINDOWS\system32\eaysbeke.dll
C:\WINDOWS\system32\wvUmnkHX.dll

FileLook::
C:\WINDOWS\meta4.exe
C:\WINDOWS\system32\AVSredirect.dll
C:\WINDOWS\system32\cygwin1.dll
C:\WINDOWS\system32\cygz.dll
C:\WINDOWS\system32\i420vfw.dll
C:\WINDOWS\system32\x.264.exe
C:\WINDOWS\system32\yv12vfw.dll

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5adcaefa-a1be-4224-9020-a143a03b4bd2}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68950839-2675-49E2-B6A5-442E0B0D1BA4}]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{68950839-2675-49E2-B6A5-442E0B0D1BA4}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUmnkHX]

=> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

- Colles y le texte (CTRL + V)
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer
- Quitte le Bloc Notes

Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :

* Cela va relancer Combofix : au message qui apparaît ( Type 1 to continue, or 2 to abort), tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
* Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher : Copie/Colle son contenue sur le forum.
Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
* Poste un nouveau rapport hijackthis.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

Apparemment le pc marche =)
A voir si ça va tenir !

Citation :

ComboFix 08-06-30.2 - STEPHANE 2008-07-02 10:23:21.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.221 [GMT 2:00]
Endroit: C:\Documents and Settings\STEPHANE\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\STEPHANE\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::
C:\WINDOWS\system32\eaysbeke.dll
C:\WINDOWS\system32\imibnbgn.dll
C:\WINDOWS\system32\jjwjhovs.dll
C:\WINDOWS\system32\lfbtcrdf.dll
C:\WINDOWS\system32\limqdy.dll
C:\WINDOWS\system32\lkbqbhgl.dll
C:\WINDOWS\system32\ogqaow.dll
C:\WINDOWS\system32\qqumai.dll
C:\WINDOWS\system32\wvUmnkHX.dll
C:\WINDOWS\system32\wxwvjidi.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\eaysbeke.dll
C:\WINDOWS\system32\fumghhiy.dll
C:\WINDOWS\system32\imibnbgn.dll
C:\WINDOWS\system32\imjonn.dll
C:\WINDOWS\system32\jjwjhovs.dll
C:\WINDOWS\system32\lfbtcrdf.dll
C:\WINDOWS\system32\limqdy.dll
C:\WINDOWS\system32\lkbqbhgl.dll
C:\WINDOWS\system32\ogqaow.dll
C:\WINDOWS\system32\pmnnkJDW.dll
C:\WINDOWS\system32\qqumai.dll
C:\WINDOWS\system32\rdjwimyw.ini
C:\WINDOWS\system32\vahdhadm.dll
C:\WINDOWS\system32\WDJknnmp.ini
C:\WINDOWS\system32\WDJknnmp.ini2
C:\WINDOWS\system32\wvUmnkHX.dll
C:\WINDOWS\system32\wxwvjidi.dll
C:\WINDOWS\system32\wymiwjdr.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-02 to 2008-07-02 ))))))))))))))))))))))))))))))))))))
.

