Se connecter / S'enregistrer
Votre question

problème avec trojan-gen (other) help!!!!!!!!

Tags :
  • Trojan
  • Sécurité
Dernière réponse : dans Sécurité et virus
23 Juin 2008 06:49:14

bonjour j'ai un problème avec trojan-gen, avast me le repère mais n'arrive pas à le mettre en quarantaine ni à le supprimer, alors je viens vous solliciter pour un petit coup de patte parce que ça fait deux jour que je cherche des solutions sans y parvenir alors je vous poste un rapport hijackthis afin si c'est possible que vous puissiez m'aider merci d'avance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:11:38, on 20/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\prutry\Mes documents\Crazy Browser\Crazy Browser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02B650D4-258E-45AA-AAFD-C124253FD1AA} - C:\WINDOWS\system32\urqRLdEt.dll
O2 - BHO: (no name) - {044BD9A0-DA03-439F-97FA-22B328FEA47D} - (no file)
O2 - BHO: (no name) - {06968870-19c4-480b-80cc-622f5e800a45} - (no file)
O2 - BHO: (no name) - {33ec8d38-1680-4631-a750-b9ae2f6a8a1d} - (no file)
O2 - BHO: (no name) - {3AB42DAE-DF41-4783-8832-0E0F540D0012} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {804f4f56-c182-b75b-62f4-a8dc72f80b45} - {54b08f27-cd8a-4f26-b57b-281c65f4f408} - C:\WINDOWS\system32\wjmeujtt.dll
O2 - BHO: (no name) - {5E54C1D7-0CF3-4CC6-A5C8-E03932F45E34} - (no file)
O2 - BHO: (no name) - {725b8d6e-802c-4c13-881c-a430ed8138d1} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A0B4FFEA-D466-49A8-9BB0-B7BBD2FCB449} - C:\WINDOWS\system32\yayyxywu.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: (no name) - {cc9ed9f1-3e7c-4793-8c4c-06922a4462dd} - (no file)
O2 - BHO: (no name) - {EEA1DEE9-D969-47FE-BC44-D9140ED824D2} - (no file)
O2 - BHO: (no name) - {F76F3BEC-BAED-4747-AA33-3EFA88049553} - (no file)
O2 - BHO: (no name) - {fce11f51-a8ea-4e5f-a79a-9a1c398cc8a5} - (no file)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BM57912f6b] Rundll32.exe "C:\WINDOWS\system32\qvjucyqa.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 1704019000
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.1.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: yayyxywu - C:\WINDOWS\SYSTEM32\yayyxywu.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Pmotub001.1 - HP - (no file)

--
End of file - 7644 bytes

Autres pages sur : probleme trojan gen other help

a b 8 Sécurité
23 Juin 2008 12:42:06

Bonjour,

Poste pour suivre.
Contenus similaires
24 Juin 2008 08:13:14

Malwarebytes' Anti-Malware 1.17
Version de la base de données: 846

08:12:41 24/06/2008
mbam-log-6-24-2008 (08-12-19).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 148971
Temps écoulé: 37 minute(s), 50 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM57912f6b (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\cookies.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\qvjucyqa.dll (Trojan.Agent) -> No action taken.


voilà le rapport demandé help il y en plus que prévu apparemment alors qu'avast ne me signalait qu'un problème ce programme me trouve les traces de 6 infections.... Helpppp!!!!!!
a b 8 Sécurité
24 Juin 2008 12:51:34

Tu as bien supprimé les infections détectées ?
25 Juin 2008 05:55:08

oui j'ai bien supprimé, puis redemarré l'ordi comme demandé mais lorsque j'ai refais un scan avec avast le trojan était toujours là!!!! que dois je faire? Mon rapport hijackthis te donne t'il des renseignements car je n'ai rien fait avec ce programme qui somme toute parait capable de resoudre pas mal de problème...
a b 8 Sécurité
25 Juin 2008 13:03:08

