Sujet Précédent Sujet Suivant

Petit probleme avec virtumonde-bd

laudela38 Messages postés 56 Statut Membre -  
raleuboleu Messages postés 5028 Statut Membre -
Bonsoir a toute la communautee,

Je me trouve actuellement aux Philippines et j utilise le portable du cousin de mon epouse.
Chaque fois que jutilise celui-ci, avast me signale qu il est infecte par un trojan nomme virtumonde.
Aussi je lui ai dis que la caummunaute des utilisateurs de windows pouvait l aider.
Malheureusement il ne jure que par son antivirus...
quelqu un pourait-il m aider a lui demontrer le contraire?
je vous joind un scan hijackthis au cas ou....
merci encore, je sais que par le passe vous m avez ete d une grande utilite!!!
Bonne nuit
Laurent.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2:09:24 AM, on 7/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\cuyugan\Desktop\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2320104D-BFB4-446A-B6CF-9943560A418B} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {709AFF26-6BB0-4AD3-A3A3-1286592465D6} - C:\WINDOWS\system32\vtuuusq.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\system32\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O20 - Winlogon Notify: jkkjh - C:\WINDOWS\
O20 - Winlogon Notify: vtuuusq - C:\WINDOWS\SYSTEM32\vtuuusq.dll
O20 - Winlogon Notify: wineij32 - wineij32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: boob - {01b55afa-f451-474b-9e91-c35b24d02641} - (no file)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE

27 réponses

Précédent
  • 1
  • 2
Réponse 21 / 27
raleuboleu Messages postés 5028 Statut Membre 79
 
mdr

je sais que tu es de finlande!!! moi ben c moi mdrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr simple loool

mais zut tu m l'anbonima ou euhhhhhhhhhhhhhhhhhhhhhh c fé expres ouuuuuuuuuuuuuuuuuuuuuuuuuuuu tu ve memerderder ptdr!!! moi c simple !!!!!!mdr
0
Réponse 22 / 27
laudela38 Messages postés 56 Statut Membre 1
 
Merci pour vos instructions
Voici les logs generes par tout vos petits outils :

HIJACKTHIS :

Logfile of HijackThis v1.99.1
Scan saved at 12:58:31 PM, on 7/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Hijackthis Version Française\hijackthis vf.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: jkkjh - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE (file missing)
--------------------------------------------------------------------------------------------------------------------------

SDFIX :

SDFix: Version 1.91

Run by cuyugan on Sun 07/15/2007 at 12:46 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\DOCUME~1\cuyugan\Desktop\sdfix

Safe Mode:
Checking Services:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\UTSCSI.EXE - Deleted
C:\WINDOWS\system32\crss.exe - Deleted

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"D:\\PC SOFTWARE\\utorrent.exe"="D:\\PC SOFTWARE\\utorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Orbitdownloader\\orbitnet.exe"="C:\\Program Files\\Orbitdownloader\\orbitnet.exe:*:Enabled:P2P service of Orbit Downloader"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Enabled:Sunbelt Firewall GUI"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files:
---------------

Backups Folder: - C:\DOCUME~1\cuyugan\Desktop\sdfix\backups\backups.zip

Files with Hidden Attributes:

C:\Documents and Settings\cuyugan\Local Settings\Application Data\Microsoft\Messenger\meekee76@hotmail.com\Sharing Folders\vinali@free.fr\Thumbs.db
C:\WINDOWS\Temp\_ISTMPI.DIR\mmc32.exe
C:\WINDOWS\system32\aybeg.tmp
C:\WINDOWS\system32\ovsaepfp.tmp
C:\WINDOWS\system32\sbtkfugm.tmp

Finished
-------------------------------------------------------------------------------------------------------------------------

COMBOFIX :

