Sujet Précédent Sujet Suivant

Qu'en pensez vous?

Résolu/Fermé
comprendpô - 27 févr. 2008 à 01:02
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 - 27 févr. 2008 à 06:47
Salut à vous noctambulantistes, voici mon rpport du soir

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:01:27, on 27/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\WINDOWS\system32\HPZipm12.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
G:\Program Files\Audio Deck\EnMixCPL.exe
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\Program Files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe
G:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
G:\Program Files\Prodipe\PVE\PVE_GMMode.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
G:\Documents and Settings\Administrateur\Bureau\Clavier+\Clavier.exe
G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\Program Files\Logitech\SetPoint\KEM.exe
G:\Program Files\WinZip\WZQKPICK.EXE
G:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
G:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
G:\Program Files\Mozilla Firefox\firefox.exe
G:\HijackThis\CCM.exe
G:\HijackThis\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcpratique.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0487b2ca-552e-4a7d-9f9d-efb0dd744147} - (no file)
O2 - BHO: (no name) - {1AD7ABE4-84D1-4B80-A939-9D06C0BF5FFA} - (no file)
O2 - BHO: (no name) - {2B4357E9-476F-403A-B1A2-BD9E661CC50C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: (no name) - {5CDE9161-DF09-497E-B741-5D53351DEE80} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {969C29C4-3F0C-4316-B25C-E017AECBDD36} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B2B2F6FE-A746-4BB9-B4E6-FC77827121FF} - (no file)
O2 - BHO: (no name) - {BC46AD90-791B-4DBB-9D8F-0DBC3CF15DE8} - (no file)
O2 - BHO: (no name) - {C75927FD-A8C9-4340-B7A8-CB26DF8A0973} - (no file)
O2 - BHO: (no name) - {C9514C5B-0FFA-42B4-B9A6-06D7227641D2} - (no file)
O2 - BHO: (no name) - {E5772466-85BC-4364-B207-00D588BDAE38} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [EnvyHFCPL] G:\Program Files\Audio Deck\EnMixCPL.exe 1
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] G:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] G:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [FIREBOX] G:\Program Files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe
O4 - HKLM\..\Run: [H2O] G:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [SearchSettings] G:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVP] "G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [PVE] "G:\Program Files\Prodipe\PVE\PVE_GMMode.exe"
O4 - HKLM\..\Run: [Norton Ghost 12.0] "G:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot\TeaTimer.exe
O4 - HKCU\..\Run: [LDM] G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Clavier+] G:\Documents and Settings\Administrateur\Bureau\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MsnMsgr] "G:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: WinZip Quick Pick.lnk = G:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~1\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~1\Spybot\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.pcpratique.net
O20 - Winlogon Notify: !SASWinLogon - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: hggdcby - hggdcby.dll (file missing)
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - G:\WINDOWS\system32\HPZipm12.exe

7 réponses

Réponse 1 / 7
Utilisateur anonyme
27 févr. 2008 à 01:04
Tu as des problèmes?
0
comprendpô
27 févr. 2008 à 01:06
j'essaie de supprimer le trojan virtumonde mais je sais pas s'il est encore la!
0
Réponse 2 / 7
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
27 févr. 2008 à 01:11
Bonsoir comprendspas, Bouddha

En effet, il reste des traces d infection Vundo ici

O20 - Winlogon Notify: hggdcby - hggdcby.dll (file missing)

Qu'as tu fais en solo ?

Il y a aussi d'autres traces :

Télécharge BTFix de bibi26 http://cluster1.easy-hebergement.net/

Dézippe l'archive sur ton Bureau (clic droit/extraire…)

Ouvre le dossier BTFix en double cliquant dessus puis double clique sur
BTFix.exe

Clique sur Rechercher

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse

@ suivre
0
Utilisateur anonyme
27 févr. 2008 à 01:15
Bonsoir comprendspas, Bouddha
================
Tu ne comprends pas quoi?
0
comprendpô
27 févr. 2008 à 01:16
SAlut et merci de ton aide,

BTFix 1.080 (par bibi26) - 27/02/2008 01:13:49 - Analyse
Lancé depuis G:\Documents and Settings\Administrateur\Bureau\BTFix\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés


---> Analyse terminée

ACTIONS : Vundofix (il detecte rien)
combofix
et divers nettoyages et scans (spybot, antisuperspyware, cccleaner, kaspersky en cours)

ComboFix 08-02-25.3 - Administrateur 2008-02-26 23:10:58.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1785 [GMT 1:00]
Endroit: G:\Documents and Settings\Administrateur\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

G:\WINDOWS\system32\gjkkj.ini
G:\WINDOWS\system32\gjkkj.ini2
G:\WINDOWS\system32\qfpqqybp.ini
G:\WINDOWS\system32\sftpqvnm.ini
G:\WINDOWS\system32\svwhnvud.ini
G:\WINDOWS\system32\winsys.exe
G:\WINDOWS\system32\wlktjmeq.ini
G:\WINDOWS\system32\wqskbqbj.ini
G:\WINDOWS\system32\wqskbqbj.ini2

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-26 to 2008-02-26 ))))))))))))))))))))))))))))))))))))
.