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    27 Juin 2008 21:01:59

    ComboFix 08-06-20.4 - Propriétaire 2008-06-27 20:34:25.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1585 [GMT 2:00]
    Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\BM57912f6b.xml
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\deptkoha.dll
    C:\WINDOWS\system32\FhQrutwa.ini
    C:\WINDOWS\system32\FhQrutwa.ini2
    C:\WINDOWS\system32\fjuaqfmc.ini
    C:\WINDOWS\system32\gshvxpgl.ini
    C:\WINDOWS\system32\hximtaem.ini
    C:\WINDOWS\system32\imgirgyg.dll
    C:\WINDOWS\system32\ioopnpuf.ini
    C:\WINDOWS\system32\iOWxayxx.ini
    C:\WINDOWS\system32\iOWxayxx.ini2
    C:\WINDOWS\system32\keasltnp.dll
    C:\WINDOWS\system32\kjaluwbn.dll
    C:\WINDOWS\system32\nqjitoow.ini
    C:\WINDOWS\system32\omxvuddl.dll
    C:\WINDOWS\system32\pajegamy.ini
    C:\WINDOWS\system32\qcwneosf.ini
    C:\WINDOWS\system32\qjaduaer.dll
    C:\WINDOWS\system32\rawhvmek.ini
    C:\WINDOWS\system32\sAJTtBeg.ini
    C:\WINDOWS\system32\sAJTtBeg.ini2
    C:\WINDOWS\system32\shocpvuy.ini
    C:\WINDOWS\system32\slcviwdl.dll
    C:\WINDOWS\system32\tEdLRqru.ini
    C:\WINDOWS\system32\tEdLRqru.ini2
    C:\WINDOWS\system32\wjmeujtt.dll
    C:\WINDOWS\system32\xhxqdkeq.dll
    C:\WINDOWS\system32\xqlhsmii.dll
    C:\WINDOWS\system32\yFeMVvut.ini
    C:\WINDOWS\system32\yFeMVvut.ini2
    C:\WINDOWS\system32\yfqgbjbh.ini
    C:\WINDOWS\system32\yuejdmcy.dll

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-27 to 2008-06-27 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-24 07:32 . 2008-06-24 08:11 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-24 07:32 . 2008-06-24 07:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2008-06-24 07:32 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-24 07:32 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-22 09:11 . 2008-06-22 09:11 244 --ah----- C:\sqmnoopt04.sqm
    2008-06-22 09:11 . 2008-06-22 09:11 232 --ah----- C:\sqmdata04.sqm
    2008-06-22 09:10 . 2008-06-22 09:10 244 --ah----- C:\sqmnoopt03.sqm
    2008-06-22 09:10 . 2008-06-22 09:10 232 --ah----- C:\sqmdata03.sqm
    2008-06-20 09:05 . 2008-06-26 16:32 <REP> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-06-20 09:04 . 2008-06-23 06:45 <REP> d-------- C:\Program Files\Trojan Remover
    2008-06-20 09:04 . 2008-06-20 09:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Simply Super Software
    2008-06-20 09:04 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
    2008-06-20 09:04 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
    2008-06-20 09:04 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
    2008-06-20 09:04 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
    2008-06-20 09:04 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
    2008-06-20 08:13 . 2008-06-20 08:13 <REP> d-------- C:\Program Files\Lavasoft
    2008-06-20 07:11 . 2008-06-20 07:11 <REP> d-------- C:\Program Files\Trend Micro
    2008-06-16 10:12 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-16 10:12 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-11 07:40 . 2008-06-11 07:40 281,600 --a------ C:\WINDOWS\system32\urqRLdEt.dll.vir
    2008-06-09 06:54 . 2008-06-09 17:59 498 --a------ C:\WINDOWS\wininit.ini
    2008-06-08 09:17 . 2008-06-08 09:17 30,208 --a------ C:\WINDOWS\system32\yayyxywu.dll.vir
    2008-06-06 22:21 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2008-06-06 22:21 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2008-06-06 22:21 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2008-05-31 09:09 . 2008-06-20 08:13 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .


    j'ai galéré mais voila enfin le rapport demandé
    a b 8 Sécurité
    27 Juin 2008 21:08:13

    Le rapport n'est pas complet.
    29 Juin 2008 14:27:32

    pourtant il semble que c'est fini lorsque le rapport s'affiche. Comment dois je faire pour avoir cela en complet alors???? je vais tenter d'en ressortir un autre et te poste ça des que fini. Merci encore pour le coup de main et surtout la patience. En fait j'aurais bien tout reinstallé histoire de ne pas me prendre la tête mais j'ai filé mon ordi qui était sous garantie à LDLC ou je l'ai acheté mais ces enf....rés qui m'avait dit de bien laisser mon original windows xp ne me l'ont pas rendu et maintenant pas moyen de le récupérer. Je leur ferait bien un max de """pub""" à ce c.....ds. Bref si tu as un moyen pour que je puisse récupérer quelque chose me permettant de reinstaller avec mon numéro de série pour rester en règle???.... à bientôt j'espère
    a b 8 Sécurité
    29 Juin 2008 15:00:50

    Désinfectons, pas besoin de formater.
    29 Juin 2008 15:51:27

    ComboFix 08-06-20.4 - Propriétaire 2008-06-29 14:28:16.2 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1597 [GMT 2:00]
    Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-29 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-27 20:43 . 2008-06-27 20:43 <REP> d-------- C:\Documents and Settings\PropriÚtaire
    2008-06-24 07:32 . 2008-06-29 07:50 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-24 07:32 . 2008-06-24 07:32 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2008-06-24 07:32 . 2008-06-24 07:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2008-06-24 07:32 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-24 07:32 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-22 09:11 . 2008-06-22 09:11 244 --ah----- C:\sqmnoopt04.sqm
    2008-06-22 09:11 . 2008-06-22 09:11 232 --ah----- C:\sqmdata04.sqm
    2008-06-22 09:10 . 2008-06-22 09:10 244 --ah----- C:\sqmnoopt03.sqm
    2008-06-22 09:10 . 2008-06-22 09:10 232 --ah----- C:\sqmdata03.sqm
    2008-06-20 09:05 . 2008-06-26 16:32 <REP> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-06-20 09:04 . 2008-06-23 06:45 <REP> d-------- C:\Program Files\Trojan Remover
    2008-06-20 09:04 . 2008-06-20 09:04 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Simply Super Software
    2008-06-20 09:04 . 2008-06-20 09:04 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Simply Super Software
    2008-06-20 09:04 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
    2008-06-20 09:04 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
    2008-06-20 09:04 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
    2008-06-20 09:04 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
    2008-06-20 09:04 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
    2008-06-20 08:13 . 2008-06-20 08:13 <REP> d-------- C:\Program Files\Lavasoft
    2008-06-20 07:11 . 2008-06-20 07:11 <REP> d-------- C:\Program Files\Trend Micro
    2008-06-16 10:12 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-16 10:12 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-11 07:40 . 2008-06-11 07:40 281,600 --a------ C:\WINDOWS\system32\urqRLdEt.dll.vir
    2008-06-09 06:54 . 2008-06-09 17:59 498 --a------ C:\WINDOWS\wininit.ini
    2008-06-08 09:17 . 2008-06-08 09:17 30,208 --a------ C:\WINDOWS\system32\yayyxywu.dll.vir
    2008-06-06 22:21 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2008-06-06 22:21 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2008-06-06 22:21 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2008-06-06 22:21 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2008-05-31 09:09 . 2008-06-20 08:13 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-29 12:29 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\DNA
    2008-06-29 11:05 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\GrabIt
    2008-06-20 06:12 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-06-19 05:19 --------- d-----w C:\Program Files\RamBoost XP
    2008-06-14 04:46 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Image Zone Express
    2008-06-12 11:29 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-06-12 09:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-06-08 19:31 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\BitTorrent
    2008-05-31 06:49 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Lavasoft
    2008-05-23 02:32 --------- d-----w C:\Program Files\2K Sports
    2008-05-20 07:22 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\dvdcss
    2008-05-20 03:38 --------- d-----w C:\Program Files\Sega
    2008-05-20 03:04 --------- d-----w C:\Program Files\DNA
    2008-05-20 03:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\BitTorrent DNA
    2008-05-18 06:11 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\.BitTornado
    2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
    2008-05-16 04:02 664,519 ----a-w C:\WINDOWS\unins001.exe
    2008-05-14 04:16 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\HP
    2008-05-13 01:48 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-05-13 01:48 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Macrovision
    2008-05-13 01:47 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-05-10 13:25 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Skype
    2008-05-10 13:24 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\skypePM
    2008-05-09 05:37 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Ahead
    2008-05-09 05:29 --------- d-----w C:\Program Files\Fichiers communs\Ahead
    2008-05-09 05:23 --------- d-----w C:\Program Files\Nero
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-04-29 09:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
    2008-04-29 09:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
    2008-04-29 09:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
    2008-04-28 07:52 --------- d-----w C:\Program Files\HP
    2008-04-28 07:50 --------- d-----w C:\Program Files\Hewlett-Packard
    2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-04-07 14:45 678,746 ----a-w C:\WINDOWS\unins000.exe
    2008-02-10 18:24 2,402,832 ----a-w C:\Program Files\WLinstaller.exe
    2008-01-16 18:38 15,397 ----a-w C:\Program Files\settings.dat
    2008-01-16 18:35 15,895,117 ----a-w C:\Program Files\PDFCreator-0_9_5_setup.exe
    .

