[Virus] Infecté par drive cleaner , winanti.. [Résolu]

Ludovic - Dernière réponse le 3 mai 2007 à 21:30

Bonjour,
Depuis quelques semaines j'ai un problème de pop up avec drive cleaner, spindoctor, winantivus pro, etc...
J'ai passé quelques logiciels tels spybot mais sans succès alors je vous demande un peu d'aide en collant le log de HijackThis
Merci d'avance :
Logfile of HijackThis v1.99.1
Scan saved at 17:46:18, on 01/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
E:\Program Files\Microsoft LifeCam\MSCamS32.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
E:\Program Files\DynDNS Updater\DynDNS.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\System32\alg.exe
E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
E:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
E:\WINDOWS\Mixer.exe
E:\WINDOWS\vVX1000.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\PROGRA~1\MICROS~3\rapimgr.exe
E:\Program Files\Skype\Plugin Manager\SkypePM.exe
E:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
E:\Program Files\eMule\emule.exe
E:\Program Files\Winamp\winampa.exe
E:\Program Files\Winamp\winamp.exe
E:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.htplayer.com:81/firefox/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "E:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [OrderReminder] E:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [VX1000] E:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "E:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [InfoData] rundll32.exe "E:\WINDOWS\system32\yarklyeu.dll",realset
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\RunServices: [Topic lnternet] lnternet.exe
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = E:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = E:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - E:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - E:\Program Files\DynDNS Updater\DynDNS.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

[Virus] Infecté par drive cleaner , winanti »

Suggestions

[Virus] Infecté par drive cleaner , winanti..
Virus infecté par drive cleaner (Résolu) » Forum
Virus : infecté par Drive Cleaner » Forum
Drive cleaner, winanti spyware (Résolu) » Forum
Infecté par drive cleaner et prcviewer (Résolu) » Forum
Help infecter par drive cleaner system doctor (Résolu) » Forum

Plus

Réponse

^^Marie^^ 61067Messages postés 6 septembre 2005Date d'inscription 31 mai 2012Dernière intervention 1 mai 2007 à 18:07

Salut

Tu as fait ce qu'il t'était demandé ici ???

wilogon exe winantivirus2006#2007 04 25%2020%3A19%3A07

Ajouter un commentaire

Ludovic - 2 mai 2007 à 09:59

en fait je ne suis pas le même utilisateur que dans ce post, je viens de suivre les conseils de raleuboleu au post 3, j'espère que cela portera ses fruits

^^Marie^^- 2 mai 2007 à 12:11

Ok

Cela porte à confusion les mm speudos
rajoute toi un chiffre ou quelque chose d'autre

scousi

A+

Réponse

pajero-brian 3731Messages postés 30 mai 2002Date d'inscription 1 mai 2007 à 18:07

help infecter par drive cleaner system doctor

bonjour, tusuis le mode d emploi de ce post

papy

Ajouter un commentaire - Site web

Réponse

raleuboleu 5064Messages postés 13 décembre 2006Date d'inscription 14 mars 2012Dernière intervention 1 mai 2007 à 18:09

salut

coche cette ligne sur hijack puis clic sur fixer l'objet :
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...

dis moi tu as 2 antivirus : avast et norton?
et quel parefeu?

en second telecharge spybot ici :
http://www.01net.com/...

et fais 1 scan , reposte ensuite 1 log hijack stp

biz

Ajouter un commentaire

Réponse

^^Marie^^ 61067Messages postés 6 septembre 2005Date d'inscription 31 mai 2012Dernière intervention 1 mai 2007 à 18:10

Houlaaa... Tous en même temps

;-))

Ajouter un commentaire

Réponse

raleuboleu 5064Messages postés 13 décembre 2006Date d'inscription 14 mars 2012Dernière intervention 1 mai 2007 à 18:19

ben oui Marie j'avais pas vu ^^

bizoux

Ajouter un commentaire

^^Marie^^- 1 mai 2007 à 18:42

Prends pour habitude de toujours cliker sur ""autre message de""
cela te permettra de constater les doublons.
Mais lorsqu'il sont non inscrits, comme l'internaute faut jeter un oeil sur le topik

Et hoplaaa ! le tour est joué

;-))

A++

raleuboleu- 1 mai 2007 à 18:47

ok merci a toi Marie , j'en apprendrai toujours ici lol

Ludovic - 2 mai 2007 à 09:56

Salut,
Merci pr la réponse.

