Internet Security 2010
monsieur P
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
je viens de choper "Internet Security 2010" dans un dossier en piece jointe pourtant analysé via l'antivirus de yahoo. Depuis c'est horrible, comme Malevolant (ou un truc du genre) j'ai toujours des fenetres de securité qui s'ouvrent comme quoi je suis attaqué, qu'il y a un worm, "critical warning" et que j'ai des spyware. Pourtant j'ai AVG qui l'a encore n'a rien vu. j'ai téléchargé skybot et fait les nettoyages en vain, de meme avec Malewarebytes qui m'avait suffit pour virer le grand frere de ce virus pourtant.
Et en fond d'ecran j'ai desormais "your system is infected! system has been stop to malefunction etc..."
Bref, help!!
je viens de choper "Internet Security 2010" dans un dossier en piece jointe pourtant analysé via l'antivirus de yahoo. Depuis c'est horrible, comme Malevolant (ou un truc du genre) j'ai toujours des fenetres de securité qui s'ouvrent comme quoi je suis attaqué, qu'il y a un worm, "critical warning" et que j'ai des spyware. Pourtant j'ai AVG qui l'a encore n'a rien vu. j'ai téléchargé skybot et fait les nettoyages en vain, de meme avec Malewarebytes qui m'avait suffit pour virer le grand frere de ce virus pourtant.
Et en fond d'ecran j'ai desormais "your system is infected! system has been stop to malefunction etc..."
Bref, help!!
A voir également:
- Internet Security 2010
- Microsoft security essentials - Télécharger - Antivirus & Antimalwares
- Eset internet security download - Télécharger - Sécurité
- Gps sans internet - Guide
- Clé activation office 2010 gratuit - Télécharger - Sécurité
- Mon pc rame sur internet - Guide
8 réponses
salut
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)
▶ Télécharge List&Kill'em et enregistre le sur ton bureau
▶ Branche clés usb , disques durs externes , mp3 , mp4 , etc..
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "creer une icone sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis la langue puis choisis l'option 1 = Mode Recherche
▶ laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
tu peux supprimer le rapport catchme.log de ton bureau maintenant.
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)
▶ Télécharge List&Kill'em et enregistre le sur ton bureau
▶ Branche clés usb , disques durs externes , mp3 , mp4 , etc..
double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "creer une icone sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis la langue puis choisis l'option 1 = Mode Recherche
▶ laisse travailler l'outil
à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
▶ Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"
tu peux supprimer le rapport catchme.log de ton bureau maintenant.
voilà :)
(par contre, pourquoi brancher les clés usb etc? vu qu'ils n'ont pas été en contact avec?)
List'em by g3n-h@ckm@n 1.2.0.0
thx to CCM team.....
User : Eddy (Administrateurs)
Update on 19/01/2010 by g3n-h@ckm@n ::::: 15:30
Start at: 07:23:55 | 20/01/2010
Contact : g3n-h@ckm@n sur CCM
Intel(R) Celeron(R) CPU 3.06GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 9.0 [ Enabled | Updated ]
C:\ -> Disque fixe local | 90,94 Go (51,13 Go free) [ACER] | FAT32
D:\ -> Disque fixe local | 91,45 Go (8,33 Go free) [Personnel] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SFR\Kit\WiFi\9wifi.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Programmes\Photoshop\Acrobat 8.0\Acrobat\Acrotray.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\InternetSecurity2010\IS2010.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Eddy\Local Settings\Temp\13C.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Internet Security 2010 REG_SZ C:\Program Files\InternetSecurity2010\IS2010.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
LaunchApp REG_SZ Alaunch
ntiMUI REG_SZ C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
<NO NAME> REG_SZ
RemoteControl REG_SZ "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
IMJPMIG8.1 REG_SZ "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSPY2002 REG_SZ C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
PHIME2002ASync REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
SiSPower REG_SZ Rundll32.exe SiSPower.dll,ModeAgent
SoundMan REG_SZ SOUNDMAN.EXE