    ((((((((((((((((((((((((((((( snapshot@2008-06-27_20.43.38.53 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-27 18:39:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-29 02:58:28 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-29 02:58:33 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_57c.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
    "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-20 05:04 289088]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
    "EoEngine"="" []
    "VX1000"="C:\WINDOWS\vVX1000.exe" [2006-06-30 01:42 707376]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
    "NWEReboot"="" []
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
    "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-06-03 20:33 878672]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]

    C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-05-13 03:47:40 113664]
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26 282624]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56 65588]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.YV12"= yv12vfw.dll
    "VIDC.JPEG"= JpegCode.dll
    "VIDC.MJPG"= JpegCode.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\DNA\\btdna.exe"=
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "C:\\Program Files\\DNA\\dna.exe"=
    "C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
    "C:\\WINDOWS\\system32\\mmc.exe"=
    "C:\\WINDOWS\\system32\\wuauclt1.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "41055:TCP"= 41055:TCP:torrent

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
    S3 VX1000;VX-1000;C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-06-30 01:42]

    *Newly Created Service* - CATCHME
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-29 14:30:55
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-29 14:31:52
    ComboFix-quarantined-files.txt 2008-06-29 12:31:46
    ComboFix2.txt 2008-06-27 18:43:51

    Pre-Run: 219,135,127,552 octets libres
    Post-Run: 219,132,805,120 octets libres

    170 --- E O F --- 2008-06-20 04:39:55




    et voilou le rapport semble complet ce coup-ci ou alors je n'y comprend vraiment plus rien!!!!!!!


    a b 8 Sécurité
    29 Juin 2008 15:54:32

    Reposte un rapport Hijackthis :) 
    30 Juin 2008 06:12:26

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 06:09:37, on 30/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\vVX1000.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/OnlineScanner.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Pmotub001.1 - HP - (no file)

    --
    End of file - 6473 bytes


    et un rapport hijackthis que voilà!!!
    1 Juillet 2008 11:52:20



    Avira AntiVir Personal
    Report file date: mardi 1 juillet 2008 10:54

    Scanning for 1370761 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: PATDELPH

