Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Message « Virus Alert! » à côté de l'horloge

sahinwila

Par sahinwila
dans Analyses et éradication malwares

 Partager

Messages recommandés

sahinwila Member

sahinwila

Posté(e)
Posté(e) (modifié)

Bonjour,

 

depuis hier matin, j'ai un problème avec mon pc :

 

VIRUS ALERT! à côté de l'horloge, le bureau est rouge avec un message en anglais, si je clique sur "démarrer" je n'ai plus accès aux programmes, je n'ai plus accès au poste de travail, certaines icones ont disparus sur le bureau, j'ai plein d'écrans qui s'affichent me disant que mon mon pc est infecté et qui me proposent d'installer ou d'exécuter des logiciels anti-malware et autres.

J'ai aussi des messages d'erreur : Erreur d'application xxxx emploie l'adresse mémoire yyyy; la mémoire ne peut pas être "read"????

Il est très difficile de naviguer sur internet.

 

Bref je ne sais pas ce qui se passe.

 

Pour rappel : OS : windows édition familiale + sp2

Panda internet security à jour

 

Pourriez vous m'aider, svp. D'avance je vous remercie.

Modifié par sahinwila

Lien Rag Full Patch Member

Lien Rag

Posté(e)
Posté(e)

Bonjour

 

si tu peux editer ton message et effacer le rapport Hijack :P

 

ensuite

 

1) Télécharge SmitFraudFix

 

 

Double clic sur SmitfraudFix.exe pour le lancer

Choisis l'option 1 (Recherche)

Post moi le rapport

 

2) Redémarre en mode sans échec (F8 lors du boot)

 

Relance SmitfraudFix et choisis cette fois l’option 2 et réponds oui à chaque question

 

3) Redémarre en mode normal

Post le 2ème rapport

sahinwila Member

sahinwila

Posté(e)
  • Auteur
Posté(e)

Je te remercie pour ta réponse rapide.

 

Voici le premier rapport (option 1 en mode normal) :

 

SmitFraudFix v2.349

 

Rapport fait à 15:28:06,63, ven. 12/09/2008

Executé à partir de C:\Documents and Settings\Myriam1\Bureau\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est NTFS

Fix executé en mode normal

 

»»»»»»»»»»»»»»»»»»»»»»»» Process

 

C:\windows\System32\smss.exe

C:\windows\SYSTEM32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\svchost.exe

C:\windows\system32\svchost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\windows\Explorer.EXE

C:\windows\system32\spoolsv.exe

C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Miramar\PC MACLAN\ATMsg.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\windows\system32\PuXpMan2.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe

C:\Program Files\Calendrier\Cld2000.exe

C:\windows\system32\ctfmon.exe

C:\documents and settings\myriam1\local settings\application data\ksyomiu.exe

C:\Documents and Settings\Myriam1\Application Data\Adobe\Manager.exe

C:\Program Files\Norton Utilities\SYSDOC32.EXE

C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE

C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE

C:\Program Files\Norton Utilities\NPROTECT.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

C:\windows\System32\tcpsvcs.exe

C:\Program Files\Speed Disk\nopdb.exe

C:\windows\System32\svchost.exe

C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe

C:\Program Files\UPHClean\uphclean.exe

C:\WINDOWS\system32\windowsautomaticupdates.exe

C:\Program Files\Webroot\Washer\WasherSvc.exe

C:\windows\system32\wscntfy.exe

c:\26.6480.exe

C:\windows\System32\svchost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\windows\system32\rundll32.exe

C:\windows\system32\rundll32.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\psimreal.exe

C:\windows\system32\cmd.exe

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\windows

 

C:\windows\mqgldfvo.exe PRESENT !

C:\windows\privacy_danger PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system32

 

C:\windows\system32\tdssservers.dat détecté, utilisez un scanner de Rootkit

C:\windows\system32\tdssinit.dll détecté, utilisez un scanner de Rootkit

C:\windows\system32\drivers\tdssserv.sys détecté, utilisez un scanner de Rootkit

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\windows\system32\LogFiles

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Myriam1

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Myriam1\Application Data

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Myriam1\Favoris

 

C:\DOCUME~1\Myriam1\Favoris\Error Cleaner.url PRESENT !

C:\DOCUME~1\Myriam1\Favoris\Privacy Protector.url PRESENT !

C:\DOCUME~1\Myriam1\Favoris\Spyware?Malware Protection.url PRESENT !

 

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

"Source"="file:///C:\\windows\\privacy_danger\\index.htm"

"SubscribedURL"=""

"FriendlyName"="Privacy Protection"

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

IEDFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

VACFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

+--------------------------------------------------+

[!] Suspicious: vmgspntbmtk.dll

BHO: QXK Olive - {39F63908-E12A-4A21-A7EB-67CA3B876C52}

TypeLib: {C01A38AC-2CBF-4291-9D57-6D705F6C19AD}

Interface: {106039EF-CE8E-4054-A308-FF505B1AF2A2}

Interface: {ACF5C393-8D70-4CA8-A146-DE9A3C394A34}

 

[!] Suspicious: fqbewlna.dll

Toolbar: fqbewlna - {D9119587-89B9-4EE6-A9C5-BFD4706509D0}

TypeLib: {2B9414F3-1E73-4041-8A8E-DA759DFE68AB}

Interface: {E7AF1F35-6F2A-4C48-A4E3-EB8F4D9CBDFD}

Classe: fqbewlna.bwmq

Classe: fqbewlna.ToolBar.1

 

 

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

404Fix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

AntiXPVSTFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=dword:00000001

"AppInit_DLLs"="hxazkq.dll"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

"System"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» RK

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

Description: Carte Fast Ethernet PCI 900 SiS - Miniport d'ordonnancement de paquets

DNS Server Search Order: 195.238.2.21

DNS Server Search Order: 195.238.2.22

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}:

 

NameServer=195.238.2.21,195.238.2.22

HKLM\SYSTEM\CS1\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}:

 

NameServer=195.238.2.21,195.238.2.22

HKLM\SYSTEM\CS2\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}:

 

NameServer=195.238.2.21,195.238.2.22

HKLM\SYSTEM\CS3\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}:

 

NameServer=195.238.2.21,195.238.2.22

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

 

Je dois m'absenter, pas longtemps... A tout à l'heure pour la suite.

sahinwila Member

sahinwila

Posté(e)
  • Auteur
Posté(e)

Bonsoir,

 

J'ai donc démarré mon pc en mode sans échec.

 

J'ai retrouvé mon poste de travail, la fonction recherche. Par contre j'ai perdu mes points de restauration (à moins que cela soit lié au mode sans échec???)

J'ai toujours les erreurs d'application (mémoire ne peut pas être "read") et les fenêtres me proposant de vérifier mon pc...

 

Voici le deuxième rapport (option 2 en mode sans échec) :

 

SmitFraudFix v2.349

 

Rapport fait à 21:26:39,64, ven. 12/09/2008

Executé à partir de C:\Documents and Settings\Myriam1\Bureau\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Le type du système de fichiers est NTFS

Fix executé en mode sans echec

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

 

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

 

127.0.0.1 localhost

 

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

 

VACFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

C:\windows\vmgspntbmtk.dll deleted.

C:\windows\fqbewlna.dll deleted.

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

 

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

 

GenericRenosFix by S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

 

C:\windows\mqgldfvo.exe supprimé

C:\windows\privacy_danger\ supprimé

C:\DOCUME~1\Myriam1\Favoris\Error Cleaner.url supprimé

C:\DOCUME~1\Myriam1\Favoris\Privacy Protector.url supprimé

C:\DOCUME~1\Myriam1\Favoris\Spyware?Malware Protection.url supprimé

 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

 

IEDFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

 

404Fix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

 

AntiXPVSTFix

Credits: Malware Analysis & Diagnostic

Code: S!Ri

 

 

 

»»»»»»»»»»»»»»»»»»»»»»»» RK

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

Description: Carte Fast Ethernet PCI 900 SiS - Miniport d'ordonnancement de paquets

DNS Server Search Order: 195.238.2.21

DNS Server Search Order: 195.238.2.22

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer=195.238.2.21,195.238.2.22

HKLM\SYSTEM\CS1\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer=195.238.2.21,195.238.2.22

HKLM\SYSTEM\CS2\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer=195.238.2.21,195.238.2.22

HKLM\SYSTEM\CS3\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer=195.238.2.21,195.238.2.22

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

 

Nettoyage terminé.

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

 

C'est vraiment bizarre ce qui se passe.

 

D'avance merci pour ton aide

 

Myriam

Lien Rag Full Patch Member

Lien Rag

Posté(e)
Posté(e)

on continu Myriam

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen rapide"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

sahinwila Member

sahinwila

Posté(e)
  • Auteur
Posté(e)

Bonsoir,

 

J'ai donc effectué les manipulations demandées.

Voici le rapport :

 

Malwarebytes' Anti-Malware 1.28

Version de la base de données: 1152

Windows 5.1.2600 Service Pack 2

 

14/09/2008 23:21:25

mbam-log-2008-09-14 (23-21-25).txt

 

Type de recherche: Examen rapide

Eléments examinés: 55083

Temps écoulé: 8 minute(s), 11 second(s)

 

Processus mémoire infecté(s): 1

Module(s) mémoire infecté(s): 4

Clé(s) du Registre infectée(s): 40

Valeur(s) du Registre infectée(s): 5

Elément(s) de données du Registre infecté(s): 2

Dossier(s) infecté(s): 17

Fichier(s) infecté(s): 114

 

Processus mémoire infecté(s):

C:\Documents and Settings\Myriam1\Application Data\Adobe\Manager.exe (Trojan.Agent) -> Unloaded process successfully.

 

Module(s) mémoire infecté(s):

C:\WINDOWS\system32\rtxhejqv.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\ssqNExVm.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\cbXPjKDt.dll (Trojan.Vundo) -> Delete on reboot.

C:\WINDOWS\system32\qxxwxh.dll (Trojan.Vundo) -> Delete on reboot.

 

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40d58b95-536f-4d36-93eb-a78d2eaa2606} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\{40d58b95-536f-4d36-93eb-a78d2eaa2606} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6afb6f98-289c-442e-b577-5e5125c742e2} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbxpjkdt (Trojan.Vundo.H) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\{6afb6f98-289c-442e-b577-5e5125c742e2} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ed601a91-c994-4f0e-93d5-33397c85f135} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ed601a91-c994-4f0e-93d5-33397c85f135} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Trojan.Agent) -> Delete on reboot.

HKEY_CLASSES_ROOT\TypeLib\{efebfa69-2dfa-31b0-9db6-465c0009e05c} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e34112c6-c54c-38f8-b80e-c3cfe3a0cafa} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{f89acbbd-b008-37bf-8237-af02b24a46e5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f89acbbd-b008-37bf-8237-af02b24a46e5} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internetgamebox (Adware.EGDAccess) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a07233d7 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6afb6f98-289c-442e-b577-5e5125c742e2} (Trojan.Vundo) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Run (Backdoor.Bot) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ssqnexvm -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ssqnexvm -> Delete on reboot.

 

Dossier(s) infecté(s):

C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\download (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Delete on reboot.

C:\Program Files\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\VirusRemover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

C:\WINDOWS\system32\ssqNExVm.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\mVxENqss.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mVxENqss.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\cbXPjKDt.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\qxxwxh.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\aturchky.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ykhcruta.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ddcYsTjJ.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\JjTsYcdd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\rtxhejqv.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\vqjehxtr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Application Data\cgkkics_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Application Data\cgkkics_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Application Data\cgkkics.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Application Data\qemoosbl_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Application Data\qemoosbl_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Application Data\qemoosbl.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\edka.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\cbXPjKEX.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\eesdjssm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\efcATNGv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\fewtwpnn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\fexhpsab.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\hxazkq(2).dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ilxovo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jkkLEWoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ljJAPFWN(2).dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ljJYPhGv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lnavoy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mlJDuvVo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mmx95469.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mx95469.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\qoMeDWoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ssqNDspP.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Temp\TDSS7c0c.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\5GQU7F1N\cntr[1].gif (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\BGRQNNBM\file[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\BGRQNNBM\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\UVCJV40H\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\index.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\capt.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\danger.jpg (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\down.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\spacer.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\InternetGameBox.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\language (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\InternetGameBox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\download\defaultPack.cab (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\appconfig.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btn.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnBnr.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnIn.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnInNormal.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnInOver.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnNormal.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnNormal.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnNormalBnr.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnNormalBnr.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnOver.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnOver.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnOverBnr.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\btnOverBnr.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\MessengerSkinner\resources\languages_v2.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.

C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\svsys.exe (Trojan.Agent) -> Delete on reboot.

C:\Program Files\RegistrySmart\Errors.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\RegistrySmart\Results.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\RegistrySmart\Log\log_2007_05_13_01_20_00.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\RegistrySmart\Registry Backups\2006-12-23_08-52-25.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\RegistrySmart\Registry Backups\Errors.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\RegistrySmart\Registry Backups\Results.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Program Files\VirusRemover2008\Viruses.bdt (Rogue.VirusRemove) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Oct 12 - 12_25_22 AM_812.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Oct 12 - 12_25_32 AM_343.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 09 - 04_48_18 PM_532.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 09 - 04_48_43 PM_919.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 09 - 09_47_04 AM_340.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 09 - 09_47_11 AM_821.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 10 - 03_30_02 AM_278.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 11 - 03_30_02 AM_335.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 12 - 03_30_02 AM_483.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 12 - 10_15_02 AM_500.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 12 - 10_15_17 AM_411.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 13 - 03_30_01 AM_465.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 14 - 03_30_01 AM_743.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 15 - 03_30_01 AM_680.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Registry Backups\2007-09-09_12-57-51.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Registry Backups\2007-09-12_06-24-52.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tdsspopup.dll (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tdsspopup1.url (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tdsspopup2.url (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tdsspopup3.url (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\casino1.ico (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\casino2.ico (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\casino3.ico (Malware.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\Adobe\Manager.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\dtseqrxk.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\mgxfebsq.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\znrfjsvb_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\znrfjsvb_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Application Data\RBXML550.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\Myriam1\Local Settings\Temp\lwpwer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

J'ai du redémarrer mon pc.

Encore merci pour ton aide.

 

Myriam.

Lien Rag Full Patch Member

Lien Rag

Posté(e)
Posté(e)

Bonsoir Myriam

 

Avant toute chose il me faut te signaler que ton PC était lourdement infecté.

 

Les infections n'arrivent jamais par hasard.

 

Il va maintenant falloir comprendre ensemble si cela est du à:

 

- Attitude à risque

 

- defaillance de protection du PC

 

Télécharge HijackThis

 

Tuto réalisé par Bruce Lee : http://cybersecurite.xooit.com/t138-HijackThis-2-0-2.htm

 

Clique alors sur "Do a system scan and save a logfile"

Le scan se fait très rapidement, puis un bloc-note apparaît

(le "logfile")

Dans ce bloc-note, va dans "Edition", puis "Selectionner Tout",

le texte est alors séléctionné, retourne dans "Edition" toujours

en laissant le texte séléctionné, et clique sur copier.

Colle le contenu ici dans ta prochaine réponse

sahinwila Member

sahinwila

Posté(e)
  • Auteur
Posté(e)

Bonjour,

 

Il y a déjà pas mal de choses qui sont redevenues normales (fond d'écran normal, tous les programmes sont accessibles).

Mais toujours des [erreurs d'application xxxx emploie l'adresse mémoire yyyy; la mémoire ne peut pas être "read"????].

 

Remarque : je suis toujours en IE6, les mises à jour de windows ne sont pas en mode automatique et le parefeu de windows est désactivé (je suis connectée à internet via une connexion réseau local vers un I-Mac qui lui a un routeur qui fait office de parefeu, cela fait des années que tout fonctionne bien avec cette configuration).