2008-07-01 18:12 . 2008-07-01 18:12 110,415 --a------ C:\WINDOWS\BM97c2ac4f.xml
2008-07-01 12:27 . 2008-07-01 12:27 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\Malwarebytes
2008-07-01 12:26 . 2008-07-01 12:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 12:26 . 2008-07-01 12:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-01 12:26 . 2008-06-28 14:21 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 12:26 . 2008-06-28 14:21 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-01 11:43 . 2008-07-01 11:43 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\OD2
2008-07-01 11:37 . 2008-07-01 11:37 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\DivX
2008-07-01 10:51 . 2008-07-01 10:51 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\vlc
2008-07-01 10:39 . 2008-07-01 10:39 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\BitDefender
2008-06-30 21:36 . 2008-06-30 21:36 <REP> d-------- C:\Documents and Settings\Famille Rochereau\Application Data\Microsoft Games
2008-06-30 20:23 . 2008-06-30 20:23 <REP> d-------- C:\Documents and Settings\Famille Rochereau\Application Data\BitDefender
2008-06-30 19:35 . 2008-07-02 10:33 121 --a------ C:\WINDOWS\bdagent.INI
2008-06-30 17:25 . 2008-07-02 10:40 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-06-30 14:51 . 2008-06-30 14:51 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\BitDefender
2008-06-30 14:47 . 2008-06-30 14:48 <REP> d-------- C:\Program Files\BitDefender
2008-06-30 14:47 . 2008-06-30 16:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-06-30 14:45 . 2008-06-30 14:47 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-06-29 21:28 . 2008-06-29 21:28 <REP> d-------- C:\Program Files\Trend Micro
2008-06-25 21:35 . 2008-06-25 21:35 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\Microsoft Games
2008-06-25 10:35 . 2008-06-25 10:35 <REP> d-------- C:\Program Files\MC2
2008-06-24 19:12 . 2008-06-24 19:15 <REP> d-------- C:\Program Files\VirtualDub
2008-06-13 23:29 . 2008-06-13 23:29 <REP> d-------- C:\Program Files\Apple Software Update
2008-06-13 23:27 . 2008-06-13 23:27 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-06-13 23:27 . 2008-06-13 23:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-11 13:35 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-09 16:29 . 2008-06-09 17:14 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\FileZilla
2008-06-08 12:42 . 2008-06-08 12:42 691,545 --a------ C:\WINDOWS\unins000.exe
2008-06-08 12:42 . 2008-06-08 12:42 2,556 --a------ C:\WINDOWS\unins000.dat
2008-06-08 00:56 . 2008-06-13 23:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-08 00:56 . 2008-06-08 00:56 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-01 17:40 --------- d-----w C:\Program Files\Microsoft Games
2008-07-01 16:16 --------- d-----w C:\Program Files\Wanadoo
2008-07-01 15:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-01 15:12 --------- d-----w C:\Program Files\ServerMania
2008-06-30 20:12 --------- d-----w C:\Documents and Settings\Famille Rochereau\Application Data\LimeWire
2008-06-30 19:43 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-30 19:43 --------- d-----w C:\Program Files\Call of Duty
2008-06-30 12:54 86,792 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-06-30 09:16 52,436 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-06-30 07:43 --------- d-----w C:\Program Files\Virtools Web Player 2.5
2008-06-29 18:34 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\LimeWire
2008-06-29 11:33 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-26 08:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 21:39 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\Apple Computer
2008-06-13 21:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-13 21:34 --------- d-----w C:\Program Files\QuickTime
2008-06-08 10:47 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-07 21:21 --------- d-----w C:\Program Files\ElcomSoft
2008-05-24 12:11 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2008-05-24 12:10 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2008-05-23 18:51 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-05-22 17:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-14 01:29 41,296 ----a-w C:\WINDOWS\system32\xfcodec.dll
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 14:42 --------- d-----w C:\Program Files\TmNationsForever
2008-05-03 11:40 --------- d-----w C:\Program Files\RegCleaner
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 15:23 46,016 ----a-w C:\Documents and Settings\STEPHANE\Application Data\GDIPFONTCACHEV1.DAT
2008-04-01 17:52 22,328 ----a-w C:\Documents and Settings\STEPHANE\Application Data\PnkBstrK.sys
2007-06-10 15:21 43,656 ----a-w C:\Documents and Settings\Famille Rochereau\Application Data\GDIPFONTCACHEV1.DAT
2006-03-11 17:40 41,792 ----a-w C:\Documents and Settings\DIM\Application Data\GDIPFONTCACHEV1.DAT
2007-01-28 16:23 61 --sh--w C:\WINDOWS\cnerolf.dat
2005-05-13 15:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\meta4.exe -- Unable to find Resource table header.
MD5: fce9e5f5c7ce6d7b1ec49b5ce07070c9

C:\WINDOWS\system32\AVSredirect.dll -- Unable to find Resource table header.
MD5: 39854962ade636403358ab8a2edeab6b

---- C:\WINDOWS\system32\cygwin1.dll ----
Company: Red Hat
File Description: Cygwin© POSIX Emulation DLL
File Version: 1.5.17
Product Name: Cygwin
Copyright: Copyright ¸ Red Hat, Inc. 1996-2003
Original file name: cygwin1.dll
MD5: e9a608e98d262da816e80b7293f8acc8

C:\WINDOWS\system32\cygz.dll -- Unable to find Resource table header.
MD5: 82653b1caaac9e4501c1f7548c063561

---- C:\WINDOWS\system32\i420vfw.dll ----
Company: www.helixcommunity.org
File Description: Helix I420 YUV Codec
File Version: R1.02
Product Name: Helix I420 YUV Codec
Copyright: www.helixcommunity.org
Original file name:
MD5: f4d500d9adc17058f2a8c31f01fde592

C:\WINDOWS\system32\x.264.exe -- Unable to find Resource table header.
MD5: 5fdd7d827c1cc58567367d03d24548ce

---- C:\WINDOWS\system32\yv12vfw.dll ----
Company: www.helixcommunity.org
File Description: Helix YV12 YUV Codec
File Version: R1.02
Product Name: Helix YV12 YUV Codec
Copyright: www.helixcommunity.org
Original file name:
MD5: 7029a7634c8dfa8ee619e79b1b9a378f

((((((((((((((((((((((((((((( snapshot@2008-07-01_16.57.43.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-01 14:40:50 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-02 08:34:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2007-02-15 17:01:04 1,476,992 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-20 16:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-29 11:11 67128]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-24 21:15 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 17:47 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 17:37 217088]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-22 03:08 813912]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-06-30 14:54 368640]
"SoundMan"="SOUNDMAN.EXE" [2002-10-16 12:24 47104 C:\WINDOWS\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-05 14:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
backup=C:\WINDOWS\pss\DSLMON.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
--a------ 2002-12-17 13:28 684032 C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2006-11-12 12:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Tool 3]
--a------ 2004-06-07 11:28 147456 C:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 17:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 05:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2006-12-30 14:50 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 15:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-10-14 17:55 32768 C:\PROGRA~1\Wanadoo\GestMAJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 15:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\nations.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-30 14:54]
S3 musbehco;musbehco;C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp\musbehco.sys []
S3 USB-100;USB 10/100 Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\USBKR100.SYS [2001-06-20 13:39]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl,CMICtrlWnd
MSConfigStartUp-flockbox - C:\Program Files\My Lockbox\flockbox.exe
MSConfigStartUp-= - (no file)

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-02 10:35:42
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-02 10:48:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-02 08:47:57
ComboFix2.txt 2008-07-01 14:59:38