2008-02-26 22:07 . 2008-02-26 22:07 54,156 --ah----- G:\WINDOWS\QTFont.qfn
2008-02-26 22:07 . 2008-02-26 22:07 1,409 --a------ G:\WINDOWS\QTFont.for
2008-02-25 22:13 . 2008-02-25 22:13 <REP> d-------- G:\WINDOWS\Sun
2008-02-25 20:17 . 2008-02-25 20:17 234 --a------ G:\WINDOWS\PrnHlpLogConfig.ini
2008-02-24 21:29 . 2008-02-24 21:29 <REP> d-------- G:\VundoFix Backups
2008-02-24 21:19 . 2008-02-24 21:24 <REP> d-------- G:\Program Files\Garmin
2008-02-24 20:26 . 2008-02-24 20:29 <REP> d-a------ G:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-02-24 19:17 . 2008-02-24 19:17 41 ---h----- G:\WINDOWS\dpar0014.dat
2008-02-24 18:59 . 2008-02-24 18:59 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Samsung
2008-02-23 23:06 . 2008-02-23 23:06 <REP> d-------- G:\Program Files\Memory-Map
2008-02-23 20:56 . 2008-02-23 21:14 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\GARMIN
2008-02-23 20:32 . 2008-02-23 20:41 <REP> d-------- G:\Program Files\Macromedia
2008-02-23 20:32 . 2008-02-23 20:37 <REP> d-------- G:\Program Files\Fichiers communs\Macromedia
2008-02-23 18:45 . 2007-03-08 17:18 18,432 --a------ G:\WINDOWS\system32\drivers\grmngen.sys
2008-02-23 18:45 . 2006-02-20 19:25 17,536 --a------ G:\WINDOWS\system32\drivers\grmn0200.sys
2008-02-23 18:45 . 2006-04-11 20:51 16,512 --a------ G:\WINDOWS\system32\drivers\grmn0400.sys
2008-02-23 18:45 . 2006-07-11 20:50 11,776 --a------ G:\WINDOWS\system32\drivers\grmn1200.sys
2008-02-23 18:45 . 2007-03-08 17:18 8,320 --a------ G:\WINDOWS\system32\drivers\grmnusb.sys
2008-02-23 15:11 . 2008-02-23 15:18 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\FileZilla
2008-02-21 20:21 . 2008-02-21 20:43 <REP> d-------- G:\Program Files\Fichiers communs\Adobe
2008-02-21 20:20 . 2003-08-11 10:07 14,604 --a------ G:\WINDOWS\system32\drivers\pfc.sys
2008-02-20 21:09 . 2008-02-20 21:09 290,816 --a------ G:\WINDOWS\system32\PVE.dll
2008-02-20 21:08 . 2008-02-20 21:08 <REP> d-------- G:\Program Files\Prodipe
2008-02-20 21:08 . 2008-02-20 21:08 200,704 --a------ G:\WINDOWS\system32\DDD2A.tmp
2008-02-20 19:25 . 2006-08-13 14:34 59,264 --a------ G:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-02-20 19:25 . 2006-08-13 14:34 59,264 --a--c--- G:\WINDOWS\system32\dllcache\usbaudio.sys
2008-02-19 23:55 . 2008-02-26 23:03 <REP> d-------- G:\HijackThis
2008-02-18 21:19 . 2008-02-18 21:19 <REP> d---sc--- G:\Documents and Settings\Administrateur\UserData
2008-02-18 08:03 . 2008-02-20 08:11 4,096 --ahs---- G:\VSNAP.IDX
2008-02-17 21:51 . 2008-02-17 21:51 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Symantec
2008-02-17 20:37 . 2007-03-28 20:29 131,944 --a------ G:\WINDOWS\system32\drivers\symsnap.sys
2008-02-17 20:37 . 2007-03-28 20:49 128,104 --a------ G:\WINDOWS\system32\drivers\WimFltr.sys
2008-02-17 20:37 . 2007-03-28 20:12 109,360 --a------ G:\WINDOWS\system32\GEARAspi.dll
2008-02-17 20:37 . 2007-03-28 20:29 37,864 --a------ G:\WINDOWS\system32\drivers\v2imount.sys
2008-02-17 20:37 . 2007-03-28 20:12 15,664 --a------ G:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2008-02-17 20:37 . 2007-03-28 20:23 14,072 --a------ G:\WINDOWS\system32\drivers\vproeventmonitor.sys
2008-02-17 20:36 . 2008-02-17 20:37 <REP> d-------- G:\Program Files\Norton Ghost
2008-02-17 20:35 . 2008-02-17 20:35 <REP> d-------- G:\Program Files\Symantec
2008-02-17 20:35 . 2008-02-17 20:37 <REP> d-------- G:\Program Files\Fichiers communs\Symantec Shared
2008-02-17 20:35 . 2008-02-17 20:45 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
2008-02-17 16:45 . 2008-02-17 16:45 <REP> d-------- G:\Program Files\Kaspersky Lab
2008-02-17 16:45 . 2008-02-26 23:16 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2008-02-17 16:45 . 2008-02-26 23:17 8,585,504 --ahs---- G:\WINDOWS\system32\drivers\fidbox.dat
2008-02-17 16:45 . 2008-02-26 23:17 177,184 --ahs---- G:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-17 16:45 . 2008-02-26 23:08 122,276 --ahs---- G:\WINDOWS\system32\drivers\fidbox.idx
2008-02-17 16:45 . 2008-02-17 16:56 91,700 --a------ G:\WINDOWS\system32\drivers\klin.dat
2008-02-17 16:45 . 2008-02-17 16:45 85,860 --a------ G:\WINDOWS\system32\drivers\klick.dat