eRecoveryService REG_SZ C:\Acer\Empowering Technology\eRecovery\Monitor.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
Autoconfigurateur WiFi SFR REG_SZ "C:\Program Files\SFR\Kit\WiFi\9wifi.exe"
EPSON Stylus Photo RX520 Series REG_SZ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB001" /M "Stylus Photo RX520"
Acrobat Assistant 8.0 REG_SZ "D:\Programmes\Photoshop\Acrobat 8.0\Acrobat\Acrotray.exe"
Adobe_ID0EYTHM REG_SZ C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
AVG9_TRAY REG_SZ C:\PROGRA~1\AVG\AVG9\avgtray.exe
Malwarebytes Anti-Malware (reboot) REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
smss32.exe REG_SZ C:\WINDOWS\system32\smss32.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 145 (0x91)
NoActiveDesktopChanges REG_DWORD 0 (0x0)
NoSetActiveDesktop REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoActiveDesktopChanges REG_DWORD 0 (0x0)
NoSetActiveDesktop REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\AVG\AVG8\avgemc.exe REG_SZ C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
C:\Program Files\AVG\AVG8\avgupd.exe REG_SZ C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
C:\Program Files\AVG\AVG8\avgnsx.exe REG_SZ C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe REG_SZ C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server
C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Enabled:eMule
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Program Files\AVG\AVG9\avgemc.exe REG_SZ C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe
C:\Program Files\AVG\AVG9\avgupd.exe REG_SZ C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe
C:\Program Files\AVG\AVG9\avgnsx.exe REG_SZ C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{CB58DED6-4AF3-4080-9DF1-DEE72075169F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8b15971b-5355-4c82-8c07-7e181ea07608}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AE7CD045-E861-484f-8273-0445EE161910}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3
SharedAccess : 0x2
wuauserv : 0x2
=========
Atapi.sys
=========
%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Documents and Settings\Eddy\Local Settings\Temp\13C.tmp
## C:\> hashdeep C:\WINDOWS\System32\Drivers\atapi.sys
##
95360,cdfe4411a69c224bd1d11b2da92dac51,0e6b23a80f171550575bebc56f7500cd87a5cf03b2b9fdc49bc3de96282cd69d,C:\WINDOWS\System32\Drivers\atapi.sys
=======
Drive :
=======
D‚fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.
Rapport d'analyse
90,94 Go total, 51,13 Go libre (56%), 34% fragment‚ (fragmentation du fichier 68%)
Vous devriez d‚fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Present !! : C:\Program Files\InternetSecurity2010
Present !! : C:\WINDOWS\DUMP344e.tmp
Present !! : C:\WINDOWS\System32\_SiSPInst.dll
Present !! : C:\WINDOWS\System32\_SiSBase.dll
Present !! : C:\WINDOWS\System32\_SiSParse.dll
Present !! : C:\WINDOWS\System32\18467.exe
Present !! : C:\WINDOWS\System32\26500.exe
Present !! : C:\WINDOWS\System32\41.exe
Present !! : C:\WINDOWS\System32\6334.exe
Present !! : C:\WINDOWS\System32\drivers\etc\hosts.msn
Present !! : C:\WINDOWS\System32\dumphive.exe
Present !! : C:\WINDOWS\System32\Process.exe
Present !! : C:\WINDOWS\system32\rnaph.dll
Present !! : C:\WINDOWS\System32\SrchSTS.exe
Present !! : C:\WINDOWS\System32\tmp.reg
Present !! : C:\WINDOWS\System32\VCCLSID.exe
Present !! : C:\WINDOWS\System32\warning.html
Present !! : C:\WINDOWS\System32\WS2Fix.exe
Present !! : C:\Documents and Settings\Eddy\Application Data\avdrn.dat
Present !! : C:\Documents and Settings\Eddy\Application Data\mvhgkr.dat
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Run\smss32.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
HKCU\SOFTWARE\IS2010
================
Other infections
================
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 07:40:07
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
==========
Programs
==========
Fichiers communs
Windows NT
MSN
MSN Gaming Zone
Messenger
Windows Media Player
Online Services
ComPlus Applications
Internet Explorer
Outlook Express
NetMeeting
Movie Maker
Services en ligne
WindowsUpdate
microsoft frontpage
xerox
sisagp
InstallShield Installation Information
Uninstall Information
Realtek AC97
Adobe
NewTech Infosystems
CyberLink
SiSLan
SiS VGA Utilities V3.68
Java
SFR
WLAN
Google