Pre-Run: 40,657,022,976 octets libres
Post-Run: 40,644,775,936 octets libres

289 --- E O F --- 2008-06-26 08:14:47

Citation :

ComboFix 08-06-30.2 - STEPHANE 2008-07-02 10:23:21.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.221 [GMT 2:00]
Endroit: C:\Documents and Settings\STEPHANE\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\STEPHANE\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::
C:\WINDOWS\system32\eaysbeke.dll
C:\WINDOWS\system32\imibnbgn.dll
C:\WINDOWS\system32\jjwjhovs.dll
C:\WINDOWS\system32\lfbtcrdf.dll
C:\WINDOWS\system32\limqdy.dll
C:\WINDOWS\system32\lkbqbhgl.dll
C:\WINDOWS\system32\ogqaow.dll
C:\WINDOWS\system32\qqumai.dll
C:\WINDOWS\system32\wvUmnkHX.dll
C:\WINDOWS\system32\wxwvjidi.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\eaysbeke.dll
C:\WINDOWS\system32\fumghhiy.dll
C:\WINDOWS\system32\imibnbgn.dll
C:\WINDOWS\system32\imjonn.dll
C:\WINDOWS\system32\jjwjhovs.dll
C:\WINDOWS\system32\lfbtcrdf.dll
C:\WINDOWS\system32\limqdy.dll
C:\WINDOWS\system32\lkbqbhgl.dll
C:\WINDOWS\system32\ogqaow.dll
C:\WINDOWS\system32\pmnnkJDW.dll
C:\WINDOWS\system32\qqumai.dll
C:\WINDOWS\system32\rdjwimyw.ini
C:\WINDOWS\system32\vahdhadm.dll
C:\WINDOWS\system32\WDJknnmp.ini
C:\WINDOWS\system32\WDJknnmp.ini2
C:\WINDOWS\system32\wvUmnkHX.dll
C:\WINDOWS\system32\wxwvjidi.dll
C:\WINDOWS\system32\wymiwjdr.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-02 to 2008-07-02 ))))))))))))))))))))))))))))))))))))
.

2008-07-01 18:12 . 2008-07-01 18:12 110,415 --a------ C:\WINDOWS\BM97c2ac4f.xml
2008-07-01 12:27 . 2008-07-01 12:27 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\Malwarebytes
2008-07-01 12:26 . 2008-07-01 12:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-01 12:26 . 2008-07-01 12:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-01 12:26 . 2008-06-28 14:21 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-01 12:26 . 2008-06-28 14:21 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-01 11:43 . 2008-07-01 11:43 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\OD2
2008-07-01 11:37 . 2008-07-01 11:37 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\DivX
2008-07-01 10:51 . 2008-07-01 10:51 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\vlc
2008-07-01 10:39 . 2008-07-01 10:39 <REP> d-------- C:\Documents and Settings\dim.FAM-ROCHEREAU.000\Application Data\BitDefender
2008-06-30 21:36 . 2008-06-30 21:36 <REP> d-------- C:\Documents and Settings\Famille Rochereau\Application Data\Microsoft Games
2008-06-30 20:23 . 2008-06-30 20:23 <REP> d-------- C:\Documents and Settings\Famille Rochereau\Application Data\BitDefender
2008-06-30 19:35 . 2008-07-02 10:33 121 --a------ C:\WINDOWS\bdagent.INI
2008-06-30 17:25 . 2008-07-02 10:40 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-06-30 14:51 . 2008-06-30 14:51 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\BitDefender
2008-06-30 14:47 . 2008-06-30 14:48 <REP> d-------- C:\Program Files\BitDefender
2008-06-30 14:47 . 2008-06-30 16:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-06-30 14:45 . 2008-06-30 14:47 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-06-29 21:28 . 2008-06-29 21:28 <REP> d-------- C:\Program Files\Trend Micro
2008-06-25 21:35 . 2008-06-25 21:35 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\Microsoft Games
2008-06-25 10:35 . 2008-06-25 10:35 <REP> d-------- C:\Program Files\MC2
2008-06-24 19:12 . 2008-06-24 19:15 <REP> d-------- C:\Program Files\VirtualDub
2008-06-13 23:29 . 2008-06-13 23:29 <REP> d-------- C:\Program Files\Apple Software Update
2008-06-13 23:27 . 2008-06-13 23:27 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-06-13 23:27 . 2008-06-13 23:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-11 13:35 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-09 16:29 . 2008-06-09 17:14 <REP> d-------- C:\Documents and Settings\STEPHANE\Application Data\FileZilla
2008-06-08 12:42 . 2008-06-08 12:42 691,545 --a------ C:\WINDOWS\unins000.exe
2008-06-08 12:42 . 2008-06-08 12:42 2,556 --a------ C:\WINDOWS\unins000.dat
2008-06-08 00:56 . 2008-06-13 23:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-08 00:56 . 2008-06-08 00:56 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-01 17:40 --------- d-----w C:\Program Files\Microsoft Games
2008-07-01 16:16 --------- d-----w C:\Program Files\Wanadoo
2008-07-01 15:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-01 15:12 --------- d-----w C:\Program Files\ServerMania
2008-06-30 20:12 --------- d-----w C:\Documents and Settings\Famille Rochereau\Application Data\LimeWire
2008-06-30 19:43 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-30 19:43 --------- d-----w C:\Program Files\Call of Duty
2008-06-30 12:54 86,792 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-06-30 09:16 52,436 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-06-30 07:43 --------- d-----w C:\Program Files\Virtools Web Player 2.5
2008-06-29 18:34 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\LimeWire
2008-06-29 11:33 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-26 08:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 21:39 --------- d-----w C:\Documents and Settings\STEPHANE\Application Data\Apple Computer
2008-06-13 21:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-13 21:34 --------- d-----w C:\Program Files\QuickTime
2008-06-08 10:47 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-07 21:21 --------- d-----w C:\Program Files\ElcomSoft
2008-05-24 12:11 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2008-05-24 12:10 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2008-05-23 18:51 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-05-22 17:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-14 01:29 41,296 ----a-w C:\WINDOWS\system32\xfcodec.dll
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-06 14:42 --------- d-----w C:\Program Files\TmNationsForever
2008-05-03 11:40 --------- d-----w C:\Program Files\RegCleaner
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 15:23 46,016 ----a-w C:\Documents and Settings\STEPHANE\Application Data\GDIPFONTCACHEV1.DAT
2008-04-01 17:52 22,328 ----a-w C:\Documents and Settings\STEPHANE\Application Data\PnkBstrK.sys
2007-06-10 15:21 43,656 ----a-w C:\Documents and Settings\Famille Rochereau\Application Data\GDIPFONTCACHEV1.DAT
2006-03-11 17:40 41,792 ----a-w C:\Documents and Settings\DIM\Application Data\GDIPFONTCACHEV1.DAT
2007-01-28 16:23 61 --sh--w C:\WINDOWS\cnerolf.dat
2005-05-13 15:12 217,073 -csha-r C:\WINDOWS\meta4.exe
2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\meta4.exe -- Unable to find Resource table header.
MD5: fce9e5f5c7ce6d7b1ec49b5ce07070c9