2008-02-17 16:45 . 2008-02-26 23:08 20,768 --ahs---- G:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-17 16:26 . 2008-02-17 16:26 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-02-17 15:27 . 2008-02-17 15:31 <REP> d-------- G:\Program Files\SUPERAntiSpyware
2008-02-17 15:27 . 2008-02-17 15:27 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2008-02-17 15:27 . 2008-02-17 15:27 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\SUPERAntiSpyware.com
2008-02-17 15:25 . 2008-02-23 23:06 <REP> d-------- G:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-16 20:48 . 2008-02-17 11:23 <REP> d-------- G:\WINDOWS\NV20723744.TMP
2008-02-16 12:31 . 2008-02-16 12:33 <REP> d-------- G:\Program Files\MSN Messenger
2008-02-15 21:14 . 2008-02-15 21:14 <REP> d----c--- G:\Documents and Settings\Administrateur\dwhelper
2008-02-12 20:04 . 2008-02-12 20:04 <REP> d-------- G:\Program Files\Guitar Pro 5
2008-02-07 21:46 . 2008-02-07 21:48 <REP> d-------- G:\WINDOWS\NV28642736.TMP
2008-02-07 21:46 . 2007-12-17 13:53 159,458 --a------ G:\WINDOWS\system32\nvapps.nvb
2008-02-07 19:56 . 2008-02-07 19:56 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
2008-02-06 01:11 . 2008-02-06 01:11 <REP> d-------- G:\Program Files\Propellerhead
2008-02-06 01:07 . 2008-02-06 01:07 368,640 --a------ G:\WINDOWS\system32\ReWire.dll
2008-02-06 01:07 . 2008-02-06 01:07 233,472 --a------ G:\WINDOWS\system32\REX Shared Library.dll
2008-02-06 00:44 . 2008-02-06 00:44 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Propellerhead Software
2008-02-06 00:44 . 2008-02-06 01:07 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Propellerhead Software
2008-02-05 23:36 . 2008-02-05 23:36 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Media Player Classic
2008-02-05 23:35 . 2008-02-05 23:35 <REP> d-------- G:\Program Files\QuickTime Alternative
2008-02-05 23:35 . 2008-02-05 23:35 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-05 23:35 . 2008-01-10 15:27 90,112 --a------ G:\WINDOWS\system32\QuickTimeVR.qtx
2008-02-05 23:35 . 2008-01-10 15:27 57,344 --a------ G:\WINDOWS\system32\QuickTime.qts
2008-02-05 23:34 . 2008-02-05 23:34 <REP> d-------- G:\Program Files\Free Easy Burner
2008-02-05 23:34 . 2006-11-18 10:38 200,704 --a------ G:\WINDOWS\system32\vbalExpBar6.ocx
2008-02-05 23:34 . 2004-03-08 21:00 152,848 --a------ G:\WINDOWS\system32\COMDLG32.OCX
2008-02-05 23:34 . 2000-05-22 13:58 115,920 --a------ G:\WINDOWS\system32\msinet.OCX
2008-02-05 23:34 . 1999-03-25 17:00 101,888 --a------ G:\WINDOWS\system32\VB6STKIT.DLL
2008-02-05 23:34 . 2003-04-18 14:29 44,544 --a------ G:\WINDOWS\system32\msxml4a.dll
2008-02-05 23:34 . 1998-07-13 16:53 44,544 --a------ G:\WINDOWS\system32\GIF89.DLL
2008-02-05 23:34 . 2003-01-26 11:41 40,960 --a------ G:\WINDOWS\system32\SSubTmr6.dll
2008-02-05 23:34 . 1998-07-12 17:00 32,768 --a------ G:\WINDOWS\system32\CMDLGFR.DLL
2008-02-05 23:34 . 1998-07-12 21:00 15,360 --a------ G:\WINDOWS\system32\inetfr.DLL
2008-02-03 16:49 . 2008-02-03 16:49 <REP> d-------- G:\Program Files\VstPlugins
2008-01-27 23:30 . 2008-01-27 23:30 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Logitech
2008-01-27 23:26 . 2008-01-27 23:26 <REP> d-------- G:\Program Files\Steinberg
2008-01-27 23:22 . 2003-07-31 20:28 147,425 --a------ G:\WINDOWS\system32\SYNSOACC-Aide.chm
2008-01-27 23:22 . 2003-05-26 15:29 120,468 --a------ G:\WINDOWS\system32\SYNSOACC-Hilfe.chm
2008-01-27 23:22 . 2003-05-26 15:29 114,279 --a------ G:\WINDOWS\system32\SYNSOACC-Help.chm
2008-01-27 23:22 . 2005-05-09 20:08 33,792 --a------ G:\WINDOWS\system32\drivers\cledx.sys
2008-01-27 23:19 . 2008-01-27 23:19 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\vlc
2008-01-27 21:37 . 2008-02-15 19:19 <REP> d----c--- G:\Documents and Settings\Administrateur\amsn
2008-01-27 21:16 . 2008-02-26 21:27 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\foobar2000
2008-01-26 14:13 . 2008-01-26 14:13 <REP> d----c--- G:\Documents and Settings\Administrateur\Contacts
2008-01-26 14:13 . 2008-01-26 14:13 292 --ah----- G:\sqmdata09.sqm
2008-01-26 14:13 . 2008-01-26 14:13 244 --ah----- G:\sqmnoopt09.sqm
2008-01-26 12:28 . 2008-01-26 12:28 81,920 -r------- G:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2008-01-26 12:27 . 2008-01-26 12:27 <REP> d-------- G:\Program Files\Fichiers communs\Logitech

