oridnateur infesté, navigateur fonctionne malRésolu/Fermé

Question

Bonjour, 

Mon navigateur fonctionne mal, aucune recherche n'aboutit, je suis constamment redirigé ailleurs, j'ai essayé firefox, internet explorer, google chrome et toujours le meme résultat. J'ai fait les maj de sécurité, j'ai utilisé MBAM, mon antivirus trouve le virus mais n'arrive pas à le supprimer., J'ai fait un point de restauration, mais rien n'y fait. J'ai donc procédé à un scan avec Hijack, voici le rapport, pourriez vous m'indiquer ce que je dois supprimer, je vous le demande humblement : Merci par avance...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:03:02, on 22/10/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32	askhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Real\Update_OBealsched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Packard Bell\Software Suite\pbDevDetect.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.durable.com/recherche
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.durable.com/recherche
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.durable.com/recherche
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.durable.com/recherche
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com/recherche
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com/recherche
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.durable.com/recherche
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IEpbrowserrecordplugin.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OBealsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run
O4 - HKCU\..\Run: [Google Update] "C:\Users\Rénald\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbaresources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O13 - Gopher Prefix: 
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\ORSP Client\fsorsp.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PowerSave Service (PowerSave) - Packard Bell Services - C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe

Malekal_morte- · Answer

Salut,

Passe TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start= 

Poste le rapport ici.

RENALD28 · Answer

Merci, cependant et malgré TDSSKILLER celui ci ne trouve aucune infection, et pourtant mon navigateur fonctionne toujours mal, et de maniere recurrente mon explorateur windows cesse de fonctionner et redémare assez souvent.

Malekal_morte- · Answer

Scanne ces fichiers sur www.virustotal.com :   
C:\Windows\explorer.exe   
C:\Windows\system32\winlogon.exe   
et c:\Windows\system32\wininit.exe si existant.   

file les liens ici.  

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* Clique sur le bouton Quick Scan.
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.

RENALD28 · Answer

Salut,

Merci pour l'interet que tu portes à mon problème :
Je te donne déje les trois rapports , winlogo, wininit et explorer, je te transmets dans un second message la suite


Voici le rapport pour winlogo :

File name:
winlogon.exe
Submission date:
2010-10-21 16:30:06 (UTC)
Current status:
finished
Result:
1 /43 (2.3%)
	
VT Community

not reviewed
 Safety score: - 
Compact
Print results
Antivirus 	Version 	Last Update 	Result
AhnLab-V3 	2010.10.21.02 	2010.10.21 	-
AntiVir 	7.10.13.15 	2010.10.21 	-
Antiy-AVL 	2.0.3.7 	2010.10.21 	-
Authentium 	5.2.0.5 	2010.10.21 	-
Avast 	4.8.1351.0 	2010.10.21 	-
Avast5 	5.0.594.0 	2010.10.21 	-
AVG 	9.0.0.851 	2010.10.21 	-
BitDefender 	7.2 	2010.10.21 	-
CAT-QuickHeal 	11.00 	2010.10.21 	-
ClamAV 	0.96.2.0-git 	2010.10.21 	-
Comodo 	6465 	2010.10.21 	-
DrWeb 	5.0.2.03300 	2010.10.21 	-
Emsisoft 	5.0.0.50 	2010.10.21 	-
eSafe 	7.0.17.0 	2010.10.21 	-
eTrust-Vet 	36.1.7924 	2010.10.21 	-
F-Prot 	4.6.2.117 	2010.10.21 	-
F-Secure 	9.0.16160.0 	2010.10.21 	-
Fortinet 	4.2.249.0 	2010.10.21 	-
GData 	21 	2010.10.21 	-
Ikarus 	T3.1.1.90.0 	2010.10.21 	-
Jiangmin 	13.0.900 	2010.10.21 	-
K7AntiVirus 	9.66.2805 	2010.10.21 	-
Kaspersky 	7.0.0.125 	2010.10.21 	-
McAfee 	5.400.0.1158 	2010.10.21 	-
McAfee-GW-Edition 	2010.1C 	2010.10.21 	Heuristic.BehavesLike.Win32.Suspicious.H
Microsoft 	1.6301 	2010.10.21 	-
NOD32 	5552 	2010.10.21 	-
Norman 	6.06.10 	2010.10.21 	-
nProtect 	2010-10-21.01 	2010.10.21 	-
Panda 	10.0.2.7 	2010.10.21 	-
PCTools 	7.0.3.5 	2010.10.21 	-
Prevx 	3.0 	2010.10.21 	-
Rising 	22.70.02.05 	2010.10.21 	-
Sophos 	4.58.0 	2010.10.21 	-
Sunbelt 	7111 	2010.10.21 	-
SUPERAntiSpyware 	4.40.0.1006 	2010.10.21 	-
Symantec 	20101.2.0.161 	2010.10.21 	-
TheHacker 	6.7.0.1.063 	2010.10.20 	-
TrendMicro 	9.120.0.1004 	2010.10.21 	-
TrendMicro-HouseCall 	9.120.0.1004 	2010.10.21 	-
VBA32 	3.12.14.1 	2010.10.21 	-
ViRobot 	2010.10.21.4104 	2010.10.21 	-
VirusBuster 	12.69.11.0 	2010.10.21 	-
Additional information
Show all
MD5   : 37cdb7e72eb66ba85a87cbe37e7f03fd
SHA1  : cd0f4b3711a415272def132b83f6fc29d76ee4ad
SHA256: b4c23904acdc9cb0737cebb0c5a95dd0f0ecccf9c8d3aded808d7a270ecd366c


Voici le rapport wininit.exe

File name:
wininit.exe
Submission date:
2010-10-22 03:26:22 (UTC)
Current status:
finished
Result:
1 /43 (2.3%)
	
VT Community

goodware
 Safety score: 100.0% 
Compact
Print results
Antivirus 	Version 	Last Update 	Result
AhnLab-V3 	2010.10.22.00 	2010.10.21 	-
AntiVir 	7.10.13.15 	2010.10.21 	-
Antiy-AVL 	2.0.3.7 	2010.10.22 	-
Authentium 	5.2.0.5 	2010.10.22 	-
Avast 	4.8.1351.0 	2010.10.21 	-
Avast5 	5.0.594.0 	2010.10.21 	-
AVG 	9.0.0.851 	2010.10.21 	-
BitDefender 	7.2 	2010.10.22 	-
CAT-QuickHeal 	11.00 	2010.10.21 	-
ClamAV 	0.96.2.0-git 	2010.10.22 	-
Comodo 	6471 	2010.10.22 	-
DrWeb 	5.0.2.03300 	2010.10.22 	-
Emsisoft 	5.0.0.50 	2010.10.22 	-
eSafe 	7.0.17.0 	2010.10.21 	-
eTrust-Vet 	36.1.7924 	2010.10.21 	-
F-Prot 	4.6.2.117 	2010.10.22 	-
F-Secure 	9.0.16160.0 	2010.10.22 	-
Fortinet 	4.2.249.0 	2010.10.21 	-
GData 	21 	2010.10.22 	-
Ikarus 	T3.1.1.90.0 	2010.10.22 	-
Jiangmin 	13.0.900 	2010.10.21 	-
K7AntiVirus 	9.66.2805 	2010.10.21 	-
Kaspersky 	7.0.0.125 	2010.10.22 	-
McAfee 	5.400.0.1158 	2010.10.22 	-
McAfee-GW-Edition 	2010.1C 	2010.10.21 	Heuristic.BehavesLike.Win32.Suspicious.H
Microsoft 	1.6301 	2010.10.21 	-
NOD32 	5553 	2010.10.21 	-
Norman 	6.06.10 	2010.10.22 	-
nProtect 	2010-10-21.01 	2010.10.21 	-
Panda 	10.0.2.7 	2010.10.21 	-
PCTools 	7.0.3.5 	2010.10.22 	-
Prevx 	3.0 	2010.10.22 	-
Rising 	22.70.02.05 	2010.10.21 	-
Sophos 	4.58.0 	2010.10.22 	-
Sunbelt 	7114 	2010.10.22 	-
SUPERAntiSpyware 	4.40.0.1006 	2010.10.22 	-
Symantec 	20101.2.0.161 	2010.10.21 	-
TheHacker 	6.7.0.1.064 	2010.10.21 	-
TrendMicro 	9.120.0.1004 	2010.10.21 	-
TrendMicro-HouseCall 	9.120.0.1004 	2010.10.22 	-
VBA32 	3.12.14.1 	2010.10.21 	-
ViRobot 	2010.10.21.4104 	2010.10.21 	-
VirusBuster 	12.69.11.0 	2010.10.21 	-
Additional information
Show all
MD5   : b5c5dcad3899512020d135600129d665
SHA1  : c7bba9840c44e7739fb314b7a3efe30e6b25cc48
SHA256: f6b4d18fa0d3c4958711ac0d476c21a6fdf2897f989a0ad290b43f463dd8b5b0


Voici le rapport pour explorer : 

File name:
explorer.exe
Submission date:
2010-10-22 12:09:53 (UTC)
Current status:
queued (#11) queued analysing finished
Result:
16/ 42 (38.1%)
	
VT Community

not reviewed
 Safety score: - 
Compact
Print results
Antivirus 	Version 	Last Update 	Result
AhnLab-V3	2010.10.22.01	2010.10.22	-
AntiVir	7.10.13.17	2010.10.22	TR/Spy.2614272.5
Antiy-AVL	2.0.3.7	2010.10.22	-
Authentium	5.2.0.5	2010.10.22	-
Avast	4.8.1351.0	2010.10.22	Win32:Bamital-AF
Avast5	5.0.594.0	2010.10.22	Win32:Bamital-AF
AVG	9.0.0.851	2010.10.22	-
BitDefender	7.2	2010.10.22	Gen:Trojan.Heur.TP.Fs0@b8bf7Wn
CAT-QuickHeal	11.00	2010.10.22	-
ClamAV	0.96.2.0-git	2010.10.22	-
Comodo	6475	2010.10.22	-
DrWeb	5.0.2.03300	2010.10.22	-
Emsisoft	5.0.0.50	2010.10.22	Virus.Win32.Bamital!IK
eSafe	7.0.17.0	2010.10.21	-
eTrust-Vet	36.1.7926	2010.10.22	Win32/Bamital.AP
F-Prot	4.6.2.117	2010.10.22	-
F-Secure	9.0.16160.0	2010.10.22	Gen:Trojan.Heur.TP.Fs0@b8bf7Wn
Fortinet	4.2.249.0	2010.10.22	-
GData	21	2010.10.22	Gen:Trojan.Heur.TP.Fs0@b8bf7Wn
Ikarus	T3.1.1.90.0	2010.10.22	Virus.Win32.Bamital
Jiangmin	13.0.900	2010.10.22	-
K7AntiVirus	9.66.2805	2010.10.21	-
Kaspersky	7.0.0.125	2010.10.22	-
McAfee	5.400.0.1158	2010.10.22	-
McAfee-GW-Edition	2010.1C	2010.10.22	-
Microsoft	1.6301	2010.10.22	Virus:Win32/Bamital.G
NOD32	5554	2010.10.22	Win32/Bamital.EL
Norman	6.06.10	2010.10.22	-
nProtect	2010-10-22.01	2010.10.22	-
Panda	10.0.2.7	2010.10.21	-
PCTools	7.0.3.5	2010.10.22	Trojan.Bamital
Prevx	3.0	2010.10.22	Medium Risk Malware
Rising	22.70.03.04	2010.10.22	-
Sophos	4.58.0	2010.10.22	Mal/Patched-O
Sunbelt	7116	2010.10.22	Virus.Win32.Bamital.c (v)
SUPERAntiSpyware	4.40.0.1006	2010.10.22	-
Symantec	20101.2.0.161	2010.10.22	Trojan.Bamital!inf
TheHacker	6.7.0.1.064	2010.10.21	-
TrendMicro	9.120.0.1004	2010.10.22	-
VBA32	3.12.14.1	2010.10.21	-
ViRobot	2010.9.25.4060	2010.10.22	-
VirusBuster	12.69.11.0	2010.10.21	-
Additional information
Show all
MD5   : 13bddc75d56855f089f5e9766a37efb0
SHA1  : 002a3665913743f28f140a7a100a80c5886be461
SHA256: dd0135f16274e4e13ac650809daebae379e4fa566b98ec5b1674dde8cc4c69b1
ssdeep: 49152:OwPE1ubtHXPUvYYYYYYYYYYYRYYYYYYYYYYE3iA7/eFUJN9ojoso2xno4F/:dP7btcvYY
YYYYYYYYYRYYYYYYYYYYE3U
File size : 2614272 bytes
First seen: 2010-10-22 12:09:53
Last seen : 2010-10-22 12:09:53
TrID:
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Windows Explorer
original name: EXPLORER.EXE
internal name: explorer
file version.: 6.1.7600.16450 (win7_gdr.091030-1504)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x2A8CB
timedatestamp....: 0x4AEBA271 (Sat Oct 31 02:35:29 2009)
machinetype......: 0x14c (I386)

[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0xAF135, 0xAF200, 6.39, b8e95efe88b40ee772e2343592b8425e
.data, 0xB1000, 0x2FCC, 0x2800, 0.95, 1408cc5d5952a7ece5e6486fb4c726d9
.rsrc, 0xB4000, 0x1C2FC9, 0x1C3000, 5.52, a26b7ac0bfde2c337faded409b2625ad
.reloc, 0x277000, 0x9304, 0x9400, 6.75, 667b442a647dc5465ccd8060cd03d282

[[ 19 import(s) ]]
ADVAPI32.dll: RegCloseKey, RegCreateKeyW, RegGetValueW, RegOpenKeyExW, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, RegCreateKeyExW, RegQueryValueExW, EventRegister, EventUnregister, EventWrite, EventEnabled, GetLengthSid, GetTokenInformation, OpenProcessToken, RegSetValueExW, TraceMessage, RegOpenKeyW, RegDeleteValueW, RegEnumValueW, RegQueryInfoKeyW, ConvertStringSidToSidW, CloseServiceHandle, OpenServiceW, OpenSCManagerW, RegEnumKeyExW, CreateWellKnownSid, StartServiceW, CryptAcquireContextW, CryptCreateHash, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptReleaseContext, StartTraceW, EnableTraceEx, StopTraceW, LsaLookupSids, IsValidSid, GetSidSubAuthorityCount, GetSidSubAuthority, LsaOpenPolicy, LsaFreeMemory, LsaClose, OpenThreadToken, ConvertSidToStringSidW, ConvertStringSecurityDescriptorToSecurityDescriptorW, CheckTokenMembership, QueryServiceStatus
KERNEL32.dll: LoadLibraryExA, DelayLoadFailureHook, CreateFileW, GetFileSize, ReadFile, RaiseException, FlushInstructionCache, SetLastError, OpenThread, GetSystemTimeAsFileTime, GetLocaleInfoW, GetTimeFormatW, GetDateFormatW, GetLocalTime, InterlockedCompareExchange, FindFirstFileW, lstrcmpiW, FindNextFileW, FindClose, GetFileAttributesW, GetSystemTime, SystemTimeToFileTime, ExpandEnvironmentStringsW, InterlockedIncrement, InterlockedDecrement, GetLastError, SetInformationJobObject, CreateJobObjectW, GetPriorityClass, SetPriorityClass, SearchPathW, GetSystemDefaultUILanguage, UnmapViewOfFile, MapViewOfFile, GetTimeZoneInformation, GetDynamicTimeZoneInformation, GetBinaryTypeW, QueryPerformanceFrequency, QueueUserWorkItem, GetTickCount64, MulDiv, GetLongPathNameW, GetThreadPriority, MultiByteToWideChar, GlobalGetAtomNameW, GetCurrentThread, SetThreadPriority, LoadLibraryExW, GetProductInfo, TerminateThread, CreateIoCompletionPort, GetQueuedCompletionStatus, DeleteFileW, GetWindowsDirectoryW, GetProcessId, CompareStringW, QueryFullProcessImageNameW, CompareFileTime, CreateFileMappingW, ResetEvent, WideCharToMultiByte, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, DuplicateHandle, GetCurrentDirectoryW, WaitForMultipleObjects, GetComputerNameW, DeactivateActCtx, ActivateActCtx, ReleaseActCtx, CreateActCtxW, FindResourceExW, LoadResource, LockResource, OpenProcess, CloseHandle, LocalFree, LocalAlloc, QueryInformationJobObject, Sleep, ResumeThread, AssignProcessToJobObject, CreateThread, CreateProcessW, WaitForSingleObject, FreeLibrary, GetProcAddress, LoadLibraryW, GetUserDefaultUILanguage, CreateEventW, lstrlenW, HeapFree, HeapAlloc, GetProcessHeap, GetCurrentProcess, HeapSetInformation, GetVersionExW, DeleteCriticalSection, InitializeCriticalSection, HeapDestroy, GetPrivateProfileStringW, GetModuleFileNameW, GetCommandLineW, GetSystemDirectoryW, ExitProcess, RegisterApplicationRestart, SetProcessShutdownParameters, GetStartupInfoW, ReleaseMutex, CreateMutexW, SetErrorMode, SetProcessDEPPolicy, GetUserDefaultLangID, SetEvent, LeaveCriticalSection, EnterCriticalSection, GetTickCount, OpenEventW, SetTermsrvAppInstallMode, GetCurrentProcessId, GetModuleHandleW, GetCurrentThreadId, TerminateProcess, UnhandledExceptionFilter, CompareStringOrdinal, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, InterlockedExchange, VirtualAlloc, VirtualFree, LoadLibraryA
GDI32.dll: GetStockObject, SetWindowOrgEx, StretchBlt, GetTextMetricsW, CombineRgn, Polyline, CreatePen, GetTextColor, ExtCreateRegion, GetRegionData, SetLayout, GetLayout, GetTextExtentPoint32W, OffsetRgn, LPtoDP, GetRgnBox, OffsetViewportOrgEx, GdiFlush, ExtTextOutW, SetDIBits, CreateRectRgn, GetClipRgn, IntersectClipRect, GetViewportOrgEx, SetViewportOrgEx, SelectClipRgn, GetBkColor, SetBkMode, CreateBitmap, PatBlt, CreateCompatibleBitmap, OffsetWindowOrgEx, SetBkColor, SetTextColor, GetTextExtentPointW, GetClipBox, CreateDIBSection, GetObjectW, CreateRectRgnIndirect, DeleteObject, CreateCompatibleDC, SelectObject, BitBlt, GetDeviceCaps, CreateFontIndirectW, DeleteDC, GdiAlphaBlend
USER32.dll: PtInRect, GetWindowRect, GetWindow, SendMessageW, EnumChildWindows, GetWindowLongW, CharPrevW, CharNextW, GetSystemMetrics, CreateWindowExW, DialogBoxParamW, GetClassInfoW, GetClassInfoExW, GetMenuItemInfoW, GetMenuItemCount, GetClassNameW, GetKeyboardLayout, ActivateKeyboardLayout, IsChild, InsertMenuW, GetMenuStringW, SetMenuItemInfoW, InsertMenuItemW, IsWinEventHookInstalled, IsProcessDPIAware, GetNextDlgGroupItem, GetNextDlgTabItem, GetDlgCtrlID, MoveWindow, IsRectEmpty, UnionRect, ChildWindowFromPointEx, GetGUIThreadInfo, SetClassLongW, GetClassLongW, WindowFromDC, CharUpperW, UnregisterClassW, FrameRect, GetWindowDC, SendMessageCallbackW, UpdateLayeredWindow, GetUserObjectInformationW, GetThreadDesktop, GetProcessWindowStation, GetIconInfo, ShowWindowAsync, FlashWindowEx, EndTask, SetThreadDesktop, GetMenuState, SetScrollInfo, GetScrollInfo, SetScrollPos, BringWindowToTop, DeregisterShellHookWindow, IsZoomed, CloseDesktop, OpenInputDesktop, RegisterShellHookWindow, InternalGetWindowText, GetWindowInfo, GetLayeredWindowAttributes, SetLayeredWindowAttributes, GetCaretBlinkTime, UnhookWindowsHookEx, CallNextHookEx, SetWindowsHookExW, GetUpdateRect, SystemParametersInfoW, FindWindowW, ReleaseDC, GetDC, DispatchMessageW, TranslateMessage, GetMessageW, DestroyMenu, GetMenuDefaultItem, CreatePopupMenu, PostMessageW, MsgWaitForMultipleObjectsEx, PeekMessageW, SetWindowLongW, ShutdownBlockReasonCreate, LoadStringW, DestroyWindow, PostQuitMessage, SetWindowPos, KillTimer, SetTimer, SetPropW, ShowWindow, MapWindowPoints, RegisterClassW, LoadCursorW, SetActiveWindow, UpdateLayeredWindowIndirect, GetLastInputInfo, SendDlgItemMessageW, EndDialog, GetDesktopWindow, GetShellWindow, DestroyIcon, GetMonitorInfoW, CopyRect, ModifyMenuW, CheckMenuItem, EnableMenuItem, GhostWindowFromHungWindow, DeleteMenu, ReleaseCapture, GetCursorPos, DefWindowProcW, TrackMouseEvent, GetDoubleClickTime, InvalidateRect, LockWorkStation, TileWindows, UpdateWindow, CascadeWindows, GetWindowTextW, TrackPopupMenu, ClientToScreen, WindowFromPoint, AppendMenuW, EndPaint, DrawEdge, FillRect, LockSetForegroundWindow, InflateRect, IsWindowVisible, GetForegroundWindow, GetParent, WaitMessage, RegisterWindowMessageW, TrackPopupMenuEx, GetClientRect, MonitorFromRect, EqualRect, SubtractRect, RedrawWindow, EnumDisplayMonitors, SetWindowTextW, IntersectRect, GetWindowPlacement, SendNotifyMessageW, RemovePropW, SetWindowCompositionAttribute, HungWindowFromGhostWindow, SetFocus, SendMessageTimeoutW, EnumWindows, UnregisterHotKey, RegisterHotKey, MonitorFromWindow, IsWindow, SetCursor, GetAsyncKeyState, SetForegroundWindow, ChildWindowFromPoint, SetCursorPos, GetMessagePos, IsIconic, LoadIconW, DeferWindowPos, OffsetRect, GetWindowThreadProcessId, ScreenToClient, GetAncestor, MonitorFromPoint, SetRectEmpty, ChangeWindowMessageFilterEx, LoadAcceleratorsW, TranslateAcceleratorW, GetKeyState, SetWindowRgn, GetWindowRgnBox, LoadImageW, GetFocus, GetActiveWindow, MessageBeep, BeginPaint, SwitchToThisWindow, GetLastActivePopup, EndDeferWindowPos, BeginDeferWindowPos, SetWindowPlacement, IsHungAppWindow, RegisterClipboardFormatW, SetRect, GetSysColorBrush, GetPropW, AllowSetForegroundWindow, LoadMenuW, GetSubMenu, RemoveMenu, SetMenuDefaultItem, GetCapture, DrawIconEx, GetMessageExtraInfo, SetGestureConfig, AdjustWindowRect, CalculatePopupWindowPosition, DrawTextW, SetCapture, CallWindowProcW, CheckDlgButton, IsDlgButtonChecked, IsWindowEnabled, GetDlgItemInt, SetDlgItemInt, GetDlgItem, EnableWindow, SetWinEventHook, MsgWaitForMultipleObjects, RegisterClassExW, CopyIcon, AdjustWindowRectEx, GetSysColor, DrawFocusRect, NotifyWinEvent, ExitWindowsEx, GetSystemMenu
msvcrt.dll: _controlfp, _terminate@@YAXXZ, _onexit, _lock, __dllonexit, _unlock, _except_handler4_common, __set_app_type, __p__fmode, memcpy, memmove, _CIsin, _ftol2, _CIcos, _wtoi, wcsncmp, _wcsnicmp, _wcsicmp, bsearch, __p__commode, __setusermatherr, _amsg_exit, _initterm, _wcmdln, exit, _XcptFilter, _exit, _cexit, __wgetmainargs, _ftol2_sse, malloc, _CIsqrt, ceil, realloc, wcschr, iswalpha, wcsstr, free, _vsnwprintf, memset
ntdll.dll: WinSqmSetString, NtQueryInformationProcess, NtSetInformationProcess, WinSqmIsOptedIn, NtOpenThreadToken, NtOpenProcessToken, NtClose, WinSqmAddToStreamEx, NtSetSystemInformation, WinSqmAddToStream, WinSqmEventEnabled, WinSqmSetDWORD, EtwEventWrite, EtwEventEnabled, NtQueryInformationToken, RtlGetProductInfo
SHLWAPI.dll: SHStrDupA, StrCmpW, -, -, PathCommonPrefixW, PathRemoveExtensionW, -, PathIsFileSpecW, -, -, -, StrRetToStrW, -, AssocCreate, -, StrRetToBufW, AssocQueryStringW, -, PathQuoteSpacesW, -, -, SHDeleteKeyW, -, SHRegGetUSValueW, -, -, PathIsNetworkPathW, -, -, -, -, SHOpenRegStream2W, -, -, -, -, -, -, PathRemoveFileSpecW, -, -, -, -, SHRegGetBoolUSValueW, -, -, PathGetDriveNumberW, PathFileExistsW, PathIsDirectoryW, -, -, PathFindExtensionW, StrChrIW, -, -, PathAppendW, SHDeleteValueW, -, SHSetValueW, -, -, PathRemoveArgsW, PathRemoveBlanksW, StrCmpNIW, -, PathGetArgsW, PathFindFileNameW, SHGetValueW, SHCreateThreadRef, SHSetThreadRef, PathCombineW, SHRegGetValueW, -, -, -, -, StrToIntW, -, StrChrW, -, -, -, -, -, -, SHStrDupW, PathStripToRootW, -, -, -, StrTrimW, StrCmpNW, SHQueryInfoKeyW, SHCreateStreamOnFileW, -, -, -, -, -, -, PathIsPrefixW, -, StrCmpIW, PathParseIconLocationW, PathIsRootW, -, -, -, AssocQueryKeyW, PathStripPathW, ChrCmpIW, StrStrIW, -
SHELL32.dll: -, -, -, SHGetPropertyStoreForWindow, -, -, SHGetStockIconInfo, -, -, -, -, -, -, -, -, -, Shell_GetCachedImageIndexW, -, -, -, SHGetLocalizedName, SHCreateDataObject, -, -, -, -, -, -, SHCreateShellItemArrayFromShellItem, SHGetKnownFolderPath, SHCreateShellItemArrayFromIDLists, -, -, SHBindToFolderIDListParentEx, SHGetFileInfoW, -, SHCreateItemWithParent, -, -, -, -, -, SHGetFolderLocation, -, SHParseDisplayName, SHGetSpecialFolderPathW, -, ShellExecuteExW, SHGetKnownFolderIDList, SHBindToObject, -, -, -, -, -, -, -, -, -, -, -, SHGetNameFromIDList, SHCreateShellItem, -, -, -, -, -, -, -, -, -, -, SHGetPathFromIDListW, ShellExecuteW, SHEnableServiceObject, -, SHGetIDListFromObject, -, SHChangeNotifyRegisterThread, -, -, -, -, SHUpdateRecycleBinIcon, -, -, SHCreateItemFromIDList, -, -, SHFileOperationW, SHGetFolderPathEx, -, -, -, -, -, SHGetPathFromIDListA, SHGetFolderPathW, SHBindToParent, -, SHAddToRecentDocs, Shell_NotifyIconW, Shell_NotifyIconGetRect, ExtractIconExW, SHEvaluateSystemCommandTemplate, SHChangeNotify, SHCreateItemFromParsingName, -, DragQueryFileW, -, -, SHGetSpecialFolderLocation, SHBindToFolderIDListParent
ole32.dll: OleInitialize, StringFromGUID2, CoRegisterMessageFilter, RegisterDragDrop, RevokeDragDrop, OleUninitialize, CoRevokeClassObject, CoCreateFreeThreadedMarshaler, CreateBindCtx, PropVariantClear, ReleaseStgMedium, CoInitializeEx, CreateStreamOnHGlobal, CoRegisterClassObject, CoCreateInstance, CoTaskMemFree, CoGetInterfaceAndReleaseStream, CoMarshalInterThreadInterfaceInStream, CoUninitialize, CoInitialize, CoGetMalloc, CoTaskMemAlloc, CLSIDFromString, CoFreeUnusedLibraries
OLEAUT32.dll: -, -, -, -, -, -
EXPLORERFRAME.dll: -, -
UxTheme.dll: DrawThemeTextEx, IsCompositionActive, IsAppThemed, GetThemeMetric, CloseThemeData, OpenThemeData, SetWindowTheme, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, DrawThemeParentBackground, GetWindowTheme, GetThemePartSize, GetThemeBackgroundContentRect, EndBufferedPaint, GetThemeMargins, BeginBufferedPaint, BufferedPaintInit, BufferedPaintUnInit, IsThemeActive, -, GetThemeRect, IsThemePartDefined, GetThemeBackgroundRegion, GetThemeColor, GetThemeBool, DrawThemeIcon, GetBufferedPaintBits, BufferedPaintClear, GetThemeBackgroundExtent
POWRPROF.dll: CallNtPowerInformation, GetPwrCapabilities, PowerDeterminePlatformRole
dwmapi.dll: -, -, DwmEnableBlurBehindWindow, DwmIsCompositionEnabled, DwmSetWindowAttribute, -, DwmQueryThumbnailSourceSize, DwmUnregisterThumbnail, DwmUpdateThumbnailProperties, -, -
slc.dll: SLGetWindowsInformationDWORD
gdiplus.dll: GdipAlloc, GdiplusStartup, GdiplusShutdown, GdipFree, GdipDeleteGraphics, GdipDisposeImage, GdipGetImageWidth, GdipGetImageHeight, GdipCreateBitmapFromHBITMAP, GdipCreateFromHDC, GdipSetCompositingMode, GdipSetInterpolationMode, GdipDrawImageRectI, GdipCloneImage
Secur32.dll: GetUserNameExW
RPCRT4.dll: RpcBindingFree, RpcBindingSetAuthInfoExW, RpcStringFreeW, RpcBindingFromStringBindingW, RpcStringBindingComposeW, I_RpcExceptionFilter, NdrClientCall2
PROPSYS.dll: PropVariantToUInt32, PropVariantToStringAlloc, PropVariantToUInt64, PropVariantToBoolean, VariantToStringAlloc, VariantToStringWithDefault, PropVariantToString, VariantToBooleanWithDefault, VariantToInt32WithDefault, PSCreateMemoryPropertyStore, PropVariantToInt64
Prevx Info:
http://info.prevx.com/aboutprogramtext.asp?PX5=3CCC70E100955CAEE4A827447D812D00E328295B
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 717312
CompanyName: Microsoft Corporation
EntryPoint: 0x2a8cb
FileDescription: Windows Explorer
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 2.5 MB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 6.1.7600.16450 (win7_gdr.091030-1504)
FileVersionNumber: 6.1.7600.16450
ImageVersion: 6.1
InitializedDataSize: 1897472
InternalName: explorer
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 187.7
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 6.1
ObjectFileType: Executable application
OriginalFilename: EXPLORER.EXE
PEType: PE32
ProductName: Microsoft Windows Operating System
ProductVersion: 6.1.7600.16450
ProductVersionNumber: 6.1.7600.16450
Subsystem: Windows GUI
SubsystemVersion: 6.1
TimeStamp: 2009:10:31 03:35:29+01:00
UninitializedDataSize: 0

RENALD28 · Answer

Voici la suite et les liens pour les rapports otl et extras sont :

http://www.cijoint.fr/cjlink.php?file=cj201010/cijR9bTvHR.txt

http://www.cijoint.fr/cjlink.php?file=cj201010/cij258KQvL.txt

Merci par avance de tes conseils.

Malekal_morte- · Answer

bon ok.

On va tenter Combofix, si y a des fichiers systèmes de secours, il devrait les remettre sinon faudra le faire manuellement \o


 

Sauvegarde tes documents importants.

Désactive les logiciels de protection (Antivirus, Antispywares) puis :

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.

Eventuellement, installe la console de récupération comme cela est conseillé

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Si le rapport ne passe pas, envoie le sur ce site : http://www.cijoint.fr/
et donne le lien ici :)

Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.

Si pas mieux, tente en mode sans échec avec prise en charge du réseau : Redémarre en mode sans échec, avec prise en charge du réseau pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec avec prise en charge du réseau et appuye sur la touche entrée du clavier.

RENALD28 · Answer

Voici le rapport combo :

http://www.cijoint.fr/cjlink.php?file=cj201010/cijx2Heknw.txt

par contre j'ai essayé de démarrer firefox sur l'ordi infesté, je n'ai pas pu car j'ai eu un message d'erreur signalant "tentative d'opération non autorisée sur une clé du registre marquée pour suppression"

RENALD28 · Answer

j'ai redémarré l'ordi une 2e fois, à présent tout refonctionne (plus de message d'erreurs), par contre j'ai refai une analyse avec virustotal, pour explorer pas de virus trouvé, par contre pour l'analyse de winlogon un virus est trouve par mac cafee il s'agit de heuristic.behaveslike.win32.suspicious.h, et pour wininit pas de virus trouvé.

Que faire ?

Malekal_morte- · Answer

pour winlogon, c'est un FP de MCafee.

RENALD28 · Answer

c est quoi FP ?

RENALD28 · Answer

je pense que tu veux dire faux probleme

RENALD28 · Answer

Je te dis un grand merci pour ton aide sans laquelle je n'aurai pu trouver de solutions.

Malekal_morte- · Answer

yep par contre...



dobe Reader est pas à jour et contient des vulnérabilités qui peuvent mettre l'infection de ton PC.  
Lire explications : https://forum.malekal.com/viewtopic.php?t=13629&start=  


Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite    
Absolument à faire.    


Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.

Un peu de lecture pour éviter les infections :  
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf  
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html  
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

Ce qu'il ne faut pas faire : https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

RENALD28 · Answer

Je te remercie pour tes conseils bienveillants, sache que j'en ferai bon usage.
Et encore merci pour le temps que tu m'as accordé.

Malekal_morte- · Answer

pas de prb, bon WE :)

Oridnateur infesté, navigateur fonctionne mal

15 réponses

Discussions similaires

Newsletters