C:\WINDOWS\system32\AVSredirect.dll -- Unable to find Resource table header.
MD5: 39854962ade636403358ab8a2edeab6b

---- C:\WINDOWS\system32\cygwin1.dll ----
Company: Red Hat
File Description: Cygwin© POSIX Emulation DLL
File Version: 1.5.17
Product Name: Cygwin
Copyright: Copyright ¸ Red Hat, Inc. 1996-2003
Original file name: cygwin1.dll
MD5: e9a608e98d262da816e80b7293f8acc8

C:\WINDOWS\system32\cygz.dll -- Unable to find Resource table header.
MD5: 82653b1caaac9e4501c1f7548c063561

---- C:\WINDOWS\system32\i420vfw.dll ----
Company: www.helixcommunity.org
File Description: Helix I420 YUV Codec
File Version: R1.02
Product Name: Helix I420 YUV Codec
Copyright: www.helixcommunity.org
Original file name:
MD5: f4d500d9adc17058f2a8c31f01fde592

C:\WINDOWS\system32\x.264.exe -- Unable to find Resource table header.
MD5: 5fdd7d827c1cc58567367d03d24548ce

---- C:\WINDOWS\system32\yv12vfw.dll ----
Company: www.helixcommunity.org
File Description: Helix YV12 YUV Codec
File Version: R1.02
Product Name: Helix YV12 YUV Codec
Copyright: www.helixcommunity.org
Original file name:
MD5: 7029a7634c8dfa8ee619e79b1b9a378f

((((((((((((((((((((((((((((( snapshot@2008-07-01_16.57.43.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-01 14:40:50 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-02 08:34:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2007-02-15 17:01:04 1,476,992 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-20 16:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-29 11:11 67128]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-24 21:15 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-18 17:47 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-18 17:37 217088]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-22 03:08 813912]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-06-30 14:54 368640]
"SoundMan"="SOUNDMAN.EXE" [2002-10-16 12:24 47104 C:\WINDOWS\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-05 14:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
backup=C:\WINDOWS\pss\DSLMON.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
--a------ 2002-12-17 13:28 684032 C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-05 14:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2006-11-12 12:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Tool 3]
--a------ 2004-06-07 11:28 147456 C:\PROGRA~1\ALCATE~1\DESKTO~1\DesktopTool.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 17:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-01-28 11:43 2097488 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 05:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2006-12-30 14:50 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 15:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-10-14 17:55 32768 C:\PROGRA~1\Wanadoo\GestMAJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 15:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\nations.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-30 14:54]
S3 musbehco;musbehco;C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp\musbehco.sys []
S3 USB-100;USB 10/100 Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\USBKR100.SYS [2001-06-20 13:39]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl,CMICtrlWnd
MSConfigStartUp-flockbox - C:\Program Files\My Lockbox\flockbox.exe
MSConfigStartUp-= - (no file)

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-02 10:35:42
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bdfsfltr]
"ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-02 10:48:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-02 08:47:57
ComboFix2.txt 2008-07-01 14:59:38

Pre-Run: 40,657,022,976 octets libres
Post-Run: 40,644,775,936 octets libres

289 --- E O F --- 2008-06-26 08:14:47

Citation :

/Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:10, on 02/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/ [...] loader.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 2160294500
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (OD2 Music Manager) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 11092 bytes

Message édité par geloblackeagle le 02-07-2008 à 10:57:06

Répondre à geloblackeagle

Re,

Oui, ça me semble bon :super:

Supprime le fichier en gras suivant :

C:\WINDOWS\BM97c2ac4f.xml

Ta console JAVA n'est pas à jour. Désinstalle ta console Java via Ajout/Suppression de programmes. Puis installe la dernière version :
http://www.java.com/fr/download/manual.jsp

Poste-moi un nouveau rapport HijackThis.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:36:29, on 03/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/haphazard/ [...] loader.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ [...] /setup.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 2160294500
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (OD2 Music Manager) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 11073 bytes

Répondre à geloblackeagle

Re,

1) Suis ces étapes pour désinstaller proprement combofix et les tools que nous avons utilisés pendant la désinfection

Menu démarrer puis exécuter
Tape maintenant Combofix /u dans la fenêtre que apparaît puis valide par OK. Veille à bien laisser un espace entre le X et le /U, car cela est nécessaire ici.