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:58
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:38
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:24
    LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:42
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 08:44:38
    ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 08:44:40
    ANTIVIR3.VDF : 7.0.5.28 35328 Bytes 01/07/2008 08:44:41
    Engineversion : 8.1.0.59
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
    AESCRIPT.DLL : 8.1.0.44 278907 Bytes 01/07/2008 08:44:58
    AESCN.DLL : 8.1.0.22 119157 Bytes 01/07/2008 08:44:57
    AERDL.DLL : 8.1.0.20 418165 Bytes 01/07/2008 08:44:55
    AEPACK.DLL : 8.1.1.6 364918 Bytes 01/07/2008 08:44:53
    AEOFFICE.DLL : 8.1.0.20 192891 Bytes 01/07/2008 08:44:51
    AEHEUR.DLL : 8.1.0.32 1274231 Bytes 01/07/2008 08:44:50
    AEHELP.DLL : 8.1.0.15 115063 Bytes 01/07/2008 08:44:46
    AEGEN.DLL : 8.1.0.29 307573 Bytes 01/07/2008 08:44:45
    AEEMU.DLL : 8.1.0.6 430451 Bytes 01/07/2008 08:44:43
    AECORE.DLL : 8.1.0.31 168310 Bytes 01/07/2008 08:44:42
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:54
    AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:52
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:48
    AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:50
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:32
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:26
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:12

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mardi 1 juillet 2008 10:54

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'MDM.EXE' - '1' Module(s) have been scanned
    Scan process 'btdna.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'vVX1000.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'ashServ.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    28 processes with 28 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '39' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\QooBox\Quarantine\C\WINDOWS\system32\deptkoha.dll.vir
    [DETECTION] Is the Trojan horse TR/Monder.96256.1
    [NOTE] The file was moved to '48d9f933.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\imgirgyg.dll.vir
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '48d0f945.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\keasltnp.dll.vir
    [DETECTION] Is the Trojan horse TR/Obfuscated.baw
    [NOTE] The file was moved to '48caf949.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\kjaluwbn.dll.vir
    [DETECTION] Is the Trojan horse TR/Monder.91136.10
    [NOTE] The file was moved to '48caf951.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\omxvuddl.dll.vir
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '48e1f959.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\qjaduaer.dll.vir
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '48caf959.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\slcviwdl.dll.vir
    [DETECTION] Is the Trojan horse TR/Monder.97792.1
    [NOTE] The file was moved to '48ccf95e.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\wjmeujtt.dll.vir
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '48d6f95f.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\xhxqdkeq.dll.vir
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '48e1f95f.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\xqlhsmii.dll.vir
    [DETECTION] Is the Trojan horse TR/Obfuscated.baw
    [NOTE] The file was moved to '48d5f96c.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\yuejdmcy.dll.vir
    [DETECTION] Is the Trojan horse TR/Monder.96256.1
    [NOTE] The file was moved to '48cef973.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP148\A0052866.dll
    [DETECTION] Is the Trojan horse TR/Monder.82944.2
    [NOTE] The file was moved to '4899f9a8.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP148\A0052900.exe
    [DETECTION] Is the Trojan horse TR/Agent.rbc
    [NOTE] The file was moved to '4899f9ae.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP149\A0053160.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899f9b5.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP149\A0053161.dll
    [DETECTION] Is the Trojan horse TR/Monder.91136.11
    [NOTE] The file was moved to '4899f9b9.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP149\A0053162.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899f9bd.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP149\A0053163.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899f9c0.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP149\A0053233.dll
    [DETECTION] Is the Trojan horse TR/Monder.82944.4
    [NOTE] The file was moved to '4899f9c4.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP149\A0053300.dll
    [DETECTION] Is the Trojan horse TR/Monder.82944.4
    [NOTE] The file was moved to '4899f9c9.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP151\A0053483.dll
    [DETECTION] Is the Trojan horse TR/Monder.82944.5
    [NOTE] The file was moved to '4899f9d3.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP152\A0053528.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899f9d8.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP156\A0053880.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899f9e5.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP156\A0053881.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899f9e8.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP156\A0053882.dll
    [DETECTION] Is the Trojan horse TR/Monder.91136.7
    [NOTE] The file was moved to '4899f9ec.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP156\A0053883.dll
    [DETECTION] Is the Trojan horse TR/Monder.91136.7
    [NOTE] The file was moved to '4899f9ef.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP156\A0053886.dll
    [DETECTION] Is the Trojan horse TR/Monder.30208.2
    [NOTE] The file was moved to '4899f9f2.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP159\A0055019.dll
    [DETECTION] Is the Trojan horse TR/Trash.Gen
    [NOTE] The file was moved to '4899f9fc.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055591.dll
    [DETECTION] Is the Trojan horse TR/Monder.96256.1
    [NOTE] The file was moved to '4899fa14.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055592.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899fa17.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055593.dll
    [DETECTION] Is the Trojan horse TR/Obfuscated.baw
    [NOTE] The file was moved to '4899fa1a.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055594.dll
    [DETECTION] Is the Trojan horse TR/Monder.91136.10
    [NOTE] The file was moved to '4899fa1d.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055595.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899fa20.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055596.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899fa23.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055597.dll
    [DETECTION] Is the Trojan horse TR/Monder.97792.1
    [NOTE] The file was moved to '4899fa26.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055598.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899fa29.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055599.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '4899fa2c.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055600.dll
    [DETECTION] Is the Trojan horse TR/Obfuscated.baw
    [NOTE] The file was moved to '4899fa2e.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055601.dll
    [DETECTION] Is the Trojan horse TR/Monder.96256.1
    [NOTE] The file was moved to '4899fa31.qua'!
    C:\WINDOWS\system32\urqRLdEt.dll.vir
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [NOTE] The file was moved to '48dafcfe.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!