"cuyugan" - 2007-07-15 13:02:29 - ComboFix 07-07-14.6 - Service Pack 2 NTFS

(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\aafxfwkv.exe
C:\WINDOWS\system32\cmciincg.exe
C:\WINDOWS\system32\hgkmvlrm.exe
C:\WINDOWS\system32\kfgdjqac.exe
C:\WINDOWS\system32\ldvlutte.exe
C:\WINDOWS\system32\lmkbwqjh.exe
C:\WINDOWS\system32\lovhqidg.exe
C:\WINDOWS\system32\qwylvkhk.exe
C:\WINDOWS\system32\ujqfdbip.exe
C:\WINDOWS\system32\vlcypdir.exe
C:\WINDOWS\system32\vqxavmym.exe
C:\WINDOWS\system32\vxuyjhaq.exe
C:\WINDOWS\system32\yilpuugd.exe

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\DOCUME~1\cuyugan\Desktop.\internet explorer.lnk
C:\WINDOWS\system32\dnscon70.dll
C:\WINDOWS\system32\drivers\sfsync02.sys
C:\WINDOWS\system32\mstcpcon20.dll
C:\WINDOWS\system32\netmanage.dll
C:\WINDOWS\system32\netused.dll
C:\WINDOWS\system32\sr1000r.dll
C:\WINDOWS\temp\_istmpi.dir
C:\WINDOWS\temp\_istmpi.dir\mmc32.exe

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

-------\LEGACY_DNSCON
-------\LEGACY_NETMANAGER
-------\LEGACY_SFSYNC02
-------\dnscon
-------\NetManager
-------\sfsync02

((((((((((((((((((((((((( Files Created from 2007-06-15 to 2007-07-15 )))))))))))))))))))))))))))))))

2007-07-15 13:04 0 --a------ C:\WINDOWS\system32\sfsync02.dll
2007-07-15 13:01 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-15 12:45 <DIR> d-------- C:\WINDOWS\ERUNT
2007-07-15 12:33 146,432 --a------ C:\regedit.exe
2007-07-15 11:09 <DIR> d-------- C:\VundoFix Backups
2007-07-13 05:16 <DIR> d-------- C:\Program Files\ToniArts
2007-07-13 04:57 <DIR> d-------- C:\Program Files\RegCleaner
2007-07-13 03:31 <DIR> d-------- C:\Program Files\Sunbelt Software
2007-07-13 02:50 <DIR> d-------- C:\Hijackthis Version Fran‡aise
2007-07-13 02:48 <DIR> d-------- C:\hijacakthis
2007-07-12 22:01 <DIR> d-------- C:\WINDOWS\pss
2007-07-12 21:53 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-07-11 19:20 73,728 --a------ C:\WINDOWS\system32\vsnp2std.dll
2007-07-11 19:20 61,440 --a------ C:\WINDOWS\system32\csnp2std.dll
2007-07-11 19:20 40,960 --a------ C:\WINDOWS\system32\SNCTRL.exe
2007-07-11 19:20 339,968 --a------ C:\WINDOWS\vsnp2std.exe
2007-07-11 19:20 24,832 --a------ C:\WINDOWS\system32\drivers\sncamd.sys
2007-07-11 19:20 20,480 --a------ C:\WINDOWS\usnp2std.exe
2007-07-11 19:20 126,976 --a------ C:\WINDOWS\system32\tsnp2std.exe
2007-07-11 19:20 122,880 --a------ C:\WINDOWS\system32\rsnp2std.dll
2007-07-11 19:20 10,446,592 --a------ C:\WINDOWS\system32\drivers\snp2sxp.sys
2007-07-11 19:20 <DIR> d-------- C:\Program Files\Common Files\snp2std
2007-07-11 02:24 <DIR> d-------- C:\Program Files\a-squared Free
2007-07-11 02:08 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2007-07-10 20:30 <DIR> d-------- C:\unzipped
2007-07-10 14:55 <DIR> d-------- C:\DOCUME~1\cuyugan\Contacts
2007-07-10 14:49 <DIR> d-------- C:\Program Files\MSN Messenger
2007-07-07 00:15 <DIR> d-------- C:\DOCUME~1\cuyugan\APPLIC~1\Help
2007-07-07 00:13 <DIR> d-------- C:\Program Files\IrfanView
2007-07-06 22:09 <DIR> d-------- C:\Program Files\CCleaner
2007-07-03 13:09 934,810 ---hs---- C:\WINDOWS\system32\aybeg.bak2
2007-07-03 03:41 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-03 03:41 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-02 13:09 932,126 ---hs---- C:\WINDOWS\system32\aybeg.bak1
2007-07-01 13:51 999,927 ---hs---- C:\WINDOWS\system32\ghswinjh.ini2
2007-06-30 16:19 1,156 --a------ C:\WINDOWS\mozver.dat
2007-06-28 19:58 932,291 ---hs---- C:\WINDOWS\system32\aybeg.ini2
2007-06-28 11:40 405 ---hs---- C:\WINDOWS\system32\sbtkfugm.ini2
2007-06-28 03:03 0 --a------ C:\WINDOWS\nsreg.dat
2007-06-27 18:00 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-06-25 17:04 <DIR> d-------- C:\Program Files\RegSeeker
2007-06-23 15:06 936,853 ---hs---- C:\WINDOWS\system32\hjkkj.bak2

