Tom's Guide > Forum > Sécurité - Virus > TR/Crypt.XPACK.Gen Trojan (comment supprimé) svp

TR/Crypt.XPACK.Gen Trojan (comment supprimé) svp

Forum Sécurité - Virus : TR/Crypt.XPACK.Gen Trojan (comment supprimé) svp

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
urkel83   28-11-2008 à 13:23:34

salut a tous voila je m'en sort pas je voudrai viré un trojan que j'ai attrapé je ne sais comment apres énormément de manipulation je n'arrive toujours pas a résoudre mon probleme qui es de ne plus pouvoir afficher les dossier cacher
voici les rapport que j'ai eu avec antivir et hijackthis

antivir:



Avira AntiVir Personal
Report file date: vendredi 28 novembre 2008 12:15

Scanning for 1058304 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: urkel
Computer name: TECHSTYL-QNEZX6

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 28/11/2008 11:13:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:13:26
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 11:13:26
ANTIVIR2.VDF : 7.1.0.124 376832 Bytes 23/11/2008 11:13:26
ANTIVIR3.VDF : 7.1.0.153 189440 Bytes 28/11/2008 11:13:26
Engineversion : 8.2.0.35
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 28/11/2008 11:13:26
AESCN.DLL : 8.1.1.5 123251 Bytes 28/11/2008 11:13:26
AERDL.DLL : 8.1.1.3 438645 Bytes 28/11/2008 11:13:26
AEPACK.DLL : 8.1.3.4 393591 Bytes 28/11/2008 11:13:26
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 28/11/2008 11:13:26
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 28/11/2008 11:13:26
AEHELP.DLL : 8.1.2.0 119159 Bytes 28/11/2008 11:13:26
AEGEN.DLL : 8.1.1.5 323956 Bytes 28/11/2008 11:13:26
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
AECORE.DLL : 8.1.5.1 172406 Bytes 28/11/2008 11:13:26
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 28/11/2008 11:13:26
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: delete
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 28 novembre 2008 12:15

Starting search for hidden objects.
'42742' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'YzShadow.exe' - '1' Module(s) have been scanned
Scan process 'UberIcon Manager.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'WLANUTL.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'Core.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'vsnp2std.exe' - '1' Module(s) have been scanned
Scan process 'tsnp2std.exe' - '1' Module(s) have been scanned
Scan process 'FixCamera.exe' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'NBHGui.exe' - '1' Module(s) have been scanned
Scan process 'mixer.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
42 processes with 42 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '65' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\abk.bat
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] A backup was created as '499ad36b.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\ij.bat
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] A backup was created as '495dd374.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\m2nl.bat
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] A backup was created as '499dd33c.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\urkel\Mes documents\LimeWire\Incomplete\T-3545425-ludacris potion.mp3
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] A backup was created as '4962d46a.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Documents and Settings\urkel\Mes documents\LimeWire\Saved\ludacris potion.zip
[0] Archive type: ZIP
--> unpack.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon.Gen back-door program
[NOTE] A backup was created as '4993d4b2.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\Documents and Settings\urkel\Mes documents\LimeWire\Saved\saw 3.mp3
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] A backup was created as '49a6d49f.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\WINDOWS\system32\gasretyw0.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] A backup was created as '49a2d84d.qua' ( QUARANTINE )
[NOTE] The file was deleted!
C:\WINDOWS\system32\gasretyw1.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] A backup was created as '49a2d84e.qua' ( QUARANTINE )
[NOTE] The file was deleted!


End of the scan: vendredi 28 novembre 2008 12:38
Used time: 22:59 Minute(s)

The scan has been done completely.

4352 Scanning directories
181744 Files were scanned
8 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
8 files were deleted
0 files were repaired
8 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
181735 Files not concerned
1547 Archives were scanned
1 Warnings
8 Notes
42742 Objects were scanned with rootkit scan
0 Hidden objects were found



hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:09:41, on 28/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\avira\antivir personaledition classic\avcenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 5759049887
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6587 bytes


si quelqu'un pouvait me dire quoi faire

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Angeldark   28-11-2008 à 17:59:27
- 0 +

Bonjour,

! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

  • Télécharge ComboFix (sUBs) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.


AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
urkel83   28-11-2008 à 19:06:37
- 0 +

voici le rapport :

ComboFix 08-11-27.07 - urkel 2008-11-28 18:59:14.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1633 [GMT 1:00]
Lancé depuis: c:\documents and settings\urkel\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
c:\documents and settings\All Users\Application Data\vlc-0.9.4-win32.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-28 au 2008-11-28 ))))))))))))))))))))))))))))))))))))
.