    End of the scan: mardi 1 juillet 2008 11:46
    Used time: 52:17 min

    The scan has been done completely.

    6822 Scanning directories
    221842 Files were scanned
    39 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    39 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    221803 Files not concerned
    1447 Archives were scanned
    2 Warnings
    39 Notes

    voila le rapport du scan antivir que tu m'a demandé
    pourrrais tu me dire ce qui se passe a la base j'avais un virus avec avast et je scanne avec antivir qui me trouve 39 infections et 2 fichiers impossibles a scanner?????
    a b 8 Sécurité
    2 Juillet 2008 12:47:50

    Citation :
    pourrrais tu me dire ce qui se passe a la base j'avais un virus avec avast et je scanne avec antivir qui me trouve 39 infections et 2 fichiers impossibles a scanner?????

    Avast! n'est pas un bon antivirus, c'est pour ça qu'il ne trouve pas grand chose.

    Reposte un rapport Hijackthis.
    2 Juillet 2008 13:40:16

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:38:53, on 02/07/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\vVX1000.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/OnlineScanner.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Pmotub001.1 - HP - (no file)

    --
    End of file - 7085 bytes
    a b 8 Sécurité
    2 Juillet 2008 17:48:45

    Tu as réinstallé Avast! ? ô_o
    3 Juillet 2008 08:15:39

    En fait je ne voyait pas trop comment antivir protégeait mon ordi en direct il me semblait qu'il ne fonctionnait que pour les scans en plus windows m'a mis un message de risque infectieux ne detectant pas d'antivirus donc j'ai reinstallé avast par crainte de ne pas être suffisamment protégé. J'ai peut être fait un bourde en installant antivir?? Je veux garder cet antivirus mais veux aussi être sur qu'il est bien compatible avec xp ou alors si tu as une manip a m'indiquer pour eviter le message de risque infectieu de windows. Depuis d'ailleurs suis allé dans la configuration en activant tout ce que trouvais sauf les mail car je ne sais pas comment fournir le smtp. SInon au sujet de mon scan hijack tu as des propositions? Il y avait deux fichiers qui n'avaient pu être scannés par antivir les autres sont en quarantaine en attendant mais ces deux fichiers non scannables me font soucis. Que faire????
    a b 8 Sécurité
    3 Juillet 2008 13:50:45