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-15 04:52:04 9,811 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2007-07-14 12:48:02 -------- d-----w C:\DOCUME~1\cuyugan\APPLIC~1\uTorrent
2007-07-12 21:16:15 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-12 21:04:45 -------- d--h--r C:\DOCUME~1\cuyugan\APPLIC~1\yahoo!
2007-07-12 21:03:41 -------- d-----w C:\Program Files\Yahoo!
2007-07-10 17:37:23 -------- d-----w C:\DOCUME~1\cuyugan\APPLIC~1\Orbit
2007-07-10 17:36:27 -------- d-----w C:\Program Files\Orbitdownloader
2007-07-10 13:49:53 -------- d-----w C:\Program Files\DivX
2007-07-09 17:14:31 -------- d-----w C:\Program Files\Apple Software Update
2007-06-23 09:34:39 -------- d-----w C:\DOCUME~1\cuyugan\APPLIC~1\PLAux
2007-06-19 18:33:11 -------- d-----w C:\Program Files\iTunes
2007-06-19 18:32:28 -------- d-----w C:\Program Files\iPod
2007-06-05 12:15:23 -------- d-----w C:\Program Files\Springhouse
2007-05-25 16:43:59 -------- d-----w C:\DOCUME~1\cuyugan\APPLIC~1\Nokia
2007-05-24 10:52:17 -------- d-----w C:\Program Files\Nokia
2007-05-24 02:21:57 -------- d-----w C:\Program Files\QuickTime
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 14:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 14:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 14:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 14:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 14:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 14:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 14:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 14:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-16 14:43:40 208,248 ----a-w C:\WINDOWS\system32\muweb.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
2007-06-18 13:33 122880 --a------ C:\Program Files\Orbitdownloader\orbitcth.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 01:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 23:42]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 20:00]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=0000000000000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkjh]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0779bb88-7174-11db-af8d-806d6172696f}]
Auto\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
Browser\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1552cf85-1fb5-11dc-b0f0-0016d418f3d9}]
Auto\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
Browser\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c74c63c-7ad6-11db-afd7-0016d418f3d9}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NETSVCS.EXE
é_†™\command- G:\NETSVCS.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c4f2389-302b-11dc-b15d-0016d418f3d9}]
Auto\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
Browser\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b819cb2e-81fd-11db-aff4-0016d418f3d9}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NETSVCS.EXE
é_†™\command- NETSVCS.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0606bf6-ac7a-11db-b070-0016d418f3d9}]
Auto\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
Browser\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0606bf7-ac7a-11db-b070-0016d418f3d9}]
AutoRun\command- H:\USBNB.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5b3d785-8056-11db-afef-0016d418f3d9}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NETSVCS.EXE
é_†™\command- NETSVCS.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2471cb4-2ba1-11dc-b141-0016d418f3d9}]
Auto\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE
Browser\command- G:\RECYCLER\S-1-5-21-1078073611-1993962763-839522115-1003\mmc32.EXE

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-15 13:08:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-15 13:09:56 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-15 13:09

--- E O F ---
--------------------------------------------------------------------------------------------------------------------------