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-26 21:44 --------- d-----w G:\Program Files\eMule
2008-02-26 19:40 --------- d-----w G:\Program Files\Picasa2
2008-02-25 19:15 139,264 ----a-w G:\WINDOWS\system32\hpzjrd01.dll
2008-02-24 18:17 --------- d-----w G:\Program Files\PhotoFiltre Studio
2008-02-23 19:47 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\uTorrent
2008-02-21 19:20 --------- d--h--w G:\Program Files\InstallShield Installation Information
2008-02-17 15:41 --------- d-----w G:\Program Files\Avast4
2008-02-07 18:55 --------- d-----w G:\Program Files\Fichiers communs\InstallShield
2008-02-04 21:17 --------- d-----w G:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2008-01-27 22:22 --------- d-----w G:\Program Files\Syncrosoft
2008-01-25 19:40 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\HP
2008-01-25 19:35 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\Steinberg
2008-01-25 19:27 --------- d-----w G:\Documents and Settings\All Users.WINDOWS\Application Data\Pinnacle
2008-01-24 22:50 --------- d-----w G:\Program Files\DAEMON Tools
2008-01-24 22:43 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\DAEMON Tools
2008-01-24 22:43 --------- d-----w G:\Program Files\DAEMON Tools Lite
2008-01-24 22:14 639,224 ----a-w G:\WINDOWS\system32\drivers\sptd.sys
2008-01-24 21:58 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\Image Zone Express
2008-01-24 21:51 --------- d-----w G:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
2008-01-24 21:47 --------- d-----w G:\Program Files\HP
2008-01-24 21:47 --------- d-----w G:\Program Files\Fichiers communs\HP
2008-01-24 21:45 --------- d-----w G:\Program Files\PDFCreator
2008-01-24 21:45 --------- d-----w G:\Program Files\Fichiers communs\Hewlett-Packard
2008-01-24 21:45 --------- d-----w G:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-01-24 21:32 --------- d-----w G:\Program Files\FooBar
2008-01-24 21:15 --------- d-----w G:\Program Files\Spybot
2008-01-24 21:11 --------- d-----w G:\Program Files\Foxit Software
2008-01-24 21:02 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\Talkback
2008-01-24 20:49 --------- d-----w G:\Program Files\Google
2008-01-24 20:41 --------- d-----w G:\Program Files\SystemRequirementsLab
2008-01-24 20:40 --------- d-----w G:\Program Files\Everest
2008-01-24 20:33 --------- d-----w G:\Program Files\Java
2008-01-24 20:31 --------- d-----w G:\Program Files\Audio Deck
2008-01-24 20:28 24,064 ----a-w G:\WINDOWS\autoload.exe
2008-01-24 20:13 --------- d-----w G:\Program Files\HighMAT CD Writing Wizard
2008-01-24 20:12 --------- d-----w G:\Program Files\Fichiers communs\Java
2008-01-24 20:08 --------- d-----w G:\Program Files\Services en ligne
2008-01-19 12:07 --------- d-----w G:\Program Files\Toontrack
2008-01-13 17:03 --------- d-----w G:\Program Files\Autoruns
2008-01-08 20:54 --------- d-----w G:\Program Files\Common Files
2008-01-05 15:40 --------- d-----w G:\Program Files\Bome's Mouse Keyboard
2008-01-03 12:26 --------- d-----w G:\Program Files\Minnetonka Audio Software
2007-12-17 23:44 219,664 ----a-w G:\WINDOWS\system32\klogon.dll
2007-12-17 19:09 585,728 ----a-w G:\Program Files\js.dll
2007-12-17 19:09 2,228,326 ----a-w G:\Program Files\Foxit_JS_ExObjects.dll
2007-12-05 01:53 356,352 ----a-w G:\WINDOWS\system32\NVUNINST.EXE
2007-04-06 14:46 4,037,888 ----a-w G:\Program Files\Foxit_Reader.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0487b2ca-552e-4a7d-9f9d-efb0dd744147}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1AD7ABE4-84D1-4B80-A939-9D06C0BF5FFA}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2B4357E9-476F-403A-B1A2-BD9E661CC50C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5CDE9161-DF09-497E-B741-5D53351DEE80}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{969C29C4-3F0C-4316-B25C-E017AECBDD36}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B2B2F6FE-A746-4BB9-B4E6-FC77827121FF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BC46AD90-791B-4DBB-9D8F-0DBC3CF15DE8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BF1404E5-8DD3-4128-850B-3CCAA9F74244}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C75927FD-A8C9-4340-B7A8-CB26DF8A0973}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C9514C5B-0FFA-42B4-B9A6-06D7227641D2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5772466-85BC-4364-B207-00D588BDAE38}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="G:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09 15360]
"swg"="G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-20 22:58 68856]
"SpybotSD TeaTimer"="G:\Program Files\Spybot\TeaTimer.exe" [2007-08-31 16:46 1460560]
"LDM"="G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-01-26 12:28 20480]
"Clavier+"="G:\Documents and Settings\Administrateur\Bureau\Clavier+\Clavier.exe" [2007-10-21 23:53 88576]
"SUPERAntiSpyware"="G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-17 15:31 1470464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="G:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"EnvyHFCPL"="G:\Program Files\Audio Deck\EnMixCPL.exe" [2007-05-08 17:28 3898368]
"NvCplDaemon"="G:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 G:\WINDOWS\system32\nwiz.exe]
"SW20"="G:\WINDOWS\system32\sw20.exe" [2006-05-18 02:15 208896]
"SW24"="G:\WINDOWS\system32\sw24.exe" [2006-05-17 03:37 69632]
"HP Software Update"="G:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12 49152]
"FIREBOX"="G:\Program Files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe" [2005-01-28 23:04 1003520]
"H2O"="G:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-23 00:00 385024]
"SearchSettings"="G:\Program Files\Search Settings\SearchSettings.exe" [ ]
"NvMediaCenter"="G:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"AVP"="G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-12-18 00:43 227856]
"Norton Ghost 12.0"="G:\Program Files\Norton Ghost\Agent\VProTray.exe" [2007-03-28 20:41 2037352]
"PVE"="G:\Program Files\Prodipe\PVE\PVE_GMMode.exe" [2008-02-20 21:08 913408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="G:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09 15360]
"MsnMsgr"="G:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= G:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
G:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 G:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hggdcby]
hggdcby.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"G:\\Program Files\\uTorrent\\uTorrent.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"G:\\Program Files\\Messenger\\msmsgs.exe"=
"G:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"G:\\Program Files\\MSN Messenger\\livecall.exe"=
"G:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"G:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"=
"G:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"G:\\Program Files\\eMule\\emule.exe"=