Mozilla Firefox
Windows Live
Windows Live SkyDrive
AVG
epson
GIMP-2.0
OpenOffice.org 3
JRE
CCleaner
Bonjour
QuickTime
VideoLAN
eMule
7-Zip
Microsoft
Microsoft SQL Server Compact Edition
Microsoft Silverlight
Enigma Software Group
Trend Micro
Malwarebytes' Anti-Malware
Virtualis
Spybot - Search & Destroy
InternetSecurity2010
List_Kill'em
============
Lecteur C:
============
i386
VALUEADD
dotnetfx
FOUND.000
FOUND.001
FOUND.002
FOUND.003
Guide
Sysinfo
drv
WINDOWS
Documents and Settings
Program Files
Acer
Bootfont.bin
ntldr
NTDETECT.COM
boot.ini
CONFIG.SYS
AUTOEXEC.BAT
IO.SYS
MSDOS.SYS
Preload.aaa
FOUND.004
FOUND.005
FOUND.006
System Volume Information
FOUND.007
FOUND.008
FOUND.009
FOUND.010
FOUND.011
FOUND.012
FOUND.013
FOUND.014
FOUND.015
FOUND.016
FOUND.017
FOUND.018
hiberfil.sys
Club-Internet
Recycled
$AVG
rapport.txt
pagefile.sys
Config.Msi
spoolerlogs
Kill'em
List'em.txt
¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials
C:\Program Files\GIMP-2.0\share\gimp\2.0\gimpressionist\Presets\Patchwork
C:\Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
D:\Programmes\Adobe\Illustrator 10.0.3\Modules\Photoshop Effects - Standard\Patchwork.8bf
D:\Programmes\Adobe\Photoshop 7.0\Modules externes\Effets\Patchwork.8bf
D:\Programmes\Photoshop\Adobe Bridge CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Bridge CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Bridge CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Contribute CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Contribute CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Contribute CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Device Central CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Device Central CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Device Central CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Dreamweaver CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Dreamweaver CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Dreamweaver CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Fireworks CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Fireworks CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Fireworks CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3 Video Encoder\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3 Video Encoder\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3 Video Encoder\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Photoshop CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Photoshop CS3\LMResources\ar_ae\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Photoshop CS3\LMResources\he_il\SerializationWF.exv
C:\Documents and Settings\Eddy\SmitfraudFix\o4Patch.exe
C:\Program Files\Mozilla Firefox\SmitfraudFix\o4Patch.exe
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
(par contre, pourquoi brancher les clés usb etc? vu qu'ils n'ont pas été en contact avec?)
List'em by g3n-h@ckm@n 1.2.0.0
thx to CCM team.....
User : Eddy (Administrateurs)
Update on 19/01/2010 by g3n-h@ckm@n ::::: 15:30
Start at: 07:23:55 | 20/01/2010
Contact : g3n-h@ckm@n sur CCM
Intel(R) Celeron(R) CPU 3.06GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : AVG Anti-Virus Free 9.0 [ Enabled | Updated ]
C:\ -> Disque fixe local | 90,94 Go (51,13 Go free) [ACER] | FAT32
D:\ -> Disque fixe local | 91,45 Go (8,33 Go free) [Personnel] | NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SFR\Kit\WiFi\9wifi.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Programmes\Photoshop\Acrobat 8.0\Acrobat\Acrotray.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\InternetSecurity2010\IS2010.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Eddy\Local Settings\Temp\13C.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Internet Security 2010 REG_SZ C:\Program Files\InternetSecurity2010\IS2010.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
LaunchApp REG_SZ Alaunch
ntiMUI REG_SZ C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
<NO NAME> REG_SZ
RemoteControl REG_SZ "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
IMJPMIG8.1 REG_SZ "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSPY2002 REG_SZ C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
PHIME2002ASync REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