ET ENFIN AVG :

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 2:23:46 PM 7/15/2007

+ Résultat de l'analyse:

D:\PC SOFTWARE\adobe_photoshop_(cs2)_9.0.rar/keygen.exe -> Adware.Virtumonde : Nettoyé.
D:\PC SOFTWARE\adobe_photoshop_(cs2)_9.0.rar/patch.exe -> Downloader.LoadAdv : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\aafxfwkv.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\cmciincg.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\hgkmvlrm.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\kfgdjqac.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ldvlutte.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\lmkbwqjh.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\lovhqidg.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qwylvkhk.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ujqfdbip.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vlcypdir.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vqxavmym.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vxuyjhaq.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\yilpuugd.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\Documents and Settings\cuyugan\My Documents\all nokia\MobiSystems.MSDict.Viewer.v2.40.S60.SymbianOS.Cracked-SyMPDA.rar/run.exe -> Downloader.Zlob.bbj : Nettoyé.
:mozilla.30:C:\Documents and Settings\cuyugan\Application Data\Mozilla\Firefox\Profiles\6385ueld.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.31:C:\Documents and Settings\cuyugan\Application Data\Mozilla\Firefox\Profiles\6385ueld.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.32:C:\Documents and Settings\cuyugan\Application Data\Mozilla\Firefox\Profiles\6385ueld.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\cuyugan\Cookies\cuyugan@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\cuyugan\Cookies\cuyugan@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\cuyugan\Cookies\cuyugan@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.42:C:\Documents and Settings\cuyugan\Application Data\Mozilla\Firefox\Profiles\6385ueld.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
D:\PC SOFTWARE\adobe_photoshop_(cs2)_9.0.rar/crack.exe -> Trojan.Agent.qt : Nettoyé.

Fin du rapport

Bon, ben, je vous souhaite bon courage !!!!!
Laurent.
0
Réponse 23 / 27
moK´s@ Messages postés 4410 Statut Membre 89
 
salut laudela38

¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage

Cocher afficher les dossiers cacher

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décocher masquer les extensions dont le type est connu
Puis fais «Ok» pour valider les changements.

Et appliquer !

puis rends toi sur ce site et fais analyser les dossier ci dessous:

http://virusscan.jotti.org/de/

C:\WINDOWS\system32\hjkkj.bak2
C:\WINDOWS\system32\sbtkfugm.ini2
C:\WINDOWS\system32\sfsync02.dll
C:\WINDOWS\system32\tsnp2std.exe
C:\WINDOWS\system32\rsnp2std.dll
C:\Program Files\Common Files\snp2std

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\WINDOWS\jkkjh

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
http://img137.imageshack.us/img137/3558/refaitjk8.th.jpg

@+
0
Réponse 24 / 27
raleuboleu Messages postés 5028 Statut Membre 79
 
salut

tu te mok s@ c sure loool

merci a toi ^^
0
moK´s@ Messages postés 4410 Statut Membre 89
 
je me mok´ de ki s@?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 27
raleuboleu Messages postés 5028 Statut Membre 79
 
de lote la tu c!!! la ral ki va dans lbol!!! merde c bidon ca mdrrrrrrrrrrrrrrrrrrrrrrr

bizoux
0
Réponse 26 / 27
moK´s@ Messages postés 4410 Statut Membre 89
 
c´est la goutte ki fait deborder le bol...
0
Réponse 27 / 27
raleuboleu Messages postés 5028 Statut Membre 79
 
mais nannnnnnnnnnnnnnnnnnnnnn la tasse loool

bizoux
0

Discussions similaires

comment lire des bd gratuitement en ligne sur internet ?
theodu13480 -
Ereka -

2 réponses
comment écrire des petits chiffres ?
Elisa-x3 -
Luka_65 -

9 réponses
Dimensions L x l x H : comment lire ces infos ?
Miss-Curieuse -
valou -

8 réponses
[Ecrire Exposant 12] 10² ou 10³ ok mais...
tessai -
rayous -

43 réponses
Lire des bd en ligne
miss-titi -
Ananas1 -

3 réponses