2) Télécharge ToolsCleaner2 (de A.Rothstein)

Installe le sur ton Bureau.
Clique sur Recherche pour lancer le scan.
Clique sur Supprimer pour nettoyer les outils utilisés.
Clique sur Quitter.
Poste ce rapport ~>C:\TCleaner.txt<~

3) Télécharge Ccleaner sur ton Bureau.

Clique sur "download the latest version"
Installe-le en laissant seulement les options suivantes cochées :

- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

Lance le Nettoyage
Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

Aide : Comment utiliser CCleaner.

4) Désactive-réactive la restauration système.

5)

Fais un scan en ligne Kaspersky avec Internet Explorer :
Clique sur
Clique maintenant sur J'accepte.
Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
Patiente pendant l'installation des Mises à jour.
Choisis par la suite l'analyse du Poste de travail
Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

KASPERSKY ON-LINE SCANNER REPORT
Friday, July 04, 2008 5:12:22 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 4/07/2008
Enregistrements dans la base antivirus Kaspersky : 813772
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
Statistiques de l'analyse
Total d'objets analysés 197941
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 05:03:24

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys\1030de89f270195749460911e134814a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys\62090752cd9a6ce4d1c0c08257364970_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\001b112871e46d1cbca1e90ba93a25b6_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00351659b4156614d119525f4fad2810_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00e72b8f3308b81b91b9c0b3fe7ee858_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0155f9aef3056002a1870f905d18df22_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\02142bbcb6d4416820eb4d16c8686336_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\025b067680073f6dc4af352c651c984e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\02bbaaa46df0afaf941642cceea9f599_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\039af8975bfb9a77dcf4bc78d9e36920_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\05020be2b90126586a6fab12d8bd3883_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\066e304b70e3c85255a064305e32cb67_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\068b4cfdc0b34092a6f5860ac3cda932_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\078ac3c86c9d7204ed5134af151958d7_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0890b0b5de7fde0ceab7134eabbc81c5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\08ed752589cca51a9e4193386ccb38b6_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\093492eaa97e0629596746929ab830e5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\095e40b7d5502a13ee99729298dc4b29_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0960a69214375fccacad0040044a8051_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0a03788fece976df3f8e7fce4e0659ed_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0aff6c17323478f70cda9f4356a2fcb4_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0b890301de4f7313557ab3a85f3f058d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0bbd41b66d9c96d606a94a2f8eedc7a5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0c0bd94c28ff19ed4cf5af78720dfb4d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0d4f8e67a57a3fe2ba7b4b7e33e01a0f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e2d11e26892af25119fadf6e7326510_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e73479baebcc9329fbec50cb350b29a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0e948a9f65586ae6d21cfd79141c2536_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\100a6b8385d808452fcca1adf21d0690_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\102995b29130cf41c79080cf366690ec_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1031b66e88b6506037a70ae216be17ee_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\11d5105238a2dd1075150ab65162d00b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\133b8e3951d03a6059db70b2687cc01a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\13c980031741e75574acb10fc07f0715_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\13d43d8c7a75e7045e0a0a0817505c64_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\13e58a8a478a4f357015812f8bf0b475_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\153334c5fff5457fa33661596dc8422c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16a455f842d5b1f06be4733005abb452_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\16e71ed6830509d184e1dc25ef39ea34_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\170a20b9feaccdb5821516bf108d59fa_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\172c642df954a05eec4f03dcbb72aa7c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1830947f71116d2f370512e473598907_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\18961d8bdef3be4223d5836e7abd85f0_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1913f0f408c08c12991af2a710fefb0a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\196ec4444cbb62161d68f9977b936e8a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\19ae6da1934845937a157101f42e1520_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a4e9c236337cb59e55f8936a9cfb3ea_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a6ea2c98c44279e2a76df9eb69b3c94_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b0c5b1b49cbdec8981e70e1fbcceb0b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b342e2efedd7fdd2b996140918d5500_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1cd74213587348849f85cf2cc881fbb6_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d4a7a4138ceacb51345056c0fd327a6_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d5606e0b3b8a8e974a20a1ea4fd406b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d57af51e7973b69aad032bab0130831_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d8dc7d19bacfb91a379290c61bb68d1_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1d9e5e0d81bbe3375e9b7940f10dc116_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1db84e409d0a29f86831d06fa3d17d7b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1dce4181aec46647bef49e05f59e0781_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1df13992a2d07869d16477be144a6453_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e131f60f7591b13d7da2afa04450a50_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e4769dbe198ddc5d546ec09fa3b4136_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e737d3f430934f3e82736e2f05db71b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e9c8581d2a5d0af9aeb54b49bd43a97_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1f47e889e5d58fb127778c4c0a668f22_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1ff2d7c3ba301248931638d9d7335c64_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20400250b6ceaae9fa03bf5112a4a262_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\210131b07fc7c1a599071a5f3ab20f2a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\222af20ce2678c00169a8d06ba7be1c4_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\225f00952ac1557b28bf362d4728ee85_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\23ecca3c5023016dd5ea0fc482d79b52_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\240b069e13aa7354ee012daff083a653_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\25f64b03eea6906d0b5912eced87af8f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\26b34c3c1a9740f35bfc1f1783a24ca3_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\270626c741b65a7be267d6240197b12f