Auparavant j'avais Norton mais seul Avast est utilisé. (enfin normalement : je ne parviens pas à le supprimer via panneau de configuration, lorsque j'essaye Avast n'arrête pas de faire des alertes type Win32:Adware-gen. [Adw] )

Voici le log hijack après avoir effectuées les opérations demandées par
raleuboleu (post 3)

Logfile of HijackThis v1.99.1
Scan saved at 09:55:20, on 02/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
E:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
E:\WINDOWS\Mixer.exe
E:\WINDOWS\vVX1000.exe
E:\Program Files\Winamp\winampa.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
E:\PROGRA~1\MICROS~3\rapimgr.exe
E:\Program Files\Microsoft LifeCam\MSCamS32.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
E:\Program Files\DynDNS Updater\DynDNS.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Skype\Plugin Manager\SkypePM.exe
E:\WINDOWS\system32\wuauclt.exe
E:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
E:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.htplayer.com:81/firefox/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "E:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [OrderReminder] E:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [VX1000] E:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "E:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [InfoData] rundll32.exe "E:\WINDOWS\system32\yarklyeu.dll",realset
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunServices: [Topic lnternet] lnternet.exe
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = E:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = E:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - E:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - E:\Program Files\DynDNS Updater\DynDNS.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Réponse

^^Marie^^ 61067Messages postés 6 septembre 2005Date d'inscription 31 mai 2012Dernière intervention 2 mai 2007 à 12:13

Re,

¨Pour désinstaller Norton correctement

http://service1.symantec.com/...

A+

Ajouter un commentaire

Ludovic - 2 mai 2007 à 15:00

Merci bcp pr le lien

Ludovic - 2 mai 2007 à 15:23

Je repose le log HijackThis après la suppression de Norton. Pour l'heure tjs des pop up type Drive cleaner avec IE7 (arrivent immédiatement) et avec Mozilla je suis en test. Merci de votre aide

Logfile of HijackThis v1.99.1
Scan saved at 15:20:20, on 02/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\Microsoft LifeCam\MSCamS32.exe
E:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
E:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
E:\WINDOWS\Mixer.exe
E:\WINDOWS\vVX1000.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\Program Files\Winamp\winampa.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
E:\PROGRA~1\MICROS~3\rapimgr.exe
E:\Program Files\DynDNS Updater\DynDNS.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Skype\Plugin Manager\SkypePM.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\taskmgr.exe
E:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
E:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
E:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
E:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.htplayer.com:81/firefox/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "E:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [OrderReminder] E:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [VX1000] E:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "E:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [InfoData] rundll32.exe "E:\WINDOWS\system32\yarklyeu.dll",realset
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunServices: [Topic lnternet] lnternet.exe
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = E:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = E:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - E:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - E:\Program Files\DynDNS Updater\DynDNS.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Réponse

^^Marie^^ 61067Messages postés 6 septembre 2005Date d'inscription 31 mai 2012Dernière intervention 2 mai 2007 à 15:59

OK

Fais c qui suit

Télécharge VirtumundoBegone sur le bureau:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

Double clique ensuite sur VirtumundoBeGone.exe et suis les instructions.
Une fois terminé, redémarre et poste le rapport VBG.TXT créé sur le bureau dans ta prochaine réponse avec un nouveau rapport HijackThis.
Ne t'inquiète pas si tu vois un message Ecran bleu "Erreur fatale", c'est normal et attendu.