    C'est un bug qui peut arriver avec AntiVir, il se corrige de lui même normalement.
    3 Juillet 2008 19:50:25

    ai relancé un scan avec avira et voilà le rapport il me signale encore 38 infection et 2 alarmes. J'ai mis les 38 elements signalés en quarantaine que dois-je faire pour faire tout disapraitre déjà hier j'avais les 38 fichiers signalés déjà mis en quarantaine et voilà il me les ressorts. que faire????????????
    je te poste le dernier rapport antivir


    Avira AntiVir Personal
    Report file date: jeudi 3 juillet 2008 18:21

    Scanning for 1376780 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: PATDELPH

    Version information:
    BUILD.DAT : 8.1.0.308 16478 Bytes 28/05/2008 17:03:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:58
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:38
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:24
    LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:42
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 08:44:38
    ANTIVIR2.VDF : 7.0.5.20 142336 Bytes 30/06/2008 08:44:40
    ANTIVIR3.VDF : 7.0.5.45 115712 Bytes 03/07/2008 14:17:41
    Engineversion : 8.1.0.64
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
    AESCRIPT.DLL : 8.1.0.46 283002 Bytes 03/07/2008 11:38:21
    AESCN.DLL : 8.1.0.22 119157 Bytes 01/07/2008 08:44:57
    AERDL.DLL : 8.1.0.20 418165 Bytes 01/07/2008 08:44:55
    AEPACK.DLL : 8.1.1.6 364918 Bytes 01/07/2008 08:44:53
    AEOFFICE.DLL : 8.1.0.20 192891 Bytes 01/07/2008 08:44:51
    AEHEUR.DLL : 8.1.0.35 1298806 Bytes 03/07/2008 11:38:19
    AEHELP.DLL : 8.1.0.15 115063 Bytes 01/07/2008 08:44:46
    AEGEN.DLL : 8.1.0.29 307573 Bytes 01/07/2008 08:44:45
    AEEMU.DLL : 8.1.0.6 430451 Bytes 01/07/2008 08:44:43
    AECORE.DLL : 8.1.0.32 168311 Bytes 03/07/2008 11:38:11
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:54
    AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:52
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:48
    AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:50
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:32
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:26
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:12

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium
    Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

    Start of the scan: jeudi 3 juillet 2008 18:21

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
    Scan process 'AcroRd32.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'ashWebSv.exe' - '1' Module(s) have been scanned
    Scan process 'ashMaiSv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'MDM.EXE' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'btdna.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'ashDisp.exe' - '1' Module(s) have been scanned
    Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'vVX1000.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'ashServ.exe' - '1' Module(s) have been scanned
    Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
    Scan process 'aawservice.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    34 processes with 34 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '40' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.1.B
    [DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
    [DETECTION] Contains detection pattern of the SPR/Tool.PV program
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '48da039f.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP155\A0053855.exe
    [DETECTION] Contains detection pattern of the application APPL/Tool.PsKill.2
    [NOTE] The file was moved to '489d0b39.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP160\A0055115.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b48.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP161\A0055128.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b4d.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP161\A0055155.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b51.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP162\A0055161.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b55.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP162\A0055188.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b58.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP162\A0055199.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.1.B
    [DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
    [DETECTION] Contains detection pattern of the SPR/Tool.PV program
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b68.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP162\A0055217.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b70.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP163\A0055232.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b79.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP163\A0055259.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b7e.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP164\A0055265.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b82.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP164\A0055295.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b84.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP165\A0055301.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b88.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP165\A0055436.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b8d.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP166\A0055442.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b92.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP166\A0055461.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b95.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP167\A0055478.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b98.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP167\A0055497.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b9a.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP168\A0055517.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0b9e.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055582.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0ba5.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP169\A0055686.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0bab.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP170\A0055752.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0bb0.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP170\A0055774.com
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0bb4.qua'!
    C:\System Volume Information\_restore{6759D91F-1E11-4CD1-A2A9-970FC6E247BB}\RP174\A0056162.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.1.B
    [DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
    [DETECTION] Contains detection pattern of the SPR/Tool.PV program
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '489d0bd5.qua'!
    C:\WINDOWS\Nircmd.exe
    [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B
    [NOTE] The file was moved to '48df0d40.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!