 

Mon antivirus passe de status "correcte" à "erreur" sur protection contre les menaces connues, virus, logiciel espion.

et pas moyen de le changer. Par contre il se met à jour sans problème. J'ai ce problème depuis le 11 septembre également.

 

Voici le rapport de Hijackthis :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 07:32:54, on 16/09/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\windows\System32\smss.exe

C:\windows\SYSTEM32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\svchost.exe

C:\windows\system32\svchost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\windows\Explorer.EXE

C:\windows\system32\spoolsv.exe

C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\windows\system32\PuXpMan2.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE

C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe

C:\Program Files\Calendrier\Cld2000.exe

C:\windows\system32\ctfmon.exe

C:\Program Files\Miramar\PC MACLAN\ATMsg.exe

C:\Program Files\Norton Utilities\SYSDOC32.EXE

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE

C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE

C:\Program Files\Norton Utilities\NPROTECT.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

C:\windows\System32\tcpsvcs.exe

C:\Program Files\Speed Disk\nopdb.exe

C:\windows\System32\svchost.exe

C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe

C:\Program Files\UPHClean\uphclean.exe

C:\WINDOWS\system32\windowsautomaticupdates.exe

C:\Program Files\Webroot\Washer\WasherSvc.exe

C:\windows\system32\wscntfy.exe

C:\windows\System32\svchost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe

C:\Program Files\UseNeXT\UseNeXT.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe

C:\windows\system32\rundll32.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\IFACE.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [Miramar Systems, Inc.] "C:\Program Files\Miramar\PC MACLAN\atmsg.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [mspwr] C:\windows\system32\PuXpMan2.exe

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [a07233d7] rundll32.exe "C:\windows\system32\nkhlghyv.dll",b

O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe

O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Search -

O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm

O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll

O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)

O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)

O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)

O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing

O15 - Trusted Zone: http://www.rigolus.com

O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n024p/EN/install/gtdownlr.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166749772390

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://roxypalace.microgaming.com/roxypalacefr/FlashAX.cab

O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer = 195.238.2.21,195.238.2.22

O20 - AppInit_DLLs: qxxwxh.dll ijfuks.dll

O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AppleTalk Messenger (ATMsg) - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATMsg.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: docoom online S.L.: docoom backup update permissions manager. 12662. - Unknown owner - C:\Program Files\docoom\docoom backup\udocoom.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Miramar AppleTalk File Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE

O23 - Service: Miramar AppleTalk Print Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE

O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe

O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe

O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

O24 - Desktop Component 0: Privacy Protection - (no file)

 

--

 

End of file - 16488 bytes

 

Remarque : j'ai un disque dur externe de stockage, je fais également mes copies de sécurité sur ce disque avec acronis (image disque). Je n'ai plus osé allumer ce disque depuis mes problèmes du 11.09.

 

Encore merci.

Myriam

sahinwila Member

sahinwila

Posté(e)
  • Auteur
Posté(e)

Bonjour,

 

Hier soir j'ai éteind mon pc et ce matin mon antivirus fonctionne normalement (protection contre les menaces connues est signalé "correcte").

 

Mais j'ai toujours des propositions de scan de mon pc, des erreurs d'exécution (adresse mémoire "yyyy" ne sait pas etre "read".

 

Je devrais me connecter sur msn pour voir mon courrier mais je n'ose pas me connecter avec mon problème actuel.

 

Est-il préférable de "virer" IE6 et d'opter pour un autre navigateur internet?

 

Merci pour votre aide.

Myriam

sahinwila Member

sahinwila

Posté(e)
  • Auteur
Posté(e)

J'ai crié "victoire" trop vite, mon antivirus passe à nouveau de status "correcte" à "erreur" sur protection contre les menaces connues, virus, logiciel espion, et pas moyen de le changer.

 

Que puis-je faire pour me sortir de cette mauvaise passe???

 

J'ai désinstallé : LAVASOFT - ADAWARE et Internet gamebox.

 

Je sais que je ne suis pas la seule à avoir "attrapé ce VIRUS ALERT" mais pour l'instant je suis au point mort.

 

Pourriez-vous m'aider SVP? Merci d'avance.

 

Myriam

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...