R3 CLEDX;Team H2O CLEDX service;G:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 20:08]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM;G:\WINDOWS\system32\drivers\Envy24HF.sys [2005-02-21 16:47]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;G:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 13:28]
R3 ps_1394;ps_1394;G:\WINDOWS\system32\Drivers\ps_1394.sys [2004-10-14 23:33]
R3 ps_avs;ps_avs;G:\WINDOWS\system32\Drivers\ps_avs.sys [2004-10-14 23:33]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf09ec8e-cabc-11dc-8055-806d6172696f}]
\Shell\AutoRun\command - H:\setup.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-02-26 19:00:00 G:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- G:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-26 23:17:42
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
G:\Program Files\Norton Ghost\Agent\VProSvc.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\WINDOWS\system32\HPZipm12.exe
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\Program Files\Logitech\SetPoint\KEM.exe
G:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
G:\Program Files\WinZip\WZQKPICK.EXE
G:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-26 23:23:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-26 22:22:39
0
Réponse 3 / 7
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
27 févr. 2008 à 01:17
Re

Comprendpô plutot ;)
0
comprendpô
27 févr. 2008 à 01:17
éhé :-)
0
Utilisateur anonyme
27 févr. 2008 à 01:21
Ha OK ;-) (Je fatigue)
Bonsoir à vous.
0
Réponse 4 / 7
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
27 févr. 2008 à 01:21
Re

Le rapport ComboFix date de ce matin, fais un en tout neuf et poste le ici, je file chez un pote qui m'attends, je regarderai cela plus tard a moins que Bouddha ne décrypte ton rapport Combo.

@ plus
0
comprendpô
27 févr. 2008 à 01:37
OK le sioux merci
Quand je lance combofix, y a Kaspersky qui se réveille et me dit qu'il y a intrusion d'un programme (invader), c'est peut etre normal?!

bon sinon

ComboFix 08-02-25.3 - Administrateur 2008-02-27 1:23:38.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1025 [GMT 1:00]
Endroit: G:\Documents and Settings\Administrateur\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-01-27 to 2008-02-27 ))))))))))))))))))))))))))))))))))))
.