Tu redémarres

Enuite

Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

Je repasse dès que je peux

A++

Ajouter un commentaire

Ludovic - 2 mai 2007 à 17:28

Voici les 2 log puis je continue pdt ce tps là
1/VBG

[05/02/2007, 17:20:57] - VirtumundoBeGone v1.5 ( "E:\Documents and Settings\Administrateur\Bureau\VirtumundoBeGone.exe" )
[05/02/2007, 17:21:11] - Detected System Information:
[05/02/2007, 17:21:11] - Windows Version: 5.1.2600, Service Pack 2
[05/02/2007, 17:21:11] - Current Username: Administrateur (Admin)
[05/02/2007, 17:21:11] - Windows is in NORMAL mode.
[05/02/2007, 17:21:12] - Searching for Browser Helper Objects:
[05/02/2007, 17:21:12] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[05/02/2007, 17:21:12] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[05/02/2007, 17:21:12] - BHO 3: {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} ()
[05/02/2007, 17:21:12] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:12] - Checking for HKLM\...\Winlogon\Notify\xxyawxv
[05/02/2007, 17:21:12] - Found: HKLM\...\Winlogon\Notify\xxyawxv - This is probably Virtumundo.
[05/02/2007, 17:21:12] - Assigning {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} MSEvents Object
[05/02/2007, 17:21:12] - BHO list has been changed! Starting over...
[05/02/2007, 17:21:12] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[05/02/2007, 17:21:12] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[05/02/2007, 17:21:12] - BHO 3: {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} (MSEvents Object)
[05/02/2007, 17:21:12] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:12] - BHO 4: {4A39755A-31FA-4A21-B613-C9D8AFDFAB88} ()
[05/02/2007, 17:21:12] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:12] - Checking for HKLM\...\Winlogon\Notify\pdpdfqwt
[05/02/2007, 17:21:12] - Key not found: HKLM\...\Winlogon\Notify\pdpdfqwt, continuing.
[05/02/2007, 17:21:12] - BHO 5: {53707962-6F74-2D53-2644-206D7942484F} ()
[05/02/2007, 17:21:12] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:13] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[05/02/2007, 17:21:13] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[05/02/2007, 17:21:13] - BHO 6: {87C1BA0A-4580-4B6F-BF3D-80AC62A4A14E} ()
[05/02/2007, 17:21:13] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:13] - Checking for HKLM\...\Winlogon\Notify\geede
[05/02/2007, 17:21:13] - Found: HKLM\...\Winlogon\Notify\geede - This is probably Virtumundo.
[05/02/2007, 17:21:13] - Assigning {87C1BA0A-4580-4B6F-BF3D-80AC62A4A14E} MSEvents Object
[05/02/2007, 17:21:13] - BHO list has been changed! Starting over...
[05/02/2007, 17:21:13] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[05/02/2007, 17:21:13] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[05/02/2007, 17:21:13] - BHO 3: {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} (MSEvents Object)
[05/02/2007, 17:21:13] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:13] - BHO 4: {4A39755A-31FA-4A21-B613-C9D8AFDFAB88} ()
[05/02/2007, 17:21:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:14] - Checking for HKLM\...\Winlogon\Notify\pdpdfqwt
[05/02/2007, 17:21:14] - Key not found: HKLM\...\Winlogon\Notify\pdpdfqwt, continuing.
[05/02/2007, 17:21:14] - BHO 5: {53707962-6F74-2D53-2644-206D7942484F} ()