SiSPower REG_SZ Rundll32.exe SiSPower.dll,ModeAgent
SoundMan REG_SZ SOUNDMAN.EXE
eRecoveryService REG_SZ C:\Acer\Empowering Technology\eRecovery\Monitor.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
Autoconfigurateur WiFi SFR REG_SZ "C:\Program Files\SFR\Kit\WiFi\9wifi.exe"
EPSON Stylus Photo RX520 Series REG_SZ C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB001" /M "Stylus Photo RX520"
Acrobat Assistant 8.0 REG_SZ "D:\Programmes\Photoshop\Acrobat 8.0\Acrobat\Acrotray.exe"
Adobe_ID0EYTHM REG_SZ C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
AVG9_TRAY REG_SZ C:\PROGRA~1\AVG\AVG9\avgtray.exe
Malwarebytes Anti-Malware (reboot) REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
smss32.exe REG_SZ C:\WINDOWS\system32\smss32.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 145 (0x91)
NoActiveDesktopChanges REG_DWORD 0 (0x0)
NoSetActiveDesktop REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoActiveDesktopChanges REG_DWORD 0 (0x0)
NoSetActiveDesktop REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\AVG\AVG8\avgemc.exe REG_SZ C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
C:\Program Files\AVG\AVG8\avgupd.exe REG_SZ C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
C:\Program Files\AVG\AVG8\avgnsx.exe REG_SZ C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe REG_SZ C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server
C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Enabled:eMule
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Program Files\AVG\AVG9\avgemc.exe REG_SZ C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe
C:\Program Files\AVG\AVG9\avgupd.exe REG_SZ C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe
C:\Program Files\AVG\AVG9\avgnsx.exe REG_SZ C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{CB58DED6-4AF3-4080-9DF1-DEE72075169F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8b15971b-5355-4c82-8c07-7e181ea07608}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
==============
BHO :
======
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AE7CD045-E861-484f-8273-0445EE161910}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3
SharedAccess : 0x2
wuauserv : 0x2
=========
Atapi.sys
=========
%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Documents and Settings\Eddy\Local Settings\Temp\13C.tmp
## C:\> hashdeep C:\WINDOWS\System32\Drivers\atapi.sys
##
95360,cdfe4411a69c224bd1d11b2da92dac51,0e6b23a80f171550575bebc56f7500cd87a5cf03b2b9fdc49bc3de96282cd69d,C:\WINDOWS\System32\Drivers\atapi.sys
=======
Drive :
=======
D‚fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.
Rapport d'analyse
90,94 Go total, 51,13 Go libre (56%), 34% fragment‚ (fragmentation du fichier 68%)
Vous devriez d‚fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Present !! : C:\Program Files\InternetSecurity2010
Present !! : C:\WINDOWS\DUMP344e.tmp
Present !! : C:\WINDOWS\System32\_SiSPInst.dll
Present !! : C:\WINDOWS\System32\_SiSBase.dll
Present !! : C:\WINDOWS\System32\_SiSParse.dll
Present !! : C:\WINDOWS\System32\18467.exe
Present !! : C:\WINDOWS\System32\26500.exe
Present !! : C:\WINDOWS\System32\41.exe
Present !! : C:\WINDOWS\System32\6334.exe
Present !! : C:\WINDOWS\System32\drivers\etc\hosts.msn
Present !! : C:\WINDOWS\System32\dumphive.exe
Present !! : C:\WINDOWS\System32\Process.exe
Present !! : C:\WINDOWS\system32\rnaph.dll
Present !! : C:\WINDOWS\System32\SrchSTS.exe
Present !! : C:\WINDOWS\System32\tmp.reg
Present !! : C:\WINDOWS\System32\VCCLSID.exe
Present !! : C:\WINDOWS\System32\warning.html
Present !! : C:\WINDOWS\System32\WS2Fix.exe
Present !! : C:\Documents and Settings\Eddy\Application Data\avdrn.dat
Present !! : C:\Documents and Settings\Eddy\Application Data\mvhgkr.dat
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKLM\Software\Microsoft\Windows\CurrentVersion\Run\smss32.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
HKCU\SOFTWARE\IS2010
================
Other infections
================
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 07:40:07
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
==========
Programs
==========
Fichiers communs
Windows NT
MSN
MSN Gaming Zone
Messenger
Windows Media Player
Online Services
ComPlus Applications
Internet Explorer
Outlook Express
NetMeeting