2008-11-28 13:09 . 2008-11-28 13:09 <REP> d-------- c:\program files\Trend Micro
2008-11-28 11:57 . 2008-11-28 11:57 <REP> d-------- c:\program files\Avira
2008-11-28 11:57 . 2008-11-28 11:57 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira
2008-11-28 02:20 . 2008-11-28 02:20 <REP> d-------- c:\program files\MSN Messenger
2008-11-28 02:13 . 2008-11-28 02:13 236 --a------ C:\sqmdata13.sqm
2008-11-28 02:13 . 2008-11-28 02:13 200 --a------ C:\sqmnoopt13.sqm
2008-11-28 02:04 . 2008-11-28 02:04 236 --a------ C:\sqmdata12.sqm
2008-11-28 02:04 . 2008-11-28 02:04 200 --a------ C:\sqmnoopt12.sqm
2008-11-27 21:55 . 2008-11-27 21:55 913,408 --a------ c:\windows\system32\xreglib.dll.avxpnd
2008-11-27 21:53 . 2008-11-28 12:41 <REP> d-------- c:\program files\Zylom Games
2008-11-27 21:53 . 2008-11-27 21:53 <REP> d-------- c:\documents and settings\urkel\Application Data\Zylom
2008-11-27 21:53 . 2008-11-27 21:53 <REP> d-------- c:\documents and settings\All Users\Application Data\Zylom
2008-11-27 20:49 . 2008-11-28 06:03 81,984 --a------ c:\windows\system32\bdod.bin
2008-11-27 20:37 . 2008-11-27 20:37 <REP> d-------- c:\program files\Softwin
2008-11-27 20:37 . 2008-11-27 20:37 <REP> d-------- c:\program files\Fichiers communs\Softwin
2008-11-26 03:07 . 2008-11-26 03:07 7,680 --ahs---- c:\windows\Thumbs.db
2008-11-20 19:22 . 2008-11-25 23:59 <REP> d-------- c:\documents and settings\urkel\Application Data\LimeWire
2008-11-13 23:08 . 2008-11-13 23:08 <REP> d-------- c:\program files\Codemasters
2008-11-13 19:16 . 2008-11-13 19:23 <REP> d-------- c:\program files\Tomb Raider - Legend
2008-11-13 12:13 . 2008-11-13 12:13 <REP> d-------- c:\program files\Rockstar Games
2008-11-12 14:51 . 2008-11-17 22:40 <REP> d-------- c:\program files\Project64 1.6
2008-11-10 14:29 . 2008-11-18 23:49 103,736 --a------ c:\windows\system32\PnkBstrB.exe
2008-11-10 14:29 . 2008-11-10 21:45 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2008-11-10 14:29 . 2008-11-18 23:49 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2008-11-10 14:29 . 2008-11-10 14:29 22,328 --a------ c:\documents and settings\urkel\Application Data\PnkBstrK.sys
2008-11-10 14:29 . 2008-11-10 14:29 319 --a------ c:\windows\game.ini
2008-11-10 14:20 . 2008-11-10 14:20 <REP> d-------- c:\program files\Activision
2008-11-10 14:18 . 2008-11-10 14:18 <REP> d--hs---- c:\windows\ftpcache
2008-11-07 00:10 . 2008-11-07 00:10 <REP> d-------- c:\documents and settings\urkel\Application Data\.bsnes
2008-11-07 00:06 . 2008-11-28 14:20 <REP> d-------- c:\program files\Steam
2008-11-06 20:40 . 2008-11-06 20:40 <REP> d--h----- c:\windows\PIF
2008-11-05 20:57 . 2008-11-05 20:58 <REP> d-------- c:\documents and settings\urkel\Application Data\vlc
2008-11-05 20:57 . 2008-11-05 20:58 <REP> d-------- c:\documents and settings\urkel\Application Data\dvdcss
2008-10-28 22:12 . 2008-10-28 22:14 69,632 --a------ c:\windows\ScUnin.exe
2008-10-28 22:12 . 2008-10-28 22:14 32,101 --a------ c:\windows\scunin.dat
2008-10-28 22:12 . 2008-10-28 22:14 967 --a------ c:\windows\ScUnin.pif
2008-10-28 22:11 . 2008-11-10 03:05 <REP> d-------- c:\program files\Starcraft