    End of the scan: jeudi 3 juillet 2008 19:38
    Used time: 1:17:19 min

    The scan has been done completely.

    6855 Scanning directories
    222164 Files were scanned
    38 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    26 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    222126 Files not concerned
    1448 Archives were scanned
    2 Warnings
    26 Notes
    a b 8 Sécurité
    3 Juillet 2008 20:41:29

    Désactive puis réactive la restauration du système :) 
    3 Juillet 2008 20:50:10

    comment fais-je?
    3 Juillet 2008 21:33:45

    ok j'ai desactivé puis reactivé. je lance un scanne ou bien?
    a b 8 Sécurité
    3 Juillet 2008 21:38:59

    Pas besoin ;) 
    3 Juillet 2008 22:32:06

    si je comprend bien j'ai tout viré de la quarantaine desactivé reactivé la restauration et mon problème est resolu???
    au fait quand j'ai tout viré de la quarantaine combofix à disparu du bureau si je prend des virus en chargeant ce que tu me conseil ça va plus ;-)
    je vais quand même lancer un scanne histoire de calmer ma parano parce ces petites bêtes me rendent dingue désolé c'est pas la confiance en toi qui veux ça mais juste que ces trucs me rendent dingues et que je veux être certain de ne plus être infecté. En tout cas avec tos les liens que j'ai pu lire je comprend plus de choses concernant ces sales bestioles t surtout sur les conneries à ne plus faire pour les éviter
    a b 8 Sécurité
    3 Juillet 2008 23:22:47

    Nan, tu as vidé ta restauration du système qui contenait des restes d'infections.

    Citation :
    au fait quand j'ai tout viré de la quarantaine combofix à disparu du bureau si je prend des virus en chargeant ce que tu me conseil ça va plus ;-)

    Nan mais c'est du fait de sa puissance que certains antivirus peuvent le détecter.
    9 Juillet 2008 15:31:35

    ok bon et bien tout semble ok plus que 2 warning avec antivir pour des dossiers qui ne peuvent être scannés avec lesquels je ne pense pas qu'il faille se prendre la tête, à moins que tu me dise le contraire....
    Sinon tout semble RESOLU donc je tenais à t'en remercier et suis heureux que d'autres puissent profiter de ce forum dont l'interêt pour desinternautes sans expérience comme moi peuvent trouver un véritable soutien dans leur démarche de désinfection autant que d'apprentissage des choses à faire ou pas!!!! Pour info les cracks sont à l'origine de mon infection j'ai compris et aujourd'hui ja sais que ce n'est pas demain la veille que je retournerais sur ce genre de site!!!!!
    merci encore. ;) 
    a b 8 Sécurité
    9 Juillet 2008 15:44:51

    Citation :
    ok bon et bien tout semble ok plus que 2 warning avec antivir pour des dossiers qui ne peuvent être scannés avec lesquels je ne pense pas qu'il faille se prendre la tête, à moins que tu me dise le contraire....

    Pas besoin de se prendre la tête :) 

    Citation :
    Sinon tout semble RESOLU donc je tenais à t'en remercier et suis heureux que d'autres puissent profiter de ce forum dont l'interêt pour desinternautes sans expérience comme moi peuvent trouver un véritable soutien dans leur démarche de désinfection autant que d'apprentissage des choses à faire ou pas!!!!

    Ce fut un plaisir :jap: 

    Bon surf.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS