Antivirus XP 2008 et Lecteur Windows Media Fermé

Question

Bonjour,

Je suis nouveau ici et je suis un petit connaisseur en informatique, d'où ma nécessité d'être aidée pour des problèmes que je rencontre depuis la semaine dernière.
Un progarmme s'est installé tout seul sur mon pc "Antivirus XP 2008" et suite à cela :
   - un écran tout bleu m'indiquant que mon pc contient des spywares
   - des bulles et fenetres apparaissant toutes les 30 secondes et me disant que mon pc contient pas moins de 2895 virus
   - mon antivirus "Mc Afee Virusscan" se déprogramme à chaque redémarrage et ne me protège plus
J'ai donc voulu désinstaller "Antivirus XP 2008" en passant par "CCleaner", puis par Windows... désinstallation Ok et pourtant un programme toujours présent...
J'ai donc installé "Ad-Aware" en complément de mon antivirus, je lance l'analyse, et là, au bout de quelques secondes.... redémarrage du pc... et ce à chaque fois...
Je suis donc passé en mode sans échec, j'ai pu faire l'analyse complète d"Ad-Aware" qui m'a révélé 27 erreurs que j'ai supprimé. Suite à cela je supprime "Ad-Aware" pour installer "Spybot", je lance l'analyse et là, 11 erreurs de plus que je supprime également. Je réussis également à supprimer "Antivirus XP 2008" en allant dans C\Program Files
Pourtant, mon écran de fond continue d'être bleu et toujours avec le même message "Warning - Spyware detected on your computer" Que dois-je faire??
A côté de cela j'ai défragmenté, nettoyé avec "CCleaner"...
Que dois-je faire maintenant pour résoudre ce problème?
Depuis le début de ce souci, mon lecteur Windows Media 11 s'est également mis à "déconner" en saccadant la musique au bout de quelques minutes de lecture, et quand j'éteins le lecteur, impossible de le redémarrer ensuite, à moins de redémarrer carrément le pc..
Par avance, merci à tous pour votre aide...

Destrio5 · Answer

Salut,

- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

- Mets-le à jour

- Redémarre en mode sans échec (Recommandé) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/

- Choisis ta session habituelle

- Fais un scan complet avec MalwareByte's Anti-Malware

- Supprime tout ce que le logiciel trouve, enregistre le rapport

- Redémarre en mode normal et poste le rapport ici

Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

nico2480 · Answer

voici le rapport :

Malwarebytes' Anti-Malware 1.23
Version de la base de données: 1002
Windows 5.1.2600 Service Pack 2

09:09:24 29/07/2008
mbam-log-7-29-2008 (09-09-16).txt

Type de recherche: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 143262
Temps écoulé: 5 hour(s), 28 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 19
Fichier(s) infecté(s): 19

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\rhcnthj0el0t (Rogue.Multiple) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcjthj0el0t (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> No action taken.
C:\Program Files\SystemDoctor Free (Rogue.SystemDoctor) -> No action taken.
C:\Program Files\Fichiers communs\SystemDoctor (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\SystemDoctor Free (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\SystemDoctor Free\Logs (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\Autorun (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\Autorun\HKCU (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\Autorun\HKLM (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\BrowserObjects (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\rhcnthj0el0t\Quarantine\Packages (Rogue.Multiple) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\SystemDoctor Free\ResErrors.log (Rogue.SystemDoctor) -> No action taken.
C:\Program Files\SystemDoctor Free\st.dat (Rogue.SystemDoctor) -> No action taken.
C:\Program Files\Fichiers communs\SystemDoctor\err.log (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\Abbr (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ActivationCode (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\HOURS (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ProductCode (Rogue.SystemDoctor) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Application Data\SystemDoctor Free\Logs\update.log (Rogue.SystemDoctor) -> No action taken.
C:\WINDOWS\system32\blphcjthj0el0t.scr (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\lphcjthj0el0t.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\phcjthj0el0t.bmp (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\DENOST Nicolas\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> No action taken.


j'ai tout supprimé et déjàn malgré mon écran toujours bleu, je n'ai plus le message en fon...

Destrio5 · Answer

- Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) : 
http://siri.urz.free.fr/Fix/SmitfraudFix.exe ou http://www.geekstogo.com/forum/files/file/6-smitfraudfix/ 

- Enregistre-le sur le bureau

- Double-clique sur SmitfraudFix.exe et choisis l'option 1 puis Entrée

- Un rapport sera généré, poste-le dans ta prochaine réponse.

[*] process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus.[*]

** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix

nico2480 · Answer

raudFix v2.332

Rapport fait à 15:48:43,32, 29/07/2008
Executé à partir de C:\Documents and Settings\DENOST Nicolas\Mes documents\DENOST.Nicolas\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Norman\Bin\ZLH.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Eurobarre\eb.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\DENOST Nicolas\Mes documents\DENOST.Nicolas\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\DENOST Nicolas


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\DENOST Nicolas\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\DENOST~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.53.252
DNS Server Search Order: 212.27.54.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{01D9CC4B-2E9D-4272-B571-BC51508DCEA6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{21D0DB2F-8B66-4C8F-AE44-6581304C3DCF}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{8E3805D4-BF00-4F2F-A1EA-4257955627A3}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CAC5B94B-B369-47C7-B7C5-7286DBD44DA2}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{21D0DB2F-8B66-4C8F-AE44-6581304C3DCF}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{01D9CC4B-2E9D-4272-B571-BC51508DCEA6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{21D0DB2F-8B66-4C8F-AE44-6581304C3DCF}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{8E3805D4-BF00-4F2F-A1EA-4257955627A3}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{CAC5B94B-B369-47C7-B7C5-7286DBD44DA2}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{01D9CC4B-2E9D-4272-B571-BC51508DCEA6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{21D0DB2F-8B66-4C8F-AE44-6581304C3DCF}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8E3805D4-BF00-4F2F-A1EA-4257955627A3}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CAC5B94B-B369-47C7-B7C5-7286DBD44DA2}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Destrio5 · Answer

- Double-clique sur SmitfraudFix.exe, choisis l'option 2 et Entrée

- Réponds O(oui) à ces deux questions si elles te sont posées

Voulez-vous nettoyer le registre ?
Corriger le fichier infecté ?

- Un rapport sera généré, sauvegarde-le sur le bureau

- Poste le rapport SmitfraudFix

nico2480 · Answer

'avais déjà nettoyé suite à la première analyse, alors je ne sais pas si le rapport de ce second nettoyage va être bien utile...

SmitFraudFix v2.332

Rapport fait à 16:13:56,70, 29/07/2008
Executé à partir de C:\Documents and Settings\DENOST Nicolas\Mes documents\DENOST.Nicolas\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1       localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found. 

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{01D9CC4B-2E9D-4272-B571-BC51508DCEA6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{21D0DB2F-8B66-4C8F-AE44-6581304C3DCF}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{8E3805D4-BF00-4F2F-A1EA-4257955627A3}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CAC5B94B-B369-47C7-B7C5-7286DBD44DA2}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{21D0DB2F-8B66-4C8F-AE44-6581304C3DCF}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{01D9CC4B-2E9D-4272-B571-BC51508DCEA6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{21D0DB2F-8B66-4C8F-AE44-6581304C3DCF}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{8E3805D4-BF00-4F2F-A1EA-4257955627A3}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS2\Services\Tcpip\..\{CAC5B94B-B369-47C7-B7C5-7286DBD44DA2}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{01D9CC4B-2E9D-4272-B571-BC51508DCEA6}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{21D0DB2F-8B66-4C8F-AE44-6581304C3DCF}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8E3805D4-BF00-4F2F-A1EA-4257955627A3}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CAC5B94B-B369-47C7-B7C5-7286DBD44DA2}: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.53.252 212.27.54.252


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Destrio5 · Answer

---> Télécharge HostsXpert sur ton Bureau :
http://www.funkytoad.com/download/HostsXpert.zip

---> Décompresse-le (Clic droit >> Extraire ici)

---> Double-clique sur HostsXpert pour le lancer

---> clique sur le bouton "Restore MS Hosts File" puis ferme le programme

PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.

- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

- Clique sur Install ensuite sur I Accept

- Clique sur Do a scan system and save log file

- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.

nico2480 · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:36:16, on 29/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32undll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Eurobarre\eb.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\DENOST~1\LOCALS~1\Temp\setup_wm.exe
C:\DOCUME~1\DENOST~1\LOCALS~1\Temp\WMC0000.tmp\WMPAU.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\WinRAR\WinRAR.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SOS Connexion - Le web en toute simplicité
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [fenaffiche] C:\Program Files\FenAffiche\FenUnika.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [java_sun] Java (Sun)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\Securitoo\av_fw\fswsclds.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN
ipsvc.exe (file missing)
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Destrio5 · Answer

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431

nico2480 · Answer

par rapport au rapport d'hijack, je n'ai aucune action à faire dans la fenetre de résultats d'analyse????

Destrio5 · Answer

Pour l'instant non, ferme HijackThis.

nico2480 · Answer

--------------------\  Lop S&D 4.2.2-4  XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : DENOST Nicolas ] [ "C:\Lop SD" ] [ Selection : 1 ]
   [ 29/07/2008 | 16:43:27,20 ] [ PC : SY5PAC25 ]
   [ MAJ : 25-07-2008 | 17:45 ]
 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [07/02/2008|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
   [07/03/2006|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{DF9AF7C2-94C4-4A45-A858-1B2CE0359AAD}
   [08/07/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [29/08/2005|10:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
   [25/01/2008|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
   [15/07/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
   [03/01/2007|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
   [20/08/2005|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [07/02/2008|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [20/11/2007|08:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
   [28/01/2007|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [28/07/2008|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [17/11/2005|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
   [16/01/2008|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
   [13/12/2005|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [26/07/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [04/11/2007|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\libresystem
   [28/07/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [01/08/2006|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCA215.tmp
   [18/11/2007|12:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
   [03/08/2006|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
   [02/08/2006|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
   [11/07/2008|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [24/07/2008|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [30/01/2007|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NPF
   [16/01/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
   [05/12/2007|23:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
   [11/11/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
   [20/08/2005|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [18/11/2007|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
   [19/11/2007|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
   [25/08/2007|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
   [28/07/2008|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [17/11/2005|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [30/12/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

   [29/08/2005|10:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
   [06/09/2005|12:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
   [29/08/2005|11:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
   [20/08/2005|19:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [20/08/2005|17:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [29/08/2005|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [26/12/2006|13:13] C:\DOCUME~1\DENOST~1\APPLIC~1\.zreglib
   [09/09/2007|13:54] C:\DOCUME~1\DENOST~1\APPLIC~1\Adobe
   [03/02/2007|11:49] C:\DOCUME~1\DENOST~1\APPLIC~1\AdobeUM
   [28/11/2005|16:55] C:\DOCUME~1\DENOST~1\APPLIC~1\Ahead
   [29/07/2008|13:04] C:\DOCUME~1\DENOST~1\APPLIC~1\Canon
   [27/01/2006|11:47] C:\DOCUME~1\DENOST~1\APPLIC~1\CD-LabelPrint
   [10/08/2006|17:37] C:\DOCUME~1\DENOST~1\APPLIC~1\CopyToDvd
   [04/01/2007|23:24] C:\DOCUME~1\DENOST~1\APPLIC~1\Corel
   [14/01/2006|21:31] C:\DOCUME~1\DENOST~1\APPLIC~1\DataLayer
   [20/08/2005|19:14] C:\DOCUME~1\DENOST~1\APPLIC~1\desktop.ini
   [27/05/2007|07:18] C:\DOCUME~1\DENOST~1\APPLIC~1\DivX
   [10/12/2006|13:15] C:\DOCUME~1\DENOST~1\APPLIC~1\Elaborate Bytes
   [12/01/2007|20:14] C:\DOCUME~1\DENOST~1\APPLIC~1\Google
   [18/11/2005|23:48] C:\DOCUME~1\DENOST~1\APPLIC~1\Help
   [16/07/2008|14:58] C:\DOCUME~1\DENOST~1\APPLIC~1\Hemera
   [17/11/2005|14:03] C:\DOCUME~1\DENOST~1\APPLIC~1\Hewlett-Packard
   [20/08/2005|17:20] C:\DOCUME~1\DENOST~1\APPLIC~1\Identities
   [28/01/2007|19:26] C:\DOCUME~1\DENOST~1\APPLIC~1\Lavasoft
   [04/11/2007|14:07] C:\DOCUME~1\DENOST~1\APPLIC~1\libresystem
   [15/11/2005|20:05] C:\DOCUME~1\DENOST~1\APPLIC~1\Macromedia
   [28/07/2008|20:54] C:\DOCUME~1\DENOST~1\APPLIC~1\Malwarebytes
   [18/11/2007|11:43] C:\DOCUME~1\DENOST~1\APPLIC~1\McAfee
   [02/08/2006|12:05] C:\DOCUME~1\DENOST~1\APPLIC~1\McAfee.com Personal Firewall
   [18/04/2007|20:50] C:\DOCUME~1\DENOST~1\APPLIC~1\Microsoft
   [16/11/2005|13:15] C:\DOCUME~1\DENOST~1\APPLIC~1\Microsoft Web Folders
   [02/08/2006|19:01] C:\DOCUME~1\DENOST~1\APPLIC~1\MSNInstaller
   [16/01/2008|20:12] C:\DOCUME~1\DENOST~1\APPLIC~1\Nokia
   [17/01/2008|00:18] C:\DOCUME~1\DENOST~1\APPLIC~1\Nokia Multimedia Player
   [23/04/2007|13:09] C:\DOCUME~1\DENOST~1\APPLIC~1\Norman
   [29/07/2008|16:22] C:\DOCUME~1\DENOST~1\APPLIC~1\OpenOffice.org2
   [16/01/2008|20:12] C:\DOCUME~1\DENOST~1\APPLIC~1\PC Suite
   [28/01/2007|19:03] C:\DOCUME~1\DENOST~1\APPLIC~1\QuickZip45.ini
   [16/11/2005|22:42] C:\DOCUME~1\DENOST~1\APPLIC~1\Real
   [12/10/2007|18:22] C:\DOCUME~1\DENOST~1\APPLIC~1\Roxio
   [07/03/2006|20:05] C:\DOCUME~1\DENOST~1\APPLIC~1\Seven Zip
   [25/07/2008|01:27] C:\DOCUME~1\DENOST~1\APPLIC~1\SiteAdvisor
   [09/12/2006|20:38] C:\DOCUME~1\DENOST~1\APPLIC~1\SlySoft
   [18/03/2006|01:10] C:\DOCUME~1\DENOST~1\APPLIC~1\Sun
   [15/12/2005|13:40] C:\DOCUME~1\DENOST~1\APPLIC~1\Template
   [27/07/2008|00:20] C:\DOCUME~1\DENOST~1\APPLIC~1\U3
   [21/07/2008|14:59] C:\DOCUME~1\DENOST~1\APPLIC~1\uTorrent
   [18/11/2006|21:40] C:\DOCUME~1\DENOST~1\APPLIC~1\Vso
   [29/07/2008|12:46] C:\DOCUME~1\DENOST~1\APPLIC~1\wklnhst.dat

   [24/07/2008|21:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\597528181.exe
   [01/08/2006|16:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
   [10/12/2007|19:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [08/09/2007|09:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio
   [19/11/2007|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor

   [20/08/2005|17:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [15/07/2008 02:10][--a------] C:\WINDOWS	asks\McDefragTask.job
   [01/07/2008 01:00][--a------] C:\WINDOWS	asks\McQcTask.job
   [29/07/2008 15:04][--a------] C:\WINDOWS	asks\WebReg 20051118150408.job
   [05/08/2004 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini
   [29/07/2008 16:22][--ah-----] C:\WINDOWS	asks\SA.DAT

   --------------------\  Listing des dossiers dans C:\Program Files

   [29/04/2008|00:46] C:\Program Files\AbiSuite2
   [08/07/2008|15:06] C:\Program Files\Adobe
   [28/01/2007|17:47] C:\Program Files\Ahead
   [03/01/2007|21:32] C:\Program Files\AliveMedia
   [23/04/2007|13:11] C:\Program Files\Alwil Software
   [29/08/2005|10:26] C:\Program Files\ATI Technologies
   [15/07/2008|14:26] C:\Program Files\Canon
   [15/07/2008|14:18] C:\Program Files\CanonBJ
   [11/08/2007|08:05] C:\Program Files\CCleaner
   [11/08/2007|08:04] C:\Program Files\ccsetup140.exe
   [08/01/2006|01:10] C:\Program Files\CIEL
   [20/08/2005|17:18] C:\Program Files\ComPlus Applications
   [18/11/2005|22:13] C:\Program Files\DAP
   [16/01/2008|20:11] C:\Program Files\DIFX
   [22/11/2007|09:13] C:\Program Files\DivX
   [11/11/2007|11:26] C:\Program Files\DVD Shrink
   [19/11/2007|21:49] C:\Program Files\Elaborate Bytes
   [29/07/2008|16:22] C:\Program Files\eMule
   [11/05/2007|16:21] C:\Program Files\EO Video
   [04/11/2007|11:45] C:\Program Files\Eurobarre
   [24/08/2007|15:10] C:\Program Files\Executive Software
   [07/09/2005|09:13] C:\Program Files\FenAffiche
   [28/07/2008|16:30] C:\Program Files\Fichiers communs
   [23/04/2007|13:06] C:\Program Files\Free
   [04/12/2007|22:43] C:\Program Files\GameHouse
   [23/04/2007|13:56] C:\Program Files\Gimp
   [28/07/2008|16:57] C:\Program Files\Google
   [17/11/2005|13:59] C:\Program Files\Hewlett-Packard
   [20/08/2005|17:26] C:\Program Files\HighMAT CD Writing Wizard
   [30/01/2007|12:16] C:\Program Files\IncrediMail
   [16/07/2008|14:35] C:\Program Files\InstallShield Installation Information
   [11/06/2008|08:42] C:\Program Files\Internet Explorer
   [12/12/2005|23:59] C:\Program Files\Jasc Software Inc
   [28/07/2008|16:51] C:\Program Files\Java
   [10/01/2008|20:21] C:\Program Files\Keyboard & Mouse Driver
   [10/01/2008|14:00] C:\Program Files\Keyboard Driver
   [28/07/2008|16:30] C:\Program Files\Lavasoft
   [18/11/2007|10:46] C:\Program Files\LibreSystem
   [16/01/2008|20:12] C:\Program Files\Magicbit
   [28/07/2008|20:54] C:\Program Files\Malwarebytes' Anti-Malware
   [15/05/2008|14:03] C:\Program Files\McAfee
   [18/11/2007|12:46] C:\Program Files\McAfee.com
   [20/08/2005|17:28] C:\Program Files\Messenger
   [30/12/2007|17:30] C:\Program Files\Messenger Plus! Live
   [27/12/2006|23:14] C:\Program Files\Micro Application
   [16/07/2008|14:28] C:\Program Files\MicroApp
   [16/11/2005|13:15] C:\Program Files\microsoft frontpage
   [29/11/2006|21:10] C:\Program Files\Microsoft Office
   [19/05/2008|21:19] C:\Program Files\Microsoft Works
   [29/08/2005|10:34] C:\Program Files\Microsoft.NET
   [16/01/2008|20:18] C:\Program Files\MIKSOFT
   [09/09/2007|10:05] C:\Program Files\MinitelADSL
   [20/08/2005|17:18] C:\Program Files\Movie Maker
   [22/11/2005|23:22] C:\Program Files\MSN
   [17/12/2005|01:05] C:\Program Files\MSN Apps
   [20/08/2005|17:17] C:\Program Files\MSN Gaming Zone
   [30/12/2007|17:44] C:\Program Files\MSN Messenger
   [16/11/2006|13:01] C:\Program Files\MSXML 4.0
   [07/03/2006|20:06] C:\Program Files\Mystik Media
   [18/11/2005|20:42] C:\Program Files\Need2Find
   [20/08/2005|17:18] C:\Program Files\NetMeeting
   [16/01/2008|20:10] C:\Program Files\Nokia
   [20/08/2005|17:17] C:\Program Files\Online Services
   [29/04/2008|11:35] C:\Program Files\OpenOffice.org 2.4
   [17/11/2005|22:37] C:\Program Files\Orange
   [13/06/2007|12:03] C:\Program Files\Outlook Express
   [16/01/2008|20:10] C:\Program Files\PC Connectivity Solution
   [20/08/2005|17:26] C:\Program Files\Phoenix Technologies Ltd
   [29/12/2006|19:28] C:\Program Files\QuickTime
   [12/10/2006|22:01] C:\Program Files\QuickZip4
   [16/11/2005|22:34] C:\Program Files\Real
   [20/08/2005|17:48] C:\Program Files\Realtek
   [26/05/2007|15:10] C:\Program Files\RM-X© Easy Compress
   [11/11/2007|10:25] C:\Program Files\Roxio
   [20/08/2005|17:18] C:\Program Files\Services en ligne
   [17/12/2007|21:44] C:\Program Files\SiteAdvisor
   [20/12/2007|09:37] C:\Program Files\SlySoft
   [28/07/2008|21:05] C:\Program Files\Spybot - Search & Destroy
   [29/07/2008|16:35] C:\Program Files\Trend Micro
   [20/08/2005|17:22] C:\Program Files\Uninstall Information
   [12/07/2008|12:50] C:\Program Files\uTorrent
   [24/08/2007|21:51] C:\Program Files\Vimicro
   [20/08/2005|17:23] C:\Program Files\Windows Journal Viewer
   [30/12/2007|17:46] C:\Program Files\Windows Live
   [12/12/2006|23:06] C:\Program Files\Windows Media Connect
   [11/11/2007|11:09] C:\Program Files\Windows Media Connect 2
   [29/07/2008|16:43] C:\Program Files\Windows Media Player
   [20/08/2005|17:17] C:\Program Files\Windows NT
   [20/08/2005|17:18] C:\Program Files\WindowsUpdate
   [09/01/2007|21:09] C:\Program Files\WinRAR
   [20/08/2005|17:20] C:\Program Files\xerox
   [20/08/2005|17:52] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [08/07/2008|15:07] C:\Program Files\Fichiers communs\Adobe
   [28/01/2007|17:46] C:\Program Files\Fichiers communs\Ahead
   [15/07/2008|14:27] C:\Program Files\Fichiers communs\CANON
   [29/08/2005|10:35] C:\Program Files\Fichiers communs\DESIGNER
   [17/11/2005|13:57] C:\Program Files\Fichiers communs\Hewlett-Packard
   [12/12/2005|23:59] C:\Program Files\Fichiers communs\InstallShield
   [15/03/2006|13:36] C:\Program Files\Fichiers communs\Java
   [18/11/2007|21:15] C:\Program Files\Fichiers communs\LibreSystem
   [18/11/2007|12:47] C:\Program Files\Fichiers communs\McAfee
   [17/11/2005|16:06] C:\Program Files\Fichiers communs\Micro Application Shared
   [10/06/2008|12:04] C:\Program Files\Fichiers communs\Microsoft Shared
   [20/08/2005|17:18] C:\Program Files\Fichiers communs\MSSoap
   [16/01/2008|20:11] C:\Program Files\Fichiers communs\Nokia
   [20/08/2005|19:15] C:\Program Files\Fichiers communs\ODBC
   [16/01/2008|20:11] C:\Program Files\Fichiers communs\PCSuite
   [13/09/2007|05:05] C:\Program Files\Fichiers communs\Real
   [25/08/2007|12:42] C:\Program Files\Fichiers communs\Roxio Shared
   [20/08/2005|17:18] C:\Program Files\Fichiers communs\Services
   [20/08/2005|19:15] C:\Program Files\Fichiers communs\SpeechEngines
   [13/06/2007|12:03] C:\Program Files\Fichiers communs\System
   [30/12/2007|17:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [13/09/2007|05:05] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 67 Processus )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-07-29 16:46:41
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 155
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:42][D:12]-> C:\DOCUME~1\DENOST~1\LOCALS~1\Temp
   [F:78][D:0]-> C:\DOCUME~1\DENOST~1\Cookies
   [F:2918][D:4]-> C:\DOCUME~1\DENOST~1\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 16:49:10,76

Destrio5 · Answer

---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

nico2480 · Answer

--------------------\  Lop S&D 4.2.2-4  XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : DENOST Nicolas ] [ "C:\Lop SD" ] [ Selection : 2 ]
   [ 29/07/2008 | 17:03:05,39 ] [ PC : SY5PAC25 ]
   [ MAJ : 25-07-2008 | 17:45 ]


   \\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
   RestaurÚ! - Fichier Hosts
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\ 

   Supprime! - C:\Program Files\Need2Find
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\

 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [07/02/2008|09:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
   [07/03/2006|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{DF9AF7C2-94C4-4A45-A858-1B2CE0359AAD}
   [08/07/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [29/08/2005|10:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
   [15/07/2008|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
   [03/01/2007|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
   [20/08/2005|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [07/02/2008|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [20/11/2007|08:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
   [28/01/2007|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [28/07/2008|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [17/11/2005|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
   [16/01/2008|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
   [13/12/2005|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [26/07/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [04/11/2007|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\libresystem
   [28/07/2008|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [01/08/2006|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCA215.tmp
   [18/11/2007|12:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
   [03/08/2006|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
   [02/08/2006|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
   [11/07/2008|17:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [24/07/2008|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [30/01/2007|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NPF
   [16/01/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
   [05/12/2007|23:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
   [11/11/2007|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
   [20/08/2005|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [18/11/2007|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
   [19/11/2007|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
   [25/08/2007|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
   [28/07/2008|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [17/11/2005|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [30/12/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

   [29/08/2005|10:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
   [06/09/2005|12:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
   [29/08/2005|11:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
   [20/08/2005|19:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [20/08/2005|17:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [29/08/2005|10:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [26/12/2006|13:13] C:\DOCUME~1\DENOST~1\APPLIC~1\.zreglib
   [09/09/2007|13:54] C:\DOCUME~1\DENOST~1\APPLIC~1\Adobe
   [03/02/2007|11:49] C:\DOCUME~1\DENOST~1\APPLIC~1\AdobeUM
   [28/11/2005|16:55] C:\DOCUME~1\DENOST~1\APPLIC~1\Ahead
   [29/07/2008|13:04] C:\DOCUME~1\DENOST~1\APPLIC~1\Canon
   [27/01/2006|11:47] C:\DOCUME~1\DENOST~1\APPLIC~1\CD-LabelPrint
   [10/08/2006|17:37] C:\DOCUME~1\DENOST~1\APPLIC~1\CopyToDvd
   [04/01/2007|23:24] C:\DOCUME~1\DENOST~1\APPLIC~1\Corel
   [14/01/2006|21:31] C:\DOCUME~1\DENOST~1\APPLIC~1\DataLayer
   [20/08/2005|19:14] C:\DOCUME~1\DENOST~1\APPLIC~1\desktop.ini
   [27/05/2007|07:18] C:\DOCUME~1\DENOST~1\APPLIC~1\DivX
   [10/12/2006|13:15] C:\DOCUME~1\DENOST~1\APPLIC~1\Elaborate Bytes
   [12/01/2007|20:14] C:\DOCUME~1\DENOST~1\APPLIC~1\Google
   [18/11/2005|23:48] C:\DOCUME~1\DENOST~1\APPLIC~1\Help
   [16/07/2008|14:58] C:\DOCUME~1\DENOST~1\APPLIC~1\Hemera
   [17/11/2005|14:03] C:\DOCUME~1\DENOST~1\APPLIC~1\Hewlett-Packard
   [20/08/2005|17:20] C:\DOCUME~1\DENOST~1\APPLIC~1\Identities
   [28/01/2007|19:26] C:\DOCUME~1\DENOST~1\APPLIC~1\Lavasoft
   [04/11/2007|14:07] C:\DOCUME~1\DENOST~1\APPLIC~1\libresystem
   [15/11/2005|20:05] C:\DOCUME~1\DENOST~1\APPLIC~1\Macromedia
   [28/07/2008|20:54] C:\DOCUME~1\DENOST~1\APPLIC~1\Malwarebytes
   [18/11/2007|11:43] C:\DOCUME~1\DENOST~1\APPLIC~1\McAfee
   [02/08/2006|12:05] C:\DOCUME~1\DENOST~1\APPLIC~1\McAfee.com Personal Firewall
   [18/04/2007|20:50] C:\DOCUME~1\DENOST~1\APPLIC~1\Microsoft
   [16/11/2005|13:15] C:\DOCUME~1\DENOST~1\APPLIC~1\Microsoft Web Folders
   [02/08/2006|19:01] C:\DOCUME~1\DENOST~1\APPLIC~1\MSNInstaller
   [16/01/2008|20:12] C:\DOCUME~1\DENOST~1\APPLIC~1\Nokia
   [17/01/2008|00:18] C:\DOCUME~1\DENOST~1\APPLIC~1\Nokia Multimedia Player
   [23/04/2007|13:09] C:\DOCUME~1\DENOST~1\APPLIC~1\Norman
   [29/07/2008|16:59] C:\DOCUME~1\DENOST~1\APPLIC~1\OpenOffice.org2
   [16/01/2008|20:12] C:\DOCUME~1\DENOST~1\APPLIC~1\PC Suite
   [28/01/2007|19:03] C:\DOCUME~1\DENOST~1\APPLIC~1\QuickZip45.ini
   [16/11/2005|22:42] C:\DOCUME~1\DENOST~1\APPLIC~1\Real
   [12/10/2007|18:22] C:\DOCUME~1\DENOST~1\APPLIC~1\Roxio
   [07/03/2006|20:05] C:\DOCUME~1\DENOST~1\APPLIC~1\Seven Zip
   [25/07/2008|01:27] C:\DOCUME~1\DENOST~1\APPLIC~1\SiteAdvisor
   [09/12/2006|20:38] C:\DOCUME~1\DENOST~1\APPLIC~1\SlySoft
   [18/03/2006|01:10] C:\DOCUME~1\DENOST~1\APPLIC~1\Sun
   [15/12/2005|13:40] C:\DOCUME~1\DENOST~1\APPLIC~1\Template
   [27/07/2008|00:20] C:\DOCUME~1\DENOST~1\APPLIC~1\U3
   [21/07/2008|14:59] C:\DOCUME~1\DENOST~1\APPLIC~1\uTorrent
   [18/11/2006|21:40] C:\DOCUME~1\DENOST~1\APPLIC~1\Vso
   [29/07/2008|12:46] C:\DOCUME~1\DENOST~1\APPLIC~1\wklnhst.dat

   [24/07/2008|21:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\597528181.exe
   [01/08/2006|16:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
   [10/12/2007|19:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [08/09/2007|09:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio
   [19/11/2007|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor

   [20/08/2005|17:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [15/07/2008 02:10][--a------] C:\WINDOWS	asks\McDefragTask.job
   [01/07/2008 01:00][--a------] C:\WINDOWS	asks\McQcTask.job
   [29/07/2008 15:04][--a------] C:\WINDOWS	asks\WebReg 20051118150408.job
   [05/08/2004 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini
   [29/07/2008 16:59][--ah-----] C:\WINDOWS	asks\SA.DAT

   --------------------\  Listing des dossiers dans C:\Program Files

   [29/04/2008|00:46] C:\Program Files\AbiSuite2
   [08/07/2008|15:06] C:\Program Files\Adobe
   [28/01/2007|17:47] C:\Program Files\Ahead
   [03/01/2007|21:32] C:\Program Files\AliveMedia
   [23/04/2007|13:11] C:\Program Files\Alwil Software
   [29/08/2005|10:26] C:\Program Files\ATI Technologies
   [15/07/2008|14:26] C:\Program Files\Canon
   [15/07/2008|14:18] C:\Program Files\CanonBJ
   [11/08/2007|08:05] C:\Program Files\CCleaner
   [11/08/2007|08:04] C:\Program Files\ccsetup140.exe
   [08/01/2006|01:10] C:\Program Files\CIEL
   [20/08/2005|17:18] C:\Program Files\ComPlus Applications
   [18/11/2005|22:13] C:\Program Files\DAP
   [16/01/2008|20:11] C:\Program Files\DIFX
   [22/11/2007|09:13] C:\Program Files\DivX
   [11/11/2007|11:26] C:\Program Files\DVD Shrink
   [19/11/2007|21:49] C:\Program Files\Elaborate Bytes
   [29/07/2008|16:59] C:\Program Files\eMule
   [11/05/2007|16:21] C:\Program Files\EO Video
   [04/11/2007|11:45] C:\Program Files\Eurobarre
   [24/08/2007|15:10] C:\Program Files\Executive Software
   [07/09/2005|09:13] C:\Program Files\FenAffiche
   [28/07/2008|16:30] C:\Program Files\Fichiers communs
   [23/04/2007|13:06] C:\Program Files\Free
   [04/12/2007|22:43] C:\Program Files\GameHouse
   [23/04/2007|13:56] C:\Program Files\Gimp
   [28/07/2008|16:57] C:\Program Files\Google
   [17/11/2005|13:59] C:\Program Files\Hewlett-Packard
   [20/08/2005|17:26] C:\Program Files\HighMAT CD Writing Wizard
   [30/01/2007|12:16] C:\Program Files\IncrediMail
   [16/07/2008|14:35] C:\Program Files\InstallShield Installation Information
   [11/06/2008|08:42] C:\Program Files\Internet Explorer
   [12/12/2005|23:59] C:\Program Files\Jasc Software Inc
   [28/07/2008|16:51] C:\Program Files\Java
   [10/01/2008|20:21] C:\Program Files\Keyboard & Mouse Driver
   [10/01/2008|14:00] C:\Program Files\Keyboard Driver
   [28/07/2008|16:30] C:\Program Files\Lavasoft
   [18/11/2007|10:46] C:\Program Files\LibreSystem
   [16/01/2008|20:12] C:\Program Files\Magicbit
   [28/07/2008|20:54] C:\Program Files\Malwarebytes' Anti-Malware
   [15/05/2008|14:03] C:\Program Files\McAfee
   [18/11/2007|12:46] C:\Program Files\McAfee.com
   [20/08/2005|17:28] C:\Program Files\Messenger
   [30/12/2007|17:30] C:\Program Files\Messenger Plus! Live
   [27/12/2006|23:14] C:\Program Files\Micro Application
   [16/07/2008|14:28] C:\Program Files\MicroApp
   [16/11/2005|13:15] C:\Program Files\microsoft frontpage
   [29/11/2006|21:10] C:\Program Files\Microsoft Office
   [19/05/2008|21:19] C:\Program Files\Microsoft Works
   [29/08/2005|10:34] C:\Program Files\Microsoft.NET
   [16/01/2008|20:18] C:\Program Files\MIKSOFT
   [09/09/2007|10:05] C:\Program Files\MinitelADSL
   [20/08/2005|17:18] C:\Program Files\Movie Maker
   [22/11/2005|23:22] C:\Program Files\MSN
   [17/12/2005|01:05] C:\Program Files\MSN Apps
   [20/08/2005|17:17] C:\Program Files\MSN Gaming Zone
   [30/12/2007|17:44] C:\Program Files\MSN Messenger
   [16/11/2006|13:01] C:\Program Files\MSXML 4.0
   [07/03/2006|20:06] C:\Program Files\Mystik Media
   [20/08/2005|17:18] C:\Program Files\NetMeeting
   [16/01/2008|20:10] C:\Program Files\Nokia
   [20/08/2005|17:17] C:\Program Files\Online Services
   [29/04/2008|11:35] C:\Program Files\OpenOffice.org 2.4
   [17/11/2005|22:37] C:\Program Files\Orange
   [13/06/2007|12:03] C:\Program Files\Outlook Express
   [16/01/2008|20:10] C:\Program Files\PC Connectivity Solution
   [20/08/2005|17:26] C:\Program Files\Phoenix Technologies Ltd
   [29/12/2006|19:28] C:\Program Files\QuickTime
   [12/10/2006|22:01] C:\Program Files\QuickZip4
   [16/11/2005|22:34] C:\Program Files\Real
   [20/08/2005|17:48] C:\Program Files\Realtek
   [26/05/2007|15:10] C:\Program Files\RM-X© Easy Compress
   [11/11/2007|10:25] C:\Program Files\Roxio
   [20/08/2005|17:18] C:\Program Files\Services en ligne
   [17/12/2007|21:44] C:\Program Files\SiteAdvisor
   [20/12/2007|09:37] C:\Program Files\SlySoft
   [28/07/2008|21:05] C:\Program Files\Spybot - Search & Destroy
   [29/07/2008|16:35] C:\Program Files\Trend Micro
   [20/08/2005|17:22] C:\Program Files\Uninstall Information
   [12/07/2008|12:50] C:\Program Files\uTorrent
   [24/08/2007|21:51] C:\Program Files\Vimicro
   [20/08/2005|17:23] C:\Program Files\Windows Journal Viewer
   [30/12/2007|17:46] C:\Program Files\Windows Live
   [12/12/2006|23:06] C:\Program Files\Windows Media Connect
   [29/07/2008|16:43] C:\Program Files\Windows Media Connect 2
   [29/07/2008|16:43] C:\Program Files\Windows Media Player
   [20/08/2005|17:17] C:\Program Files\Windows NT
   [20/08/2005|17:18] C:\Program Files\WindowsUpdate
   [09/01/2007|21:09] C:\Program Files\WinRAR
   [20/08/2005|17:20] C:\Program Files\xerox
   [20/08/2005|17:52] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [08/07/2008|15:07] C:\Program Files\Fichiers communs\Adobe
   [28/01/2007|17:46] C:\Program Files\Fichiers communs\Ahead
   [15/07/2008|14:27] C:\Program Files\Fichiers communs\CANON
   [29/08/2005|10:35] C:\Program Files\Fichiers communs\DESIGNER
   [17/11/2005|13:57] C:\Program Files\Fichiers communs\Hewlett-Packard
   [12/12/2005|23:59] C:\Program Files\Fichiers communs\InstallShield
   [15/03/2006|13:36] C:\Program Files\Fichiers communs\Java
   [18/11/2007|21:15] C:\Program Files\Fichiers communs\LibreSystem
   [18/11/2007|12:47] C:\Program Files\Fichiers communs\McAfee
   [17/11/2005|16:06] C:\Program Files\Fichiers communs\Micro Application Shared
   [10/06/2008|12:04] C:\Program Files\Fichiers communs\Microsoft Shared
   [20/08/2005|17:18] C:\Program Files\Fichiers communs\MSSoap
   [16/01/2008|20:11] C:\Program Files\Fichiers communs\Nokia
   [20/08/2005|19:15] C:\Program Files\Fichiers communs\ODBC
   [16/01/2008|20:11] C:\Program Files\Fichiers communs\PCSuite
   [13/09/2007|05:05] C:\Program Files\Fichiers communs\Real
   [25/08/2007|12:42] C:\Program Files\Fichiers communs\Roxio Shared
   [20/08/2005|17:18] C:\Program Files\Fichiers communs\Services
   [20/08/2005|19:15] C:\Program Files\Fichiers communs\SpeechEngines
   [13/06/2007|12:03] C:\Program Files\Fichiers communs\System
   [30/12/2007|17:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [13/09/2007|05:05] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 63 Processus )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-07-29 17:05:19
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 155
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:44][D:12]-> C:\DOCUME~1\DENOST~1\LOCALS~1\Temp
   [F:78][D:0]-> C:\DOCUME~1\DENOST~1\Cookies
   [F:2921][D:4]-> C:\DOCUME~1\DENOST~1\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 17:07:33,10

Destrio5 · Answer

Supprime les traces de Securitoo avec ceci :
http://www.securitoo.com/fra/download/UNINSTALATION_TOOL.exe

nico2480 · Answer

ça y est....
Y en a encore beaucoup comme ça???? MDR

Destrio5 · Answer

LOL

As-tu encore des problèmes ?

nico2480 · Answer

wmpnetwk.exe a rencontré un problème et doit fermer....

ce message qui s'affiche toutes les 15 secondes environ maintenant...

Destrio5 · Answer

C'est un processus du Lecteur Windows Media.

---> Menu démarrer > Exécuter > services.msc > OK

---> Double-clique sur "Service Partage réseau du Lecteur Windows Media" 

---> Mets le type de démarrage en manuel

---> Redémarre

nico2480 · Answer

c fait mais c toujours pareil...

Destrio5 · Answer

Mets-le en désactivé alors.

nico2480 · Answer

Bon une grande partie des problèmes sont donc réglés, par contre j'ai toujours un gros souci avec mon lecteur Windows Media qui se met à saccader la musique et l'image au bout de quellques minutes

Destrio5 · Answer

Réinstalle-le :
http://download.microsoft.com/download/5/0/E/50ED0224-A888-4AD4-808B-D63CB71B08E0/wmp11-windowsxp-x86-FR-FR.exe

nico2480 · Answer

je vais dans le programme de désinstallation, ça me restaure la version 10 qui n'apparait pas dans la liste des programmes... dc je supprime com je peux et je réinstalle la version 11, et ça déconne toujours...
et j'ai une connexion bluetooth qui déconne aussi alors que je n'ai plus l'appareil bluetooth pour lequel j'avais installé ce programme, que je ne trouve plus d'ailleurs....
Ah je vois d'ici les commentaires.... Quel chantier sur son pc à celui-là.... MDR

Destrio5 · Answer

C'était quoi comme appareil Bluetooth ?

nico2480 · Answer

com une clé usb bluetooth, pour tenter de me connecter avec mon tél portable, mais ça n'a jamais fonctionné, toujours des problèmes au niveau de l'installation de ce produit apparement. mais je ne sais plus exactement ce que c'était, ça remonte à 2 ans et je l'ai revendu depuis.

Destrio5 · Answer

T'as pas un logiciel qui parle de Bluetooth dans Ajout/Suppression des programmes ?

nico2480 · Answer

non, je l'avais supprimé, mais à mon avis il doit rester des traces quelque part...

Destrio5 · Answer

Et dans Panneau de configuration puis Connexion réseau, t'as pas une connexion Bluetooth ?

nico2480 · Answer

non, je ne trouve rien...
par contre ce qui me gene le plus c mon lecteur windows media...
et j'ai également depuis les manips un message de plus en plus fréquent au démarrage du pc me disant en gros "arret du système.... system32\services.exe s'est terminé de manière inattendue....votre ordinateur va redémarre automatiquement dans...", et forcément ça redémarre, des fois 2 ou 3 fois de suite...
j'en ai marre pfffff

Destrio5 · Answer

Je vois pas trop comment t'aider.

Antivirus XP 2008 et Lecteur Windows Media

31 réponses

Discussions similaires