Movie Maker
Services en ligne
WindowsUpdate
microsoft frontpage
xerox
sisagp
InstallShield Installation Information
Uninstall Information
Realtek AC97
Adobe
NewTech Infosystems
CyberLink
SiSLan
SiS VGA Utilities V3.68
Java
SFR
WLAN
Mozilla Firefox
Windows Live
Windows Live SkyDrive
AVG
epson
GIMP-2.0
OpenOffice.org 3
JRE
CCleaner
Bonjour
QuickTime
VideoLAN
eMule
7-Zip
Microsoft
Microsoft SQL Server Compact Edition
Microsoft Silverlight
Enigma Software Group
Trend Micro
Malwarebytes' Anti-Malware
Virtualis
Spybot - Search & Destroy
InternetSecurity2010
List_Kill'em
============
Lecteur C:
============
i386
VALUEADD
dotnetfx
FOUND.000
FOUND.001
FOUND.002
FOUND.003
Guide
Sysinfo
drv
WINDOWS
Documents and Settings
Program Files
Acer
Bootfont.bin
ntldr
NTDETECT.COM
boot.ini
CONFIG.SYS
AUTOEXEC.BAT
IO.SYS
MSDOS.SYS
Preload.aaa
FOUND.004
FOUND.005
FOUND.006
System Volume Information
FOUND.007
FOUND.008
FOUND.009
FOUND.010
FOUND.011
FOUND.012
FOUND.013
FOUND.014
FOUND.015
FOUND.016
FOUND.017
FOUND.018
hiberfil.sys
Club-Internet
Recycled
$AVG
rapport.txt
pagefile.sys
Config.Msi
spoolerlogs
Kill'em
List'em.txt
¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials
C:\Program Files\GIMP-2.0\share\gimp\2.0\gimpressionist\Presets\Patchwork
C:\Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
D:\Programmes\Adobe\Illustrator 10.0.3\Modules\Photoshop Effects - Standard\Patchwork.8bf
D:\Programmes\Adobe\Photoshop 7.0\Modules externes\Effets\Patchwork.8bf
D:\Programmes\Photoshop\Adobe Bridge CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Bridge CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Bridge CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Contribute CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Contribute CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Contribute CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Device Central CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Device Central CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Device Central CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Dreamweaver CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Dreamweaver CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Dreamweaver CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Fireworks CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Fireworks CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Fireworks CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3 Video Encoder\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3 Video Encoder\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Flash CS3 Video Encoder\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\ar_AE\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\he_IL\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Photoshop CS3\LMResources\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Photoshop CS3\LMResources\ar_ae\SerializationWF.exv
D:\Programmes\Photoshop\Adobe Photoshop CS3\LMResources\he_il\SerializationWF.exv
C:\Documents and Settings\Eddy\SmitfraudFix\o4Patch.exe
C:\Program Files\Mozilla Firefox\SmitfraudFix\o4Patch.exe
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
a savoir que depuis ce matin AVG a repéré le cheval de troie Agent2.AFZU sur deux fichiers et les a mis en quarantaine et que Malwarebytes ne repere plus d'anomalie...
pourtant il est tjs là...
pourtant il est tjs là...
salut desole pour le retard
▶ Relance List&Kill'em(soit en clic droit pour vista),avec le raccourci sur ton bureau.
mais cette fois-ci :
▶ choisis l'option 2 = Mode Suppression
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta reponse
▶ Relance List&Kill'em(soit en clic droit pour vista),avec le raccourci sur ton bureau.
mais cette fois-ci :
▶ choisis l'option 2 = Mode Suppression
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta reponse
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ben suite à une suppression de programme (je venais de mettre un second antivirus mais comme apparemment c'est pas bien je l'ai viré), mon ordi ne voulait plus ouvrir de session (il se connactait puis deconnectait direct) donc j'ai tout réinstallé (3eme ou 4 eme fois en 5 ans)
mais bon du coup je suis débarassé du virus?
mais bon du coup je suis débarassé du virus?