[05/02/2007, 17:21:14] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:14] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[05/02/2007, 17:21:14] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[05/02/2007, 17:21:14] - BHO 6: {87C1BA0A-4580-4B6F-BF3D-80AC62A4A14E} (MSEvents Object)
[05/02/2007, 17:21:14] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:15] - BHO 7: {D651AFF4-9590-424d-BD1E-8E33E090DFB3} ()
[05/02/2007, 17:21:15] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:15] - Checking for HKLM\...\Winlogon\Notify\lhivmejr
[05/02/2007, 17:21:15] - Key not found: HKLM\...\Winlogon\Notify\lhivmejr, continuing.
[05/02/2007, 17:21:15] - BHO 8: {F873C67B-ACDF-44AC-B953-1432D055D9EF} ()
[05/02/2007, 17:21:15] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:15] - Checking for HKLM\...\Winlogon\Notify\pmnll
[05/02/2007, 17:21:15] - Found: HKLM\...\Winlogon\Notify\pmnll - This is probably Virtumundo.
[05/02/2007, 17:21:15] - Assigning {F873C67B-ACDF-44AC-B953-1432D055D9EF} MSEvents Object
[05/02/2007, 17:21:15] - BHO list has been changed! Starting over...
[05/02/2007, 17:21:15] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[05/02/2007, 17:21:15] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[05/02/2007, 17:21:15] - BHO 3: {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} (MSEvents Object)
[05/02/2007, 17:21:15] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:15] - BHO 4: {4A39755A-31FA-4A21-B613-C9D8AFDFAB88} ()
[05/02/2007, 17:21:15] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:15] - Checking for HKLM\...\Winlogon\Notify\pdpdfqwt
[05/02/2007, 17:21:16] - Key not found: HKLM\...\Winlogon\Notify\pdpdfqwt, continuing.
[05/02/2007, 17:21:16] - BHO 5: {53707962-6F74-2D53-2644-206D7942484F} ()
[05/02/2007, 17:21:16] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:16] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[05/02/2007, 17:21:16] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[05/02/2007, 17:21:16] - BHO 6: {87C1BA0A-4580-4B6F-BF3D-80AC62A4A14E} (MSEvents Object)
[05/02/2007, 17:21:16] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:16] - BHO 7: {D651AFF4-9590-424d-BD1E-8E33E090DFB3} ()
[05/02/2007, 17:21:16] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:16] - Checking for HKLM\...\Winlogon\Notify\lhivmejr
[05/02/2007, 17:21:16] - Key not found: HKLM\...\Winlogon\Notify\lhivmejr, continuing.
[05/02/2007, 17:21:16] - BHO 8: {F873C67B-ACDF-44AC-B953-1432D055D9EF} (MSEvents Object)
[05/02/2007, 17:21:16] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:16] - Finished Searching Browser Helper Objects
[05/02/2007, 17:21:16] - *** Detected MSEvents Object
[05/02/2007, 17:21:16] - Trying to remove MSEvents Object...
[05/02/2007, 17:21:17] - Terminating Process: IEXPLORE.EXE
[05/02/2007, 17:21:18] - Terminating Process: RUNDLL32.EXE
[05/02/2007, 17:21:18] - Disabling Automatic Shell Restart
[05/02/2007, 17:21:18] - Terminating Process: EXPLORER.EXE
[05/02/2007, 17:21:19] - Suspending the NT Session Manager System Service
[05/02/2007, 17:21:19] - Terminating Windows NT Logon/Logoff Manager
[05/02/2007, 17:21:20] - Re-enabling Automatic Shell Restart
[05/02/2007, 17:21:20] - File to disable: E:\WINDOWS\system32\xxyawxv.dll
[05/02/2007, 17:21:20] - Renaming E:\WINDOWS\system32\xxyawxv.dll -> E:\WINDOWS\system32\xxyawxv.dll.vir
[05/02/2007, 17:21:20] - File successfully renamed!