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-28 01:20 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-28 01:19 --------- d-----w c:\program files\Windows Live
2008-11-20 18:05 --------- d-----w c:\program files\eMule
2008-11-20 17:31 --------- d-----w c:\program files\VirtualDJ
2008-11-13 23:42 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2008-11-13 22:08 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-11 18:59 --------- d-----w c:\program files\World of Warcraft
2008-10-26 16:14 --------- d-----w c:\program files\DIFX
2008-10-26 16:10 --------- d-----w c:\program files\Sega
2008-10-20 11:23 --------- d-----w c:\program files\iriver
2008-10-15 22:13 --------- d-----w c:\documents and settings\All Users\Application Data\Blizzard
2008-10-08 16:47 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-10-06 21:38 --------- dcsh--w c:\program files\Fichiers communs\WindowsLiveInstaller
2008-10-06 21:34 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-10-06 17:12 --------- d-----w c:\program files\Java
2008-10-06 17:10 --------- d-----w c:\program files\Fichiers communs\Java
2008-10-06 01:09 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-10-05 12:42 --------- d-----w c:\program files\Fichiers communs\snp2std
2008-10-02 22:09 --------- d-----w c:\program files\GUILD WARS
2008-10-02 18:46 --------- d-----w c:\program files\WowCartographe
2008-10-02 07:50 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment
2008-10-01 20:00 --------- d-----w c:\program files\VideoLAN
2008-10-01 16:05 --------- d--h--r c:\documents and settings\urkel\Application Data\SecuROM
2008-10-01 15:50 --------- d-----w c:\program files\Electronic Arts
2008-10-01 15:48 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-10-01 13:22 --------- d-----w c:\documents and settings\urkel\Application Data\Ahead
2008-10-01 12:35 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-01 12:29 --------- d-----w c:\program files\Fichiers communs\Ahead
2008-10-01 12:29 --------- d-----w c:\documents and settings\All Users\Application Data\Ahead
2008-10-01 12:27 --------- d-----w c:\program files\Nero
2008-10-01 12:27 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2008-10-01 12:18 65,280 ----a-w c:\windows\BricoPackUninst.cmd
2008-10-01 12:18 6,114 ----a-w c:\windows\BricoPackFoldersDelete.cmd
2008-10-01 12:18 219,648 ----a-w c:\windows\system32\uxtheme.dll
2008-09-30 15:36 --------- d-----w c:\program files\Teamspeak2_RC2
2008-09-30 15:36 --------- d-----w c:\documents and settings\urkel\Application Data\teamspeak2
2008-09-30 09:59 --------- d-----w c:\program files\VstPlugins
2008-09-30 09:59 --------- d-----w c:\program files\Image-Line
2008-09-30 09:59 --------- d-----w c:\program files\ASIO4ALL v2
2008-09-30 09:58 --------- d-----w c:\program files\Outsim
2008-09-30 09:19 --------- d-----w c:\program files\Microsoft
2008-09-30 09:08 --------- d-----w c:\program files\Fichiers communs\Windows Live
2008-09-29 22:31 --------- d-----w c:\documents and settings\urkel\Application Data\Ubisoft
2008-09-29 22:30 --------- d-----w c:\documents and settings\All Users\Application Data\Ubisoft
2008-09-29 22:21 --------- d-----w c:\program files\Ubisoft
2008-09-29 22:20 --------- d-----w c:\documents and settings\urkel\Application Data\InstallShield
2008-09-29 20:40 --------- d-----w c:\program files\Windows Installer Clean Up
2008-09-29 20:39 --------- d-----w c:\program files\MSECACHE
2008-09-29 20:36 --------- d-----w c:\program files\Wanadoo
2008-09-29 20:25 --------- d-----w c:\program files\C-Media
2007-04-17 14:42 712,704 ----a-r c:\windows\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-20 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-20 1667584]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2008-07-22 2772992]
"msnmsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Steam"="c:\program files\Steam\Steam.exe" [2008-11-07 1410296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2007-11-07 8523776]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2007-11-07 81920]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"FixCamera"="c:\windows\FixCamera.exe" [2005-12-06 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2006-01-06 110592]
"snp2std"="c:\windows\vsnp2std.exe" [2006-01-06 344064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"nwiz"="nwiz.exe" [2007-11-07 c:\windows\system32\nwiz.exe]
"C-Media Mixer"="Mixer.exe" [2007-04-17 c:\windows\mixer.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-20 15360]

c:\documents and settings\urkel\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-05-21 155648]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - c:\program files\SAGEM WiFi manager\WLANUTL.exe [2008-03-17 860160]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Sega\\Universe At War Earth Assault\\UAWEA.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\Steam\\steamapps\\urkel_1\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\urkel_1\\team fortress 2\\hl2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;c:\windows\system32\DRIVERS\WlanUZXP.sys [2008-03-17 261632]
S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\System32\ZDCndis5.SYS []
S4 hpt3xx;hpt3xx; []

*Newly Created Service* - PROCEXP90
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\urkel\Application Data\Mozilla\Firefox\Profiles\pdism5gs.default\
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-28 19:00:37
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-11-28 19:01:21
ComboFix-quarantined-files.txt 2008-11-28 18:01:03

Avant-CF: 30 655 832 064 octets libres
Après-CF: 31,216,754,688 octets libres

186 --- E O F --- 2008-09-30 08:33:15

Répondre à urkel83
Angeldark   29-11-2008 à 12:04:19
- 0 +

Reposte un rapport Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
urkel83   29-11-2008 à 12:09:11
- 0 +

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:07:57, on 29/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 5759049887
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6657 bytes


(j'ai pu avoir acces a mes fichier caché donc c'est deja ce que je voulais merci apres je sais pas si je suis tjr infecté...)
mais merci de ton aide deja :)

Répondre à urkel83
vincent_88   30-11-2008 à 07:27:09
- 0 +

Bonjour à tous, depuis 3 jours j'ai un virus sur ma machine et il m'empeche de bien travailler. voici comment il s'appelle : abk.bat il est en processus caché sous rootkit. Que faire? car avast le detecte mais il ne supprime pas, avg anti rootkit ne le supprime pas. J'ai besoin de vore aide svp que puis-je faire pour l'enlever? Il a même désactivé la suppression de l'ancien antivirus qui était là. j'attend votre soutien. Merci d'avance à tous

Répondre à vincent_88
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > TR/Crypt.XPACK.Gen Trojan (comment supprimé) svp
Aller à :

Il y a 2881 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,417 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens