Project 1
lyra911
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
J'ai attrapé un rhume informatique. voici le rapport demandé.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2010-02-25 13:30:21
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 26 GB (20%) free of 131 GB
Total RAM: 1014 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:30:25, on 2010-02-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\msa.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Reader 9.0\Reader\A3DUtility.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\Program Files\Fichiers communs\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\PopCap Games\Zuma Deluxe\Zuma.exe
C:\Program Files\PopCap Games\Zuma Deluxe\popcapgame2.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Program Files\AVG\AVG9\avgscanx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Qpd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [incognito] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\sps2i.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ikecomm] C:\Documents and Settings\Propriétaire\Application Data\ikecomm\ikecomm.exe
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Qpd.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Zuma/Images/stg_drm.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Zuma/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{47422DD5-02AF-42BA-80F0-75300F6F0159}: NameServer = 93.188.162.6,93.188.161.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{C67F8AD4-6C5B-4868-818E-76F0E8AE86D8}: NameServer = 93.188.162.6,93.188.161.34
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.6,93.188.161.34
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.6,93.188.161.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.6,93.188.161.34
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
--
End of file - 7847 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{E2C7CAA0-7A86-4BFE-8289-6C7BA584D9F2}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-16 1484056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-15 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\System32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\System32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\System32\igfxpers.exe [2006-03-23 118784]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-01-01 2033432]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"incognito"=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\sps2i.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ikecomm"=C:\Documents and Settings\Propriétaire\Application Data\ikecomm\ikecomm.exe [2009-03-08 638816]
"TOY5KNQ8OC"=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Qpd.exe [2010-02-24 154112]
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-12-16 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Counter-Strike 1.6\hlds.exe"="C:\Program Files\Counter-Strike 1.6\hlds.exe:*:Disabled:HLDS Launcher"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Microsoft Games\Dungeon Siege\DungeonSiege.exe"="C:\Program Files\Microsoft Games\Dungeon Siege\DungeonSiege.exe:*:Enabled:Dungeon Siege Game Executable"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\Internet ExplorerIEXPLORE.exe"="C:\Program Files\Internet ExplorerIEXPLORE.exe:*:Enabled:IEXPLORE"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Tempsps2i.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Tempsps2i.exe:*:Enabled:sps2i"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:Windows Messanger"
"C:\Documents and Settings\Propriétaire\Application Data\\itecomm.exe"="C:\Documents and Settings\Propriétaire\Application Data\\itecomm.exe:*:Enabled:Windows Messanger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2010-02-25 13:28:10 ----D---- C:\Program Files\trend micro
2010-02-25 13:28:06 ----D---- C:\rsit
2010-02-25 13:23:46 ----D---- C:\Program Files\TrendMicro
2010-02-24 18:08:04 ----A---- C:\Documents and Settings\Propriétaire\Application Data\830.exe
2010-02-24 18:06:26 ----A---- C:\WINDOWS\msa.exe
2010-02-24 18:06:07 ----A---- C:\debug.txt
2010-02-24 18:05:46 ----A---- C:\Documents and Settings\Propriétaire\Application Data\4600.exe
2010-02-24 17:38:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 18:12:16 ----A---- C:\Documents and Settings\Propriétaire\Application Data\3570.exe
2010-02-23 18:01:21 ----A---- C:\Documents and Settings\Propriétaire\Application Data\3834.exe
2010-02-23 17:55:31 ----A---- C:\Documents and Settings\Propriétaire\Application Data\5605.exe
2010-02-23 17:40:28 ----A---- C:\Documents and Settings\Propriétaire\Application Data\4799.exe
2010-02-23 17:18:54 ----D---- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries
2010-02-23 17:13:38 ----D---- C:\Program Files\The Mirror Mysteries
2010-02-20 08:32:48 ----D---- C:\Program Files\MSXML 4.0
2010-02-19 17:59:28 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Nero
2010-02-19 16:07:00 ----D---- C:\Program Files\Nero
2010-02-19 16:06:33 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2010-02-19 16:06:32 ----D---- C:\Program Files\Fichiers communs\Nero
2010-02-19 16:05:58 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-02-19 16:00:59 ----HD---- C:\Documents and Settings\Propriétaire\Application Data\ikecomm
2010-02-17 18:40:30 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2010-02-17 18:40:27 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Azureus
2010-02-17 18:39:38 ----D---- C:\Program Files\Vuze
2010-02-17 18:35:05 ----D---- C:\Program Files\uTorrent
2010-02-17 12:41:38 ----D---- C:\Program Files\Adobe
2010-02-16 20:17:34 ----D---- C:\Program Files\AC3Filter
2010-02-16 18:32:25 ----D---- C:\Program Files\Microsoft Games
2010-02-11 17:06:47 ----D---- C:\Program Files\Hero Editor
2010-02-11 17:06:38 ----N---- C:\WINDOWS\Setup1.exe
2010-02-11 17:06:36 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-02-10 12:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 12:49:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 12:47:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 12:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 12:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 12:47:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 12:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 12:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 12:46:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-09 20:02:10 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2010-02-06 20:27:23 ----D---- C:\WINDOWS\Minidump
2010-02-05 14:05:28 ----D---- C:\WINDOWS\Lost Realms Legacy of the Sun Princess
2010-02-05 14:05:28 ----D---- C:\Program Files\Lost Realms Legacy of the Sun Princess
2010-02-05 14:05:12 ----A---- C:\WINDOWS\Lost Realms Legacy of the Sun Princess Setup Log.txt
2010-02-05 13:03:20 ----D---- C:\Documents and Settings\Propriétaire\Application Data\blg
2010-02-05 13:03:20 ----D---- C:\Documents and Settings\All Users\Application Data\blg
2010-02-05 13:02:47 ----D---- C:\Program Files\Games
2010-02-05 09:42:21 ----D---- C:\Program Files\PopCap Games
2010-02-05 09:41:03 ----D---- C:\Documents and Settings\Propriétaire\Application Data\WinRAR
2010-02-05 09:40:56 ----D---- C:\Program Files\WinRAR
2010-02-04 19:04:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-04 19:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-04 15:24:20 ----D---- C:\Program Files\Zuma
2010-02-04 15:24:20 ----D---- C:\Documents and Settings\Propriétaire\Application Data\SpinTop
2010-02-04 14:51:14 ----D---- C:\Program Files\Winamp Detect
======List of files/folders modified in the last 1 months======
2010-02-25 13:28:25 ----D---- C:\WINDOWS\Prefetch
2010-02-25 13:28:10 ----RD---- C:\Program Files
2010-02-25 13:23:46 ----SHD---- C:\WINDOWS\Installer
2010-02-25 13:22:03 ----SD---- C:\WINDOWS\Tasks
2010-02-25 13:16:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-25 11:19:38 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-25 11:01:22 ----D---- C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2010-02-25 11:01:14 ----D---- C:\WINDOWS\Temp
2010-02-24 22:19:57 ----D---- C:\WINDOWS
2010-02-24 22:19:36 ----D---- C:\WINDOWS\system32\drivers
2010-02-24 18:43:02 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-02-24 18:39:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-24 17:39:57 ----D---- C:\WINDOWS\system32
2010-02-24 17:38:48 ----HD---- C:\WINDOWS\inf
2010-02-24 17:38:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-24 17:38:23 ----A---- C:\WINDOWS\imsins.BAK
2010-02-24 15:22:49 ----D---- C:\Program Files\Diablo II
2010-02-23 18:03:25 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-02-23 16:57:35 ----D---- C:\Program Files\bfgclient
2010-02-23 16:55:22 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2010-02-21 11:05:20 ----D---- C:\Documents and Settings\Propriétaire\Application Data\uTorrent
2010-02-20 08:32:56 ----D---- C:\WINDOWS\WinSxS
2010-02-19 17:08:29 ----D---- C:\Program Files\Counter-Strike 1.6
2010-02-19 16:06:32 ----D---- C:\Program Files\Fichiers communs
2010-02-19 16:06:06 ----D---- C:\WINDOWS\system32\DirectX
2010-02-17 12:41:58 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-02-17 12:41:56 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-02-16 17:51:52 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-15 18:25:58 ----D---- C:\WINDOWS\network diagnostic
2010-02-15 18:03:16 ----D---- C:\Documents and Settings\Propriétaire\Application Data\MSN6
2010-02-14 17:20:52 ----D---- C:\Program Files\eMule
2010-02-08 20:25:59 ----D---- C:\Program Files\Warcraft III
2010-02-08 14:32:10 ----D---- C:\Program Files\Internet Explorer
2010-02-08 08:42:06 ----D---- C:\Program Files\Starcraft
2010-02-04 19:51:43 ----D---- C:\WINDOWS\AppPatch
2010-02-04 15:24:41 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-04 14:51:22 ----D---- C:\Program Files\Winamp
2010-02-01 14:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-30 12:10:44 ----D---- C:\Program Files\Fichiers communs\InstallShield
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-16 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-16 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-16 360584]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-01-12 20747]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2004-10-14 155648]
R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 RT73;Linksys Home Wireless-G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-11-24 245248]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-16 1047816]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 a8f9avjl;a8f9avjl; C:\WINDOWS\system32\drivers\a8f9avjl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-12-16 906520]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-12-16 285392]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
S2 WUSB54GCSVC;WUSB54GCSVC; C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe [2005-07-04 53307]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
-----------------EOF-----------------
J'ai attrapé un rhume informatique. voici le rapport demandé.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2010-02-25 13:30:21
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 26 GB (20%) free of 131 GB
Total RAM: 1014 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:30:25, on 2010-02-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\msa.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Reader 9.0\Reader\A3DUtility.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\Program Files\Fichiers communs\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\PopCap Games\Zuma Deluxe\Zuma.exe
C:\Program Files\PopCap Games\Zuma Deluxe\popcapgame2.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Program Files\AVG\AVG9\avgscanx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Qpd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [incognito] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\sps2i.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ikecomm] C:\Documents and Settings\Propriétaire\Application Data\ikecomm\ikecomm.exe
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Qpd.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Zuma/Images/stg_drm.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Zuma/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{47422DD5-02AF-42BA-80F0-75300F6F0159}: NameServer = 93.188.162.6,93.188.161.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{C67F8AD4-6C5B-4868-818E-76F0E8AE86D8}: NameServer = 93.188.162.6,93.188.161.34
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.6,93.188.161.34
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.6,93.188.161.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.6,93.188.161.34
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
--
End of file - 7847 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{E2C7CAA0-7A86-4BFE-8289-6C7BA584D9F2}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-16 1484056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-15 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\System32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\System32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\System32\igfxpers.exe [2006-03-23 118784]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-01-01 2033432]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"incognito"=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\sps2i.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ikecomm"=C:\Documents and Settings\Propriétaire\Application Data\ikecomm\ikecomm.exe [2009-03-08 638816]
"TOY5KNQ8OC"=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Qpd.exe [2010-02-24 154112]
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-12-16 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Counter-Strike 1.6\hlds.exe"="C:\Program Files\Counter-Strike 1.6\hlds.exe:*:Disabled:HLDS Launcher"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Microsoft Games\Dungeon Siege\DungeonSiege.exe"="C:\Program Files\Microsoft Games\Dungeon Siege\DungeonSiege.exe:*:Enabled:Dungeon Siege Game Executable"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\Internet ExplorerIEXPLORE.exe"="C:\Program Files\Internet ExplorerIEXPLORE.exe:*:Enabled:IEXPLORE"
"C:\DOCUME~1\PROPRI~1\LOCALS~1\Tempsps2i.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Tempsps2i.exe:*:Enabled:sps2i"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:Windows Messanger"
"C:\Documents and Settings\Propriétaire\Application Data\\itecomm.exe"="C:\Documents and Settings\Propriétaire\Application Data\\itecomm.exe:*:Enabled:Windows Messanger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2010-02-25 13:28:10 ----D---- C:\Program Files\trend micro
2010-02-25 13:28:06 ----D---- C:\rsit
2010-02-25 13:23:46 ----D---- C:\Program Files\TrendMicro
2010-02-24 18:08:04 ----A---- C:\Documents and Settings\Propriétaire\Application Data\830.exe
2010-02-24 18:06:26 ----A---- C:\WINDOWS\msa.exe
2010-02-24 18:06:07 ----A---- C:\debug.txt
2010-02-24 18:05:46 ----A---- C:\Documents and Settings\Propriétaire\Application Data\4600.exe
2010-02-24 17:38:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 18:12:16 ----A---- C:\Documents and Settings\Propriétaire\Application Data\3570.exe
2010-02-23 18:01:21 ----A---- C:\Documents and Settings\Propriétaire\Application Data\3834.exe
2010-02-23 17:55:31 ----A---- C:\Documents and Settings\Propriétaire\Application Data\5605.exe
2010-02-23 17:40:28 ----A---- C:\Documents and Settings\Propriétaire\Application Data\4799.exe
2010-02-23 17:18:54 ----D---- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries
2010-02-23 17:13:38 ----D---- C:\Program Files\The Mirror Mysteries
2010-02-20 08:32:48 ----D---- C:\Program Files\MSXML 4.0
2010-02-19 17:59:28 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Nero
2010-02-19 16:07:00 ----D---- C:\Program Files\Nero
2010-02-19 16:06:33 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2010-02-19 16:06:32 ----D---- C:\Program Files\Fichiers communs\Nero
2010-02-19 16:05:58 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-02-19 16:00:59 ----HD---- C:\Documents and Settings\Propriétaire\Application Data\ikecomm
2010-02-17 18:40:30 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2010-02-17 18:40:27 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Azureus
2010-02-17 18:39:38 ----D---- C:\Program Files\Vuze
2010-02-17 18:35:05 ----D---- C:\Program Files\uTorrent
2010-02-17 12:41:38 ----D---- C:\Program Files\Adobe
2010-02-16 20:17:34 ----D---- C:\Program Files\AC3Filter
2010-02-16 18:32:25 ----D---- C:\Program Files\Microsoft Games
2010-02-11 17:06:47 ----D---- C:\Program Files\Hero Editor
2010-02-11 17:06:38 ----N---- C:\WINDOWS\Setup1.exe
2010-02-11 17:06:36 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-02-10 12:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 12:49:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 12:47:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 12:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 12:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 12:47:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 12:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 12:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 12:46:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-09 20:02:10 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2010-02-06 20:27:23 ----D---- C:\WINDOWS\Minidump
2010-02-05 14:05:28 ----D---- C:\WINDOWS\Lost Realms Legacy of the Sun Princess
2010-02-05 14:05:28 ----D---- C:\Program Files\Lost Realms Legacy of the Sun Princess
2010-02-05 14:05:12 ----A---- C:\WINDOWS\Lost Realms Legacy of the Sun Princess Setup Log.txt
2010-02-05 13:03:20 ----D---- C:\Documents and Settings\Propriétaire\Application Data\blg
2010-02-05 13:03:20 ----D---- C:\Documents and Settings\All Users\Application Data\blg
2010-02-05 13:02:47 ----D---- C:\Program Files\Games
2010-02-05 09:42:21 ----D---- C:\Program Files\PopCap Games
2010-02-05 09:41:03 ----D---- C:\Documents and Settings\Propriétaire\Application Data\WinRAR
2010-02-05 09:40:56 ----D---- C:\Program Files\WinRAR
2010-02-04 19:04:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-04 19:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-04 15:24:20 ----D---- C:\Program Files\Zuma
2010-02-04 15:24:20 ----D---- C:\Documents and Settings\Propriétaire\Application Data\SpinTop
2010-02-04 14:51:14 ----D---- C:\Program Files\Winamp Detect
======List of files/folders modified in the last 1 months======
2010-02-25 13:28:25 ----D---- C:\WINDOWS\Prefetch
2010-02-25 13:28:10 ----RD---- C:\Program Files
2010-02-25 13:23:46 ----SHD---- C:\WINDOWS\Installer
2010-02-25 13:22:03 ----SD---- C:\WINDOWS\Tasks
2010-02-25 13:16:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-25 11:19:38 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-25 11:01:22 ----D---- C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2010-02-25 11:01:14 ----D---- C:\WINDOWS\Temp
2010-02-24 22:19:57 ----D---- C:\WINDOWS
2010-02-24 22:19:36 ----D---- C:\WINDOWS\system32\drivers
2010-02-24 18:43:02 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-02-24 18:39:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-24 17:39:57 ----D---- C:\WINDOWS\system32
2010-02-24 17:38:48 ----HD---- C:\WINDOWS\inf
2010-02-24 17:38:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-24 17:38:23 ----A---- C:\WINDOWS\imsins.BAK
2010-02-24 15:22:49 ----D---- C:\Program Files\Diablo II
2010-02-23 18:03:25 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-02-23 16:57:35 ----D---- C:\Program Files\bfgclient
2010-02-23 16:55:22 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2010-02-21 11:05:20 ----D---- C:\Documents and Settings\Propriétaire\Application Data\uTorrent
2010-02-20 08:32:56 ----D---- C:\WINDOWS\WinSxS
2010-02-19 17:08:29 ----D---- C:\Program Files\Counter-Strike 1.6
2010-02-19 16:06:32 ----D---- C:\Program Files\Fichiers communs
2010-02-19 16:06:06 ----D---- C:\WINDOWS\system32\DirectX
2010-02-17 12:41:58 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-02-17 12:41:56 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-02-16 17:51:52 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-15 18:25:58 ----D---- C:\WINDOWS\network diagnostic
2010-02-15 18:03:16 ----D---- C:\Documents and Settings\Propriétaire\Application Data\MSN6
2010-02-14 17:20:52 ----D---- C:\Program Files\eMule
2010-02-08 20:25:59 ----D---- C:\Program Files\Warcraft III
2010-02-08 14:32:10 ----D---- C:\Program Files\Internet Explorer
2010-02-08 08:42:06 ----D---- C:\Program Files\Starcraft
2010-02-04 19:51:43 ----D---- C:\WINDOWS\AppPatch
2010-02-04 15:24:41 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-04 14:51:22 ----D---- C:\Program Files\Winamp
2010-02-01 14:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-30 12:10:44 ----D---- C:\Program Files\Fichiers communs\InstallShield
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-16 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-16 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-16 360584]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-01-12 20747]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2004-10-14 155648]
R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 RT73;Linksys Home Wireless-G USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-11-24 245248]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-16 1047816]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 a8f9avjl;a8f9avjl; C:\WINDOWS\system32\drivers\a8f9avjl.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-12-16 906520]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-12-16 285392]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
S2 WUSB54GCSVC;WUSB54GCSVC; C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe [2005-07-04 53307]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
-----------------EOF-----------------
Configuration: Windows XP / Internet Explorer 7.0
A voir également:
- Project 1
- Gantt project - Télécharger - Gestion de projets
- Seavus project viewer - Télécharger - Comptabilité & Facturation
- Ms project gratuit - Télécharger - Gestion de projets
- Risky project - Télécharger - Gestion de projets
- Project helix - Guide
effectivement, le PC est infecté
Télécharge malwarebytes' anti-malware
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Enregistre le sur le bureau
Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour pousuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur supprimer la sélection
Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malewarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur Malewarebytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
bloc-note puis sur sélectionner tout
Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
Clic droit dans le cadre de la réponse et coller