[05/02/2007, 17:21:20] - Removing HKLM\...\Browser Helper Objects\{3E71DC86-4A5C-4C71-A185-EBE9AC2EB607}
[05/02/2007, 17:21:20] - Removing HKCR\CLSID\{3E71DC86-4A5C-4C71-A185-EBE9AC2EB607}
[05/02/2007, 17:21:20] - Adding Kill Bit for ActiveX for GUID: {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607}
[05/02/2007, 17:21:20] - Deleting ATLEvents/MSEvents Registry entries
[05/02/2007, 17:21:20] - Removing HKLM\...\Winlogon\Notify\xxyawxv
[05/02/2007, 17:21:20] - Searching for Browser Helper Objects:
[05/02/2007, 17:21:20] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[05/02/2007, 17:21:20] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[05/02/2007, 17:21:20] - BHO 3: {4A39755A-31FA-4A21-B613-C9D8AFDFAB88} ()
[05/02/2007, 17:21:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:20] - Checking for HKLM\...\Winlogon\Notify\pdpdfqwt
[05/02/2007, 17:21:20] - Key not found: HKLM\...\Winlogon\Notify\pdpdfqwt, continuing.
[05/02/2007, 17:21:20] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[05/02/2007, 17:21:20] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:20] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[05/02/2007, 17:21:21] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[05/02/2007, 17:21:21] - BHO 5: {87C1BA0A-4580-4B6F-BF3D-80AC62A4A14E} (MSEvents Object)
[05/02/2007, 17:21:21] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:21] - BHO 6: {D651AFF4-9590-424d-BD1E-8E33E090DFB3} ()
[05/02/2007, 17:21:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:21] - Checking for HKLM\...\Winlogon\Notify\lhivmejr
[05/02/2007, 17:21:21] - Key not found: HKLM\...\Winlogon\Notify\lhivmejr, continuing.
[05/02/2007, 17:21:21] - BHO 7: {F873C67B-ACDF-44AC-B953-1432D055D9EF} (MSEvents Object)
[05/02/2007, 17:21:21] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:21] - Finished Searching Browser Helper Objects
[05/02/2007, 17:21:21] - *** Detected MSEvents Object
[05/02/2007, 17:21:21] - Trying to remove MSEvents Object...
[05/02/2007, 17:21:22] - Terminating Process: IEXPLORE.EXE
[05/02/2007, 17:21:22] - Terminating Process: RUNDLL32.EXE
[05/02/2007, 17:21:22] - Disabling Automatic Shell Restart
[05/02/2007, 17:21:22] - Terminating Process: EXPLORER.EXE
[05/02/2007, 17:21:22] - Suspending the NT Session Manager System Service
[05/02/2007, 17:21:23] - Terminating Windows NT Logon/Logoff Manager
[05/02/2007, 17:21:23] - Re-enabling Automatic Shell Restart
[05/02/2007, 17:21:23] - File to disable: E:\WINDOWS\System32\geede.dll
[05/02/2007, 17:21:23] - Removing HKLM\...\Browser Helper Objects\{87C1BA0A-4580-4B6F-BF3D-80AC62A4A14E}
[05/02/2007, 17:21:23] - Removing HKCR\CLSID\{87C1BA0A-4580-4B6F-BF3D-80AC62A4A14E}
[05/02/2007, 17:21:23] - Adding Kill Bit for ActiveX for GUID: {87C1BA0A-4580-4B6F-BF3D-80AC62A4A14E}
[05/02/2007, 17:21:23] - Deleting ATLEvents/MSEvents Registry entries
[05/02/2007, 17:21:23] - Removing HKLM\...\Winlogon\Notify\geede
[05/02/2007, 17:21:23] - Searching for Browser Helper Objects:
[05/02/2007, 17:21:23] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[05/02/2007, 17:21:23] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[05/02/2007, 17:21:23] - BHO 3: {4A39755A-31FA-4A21-B613-C9D8AFDFAB88} ()
[05/02/2007, 17:21:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:23] - Checking for HKLM\...\Winlogon\Notify\pdpdfqwt
[05/02/2007, 17:21:23] - Key not found: HKLM\...\Winlogon\Notify\pdpdfqwt, continuing.
[05/02/2007, 17:21:23] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[05/02/2007, 17:21:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:23] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[05/02/2007, 17:21:23] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[05/02/2007, 17:21:23] - BHO 5: {D651AFF4-9590-424d-BD1E-8E33E090DFB3} ()
[05/02/2007, 17:21:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:23] - Checking for HKLM\...\Winlogon\Notify\lhivmejr
[05/02/2007, 17:21:23] - Key not found: HKLM\...\Winlogon\Notify\lhivmejr, continuing.
[05/02/2007, 17:21:23] - BHO 6: {F873C67B-ACDF-44AC-B953-1432D055D9EF} (MSEvents Object)
[05/02/2007, 17:21:23] - ALERT: Found MSEvents Object!
[05/02/2007, 17:21:23] - Finished Searching Browser Helper Objects
[05/02/2007, 17:21:23] - *** Detected MSEvents Object
[05/02/2007, 17:21:23] - Trying to remove MSEvents Object...
[05/02/2007, 17:21:24] - Terminating Process: IEXPLORE.EXE
[05/02/2007, 17:21:24] - Terminating Process: RUNDLL32.EXE
[05/02/2007, 17:21:24] - Disabling Automatic Shell Restart
[05/02/2007, 17:21:24] - Terminating Process: EXPLORER.EXE
[05/02/2007, 17:21:24] - Suspending the NT Session Manager System Service
[05/02/2007, 17:21:25] - Terminating Windows NT Logon/Logoff Manager
[05/02/2007, 17:21:25] - Re-enabling Automatic Shell Restart
[05/02/2007, 17:21:25] - File to disable: E:\WINDOWS\system32\pmnll.dll
[05/02/2007, 17:21:25] - Renaming E:\WINDOWS\system32\pmnll.dll -> E:\WINDOWS\system32\pmnll.dll.vir
[05/02/2007, 17:21:25] - File successfully renamed!
[05/02/2007, 17:21:25] - Removing HKLM\...\Browser Helper Objects\{F873C67B-ACDF-44AC-B953-1432D055D9EF}
[05/02/2007, 17:21:25] - Removing HKCR\CLSID\{F873C67B-ACDF-44AC-B953-1432D055D9EF}
[05/02/2007, 17:21:25] - Adding Kill Bit for ActiveX for GUID: {F873C67B-ACDF-44AC-B953-1432D055D9EF}
[05/02/2007, 17:21:25] - Deleting ATLEvents/MSEvents Registry entries
[05/02/2007, 17:21:25] - Removing HKLM\...\Winlogon\Notify\pmnll
[05/02/2007, 17:21:25] - Searching for Browser Helper Objects:
[05/02/2007, 17:21:25] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[05/02/2007, 17:21:25] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[05/02/2007, 17:21:25] - BHO 3: {4A39755A-31FA-4A21-B613-C9D8AFDFAB88} ()
[05/02/2007, 17:21:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:25] - Checking for HKLM\...\Winlogon\Notify\pdpdfqwt
[05/02/2007, 17:21:25] - Key not found: HKLM\...\Winlogon\Notify\pdpdfqwt, continuing.
[05/02/2007, 17:21:25] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[05/02/2007, 17:21:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:25] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[05/02/2007, 17:21:25] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[05/02/2007, 17:21:25] - BHO 5: {D651AFF4-9590-424d-BD1E-8E33E090DFB3} ()
[05/02/2007, 17:21:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[05/02/2007, 17:21:25] - Checking for HKLM\...\Winlogon\Notify\lhivmejr
[05/02/2007, 17:21:25] - Key not found: HKLM\...\Winlogon\Notify\lhivmejr, continuing.
[05/02/2007, 17:21:25] - Finished Searching Browser Helper Objects
[05/02/2007, 17:21:25] - Finishing up...
[05/02/2007, 17:21:25] - A restart is needed.
[05/02/2007, 17:21:36] - Attempting to Restart via STOP error (Blue Screen!)

2/ Logfile of HijackThis v1.99.1
Scan saved at 17:27:13, on 02/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Microsoft LifeCam\MSCamS32.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
E:\Program Files\DynDNS Updater\DynDNS.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
E:\WINDOWS\Mixer.exe
E:\WINDOWS\vVX1000.exe
E:\Program Files\Winamp\winampa.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\PROGRA~1\MICROS~3\rapimgr.exe
E:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
E:\Program Files\Skype\Plugin Manager\SkypePM.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://google.htplayer.com:81/firefox/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4A39755A-31FA-4A21-B613-C9D8AFDFAB88} - E:\WINDOWS\system32\pdpdfqwt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - E:\WINDOWS\system32\lhivmejr.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OrderReminder] E:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [VX1000] E:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "E:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [InfoData] rundll32.exe "E:\WINDOWS\system32\yarklyeu.dll",realset
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunServices: [Topic lnternet] lnternet.exe
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = E:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = E:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - E:\WINDOWS\
O20 - Winlogon Notify: yaywurr - yaywurr.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - E:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - E:\Program Files\DynDNS Updater\DynDNS.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Ludovic - 2 mai 2007 à 17:51

Voilà le log après avoir lancé navilog1.bat :

Search Navipromo version 1.1.6 commencé le 02/05/2007 à 17:33:17,31

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis E:\Documents and Settings\Administrateur\Bureau
Mise a jour le 02.05.2007 a 08h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***

*** Recherche dossiers dans E:\WINDOWS ***

*** Recherche dossiers dans E:\Program Files ***

*** Recherche dossiers dans E:\Documents and Settings\All Users\Application Data ***

*** Recherche dossiers dans E:\Documents and Settings\Administrateur\Application Data ***

*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html

F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1061.

[+] Started on 05/02/07 at 17:33:19.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .............................................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 05/02/07 at 17:44:39 (return code = 0).

*** Recherche fichiers ***

*** Recherche cles registre ***

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]

Recherche Clé Magic Control

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

E:\WINDOWS\system32\edeeg.ini2 trouvé ! infection Vundo possible non traité par cet outil !
E:\WINDOWS\system32\edeeg.bak1 trouvé ! infection Vundo possible non traité par cet outil !
E:\WINDOWS\system32\llnmp.bak1 trouvé ! infection Vundo possible non traité par cet outil !
E:\WINDOWS\system32\edeeg.bak2 trouvé ! infection Vundo possible non traité par cet outil !
E:\WINDOWS\system32\llnmp.bak2 trouvé ! infection Vundo possible non traité par cet outil !

2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********

*** Analyse Terminé le 02/05/2007 à 17:45:10,18 ***

Ludovic - 3 mai 2007 à 09:05

Bonjour Marie,

As-tu trouvé quelque chose dans les log postés hier soir ?

Merci d'avance de ton aide,

Réponse

loops73 4Messages postés 3 mai 2007Date d'inscription 3 mai 2007 à 09:25

Il faut utiliser RogueRemover. Télécharge le logiciel sur http://game1.clubic.com/bulk/Rogue-Remover.zip et enregistre le sur ton buro par exemple.
Double clic sur le celui ci et sur le fichier RogueRemoverInstall.exe qu'il contient.
Dans l'assistant, clic successivement sur Nest, I agree, install et enfin sur finish. RogueRemover se lance automatiquement.
Dans la fenetre clic sur SCAN. Si Rogue détecte un intrus type Drive Cleaner, il t'en informe et l'élimine immédiatement.
Bonne chance.

Ajouter un commentaire

Réponse

Ludovic 3 mai 2007 à 21:30

Après toutes les opérations jusqu'au point 16, j'ai ensuite lancé RogueRemover qui a supprimé deux items (comme suggéré par loops73).
Et pour l'heure plus de pop-up : il semble donc que tout cela ait marché. Par contre, je suis bien incapable de savoir si toutes ces opérations étaient les bonnes et/ou toutes nécessaires. (kesako exactement HijackThis ?)

En tout cas un grand merci à tout le monde pour votre aide,

A bientôt

Ajouter un commentaire

Répondre au sujet

Posez votre question

Dossier à la une

Passage au tout numérique : quel coût pour les particuliers ?

Passage au tout numérique : quel coût pour les particuliers ?

Combien cela coûte-t-il au total ? Quelles aides apportent l'état et les acteurs du marché pour alléger cette charge non choisie ? Tous les détails sur Commentçamarche.net.

[Virus] Infecté par drive cleaner , winanti.. [Résolu]

[Virus] Infecté par drive cleaner , winanti »

Passage au tout numérique : quel coût pour les particuliers ?