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\27b1c835dcb1278eedda4d312725533e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\27b34380c2db5445311742596935bfef_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\286ac226c88ca53af7c76594003bcfc4_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\28c73ceb7ca3e2d7a86975655f805102_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\29263ca66623225d70bc25f992e13836_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\292a2e455e08cdb18ce6b99d3a1a0110_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2952c79b6f26a96154dd3a47bd074e17_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\298d00f7f6c85c9b45fe5550ef80bac8_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2a0d423bed3702bf9075a791edd84945_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2bd6930203eec1c75b5c7a21421f97c5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2c337927d518beee8f9e601e7225eb53_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ccee1fb0946a5bf2aa93fc161067094_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d7029f82ee4d4f1d571c5bf69ff2730_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2e146e9766cf2113cc0231822d481441_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2e54ad25bffe789ae2f57bb2604d3a25_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2eef30fc7bd6af1431fea36e4e2ed713_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2f6c39f0d440da7e9179d8c7bc93c644_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2f9d4593e20001b62d95a2486cf54fad_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ffd9334de69e8e5e6ca8977834e4e16_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30104ac35082136ba7dee05a8812987c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\30fbca8c3aad7df4154b99a73c900a3d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\31c3814fb30178fd4eb26f409cf54688_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\32ba0640dc53f9a207acb5529b854fe9_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\333ec95b3eb1809e6fac2cbf731e186c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\339e8504c52f34ea12792fdeef1e7ebc_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\33da404a9ad2e62ec1972d8093c9b8b3_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\344fb23f19899c05da8ec854965eb7c7_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\34c461489b4e8b0b79006a3d01d3f3ac_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\367621d01e8a0ca0dff09f30bf1b7c58_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\38bc29f153cfcb2aa0142497cc92fdb2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\38e5d5d1e0482973902d5eeaff14e098_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3910e2c0531896cfc966e74ac4331d78_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3aedae8254664f79794b9665462e037a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b1f4078c3b1c2cb4966c3b6cf66b45f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b28331d0bea1f3121bc5588f7725027_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b3b073e38d247740c0c391303a223b7_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b3eb6b621289e6b7dfeafc9a6bf61d2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b48e0769068e15cb2d92b10ebbe239b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3bcd12d3e359604735409c928cc85c5b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3be10ea29994d3fe0671882352c0c08a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d195aee54ec7614cd19ef5963ba148d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3d28b45b034d4304bb4ed00045af0d14_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3dff7b9cd319ba35eefca9dd32856d6a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f03e800ba5734189d29ba1bb1d3edff_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\404860833724a7fe600fb6fb428a4beb_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\40be477cf9cd39bd72d05fb9a3608148_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\40d50b228fb719262548593bc1820821_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41d20e402945999d6d63474f1d57843c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41e01f1f4abec9595a95e7f0843d7996_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\43c6c64ee75630123a6b8f7464584d55_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\44ad6e08234e1855eeb0619b0dd4f3e0_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\45048f1bbc2b68d367d11f90a9b92233_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4616af9769b93289549e011cc8f2a481_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\46530e309c6c0058af12a76e4d35d0d8_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\467c679a91beab38685d67ea35db1209_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4693bd55afc469f4ca69816c9be2e22a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\46bff87d66a075c418a87c8bfff844fe_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\46caa7a7a6f7102f47d85ae7f34ada3d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\46f0af5a7f5f50ff25a4533214791b3d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4768c45670e13f7e77976a5585cf560e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4946e9e617151ba7661d0b805a8a2124_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\497e55724dd5f3efd8ddf9525d72b04c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49b770ff168c8bd301008ce15621a36a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49dccad91170a835517c19ce7f9574d5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49e5a4b818c350c09fea27f962d9bd84_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4a96513cbe43cb543b14a9feafb87543_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4aed48c5a11698b4902d22da49911c16_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4b08866b1b32eba15c6b91a3206d03a9_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4e650ae793a770ec020cd1f1a4c9150e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4ef66bde1adbcfe78d67d99f2e6870d0_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f281966ebc7caad275abca75b0076b3_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f305c02643a73d968ffa4634abc4df1_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f726850f9baf39de966cc99d970e4bf_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4fcdeaf99856a46809d0e5c50cf10261_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\500a28d2bce4b83f931ef496e7d74531_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\51f1a1b766850baab54e28bb39f78a6f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5219647f20ad1627b9ab35c300d70322_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\522b324111784d5fc3923cbfd8f9bdf5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52574b1a3660420ca2b3569a14a8ee7e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52971a47e2a8136c6a0276bac9bdb92c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\52ecc20fae8feb0554b65afeacd961ce_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\532a5b14b71d541a2c1ae98ea51cf573_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\538025b3ad962fa71d459817cdeec332_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\53ab3858c4a60975fc3bfdd54b2df306_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\54c3df859055340534bd621c5b2407f8_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\556c7b88029097e6885efbafa840c7ea_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\558a949376d58b67cd71487acc34df03_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5613fc95e4547caf8f89d8ce9490e172_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\57b7b3d74d0ce9781a8f9090f871bfd3_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\57ded535f94e8f356a2cd3ac7ebcd20f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\583036591edd0ee436332ffae24d6b79_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\586672eb6d5d9e03d880c4c78dd61e41_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\59b5a8c43a504773fc5fada9de70bd1f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5bb5865ffe47993c62fb7c7591df1dc6_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5cb373dff9d00188987e34578fb3e7b7_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ccc5a46a9c7ecf0ee821c757571f499_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5d78a99137004ebaba3fa4ff4dc6b1ae_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5dac49697c33acb24bb9c7815ca81e55_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e8c2fbb4e28a313e60ac0a075cd87e2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ec51c9e75a413998fc475eaaa936cd2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5ecdc89571d5bda6ec7b06d9fe47319a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5f19c301dc0289bc58995e6d236be89c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5f3d327a2a43ddd0559e6e1f1d1d8ec7_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\602ce7bf26de7df9be729a0b3bb19470_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6218815540fdfb6b024a0c97aec2487f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\62e1aa76bf8d5d3135881e703cd40a94_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\634b52d37b2207590e3816e7f05b7596_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6366d608c303aa5e67b6d4174c204079_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\63eb40a6f3b21149c23fdeaa8e410405_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\64bb2482da52e6ec794928a2dda66982_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\656d19258716f177a7c73cd83c02ad39_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6590e84f9190daea5863d33f8e8c19f7_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\66eca1a23225819a615f1c4cb9e664af_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6759e86a43aa1b09298c5ecc7416c3fc_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\68db528cb94053aebd5eece46f7dd770_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\68db6adce2991549a42e2cd9b0ba1143_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\69bd8cae150c29891ac46f9a372d90e0_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\69dd2d548f7d97bf0d2edd741dab0c4a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6aaaf6e5e953fd159d653eaf519455ce_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6abc1f6662e8426f33bca15b3a078957_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ca40d9bf56acfa8334372055d503c10_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6d60b5fd50dd80df9e925131d1846a50_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ef1ec5387decb784e113a0c13d0f4ec_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6ef56d3c2587ac9c0cddb9e6fb279226_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f57036a796bbf3f631b1bf1ec9ae2a8_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f6a50b746ce9049f00784c7e809b1ce_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6f823d1c4376e2fcf3f265b969df942e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6fd0873c2e2ca7391e9f155e4e26d761_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\701cad0881a474da8184a07841ac67bf_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7192b915937fa059e70f121ca6193a14_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\71c656e59c5da753378501e558077d29_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\723233ceb9a03fad531fa4014b21a0bb_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\72447db9c200240ac77a23317b1db52a_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7248584b2d695edcd2c5cb5244117128_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\72487ecf6a75dc3dd586fd8487e1bd8b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7294b358a0740031daa4ed1d096032a7_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\72dc217c8bd9f353a02b6212df382920_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\72f545a98caf3651c9c0a504435a94c5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\74670a76d06eb3310367c9c463d1a6da_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\74e0d4db4b0d6965aa07074c86f8fbea_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\75c2734ad106998203c5e821fa3b952d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\771a998fea7e5e754ec1aef80030900b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\777682c1aac78d5d7d09d53f7d88e17e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\77f4fe34a5d45ae61053fe9cb919d404_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\78586962b134855052991cd50bc5f3f5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7927450ab2915215ee8c3d3583a06b15_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79c8181b14ae7318b35ad82c1451df45_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79d277bbf86719a50f4e6bdbb5bf80fd_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\79ff2aca36222ccf23115b1820137581_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7a3252042fa8ed116a26c3c0d41eeba4_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7bdc2ce16554106f91f6902132425861_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7de7cf16cd667d28d8c7a80ada231847_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7e613955482f95f8b3c55675160fbc81_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8016b1e4863ec67d3293c9cdd8b6d1f9_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\82743b9ad47ef581e5fbc86a96769610_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8338834d4403099d67e3ce194a15fdc8_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\834d679fc7d556794557abf9ca4605f1_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\83d32f4ea6e7e7b928d50a65292d580e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\83e4a716aa4d94a2de42f2818d10a5b1_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\83ec843cbf55c8789548e0bd1d94be27_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\84087e37566413d8f2fcff4cbfb064fd_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\85589880d1a18a1ba67d54ddfcac4083_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\85880b7dceda02481714088a1cf7fd40_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\85e147ac8ec269494ff8c8e8131790d0_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\869139053e89eba0e9f9dfdce1636c1e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\86a5bf6fa6da66ad6135715f6711d24e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\86c1bc32c924a8e4b45d21781675d222_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8769c0b9134e94e7ecefaa14072201b6_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\87866aafd7e134735aa52526627204dd_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\87ec5a245d871d950e5c6023a1f22f06_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\889747608a6a93970cc42009d30bf785_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ef465bb98ab3ba8409f4ae846b38ac_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\893ff688130a86c7d9a86c296a79446c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a03487fedfb669fa50c6809deefe534_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a39041d37ac211be927abcd9cefd2ee_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a4c66b605d84f1f4680d68b143df9e2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8ae87347fd4cbbc3d9aad5f9d85718d6_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8b0ed5348d7b165d45fd6c3f4883d33b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8b92d82bcd509a5531e758251cbcb69c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8c176699d5e4ca012290e22e36dd6e57_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8c2c4495e78dd7872ba85c84c824c795_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8d4e23a941b447d60a57ef553696c855_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8d839d0285fc6c6ead5b36866d7b42a8_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8da4222b92fb7aed4f5e7e0aaba3cb1e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e015010d85ac8ef8e3d3fc597837682_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e42a1b3e48120f5cbfc255e6a61b592_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8f00387bc7b7aaac11049f7d7f8739f2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8fb15e4970a73949c69bb609c3e4254c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8fe36b50b8cced06db3c7c7883daa0d0_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8ff985526dec56aadd64797c431fea4e_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9033f1855fad7cd45d683916804fab70_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\921afd32b06c883e2ffffa89b8e2ff7b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\928aa0d14ab2829509864cf60f5565eb_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9295d8d05109dc9ddad181201a084c61_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\92d55e4965bf3ed2650d22a4b9b959f2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\92dc1cdfd01a03a7820950b4ac872cc5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93c6e67dde87f92217947f6e84cee2d5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93d920a5d511c9d758592cc98ae29d68_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\93fd7b80ae91abd280ca8ca4c586107c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\942ca626e89eb31b15f361e80a504e41_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94cc9807d483b663650492068c816f09_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\95a7461e589c9cea39e20d251cfeee88_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\95b226447e2df6b7cf78551c792ffdfb_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\95d63debee1e69670b09a595f007a8b7_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9610ec906ebace7bfeef4a2dfaa88485_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9684e2301ebb06cdf587c13966683df3_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\96d55a47810a415cd21c697ffd715586_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\977ae557e3c239788a9fe95c49447c90_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97a6e32f964f9d71aac25533e50b697f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97e1f6c471953a1c8964ec6cfc310b1d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\97ec7e7c6a615b3e580cde7865eadeda_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\981a828721c9aa72a32870a4b62173b8_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9866db727b2107fb8eaa24f26176a91b_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9909a4933c962d3d2d6e8c3667b8c591_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9958033d6666bc97e50294493bd20d99_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\996af0ffbf4ef3c4bf73bd08a4eba515_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9994572cdb1941d1aff42114eba29b88_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\99ed3111ec0f8cfd656def7cea51ff05_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a544568aaa3df31cc62d06cebc365ee_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a6a2a87c7cf2fdf5f2f0b483427080d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ad68ac80de50d3bec9284579aea3888_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9b97acd55c92c5395a92b412abe45bd3_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ba449a00107467715ac2cff24f58e90_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9d53b6d4105cc5cfa554bc9899551b98_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9ea73435f29f626f395832b931e12acf_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9eb8f660693468ee0fad0c47d6d68690_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9f683f787dfca3b8062a54c4bef0ca60_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9fb0c8ea0a5b01a9c08476e4c5888e75_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0749ded450151fad318603551653ed2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0c235f7f7bd486a915cb1288aedf83c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a12f04f6d24a645dc5239505f207f736_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a1e18ceb1ffaf2bbd34f4e4da45f16d2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a2876229ce9c5c3184d9b7afd854b123_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a291b98b3d0f3d09460c24dbb523b658_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a2b50e2846d7f1ac06c5fd67ad956e19_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a382ba631031aef71b958050315acf2d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3cc2348aa4dee3c793507ec293a71ad_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a40fa5263f72b7bead42ee71f0c235e6_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a45dc1511f985554e8028f5385cd3641_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a4e0d406baed63193bdd11513640eda5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a505b12c5009a80167092edc15bf2da5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a56d9b2fac6111b0502ff4fcc637a6c9_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a64ec67c4a725fcd407f6b6075a516c9_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a6d6c2e432e64fe2537efbfe02f07439_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a712474b608e51662e11f6d3bf8d4ab2_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a78878fea323d2bc59cd426618628034_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a7c842d0e357495bdcea528a71e6b4d9_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a806e6ffe3c3c48d47a24d4cb7446d50_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a8d6d2cc2e4f5f7bb6fa4e81198abaf0_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a9e984cafe768e72b72cc82c0f7868a1_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa60a9c11d93599fd4367b8898723f42_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aabbce19ce72b15efc661f20c176031d_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ab18077364e11ab4489c208c51125016_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ab34fdce8615453ed1251559156d1f10_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\abaace015702f6f409e94caa673e8c7f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\abc640a63fdf83ed4d504b0ad8501503_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ac70416cf9017631a9faf23b7bf3622c_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ac8248385c31428801b5eee9a4c3390f_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad23a5efd2a633836583df3b84cc6348_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad4403f6fcc40c6b3cd3430ab11cddd5_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad9124649744fb413a1b514ac85168b9_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ae0c6a474948f7895a9cb5673eefa7eb_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aeba0564ceecaa22732a186594574570_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\af561abb9f854b1356210ca7f9d12984_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b0015246eb19b7acf6181d292bc7e0be_1c020e42-c4aa-4fc3-b771-49fb6bf09c0b L'objet est verrouillé ignoré
C:\

Répondre à geloblackeagle

infection suite à keygen..

Forum Sécurité - Virus : infection suite à keygen..

Attention