2008-02-27 00:11 . 2008-02-27 00:10 691,545 --a------ G:\WINDOWS\unins000.exe
2008-02-27 00:11 . 2008-02-27 00:11 2,564 --a------ G:\WINDOWS\unins000.dat
2008-02-26 22:07 . 2008-02-26 22:07 54,156 --ah----- G:\WINDOWS\QTFont.qfn
2008-02-26 22:07 . 2008-02-26 22:07 1,409 --a------ G:\WINDOWS\QTFont.for
2008-02-25 22:13 . 2008-02-25 22:13 <REP> d-------- G:\WINDOWS\Sun
2008-02-25 20:17 . 2008-02-25 20:17 234 --a------ G:\WINDOWS\PrnHlpLogConfig.ini
2008-02-24 21:29 . 2008-02-24 21:29 <REP> d-------- G:\VundoFix Backups
2008-02-24 21:19 . 2008-02-24 21:24 <REP> d-------- G:\Program Files\Garmin
2008-02-24 20:26 . 2008-02-24 20:29 <REP> d-a------ G:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-02-24 19:17 . 2008-02-24 19:17 41 ---h----- G:\WINDOWS\dpar0014.dat
2008-02-24 18:59 . 2008-02-24 18:59 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Samsung
2008-02-23 23:06 . 2008-02-23 23:06 <REP> d-------- G:\Program Files\Memory-Map
2008-02-23 20:56 . 2008-02-23 21:14 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\GARMIN
2008-02-23 20:32 . 2008-02-23 20:41 <REP> d-------- G:\Program Files\Macromedia
2008-02-23 20:32 . 2008-02-23 20:37 <REP> d-------- G:\Program Files\Fichiers communs\Macromedia
2008-02-23 18:45 . 2007-03-08 17:18 18,432 --a------ G:\WINDOWS\system32\drivers\grmngen.sys
2008-02-23 18:45 . 2006-02-20 19:25 17,536 --a------ G:\WINDOWS\system32\drivers\grmn0200.sys
2008-02-23 18:45 . 2006-04-11 20:51 16,512 --a------ G:\WINDOWS\system32\drivers\grmn0400.sys
2008-02-23 18:45 . 2006-07-11 20:50 11,776 --a------ G:\WINDOWS\system32\drivers\grmn1200.sys
2008-02-23 18:45 . 2007-03-08 17:18 8,320 --a------ G:\WINDOWS\system32\drivers\grmnusb.sys
2008-02-23 15:11 . 2008-02-23 15:18 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\FileZilla
2008-02-21 20:21 . 2008-02-21 20:43 <REP> d-------- G:\Program Files\Fichiers communs\Adobe
2008-02-21 20:20 . 2003-08-11 10:07 14,604 --a------ G:\WINDOWS\system32\drivers\pfc.sys
2008-02-20 21:09 . 2008-02-20 21:09 290,816 --a------ G:\WINDOWS\system32\PVE.dll
2008-02-20 21:08 . 2008-02-20 21:08 <REP> d-------- G:\Program Files\Prodipe
2008-02-20 21:08 . 2008-02-20 21:08 200,704 --a------ G:\WINDOWS\system32\DDD2A.tmp
2008-02-20 19:25 . 2006-08-13 14:34 59,264 --a------ G:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-02-20 19:25 . 2006-08-13 14:34 59,264 --a--c--- G:\WINDOWS\system32\dllcache\usbaudio.sys
2008-02-19 23:55 . 2008-02-27 01:12 <REP> d-------- G:\HijackThis
2008-02-18 21:19 . 2008-02-18 21:19 <REP> d---sc--- G:\Documents and Settings\Administrateur\UserData
2008-02-18 08:03 . 2008-02-20 08:11 4,096 --ahs---- G:\VSNAP.IDX
2008-02-17 21:51 . 2008-02-17 21:51 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Symantec
2008-02-17 20:37 . 2007-03-28 20:49 128,104 --a------ G:\WINDOWS\system32\drivers\WimFltr.sys
2008-02-17 20:37 . 2007-03-28 20:12 109,360 --a------ G:\WINDOWS\system32\GEARAspi.dll
2008-02-17 20:37 . 2007-03-28 20:12 15,664 --a------ G:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2008-02-17 20:36 . 2008-02-17 20:37 <REP> d-------- G:\Program Files\Norton Ghost
2008-02-17 16:45 . 2008-02-17 16:45 <REP> d-------- G:\Program Files\Kaspersky Lab
2008-02-17 16:45 . 2008-02-27 00:15 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2008-02-17 16:45 . 2008-02-27 01:33 8,766,496 --ahs---- G:\WINDOWS\system32\drivers\fidbox.dat
2008-02-17 16:45 . 2008-02-27 01:32 185,888 --ahs---- G:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-17 16:45 . 2008-02-27 00:13 123,524 --ahs---- G:\WINDOWS\system32\drivers\fidbox.idx
2008-02-17 16:45 . 2008-02-17 16:56 91,700 --a------ G:\WINDOWS\system32\drivers\klin.dat
2008-02-17 16:45 . 2008-02-17 16:45 85,860 --a------ G:\WINDOWS\system32\drivers\klick.dat
2008-02-17 16:45 . 2008-02-27 00:13 21,272 --ahs---- G:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-17 16:26 . 2008-02-17 16:26 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-02-17 15:27 . 2008-02-17 15:31 <REP> d-------- G:\Program Files\SUPERAntiSpyware
2008-02-17 15:27 . 2008-02-17 15:27 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2008-02-17 15:27 . 2008-02-17 15:27 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\SUPERAntiSpyware.com
2008-02-17 15:25 . 2008-02-23 23:06 <REP> d-------- G:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-16 20:48 . 2008-02-17 11:23 <REP> d-------- G:\WINDOWS\NV20723744.TMP
2008-02-16 12:31 . 2008-02-16 12:33 <REP> d-------- G:\Program Files\MSN Messenger
2008-02-15 21:14 . 2008-02-15 21:14 <REP> d----c--- G:\Documents and Settings\Administrateur\dwhelper
2008-02-12 20:04 . 2008-02-12 20:04 <REP> d-------- G:\Program Files\Guitar Pro 5
2008-02-07 21:46 . 2008-02-07 21:48 <REP> d-------- G:\WINDOWS\NV28642736.TMP
2008-02-07 21:46 . 2007-12-17 13:53 159,458 --a------ G:\WINDOWS\system32\nvapps.nvb
2008-02-07 19:56 . 2008-02-07 19:56 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
2008-02-06 01:11 . 2008-02-06 01:11 <REP> d-------- G:\Program Files\Propellerhead
2008-02-06 01:07 . 2008-02-06 01:07 368,640 --a------ G:\WINDOWS\system32\ReWire.dll
2008-02-06 01:07 . 2008-02-06 01:07 233,472 --a------ G:\WINDOWS\system32\REX Shared Library.dll
2008-02-06 00:44 . 2008-02-06 00:44 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Propellerhead Software
2008-02-06 00:44 . 2008-02-06 01:07 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Propellerhead Software
2008-02-05 23:36 . 2008-02-05 23:36 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Media Player Classic
2008-02-05 23:35 . 2008-02-05 23:35 <REP> d-------- G:\Program Files\QuickTime Alternative
2008-02-05 23:35 . 2008-02-05 23:35 <REP> d-------- G:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-05 23:35 . 2008-01-10 15:27 90,112 --a------ G:\WINDOWS\system32\QuickTimeVR.qtx
2008-02-05 23:35 . 2008-01-10 15:27 57,344 --a------ G:\WINDOWS\system32\QuickTime.qts
2008-02-05 23:34 . 2008-02-05 23:34 <REP> d-------- G:\Program Files\Free Easy Burner
2008-02-05 23:34 . 2006-11-18 10:38 200,704 --a------ G:\WINDOWS\system32\vbalExpBar6.ocx
2008-02-05 23:34 . 2004-03-08 21:00 152,848 --a------ G:\WINDOWS\system32\COMDLG32.OCX
2008-02-05 23:34 . 2000-05-22 13:58 115,920 --a------ G:\WINDOWS\system32\msinet.OCX
2008-02-05 23:34 . 1999-03-25 17:00 101,888 --a------ G:\WINDOWS\system32\VB6STKIT.DLL
2008-02-05 23:34 . 2003-04-18 14:29 44,544 --a------ G:\WINDOWS\system32\msxml4a.dll
2008-02-05 23:34 . 1998-07-13 16:53 44,544 --a------ G:\WINDOWS\system32\GIF89.DLL
2008-02-05 23:34 . 2003-01-26 11:41 40,960 --a------ G:\WINDOWS\system32\SSubTmr6.dll
2008-02-05 23:34 . 1998-07-12 17:00 32,768 --a------ G:\WINDOWS\system32\CMDLGFR.DLL
2008-02-05 23:34 . 1998-07-12 21:00 15,360 --a------ G:\WINDOWS\system32\inetfr.DLL
2008-02-03 16:49 . 2008-02-03 16:49 <REP> d-------- G:\Program Files\VstPlugins
2008-01-27 23:30 . 2008-01-27 23:30 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\Logitech
2008-01-27 23:26 . 2008-01-27 23:26 <REP> d-------- G:\Program Files\Steinberg
2008-01-27 23:22 . 2003-07-31 20:28 147,425 --a------ G:\WINDOWS\system32\SYNSOACC-Aide.chm
2008-01-27 23:22 . 2003-05-26 15:29 120,468 --a------ G:\WINDOWS\system32\SYNSOACC-Hilfe.chm
2008-01-27 23:22 . 2003-05-26 15:29 114,279 --a------ G:\WINDOWS\system32\SYNSOACC-Help.chm
2008-01-27 23:22 . 2005-05-09 20:08 33,792 --a------ G:\WINDOWS\system32\drivers\cledx.sys
2008-01-27 23:19 . 2008-01-27 23:19 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\vlc
2008-01-27 21:37 . 2008-02-15 19:19 <REP> d----c--- G:\Documents and Settings\Administrateur\amsn
2008-01-27 21:16 . 2008-02-26 21:27 <REP> d----c--- G:\Documents and Settings\Administrateur\Application Data\foobar2000

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-26 23:15 --------- d-----w G:\Program Files\Spybot
2008-02-26 23:15 --------- d-----w G:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-26 21:44 --------- d-----w G:\Program Files\eMule
2008-02-26 19:40 --------- d-----w G:\Program Files\Picasa2
2008-02-25 19:15 139,264 ----a-w G:\WINDOWS\system32\hpzjrd01.dll
2008-02-24 18:17 --------- d-----w G:\Program Files\PhotoFiltre Studio
2008-02-23 19:47 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\uTorrent
2008-02-21 19:20 --------- d--h--w G:\Program Files\InstallShield Installation Information
2008-02-17 15:41 --------- d-----w G:\Program Files\Avast4
2008-02-07 18:55 --------- d-----w G:\Program Files\Fichiers communs\InstallShield
2008-02-04 21:17 --------- d-----w G:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2008-01-27 22:22 --------- d-----w G:\Program Files\Syncrosoft
2008-01-26 11:28 81,920 ------r G:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2008-01-26 11:27 --------- d-----w G:\Program Files\Fichiers communs\Logitech
2008-01-25 19:40 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\HP
2008-01-25 19:35 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\Steinberg
2008-01-25 19:27 --------- d-----w G:\Documents and Settings\All Users.WINDOWS\Application Data\Pinnacle
2008-01-24 22:50 --------- d-----w G:\Program Files\DAEMON Tools
2008-01-24 22:43 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\DAEMON Tools
2008-01-24 22:43 --------- d-----w G:\Program Files\DAEMON Tools Lite
2008-01-24 22:14 639,224 ----a-w G:\WINDOWS\system32\drivers\sptd.sys
2008-01-24 21:58 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\Image Zone Express
2008-01-24 21:51 --------- d-----w G:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
2008-01-24 21:47 --------- d-----w G:\Program Files\HP
2008-01-24 21:47 --------- d-----w G:\Program Files\Fichiers communs\HP
2008-01-24 21:45 --------- d-----w G:\Program Files\PDFCreator
2008-01-24 21:45 --------- d-----w G:\Program Files\Fichiers communs\Hewlett-Packard
2008-01-24 21:32 --------- d-----w G:\Program Files\FooBar
2008-01-24 21:11 --------- d-----w G:\Program Files\Foxit Software
2008-01-24 21:02 --------- dc----w G:\Documents and Settings\Administrateur\Application Data\Talkback
2008-01-24 20:49 --------- d-----w G:\Program Files\Google
2008-01-24 20:41 --------- d-----w G:\Program Files\SystemRequirementsLab
2008-01-24 20:40 --------- d-----w G:\Program Files\Everest
2008-01-24 20:33 --------- d-----w G:\Program Files\Java
2008-01-24 20:31 --------- d-----w G:\Program Files\Audio Deck
2008-01-24 20:28 24,064 ----a-w G:\WINDOWS\autoload.exe
2008-01-24 20:13 --------- d-----w G:\Program Files\HighMAT CD Writing Wizard
2008-01-24 20:12 --------- d-----w G:\Program Files\Fichiers communs\Java
2008-01-24 20:08 --------- d-----w G:\Program Files\Services en ligne
2008-01-19 12:07 --------- d-----w G:\Program Files\Toontrack
2008-01-13 17:03 --------- d-----w G:\Program Files\Autoruns
2008-01-08 20:54 --------- d-----w G:\Program Files\Common Files
2008-01-05 15:40 --------- d-----w G:\Program Files\Bome's Mouse Keyboard
2008-01-03 12:26 --------- d-----w G:\Program Files\Minnetonka Audio Software
2007-12-17 23:44 219,664 ----a-w G:\WINDOWS\system32\klogon.dll
2007-12-17 19:09 585,728 ----a-w G:\Program Files\js.dll
2007-12-17 19:09 2,228,326 ----a-w G:\Program Files\Foxit_JS_ExObjects.dll
2007-12-05 01:53 356,352 ----a-w G:\WINDOWS\system32\NVUNINST.EXE
2007-04-06 14:46 4,037,888 ----a-w G:\Program Files\Foxit_Reader.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0487b2ca-552e-4a7d-9f9d-efb0dd744147}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1AD7ABE4-84D1-4B80-A939-9D06C0BF5FFA}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2B4357E9-476F-403A-B1A2-BD9E661CC50C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5CDE9161-DF09-497E-B741-5D53351DEE80}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{969C29C4-3F0C-4316-B25C-E017AECBDD36}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B2B2F6FE-A746-4BB9-B4E6-FC77827121FF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BC46AD90-791B-4DBB-9D8F-0DBC3CF15DE8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C75927FD-A8C9-4340-B7A8-CB26DF8A0973}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C9514C5B-0FFA-42B4-B9A6-06D7227641D2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5772466-85BC-4364-B207-00D588BDAE38}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="G:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09 15360]
"SpybotSD TeaTimer"="G:\Program Files\Spybot\TeaTimer.exe" [2008-01-28 11:43 2097488]
"LDM"="G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-01-26 12:28 20480]
"Clavier+"="G:\Documents and Settings\Administrateur\Bureau\Clavier+\Clavier.exe" [2007-10-21 23:53 88576]
"SUPERAntiSpyware"="G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-17 15:31 1470464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="G:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"EnvyHFCPL"="G:\Program Files\Audio Deck\EnMixCPL.exe" [2007-05-08 17:28 3898368]
"NvCplDaemon"="G:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 G:\WINDOWS\system32\nwiz.exe]
"SW20"="G:\WINDOWS\system32\sw20.exe" [2006-05-18 02:15 208896]
"SW24"="G:\WINDOWS\system32\sw24.exe" [2006-05-17 03:37 69632]
"HP Software Update"="G:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12 49152]
"FIREBOX"="G:\Program Files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe" [2005-01-28 23:04 1003520]
"H2O"="G:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-23 00:00 385024]
"SearchSettings"="G:\Program Files\Search Settings\SearchSettings.exe" [ ]
"NvMediaCenter"="G:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"AVP"="G:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-12-18 00:43 227856]
"PVE"="G:\Program Files\Prodipe\PVE\PVE_GMMode.exe" [2008-02-20 21:08 913408]
"Norton Ghost 12.0"="G:\Program Files\Norton Ghost\Agent\VProTray.exe" [2007-03-28 20:41 2037352]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="G:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09 15360]
"MsnMsgr"="G:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]

G:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 22:23:26 282624]
Logitech Desktop Messenger.lnk - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-11-06 13:29:22 450560]
Logitech SetPoint.lnk - G:\Program Files\Logitech\SetPoint\KEM.exe [2007-09-20 23:10:52 581632]
WinZip Quick Pick.lnk - G:\Program Files\WinZip\WZQKPICK.EXE [2007-09-20 22:45:48 389120]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= G:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
G:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 G:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hggdcby]
hggdcby.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"G:\\Program Files\\uTorrent\\uTorrent.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"G:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"G:\\Program Files\\Messenger\\msmsgs.exe"=
"G:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"G:\\Program Files\\MSN Messenger\\livecall.exe"=
"G:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"G:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"=
"G:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"G:\\Program Files\\eMule\\emule.exe"=

R3 CLEDX;Team H2O CLEDX service;G:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 20:08]
R3 Envy24HFS;ICE Envy24 Family Audio Controller WDM;G:\WINDOWS\system32\drivers\Envy24HF.sys [2005-02-21 16:47]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;G:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 13:28]
R3 ps_1394;ps_1394;G:\WINDOWS\system32\Drivers\ps_1394.sys [2004-10-14 23:33]
R3 ps_avs;ps_avs;G:\WINDOWS\system32\Drivers\ps_avs.sys [2004-10-14 23:33]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf09ec8e-cabc-11dc-8055-806d6172696f}]
\Shell\AutoRun\command - H:\setup.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-26 23:00:00 G:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- G:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-27 01:32:50
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-27 1:36:27
ComboFix-quarantined-files.txt 2008-02-27 00:36:16
ComboFix2.txt 2008-02-26 22:23:46

@++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Utilisateur anonyme
27 févr. 2008 à 01:38
Quand je lance combofix, y a Kaspersky qui se réveille et me dit qu'il y a intrusion d'un programme (invader), c'est peut etre normal?!
==============
Oui
0
comprendpô
27 févr. 2008 à 01:41
Ko sinon il t'inspire le rapport compo bouddha ?

++
0
Réponse 6 / 7
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 1 169
27 févr. 2008 à 01:40
Salut Indy... ;-)
Ce mec nous mène en bourrique
http://www.commentcamarche.net/forum/affich 5203538 vundo insupressible#0
http://www.commentcamarche.net/forum/affich 5205476 avis rapport hijack#0
http://www.commentcamarche.net/forum/affich 5204006 trojan vundo siou plait#0
http://www.commentcamarche.net/forum/affich 5206124 suis je infeste#0
http://www.commentcamarche.net/forum/affich 5206069 qu en pensez vous#0

tetraplon.....
0
comprendpô
27 févr. 2008 à 01:43
pas du tout !! j'ai fait l'erreur d'ouvrir pls topics et maintenant m'emmèle les pinceaux ! Désolé je vais essayer de rectifier le tir
0
Réponse 7 / 7
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
27 févr. 2008 à 06:47
Bonsoir Jeorgino

Et merci de l'info l'ami.

Comprends pô, continu sur l'un de tes autres sujets en cours ... celui-ci va être mis en résolu.

Bonsoir.
0